From owner-freebsd-hackers@FreeBSD.ORG Sun Feb 8 12:37:19 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C47A816A4CE for ; Sun, 8 Feb 2004 12:37:19 -0800 (PST) Received: from kientzle.com (h-66-166-149-50.SNVACAID.covad.net [66.166.149.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C89143D1F for ; Sun, 8 Feb 2004 12:37:19 -0800 (PST) (envelope-from kientzle@acm.org) Received: from acm.org ([66.166.149.54]) by kientzle.com (8.12.9/8.12.9) with ESMTP id i18Kb9kX003516; Sun, 8 Feb 2004 12:37:10 -0800 (PST) (envelope-from kientzle@acm.org) Message-ID: <40269DF5.2090806@acm.org> Date: Sun, 08 Feb 2004 12:37:09 -0800 From: Tim Kientzle User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20031006 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Harti Brandt References: <4025A0DD.2010607@acm.org> <20040208134125.L28775@beagle.fokus.fraunhofer.de> In-Reply-To: <20040208134125.L28775@beagle.fokus.fraunhofer.de> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-hackers@freebsd.org Subject: Re: Odd ACL question X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: kientzle@acm.org List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Feb 2004 20:37:19 -0000 On Sat, 7 Feb 2004, Tim Kientzle wrote: >Joerg Schilling's "star" archives ACLs as follows: > >"user::rwx,group::r--,group:mail:rw-:6,mask::rw-,other::r--" > >Note the "group:mail:rw-:6" entry that contains a fourth >field with the uid/gid number. ... > >Question: Is this a useful extension? Harti Brandt responded: > It definitely is. Joerg and I had several hours of talk on this issue. > If you, for example, restore on a system that usually gets its passwd from > YP or LDAP and you don't have it available ... Ah. That's the example I needed. Now to figure out how to implement such functionality; hacking the acl library functions may not be the best approach, but I'm equally dismayed by the prospect of duplicating the acl library functions in my code. ;-( > As far as I know there are options to star that let you select the exact > behaviour in these cases. This is one difference between 'star' and my work: 'star' offers a great deal of control over the archiving/dearchiving process; my work tries to remove the need for such control by using intelligent algorithms. For example, bsdtar/libarchive doesn't require you to specify the compression when reading archives; it determines it automatically. In this case, I'm considering: * If the username exists, use that. * If the username does not exist and the UID is not already in use, issue a warning and use the UID. * If the username exists and the UID conflicts with the local system, ??? This last case is the tough one. My temptation: map it to an unused UID, issue a warning about the remap, and keep going. There are certainly rare cases where manual control is needed. That's why I'm pleased that 'star' is available in ports. ;-) Tim Kientzle