Re: Is F15 unbackuppable? (RemoveSETUID)
On Sun, 2011-06-05 at 13:50 +0200, Roberto Ragusa wrote: On 06/05/2011 12:32 PM, Ralf Ertzinger wrote: Hi. On Sun, 05 Jun 2011 11:39:02 +0200, Roberto Ragusa wrote - rsync -aFAILS! rsync supports -X (for xattr) and -A (for ACLs), both must be given explicitly. Thanks, rsync -X actually works (and I wonder why -X is not included in -a, just as for cp). I see tar has --xattrs. With tar -c it works (the tar file contains the string with the value), but tar -x does not recreate the xattr. By using strace I see that rsync does open(.a.eWMgCy, O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 1 fchmod(1, 0700) = 0 close(1)= 0 lstat64(.a.eWMgCy, {st_mode=S_IFREG|0700, st_size=0, ...}) = 0 llistxattr(.a.eWMgCy, 0x82bb0c0, 1024) = 0 lsetxattr(.a.eWMgCy, security.capability, \x01\x00\x00\x02\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00, 20, 0) = 0 lsetxattr(.a.eWMgCy, user.qqq, www, 3, 0) = 0 utimensat(AT_FDCWD, .a.eWMgCy, {UTIME_NOW, {1307265135, 0}}, AT_SYMLINK_NOFOLLOW) = 0 chmod(.a.eWMgCy, 0755)= 0 rename(.a.eWMgCy, a)= 0 while tar -x does mknod(a, 0700)= 0 setxattr(a, user.qqq, www, 3, 0) = 0 open(a, O_WRONLY|O_CREAT|O_LARGEFILE, 0700) = 4 close(4)= 0 utimensat(AT_FDCWD, a, {{1307271119, 468295223}, {1307265135, 0}}, 0) = 0 setxattr(a, user.qqq, www, 3, 0) = 0 chown32(a, 0, 0) = 0 chmod(a, 0755)= 0 Why is tar not working? (getcap a prints nothing) Simply because tar does not store all the extended attributes. Just limited set of them. At the moment security.capability is not among them. Feel free to report a bugzilla against rawhide tar... You may also consider using star... where is the support for extended attributes present for longer time (and upstream). Greetings, Ondrej Vasik -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is F15 unbackuppable? (RemoveSETUID)
On 06/09/2011 09:59 AM, Ondrej Vasik wrote: On Sun, 2011-06-05 at 13:50 +0200, Roberto Ragusa wrote: On 06/05/2011 12:32 PM, Ralf Ertzinger wrote: Hi. On Sun, 05 Jun 2011 11:39:02 +0200, Roberto Ragusa wrote - rsync -aFAILS! rsync supports -X (for xattr) and -A (for ACLs), both must be given explicitly. Thanks, rsync -X actually works (and I wonder why -X is not included in -a, just as for cp). I see tar has --xattrs. With tar -c it works (the tar file contains the string with the value), but tar -x does not recreate the xattr. By using strace I see that rsync does open(.a.eWMgCy, O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 1 fchmod(1, 0700) = 0 close(1)= 0 lstat64(.a.eWMgCy, {st_mode=S_IFREG|0700, st_size=0, ...}) = 0 llistxattr(.a.eWMgCy, 0x82bb0c0, 1024) = 0 lsetxattr(.a.eWMgCy, security.capability, \x01\x00\x00\x02\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00, 20, 0) = 0 lsetxattr(.a.eWMgCy, user.qqq, www, 3, 0) = 0 utimensat(AT_FDCWD, .a.eWMgCy, {UTIME_NOW, {1307265135, 0}}, AT_SYMLINK_NOFOLLOW) = 0 chmod(.a.eWMgCy, 0755)= 0 rename(.a.eWMgCy, a)= 0 while tar -x does mknod(a, 0700)= 0 setxattr(a, user.qqq, www, 3, 0) = 0 open(a, O_WRONLY|O_CREAT|O_LARGEFILE, 0700) = 4 close(4)= 0 utimensat(AT_FDCWD, a, {{1307271119, 468295223}, {1307265135, 0}}, 0) = 0 setxattr(a, user.qqq, www, 3, 0) = 0 chown32(a, 0, 0) = 0 chmod(a, 0755)= 0 Why is tar not working? (getcap a prints nothing) Simply because tar does not store all the extended attributes. Just limited set of them. At the moment security.capability is not among them. Feel free to report a bugzilla against rawhide tar... The problem is not only with the security.capability. The user.qqq one is also missing (even if strace says it has been attempted). -- Roberto Ragusamail at robertoragusa.it -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is F15 unbackuppable? (RemoveSETUID)
