On Sun, Feb 23, 2003 at 01:13:56PM +0100, Andreas Gruenbacher wrote: > Hello, > > I am the guy behind the ext2/ext3 patches for Extended Attributes and ACLs, > and I've recently been asked about ACL support in rsync by Eric. Upon > investigating I found that you have an ACL patch against rsync-2.5.5 [1]. I > also found some other postings to [EMAIL PROTECTED] concerning rsync and > ACLs [3]. > > Are there any plans for finalizing an integrating that rsync ACL patch?
i hope not seriously, though, the work i did was--we hoped--something to tide us over until something better came along. i have no illusions about or desire to see its incorporation into the official source tree i think that full-blown, general EA support is a laudable goal; my hope was just to preserve--to the naive extent possible by stealing a lot of other people's code and introducing as few of my own bugs as possible-- any additional permissions our folks are putting on their files so that our rsync-ed ``mirrors'' of their stuff aren't any less secure than their source images. in our case, simply preserving extended/discretionary ACLs between our Solaris (and, it's hoped some day soon now, Linux) systems was all we were looking for, and i'm content to live in ignorance of the more arcane^H^H^H general issue of EA support, since it's not anything that bears on security for our Solaris filesystems. (at least, i'm not aware of any other attributes that have significance security-wise; which is to say that i hope our users haven't figured out any yet) nevertheless, it seems to me also that the NFSv4 approach is a bit verbose and a bad enough fit for POSIX and Solaris/SysV ACLs, at least, that i would think twice about dumping my patch in favor of an implementation along those lines--at least if there weren't EAs that would benefit from a fully generalized, all singing, all dancing implementation. (but then again i am the sort who has trouble coping with the additional dimension- ality of access control beyond the POSIX triple, think NT permissions are a perplexing if exotic security nightmare, prefer single-letter options to --gnu-style options, prefer man to info, coffee to latte etc.). and yet i understand that somebody's going to figure out something cool to do with extended attributes that users are going to want to have rsync preserve for them and, in the future, it may be useless to transfer files at all with- out such things (just think, filesystem cookies and referral paths--gag). so maybe it's best to bite the bullet now, but i'm certainly not qualified to do it. then again, maybe you wait and see if NFSv4 and supporting file- systems force the issue, then you worry about it, just like seems to be the present rsync development strategy . . . (whence, bad patches like mine crop up to fill the void) sorry to ramble cynically, but thanks for showing an interest in clearing up the state of affairs and for your excellent work on ext2/ext3 EAs and ACLs and libattr and libacl -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html
