Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rsync does not map UID for POSIX ACL entries where USER = FILE OWNER #618

Open
iizhikov opened this issue May 30, 2024 · 1 comment
Open

Rsync does not map UID for POSIX ACL entries where USER = FILE OWNER #618

iizhikov opened this issue May 30, 2024 · 1 comment

Comments

@iizhikov
Copy link

iizhikov commented May 30, 2024
edited
Loading

Rsync does not map UID for POSIX ACL entries where USER = FILE OWNER.

Steps to reproduce:
Create two test users. Users must have different UIDs on the localhost and remotehost.

> ssh testuser1@remotehost touch testfile1
> ssh testuser1@remotehost setfacl -m u:testuser1:rwx,u:testuser2:rwx testfile1
> ssh testuser1@remotehost getfacl testfile1
# file: testfile1
# owner: testuser1
# group: testuser1
user::rw-
user:testuser1:rwx
user:testuser2:rwx
group::r--
mask::rwx
other::r--

> ssh testuser2@remotehost touch testfile2
> ssh testuser2@remotehost setfacl -m u:testuser1:rwx,u:testuser2:rwx testfile2
> ssh testuser2@remotehost getfacl testfile2
# file: testfile2
# owner: testuser2
# group: testuser2
user::rw-
user:testuser1:rwx
user:testuser2:rwx
group::r--
mask::rwx
other::r--

> rsync -Aav testuser1@remotehost:testfile1 .
receiving incremental file list
testfile1

sent 43 bytes  received 121 bytes  109.33 bytes/sec
total size is 0  speedup is 0.00

> rsync -Aav testuser2@remotehost:testfile2 .
receiving incremental file list
testfile2

sent 43 bytes  received 123 bytes  36.89 bytes/sec
total size is 0  speedup is 0.00

> getfacl testfile1 testfile2
# file: testfile1
# owner: testuser1
# group: testuser1
user::rw-
user:104:rwx
user:testuser2:rwx
group::r--
mask::rwx
other::r--

# file: testfile2
# owner: testuser1
# group: testuser1
user::rw-
user:testuser1:rwx
user:1104:rwx
group::r--
mask::rwx
other::r--
@iizhikov
Copy link
Author

It seems like the problem is in recv_ida_entries() function in acls.c.

                if (has_name) {
                        if (access & NAME_IS_USER)
                                id = recv_user_name(f, id);
                        else
                                id = recv_group_name(f, id, NULL);
                } else if (access & NAME_IS_USER) {
                        if (inc_recurse && am_root && !numeric_ids)   <--- THIS LINE
                                id = match_uid(id);
                } else {
                        if (inc_recurse && (!am_root || !numeric_ids))
                                id = match_gid(id, NULL);
                }

UIDs are not mapped if rsync works on behalf of a non-privileged user.
Not sure what’s the idea behind this logic. For me it looks like a bug.

@iizhikov iizhikov changed the title Rsync do not map UID for POSIX ACL entry where USER = FILE OWNER Rsync does not map UID for POSIX ACL entry where USER = FILE OWNER May 30, 2024
@iizhikov iizhikov changed the title Rsync does not map UID for POSIX ACL entry where USER = FILE OWNER Rsync does not map UID for POSIX ACL entries where USER = FILE OWNER May 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@iizhikov