On 06/08/2011 08:35 PM, nodata wrote: On 05/06/11 13:50, Roberto Ragusa wrote: Why is tar not working? (getcap a prints nothing) Have you got a bz#? No, I will try to describe how to reproduce the bug and open it (if noone is faster than me in doing so). -- Roberto Ragusamail at robertoragusa.it -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is F15 unbackuppable? (RemoveSETUID)
On 05/06/11 13:50, Roberto Ragusa wrote: On 06/05/2011 12:32 PM, Ralf Ertzinger wrote: Hi. On Sun, 05 Jun 2011 11:39:02 +0200, Roberto Ragusa wrote - rsync -aFAILS! rsync supports -X (for xattr) and -A (for ACLs), both must be given explicitly. Thanks, rsync -X actually works (and I wonder why -X is not included in -a, just as for cp). I see tar has --xattrs. With tar -c it works (the tar file contains the string with the value), but tar -x does not recreate the xattr. By using strace I see that rsync does open(.a.eWMgCy, O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 1 fchmod(1, 0700) = 0 close(1)= 0 lstat64(.a.eWMgCy, {st_mode=S_IFREG|0700, st_size=0, ...}) = 0 llistxattr(.a.eWMgCy, 0x82bb0c0, 1024) = 0 lsetxattr(.a.eWMgCy, security.capability, \x01\x00\x00\x02\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00, 20, 0) = 0 lsetxattr(.a.eWMgCy, user.qqq, www, 3, 0) = 0 utimensat(AT_FDCWD, .a.eWMgCy, {UTIME_NOW, {1307265135, 0}}, AT_SYMLINK_NOFOLLOW) = 0 chmod(.a.eWMgCy, 0755)= 0 rename(.a.eWMgCy, a)= 0 while tar -x does mknod(a, 0700)= 0 setxattr(a, user.qqq, www, 3, 0) = 0 open(a, O_WRONLY|O_CREAT|O_LARGEFILE, 0700) = 4 close(4)= 0 utimensat(AT_FDCWD, a, {{1307271119, 468295223}, {1307265135, 0}}, 0) = 0 setxattr(a, user.qqq, www, 3, 0) = 0 chown32(a, 0, 0) = 0 chmod(a, 0755)= 0 Why is tar not working? (getcap a prints nothing) Have you got a bz#? -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Is F15 unbackuppable? (RemoveSETUID)
Hi, which tools are able to backup the file capabilities which are now used in F15 because of RemoveSETUID feature? My tests with setcap/getcap (on F14) show that: - cp -a works - tar FAILS! - rsync -aFAILS! - MidnightCommander copy FAILS! Are these things fixed on F15? Am I right that every kind of remote backup solution based on tar or rsync has been broken for F15? (especially because the remote machine is not guaranteed to be F15 at all) -- Roberto Ragusamail at robertoragusa.it -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is F15 unbackuppable? (RemoveSETUID)
Hi. On Sun, 05 Jun 2011 11:39:02 +0200, Roberto Ragusa wrote - rsync -aFAILS! rsync supports -X (for xattr) and -A (for ACLs), both must be given explicitly. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is F15 unbackuppable? (RemoveSETUID)
On 06/05/2011 12:32 PM, Ralf Ertzinger wrote: Hi. On Sun, 05 Jun 2011 11:39:02 +0200, Roberto Ragusa wrote - rsync -aFAILS! rsync supports -X (for xattr) and -A (for ACLs), both must be given explicitly. Thanks, rsync -X actually works (and I wonder why -X is not included in -a, just as for cp). I see tar has --xattrs. With tar -c it works (the tar file contains the string with the value), but tar -x does not recreate the xattr. By using strace I see that rsync does open(.a.eWMgCy, O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 1 fchmod(1, 0700) = 0 close(1)= 0 lstat64(.a.eWMgCy, {st_mode=S_IFREG|0700, st_size=0, ...}) = 0 llistxattr(.a.eWMgCy, 0x82bb0c0, 1024) = 0 lsetxattr(.a.eWMgCy, security.capability, \x01\x00\x00\x02\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00, 20, 0) = 0 lsetxattr(.a.eWMgCy, user.qqq, www, 3, 0) = 0 utimensat(AT_FDCWD, .a.eWMgCy, {UTIME_NOW, {1307265135, 0}}, AT_SYMLINK_NOFOLLOW) = 0 chmod(.a.eWMgCy, 0755)= 0 rename(.a.eWMgCy, a)= 0 while tar -x does mknod(a, 0700)= 0 setxattr(a, user.qqq, www, 3, 0) = 0 open(a, O_WRONLY|O_CREAT|O_LARGEFILE, 0700) = 4 close(4)= 0 utimensat(AT_FDCWD, a, {{1307271119, 468295223}, {1307265135, 0}}, 0) = 0 setxattr(a, user.qqq, www, 3, 0) = 0 chown32(a, 0, 0) = 0 chmod(a, 0755)= 0 Why is tar not working? (getcap a prints nothing) -- Roberto Ragusamail at robertoragusa.it -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel