Package: tar
Version: 1.34+dfsg-1
Severity: normal
Tags: patch
X-Debbugs-Cc: f.gruenbich...@proxmox.com
filed upstream (with similar patch): http://savannah.gnu.org/bugs/?61934
ACL entries store references to numeric uids/gids. on platforms that have
libacl, use `acl_to_any_text` to generate ACL strings that preserve those
numeric identifiers if `numeric-owner` is set (instead of doing a conversion to
user/group name, like the acl_to_text function does).
reproducer (similar ones exist where a user/group of the stored name exists,
but has a different numeric identifier):
system A with user foo with uid 1001
system B with no user foo
file with ACL referencing uid 1001 on system A
on A:
$ echo 'bar' > file
$ setfacl -m u:foo:r file
$ tar --acls --xattrs --numeric-owner -cf test.tar file
$ tar -vv --acls --xattrs -tf test.tar
expected output:
-rw-r--r--+ 0/0 4 2022-01-26 14:32 file
a: user::rw-,user:1001:r--,group::r--,mask::r--,other::r--
actual output:
-rw-r--r--+ 0/0 4 2022-01-26 14:32 file
a: user::rw-,user:fakeuser:r--,group::r--,mask::r--,other::r--
on B:
$ tar --acls --xattrs -xf test.tar
$ getfacl -n file
expected output (extraction) - none
expected output (getfacl):
# file: file
# owner: 0
# group: 0
user::rw-
user:1001:r--
group::r--
other::r--
actual output (extraction):
tar: file: Warning: Cannot acl_from_text: Invalid argument
actual output (getfacl) - note the missing user entry:
# file: file
# owner: 0
# group: 0
user::rw-
group::r--
other::r--
attached patch changes the behaviour of archive creation to honor
`numeric-owner` iff libacl is available. the extraction side remains unchanged
(it handles both numeric and symbolic references in ACL entries).
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.15.0-3-amd64 (SMP w/16 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages tar depends on:
ii libacl1 2.3.1-1
ii libc6 2.33-5
ii libselinux1 3.3-1+b1
tar recommends no packages.
Versions of packages tar suggests:
ii bzip2 1.0.8-5
pn ncompress <none>
pn tar-doc <none>
pn tar-scripts <none>
ii xz-utils 5.2.5-2
-- no debconf information
Index: tar-1.34+dfsg/src/xattrs.c
===================================================================
--- tar-1.34+dfsg.orig/src/xattrs.c
+++ tar-1.34+dfsg/src/xattrs.c
@@ -53,6 +53,10 @@ static struct
#ifdef HAVE_POSIX_ACLS
# include "acl.h"
# include <sys/acl.h>
+#ifdef HAVE_ACL_LIBACL_H
+/* needed for numeric-owner support */
+# include <acl/libacl.h>
+#endif
#endif
#ifdef HAVE_POSIX_ACLS
@@ -285,7 +289,13 @@ xattrs__acls_get_a (int parentfd, const
return;
}
- val = acl_to_text (acl, NULL);
+#ifdef HAVE_ACL_LIBACL_H
+ if (numeric_owner_option)
+ val = acl_to_any_text(acl, NULL, '\n', TEXT_SOME_EFFECTIVE | TEXT_NUMERIC_IDS);
+ else
+#endif
+ val = acl_to_text (acl, NULL);
+
acl_free (acl);
if (!val)
@@ -315,7 +325,13 @@ xattrs__acls_get_d (int parentfd, char c
return;
}
- val = acl_to_text (acl, NULL);
+#ifdef HAVE_ACL_LIBACL_H
+ if (numeric_owner_option)
+ val = acl_to_any_text(acl, NULL, '\n', TEXT_SOME_EFFECTIVE | TEXT_NUMERIC_IDS);
+ else
+ val = acl_to_text (acl, NULL);
+#endif
+
acl_free (acl);
if (!val)
