Bug#778253: marked as done (libarchive13: archive_read_disk_entry_from_file() and archive_write_disk_set_acls() don't preserv ACL.)

Debian Bug Tracking System Fri, 08 Jul 2016 14:15:39 -0700

Your message dated Sat, 9 Jul 2016 00:10:33 +0300
with message-id <[email protected]>
and subject line [libarchive] archive_read_disk_entry_from_file() and 
archive_write_disk_set_acls() don't preserv ACL.
has caused the Debian Bug report #778253,
regarding libarchive13: archive_read_disk_entry_from_file() and 
archive_write_disk_set_acls() don't preserv ACL.
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
778253: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778253
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: libarchive13
Version: 3.1.2-11ghigo
Severity: normal
Tags: patch

libarchive in linux doesn't support properly the ACL. This is a bug alredy 
solved in upstream [1][2].
The problem is that the code which handles ACLs depend by the definition
of the macro ACL_TYPE_NFS4. However in linux this macro is not defined.

During the packaging build, dpkg-shlibdeps warns abou the fact the the "acl" 
library is unused:
---
dpkg-shlibdeps: warning: package could avoid a useless dependency if 
debian/libarchive13/usr/lib/x86_64-linux-gnu/libarchive.so.13.1.2 was not 
linked against libacl.so.1 (it uses none of the library's symbols)
---

In upstream the problem is solved by the patch [2]. Fedora
solved this issue cherry-picking the same patch [4].

I made a new version the libarchive package: I put the commit [2] in
debian/patches/, I update debian/patches/series adding the new patch, 
and finally I updated the debian/changelog file. The package compiled and
now my tests showed ACL seems supported.

BR
G.Baroncelli


[1] https://code.google.com/p/libarchive/issues/detail?id=329
[2] See commit b45c3ae1825c8cedc7cde2972a04974f73b08315
[3] https://bugzilla.redhat.com/show_bug.cgi?id=993048
[4] 
http://pkgs.fedoraproject.org/cgit/libarchive.git/commit/?id=da58d4e8afce6acca54475be528f6b948aa2951a

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: armhf

Kernel: Linux 3.18.5 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libarchive13 depends on:
ii  libacl1            2.2.52-2
ii  libattr1           1:2.4.47-2
ii  libbz2-1.0         1.0.6-7+b2
ii  libc6              2.19-15
ii  liblzma5           5.1.1alpha+20120614-2+b3
ii  liblzo2-2          2.08-1.2
ii  libnettle4         2.7.1-5
ii  libxml2            2.9.2+dfsg1-3
ii  multiarch-support  2.19-15
ii  zlib1g             1:1.2.8.dfsg-2+b1

libarchive13 recommends no packages.

Versions of packages libarchive13 suggests:
pn  lrzip  <none>

-- no debconf information

commit b45c3ae1825c8cedc7cde2972a04974f73b08315
Author: Tim Kientzle <[email protected]>
Date:   Sat Jan 4 21:46:57 2014 -0800

    Issue #329: https://code.google.com/p/libarchive/issues/detail?id=329
    
    Fix POSIX.1e draft ACL handling on Linux systems that lack NFSv4 ACL libraries.

diff --git a/libarchive/archive_read_disk_entry_from_file.c b/libarchive/archive_read_disk_entry_from_file.c
index e984aaa..e81cbec 100644
--- a/libarchive/archive_read_disk_entry_from_file.c
+++ b/libarchive/archive_read_disk_entry_from_file.c
@@ -399,7 +399,7 @@ setup_mac_metadata(struct archive_read_disk *a,
 #endif
 
 
-#if defined(HAVE_POSIX_ACL) && defined(ACL_TYPE_NFS4)
+#ifdef HAVE_POSIX_ACL
 static int translate_acl(struct archive_read_disk *a,
     struct archive_entry *entry, acl_t acl, int archive_entry_acl_type);
 
@@ -419,6 +419,7 @@ setup_acls(struct archive_read_disk *a,
 
 	archive_entry_acl_clear(entry);
 
+#ifdef ACL_TYPE_NFS4
 	/* Try NFS4 ACL first. */
 	if (*fd >= 0)
 		acl = acl_get_fd(*fd);
@@ -447,6 +448,7 @@ setup_acls(struct archive_read_disk *a,
 		acl_free(acl);
 		return (ARCHIVE_OK);
 	}
+#endif
 
