Odd ACL question
Tim Kientzle
kientzle at acm.org
Sun Feb 8 12:37:19 PST 2004
On Sat, 7 Feb 2004, Tim Kientzle wrote:
>Joerg Schilling's "star" archives ACLs as follows:
>
>"user::rwx,group::r--,group:mail:rw-:6,mask::rw-,other::r--"
>
>Note the "group:mail:rw-:6" entry that contains a fourth
>field with the uid/gid number. ...
>
>Question: Is this a useful extension?
Harti Brandt responded:
> It definitely is. Joerg and I had several hours of talk on this issue.
> If you, for example, restore on a system that usually gets its passwd from
> YP or LDAP and you don't have it available ...
Ah. That's the example I needed. Now to figure out how to implement
such functionality; hacking the acl library functions may
not be the best approach, but I'm equally dismayed by the prospect
of duplicating the acl library functions in my code. ;-(
> As far as I know there are options to star that let you select the exact
> behaviour in these cases.
This is one difference between 'star' and my work: 'star' offers
a great deal of control over the archiving/dearchiving
process; my work tries to remove the need for such control
by using intelligent algorithms. For example, bsdtar/libarchive
doesn't require you to specify the compression when reading archives;
it determines it automatically.
In this case, I'm considering:
* If the username exists, use that.
* If the username does not exist and the UID is not already in
use, issue a warning and use the UID.
* If the username exists and the UID conflicts with the local
system, ???
This last case is the tough one. My temptation: map it to
an unused UID, issue a warning about the remap, and keep going.
There are certainly rare cases where manual control is
needed. That's why I'm pleased that 'star' is available
in ports. ;-)
Tim Kientzle
More information about the freebsd-hackers
mailing list