pbs-client: added options to skip acls/xattrs/ownership/permissions

Also added WITH_OWNER and WITH_PERMISSION to Default-Flags, because otherwise it would be needed to activly set these flags and most filesystems that support XATTR and ACL also support POSIX-Permissions & Ownership. Signed-off-by: Markus Frank <m.frank@proxmox.com>
2022-08-19 12:48:47 +02:00 · 2022-08-19 12:48:47 +02:00 · e90d5401ff
commit e90d5401ff
parent 95e910f153
2 changed files with 32 additions and 14 deletions
--- a/pbs-client/src/pxar/flags.rs
+++ b/pbs-client/src/pxar/flags.rs
@ -71,6 +71,9 @@ bitflags! {
        /// Preserve XFS/ext4/ZFS project quota ID
        const WITH_QUOTA_PROJID                = 0x0001_0000_0000;

+        /// UNIX OWNERSHIP
+        const WITH_OWNER                       = 0x0002_0000_0000;
+
        /// Support ".pxarexclude" files
        const EXCLUDE_FILE                     = 0x1000_0000_0000_0000;
        /// Exclude submounts
@ -105,6 +108,7 @@ bitflags! {
            Flags::WITH_2SEC_TIME.bits() |
            Flags::WITH_READ_ONLY.bits() |
            Flags::WITH_PERMISSIONS.bits() |
+            Flags::WITH_OWNER.bits() |
            Flags::WITH_SYMLINKS.bits() |
            Flags::WITH_DEVICE_NODES.bits() |
            Flags::WITH_FIFOS.bits() |
@ -135,6 +139,8 @@ bitflags! {
            Flags::WITH_FLAG_PROJINHERIT.bits() |
            Flags::WITH_SUBVOLUME.bits() |
            Flags::WITH_SUBVOLUME_RO.bits() |
+            Flags::WITH_PERMISSIONS.bits() |
+            Flags::WITH_OWNER.bits() |
            Flags::WITH_XATTRS.bits() |
            Flags::WITH_ACL.bits() |
            Flags::WITH_SELINUX.bits() |
--- a/pbs-client/src/pxar/metadata.rs
+++ b/pbs-client/src/pxar/metadata.rs
@ -100,19 +100,7 @@ pub fn apply(
    on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
 ) -> Result<(), Error> {
    let c_proc_path = CString::new(format!("/proc/self/fd/{}", fd)).unwrap();
-
-    unsafe {
-        // UID and GID first, as this fails if we lose access anyway.
-        c_result!(libc::chown(
-            c_proc_path.as_ptr(),
-            metadata.stat.uid,
-            metadata.stat.gid
-        ))
-        .map(drop)
-        .or_else(allow_notsupp)
-        .map_err(|err| format_err!("failed to set ownership: {}", err))
-        .or_else(&mut *on_error)?;
-    }
+    apply_ownership(flags, c_proc_path.as_ptr(), metadata, &mut *on_error)?;

    let mut skip_xattrs = false;
    apply_xattrs(flags, c_proc_path.as_ptr(), metadata, &mut skip_xattrs)
@ -125,7 +113,7 @@ pub fn apply(

    // Finally mode and time. We may lose access with mode, but the changing the mode also
    // affects times.
-    if !metadata.is_symlink() {
+    if !metadata.is_symlink() && flags.contains(Flags::WITH_PERMISSIONS) {
        c_result!(unsafe {
            libc::chmod(c_proc_path.as_ptr(), perms_from_metadata(metadata)?.bits())
        })
@ -162,6 +150,30 @@ pub fn apply(
    Ok(())
 }

+pub fn apply_ownership(
+    flags: Flags,
+    c_proc_path: *const libc::c_char,
+    metadata: &Metadata,
+    on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
+) -> Result<(), Error> {
+    if !flags.contains(Flags::WITH_OWNER) {
+        return Ok(());
+    }
+    unsafe {
+        // UID and GID first, as this fails if we lose access anyway.
+        c_result!(libc::chown(
+            c_proc_path,
+            metadata.stat.uid,
+            metadata.stat.gid
+        ))
+        .map(drop)
+        .or_else(allow_notsupp)
+        .map_err(|err| format_err!("failed to set ownership: {}", err))
+        .or_else(&mut *on_error)?;
+    }
+    Ok(())
+}
+
 fn add_fcaps(
    flags: Flags,
    c_proc_path: *const libc::c_char,