 	/* Retrieve access ACL from file. */
 	if (*fd >= 0)
@@ -492,6 +494,7 @@ static struct {
         {ARCHIVE_ENTRY_ACL_EXECUTE, ACL_EXECUTE},
         {ARCHIVE_ENTRY_ACL_WRITE, ACL_WRITE},
         {ARCHIVE_ENTRY_ACL_READ, ACL_READ},
+#ifdef ACL_TYPE_NFS4
         {ARCHIVE_ENTRY_ACL_READ_DATA, ACL_READ_DATA},
         {ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACL_LIST_DIRECTORY},
         {ARCHIVE_ENTRY_ACL_WRITE_DATA, ACL_WRITE_DATA},
@@ -508,8 +511,10 @@ static struct {
         {ARCHIVE_ENTRY_ACL_WRITE_ACL, ACL_WRITE_ACL},
         {ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACL_WRITE_OWNER},
         {ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACL_SYNCHRONIZE}
+#endif
 };
 
+#ifdef ACL_TYPE_NFS4
 static struct {
         int archive_inherit;
         int platform_inherit;
@@ -519,21 +524,25 @@ static struct {
 	{ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACL_ENTRY_NO_PROPAGATE_INHERIT},
 	{ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACL_ENTRY_INHERIT_ONLY}
 };
-
+#endif
 static int
 translate_acl(struct archive_read_disk *a,
     struct archive_entry *entry, acl_t acl, int default_entry_acl_type)
 {
 	acl_tag_t	 acl_tag;
+#ifdef ACL_TYPE_NFS4
 	acl_entry_type_t acl_type;
 	acl_flagset_t	 acl_flagset;
+	int brand, r;
+#endif
 	acl_entry_t	 acl_entry;
 	acl_permset_t	 acl_permset;
-	int		 brand, i, r, entry_acl_type;
+	int		 i, entry_acl_type;
 	int		 s, ae_id, ae_tag, ae_perm;
 	const char	*ae_name;
 
 
+#ifdef ACL_TYPE_NFS4
 	// FreeBSD "brands" ACLs as POSIX.1e or NFSv4
 	// Make sure the "brand" on this ACL is consistent
 	// with the default_entry_acl_type bits provided.
@@ -560,6 +569,7 @@ translate_acl(struct archive_read_disk *a,
 		return ARCHIVE_FAILED;
 		break;
 	}
+#endif
 
 
 	s = acl_get_entry(acl, ACL_FIRST_ENTRY, &acl_entry);
@@ -592,9 +602,11 @@ translate_acl(struct archive_read_disk *a,
 		case ACL_OTHER:
 			ae_tag = ARCHIVE_ENTRY_ACL_OTHER;
 			break;
+#ifdef ACL_TYPE_NFS4
 		case ACL_EVERYONE:
 			ae_tag = ARCHIVE_ENTRY_ACL_EVERYONE;
 			break;
+#endif
 		default:
 			/* Skip types that libarchive can't support. */
 			s = acl_get_entry(acl, ACL_NEXT_ENTRY, &acl_entry);
@@ -605,6 +617,7 @@ translate_acl(struct archive_read_disk *a,
 		// XXX acl_get_entry_type_np on FreeBSD returns EINVAL for
 		// non-NFSv4 ACLs
 		entry_acl_type = default_entry_acl_type;
+#ifdef ACL_TYPE_NFS4
 		r = acl_get_entry_type_np(acl_entry, &acl_type);
 		if (r == 0) {
 			switch (acl_type) {
@@ -634,9 +647,10 @@ translate_acl(struct archive_read_disk *a,
 				ae_perm |= acl_inherit_map[i].archive_inherit;
 
                 }
+#endif
 
 		acl_get_permset(acl_entry, &acl_permset);
-                for (i = 0; i < (int)(sizeof(acl_perm_map) / sizeof(acl_perm_map[0])); ++i) {
+		for (i = 0; i < (int)(sizeof(acl_perm_map) / sizeof(acl_perm_map[0])); ++i) {
 			/*
 			 * acl_get_perm() is spelled differently on different
 			 * platforms; see above.
diff --git a/libarchive/archive_write_disk_acl.c b/libarchive/archive_write_disk_acl.c
index 9797203..5cbba54 100644
--- a/libarchive/archive_write_disk_acl.c
+++ b/libarchive/archive_write_disk_acl.c
@@ -43,7 +43,7 @@ __FBSDID("$FreeBSD: head/lib/libarchive/archive_write_disk.c 201159 2009-12-29 0
 #include "archive_acl_private.h"
 #include "archive_write_disk_private.h"
 
