> On 2023-02-12, at 2:47 AM, Paul Eggert <egg...@cs.ucla.edu> wrote: > > On 2023-02-11 16:38, George Valkov wrote: >> This might help: >> https://github.com/apple/darwin-xnu/blob/main/bsd/sys/clonefile.h > > It doesn't help, because it doesn't mention CLONE_ACL.
Here is what I found: The version of vfs_syscalls.c on that repository is 3 years old and does not support CLONE_ACL. Still it should provide a good idea about the implementation before this flags was introduced. https://github.com/apple/darwin-xnu/blob/2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32/bsd/vfs/vfs_syscalls.c#L8201 if (uap->flags & ~(CLONE_NOFOLLOW | CLONE_NOOWNERCOPY)) { return EINVAL; } I was able to run my sample on macOS 13 recovery environment. The CLONE_ACL flag is supported there. I don’t see any difference in the final result with or without the flag. Both clones have UNIX permissions, extended attributes and time stamp from the source. Darwin gMac.lan 22.3.0 Darwin Kernel Version 22.3.0: Thu Jan 5 20:53:49 PST 2023; root:xnu-8792.81.2~2/RELEASE_X86_64 x86_64 fd 3 dir 4 fclonefileat 0 0 Undefined error: 0 fclonefileat 0 0 Undefined error: 0 CLONE_ACL -rw-------@ 1 501 staff 553 12 Feb 00:50 A -rw-------@ 1 501 staff 553 12 Feb 00:50 B -rw-------@ 1 501 staff 553 12 Feb 00:50 CLONE_ACL I tried running cp with your patch there, but it depends on a dynamic library and fails to run. My attempt to use chroot failed, probably due to file signatures: Killed 9. Georgi Valkov httpstorm.com nano RTOS