-#if !defined(HAVE_POSIX_ACL) || !defined(ACL_TYPE_NFS4)
+#ifndef HAVE_POSIX_ACL
 /* Default empty function body to satisfy mainline code. */
 int
 archive_write_disk_set_acls(struct archive *a, int fd, const char *name,
@@ -79,10 +79,12 @@ archive_write_disk_set_acls(struct archive *a, int fd, const char *name,
 		ret = set_acl(a, fd, name, abstract_acl, ACL_TYPE_DEFAULT,
 		    ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, "default");
 		return (ret);
+#ifdef ACL_TYPE_NFS4
 	} else if (archive_acl_count(abstract_acl, ARCHIVE_ENTRY_ACL_TYPE_NFS4) > 0) {
 		ret = set_acl(a, fd, name, abstract_acl, ACL_TYPE_NFS4,
 		    ARCHIVE_ENTRY_ACL_TYPE_NFS4, "nfs4");
 		return (ret);
+#endif
 	} else
 		return ARCHIVE_OK;
 }
@@ -94,6 +96,7 @@ static struct {
 	{ARCHIVE_ENTRY_ACL_EXECUTE, ACL_EXECUTE},
 	{ARCHIVE_ENTRY_ACL_WRITE, ACL_WRITE},
 	{ARCHIVE_ENTRY_ACL_READ, ACL_READ},
+#ifdef ACL_TYPE_NFS4
 	{ARCHIVE_ENTRY_ACL_READ_DATA, ACL_READ_DATA},
 	{ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACL_LIST_DIRECTORY},
 	{ARCHIVE_ENTRY_ACL_WRITE_DATA, ACL_WRITE_DATA},
@@ -110,8 +113,10 @@ static struct {
 	{ARCHIVE_ENTRY_ACL_WRITE_ACL, ACL_WRITE_ACL},
 	{ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACL_WRITE_OWNER},
 	{ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACL_SYNCHRONIZE}
+#endif
 };
 
+#ifdef ACL_TYPE_NFS4
 static struct {
 	int archive_inherit;
 	int platform_inherit;
@@ -121,6 +126,7 @@ static struct {
 	{ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACL_ENTRY_NO_PROPAGATE_INHERIT},
 	{ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACL_ENTRY_INHERIT_ONLY}
 };
+#endif
 
 static int
 set_acl(struct archive *a, int fd, const char *name,
@@ -130,7 +136,9 @@ set_acl(struct archive *a, int fd, const char *name,
 	acl_t		 acl;
 	acl_entry_t	 acl_entry;
 	acl_permset_t	 acl_permset;
+#ifdef ACL_TYPE_NFS4
 	acl_flagset_t	 acl_flagset;
+#endif
 	int		 ret;
 	int		 ae_type, ae_permset, ae_tag, ae_id;
 	uid_t		 ae_uid;
@@ -171,14 +179,17 @@ set_acl(struct archive *a, int fd, const char *name,
 		case ARCHIVE_ENTRY_ACL_OTHER:
 			acl_set_tag_type(acl_entry, ACL_OTHER);
 			break;
+#ifdef ACL_TYPE_NFS4
 		case ARCHIVE_ENTRY_ACL_EVERYONE:
 			acl_set_tag_type(acl_entry, ACL_EVERYONE);
 			break;
+#endif
 		default:
 			/* XXX */
 			break;
 		}
 
+#ifdef ACL_TYPE_NFS4
 		switch (ae_type) {
 		case ARCHIVE_ENTRY_ACL_TYPE_ALLOW:
 			acl_set_entry_type_np(acl_entry, ACL_ENTRY_TYPE_ALLOW);
@@ -200,6 +211,7 @@ set_acl(struct archive *a, int fd, const char *name,
 			// XXX error handling here.
 			break;
 		}
+#endif
 
 		acl_get_permset(acl_entry, &acl_permset);
 		acl_clear_perms(acl_permset);
@@ -210,6 +222,7 @@ set_acl(struct archive *a, int fd, const char *name,
 					     acl_perm_map[i].platform_perm);
 		}
 
+#ifdef ACL_TYPE_NFS4
 		acl_get_flagset_np(acl_entry, &acl_flagset);
 		acl_clear_flags_np(acl_flagset);
 		for (i = 0; i < (int)(sizeof(acl_inherit_map) / sizeof(acl_inherit_map[0])); ++i) {
@@ -217,6 +230,7 @@ set_acl(struct archive *a, int fd, const char *name,
 				acl_add_flag_np(acl_flagset,
 						acl_inherit_map[i].platform_inherit);
 		}
+#endif
 	}
 
 	/* Try restoring the ACL through 'fd' if we can. */

--- End Message ---

--- Begin Message ---

Version: 3.2.0-1

It seems to me that this bug could have been marked as fixed in
the upload of libarchive-3.2.0-1, since the patch itself was taken
from the upstream repository before that.

The version in Jessie may be fixed with a stable proposed update.

Thanks for reporting this and locating the fix!

G'luck,
Peter

-- 
Peter Pentchev  [email protected] [email protected] [email protected]
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13

signature.asc
Description: PGP signature

--- End Message ---

Bug#778253: marked as done (libarchive13: archive_read_disk_entry_from_file() and archive_write_disk_set_acls() don't preserv ACL.)

Reply via email to