From 9412a8430ec8b78b1e47783aff75db0f22c08f97 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Tue, 16 Feb 2021 21:08:47 +0100 Subject: [PATCH] create/extract: add --noacls option, #3955 when given with borg create, borg will not get ACLs from input files (and thus, it will not archive ACLs). when given with borg extract, borg will not read ACLs from archive and it will not set ACLs on extracted files. --- src/borg/archive.py | 10 +++++++--- src/borg/archiver.py | 9 ++++++++- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/borg/archive.py b/src/borg/archive.py index ab9de1d18..9be4ce0a0 100644 --- a/src/borg/archive.py +++ b/src/borg/archive.py @@ -379,7 +379,8 @@ class Archive: """Failed to encode filename "{}" into file system encoding "{}". Consider configuring the LANG environment variable.""" def __init__(self, repository, key, manifest, name, cache=None, create=False, - checkpoint_interval=1800, numeric_owner=False, noatime=False, noctime=False, noflags=False, + checkpoint_interval=1800, numeric_owner=False, noatime=False, noctime=False, + noflags=False, noacls=False, progress=False, chunker_params=CHUNKER_PARAMS, start=None, start_monotonic=None, end=None, consider_part_files=False, log_json=False): self.cwd = os.getcwd() @@ -398,6 +399,7 @@ class Archive: self.noatime = noatime self.noctime = noctime self.noflags = noflags + self.noacls = noacls assert (start is None) == (start_monotonic is None), 'Logic error: if start is given, start_monotonic must be given as well and vice versa.' if start is None: start = datetime.utcnow() @@ -853,7 +855,8 @@ Utilization of max. archive size: {csize_max:.0%} except OSError: # some systems don't support calling utime on a symlink pass - acl_set(path, item, self.numeric_owner, fd=fd) + if not self.noacls: + acl_set(path, item, self.numeric_owner, fd=fd) # chown removes Linux capabilities, so set the extended attributes at the end, after chown, since they include # the Linux capabilities in the "security.capability" attribute. warning = xattr.set_all(fd or path, item.get('xattrs', {}), follow_symlinks=False) @@ -1077,7 +1080,8 @@ class MetadataCollector: if not self.noflags: flags = get_flags(path, st, fd=fd) xattrs = xattr.get_all(fd or path, follow_symlinks=False) - acl_get(path, attrs, st, self.numeric_owner, fd=fd) + if not self.noacls: + acl_get(path, attrs, st, self.numeric_owner, fd=fd) if xattrs: attrs['xattrs'] = StableDict(xattrs) if flags: diff --git a/src/borg/archiver.py b/src/borg/archiver.py index 3cefb36f4..5fa5a9a1d 100644 --- a/src/borg/archiver.py +++ b/src/borg/archiver.py @@ -189,6 +189,7 @@ def with_archive(method): archive = Archive(repository, key, manifest, args.location.archive, numeric_owner=getattr(args, 'numeric_owner', False), noflags=getattr(args, 'nobsdflags', False) or getattr(args, 'noflags', False), + noacls=getattr(args, 'noacls', False), cache=kwargs.get('cache'), consider_part_files=args.consider_part_files, log_json=args.log_json) return method(self, args, repository=repository, manifest=manifest, key=key, archive=archive, **kwargs) @@ -635,6 +636,7 @@ class Archiver: self.output_filter = args.output_filter self.output_list = args.output_list self.noflags = args.nobsdflags or args.noflags + self.noacls = args.noacls self.exclude_nodump = args.exclude_nodump dry_run = args.dry_run t0 = datetime.utcnow() @@ -651,7 +653,8 @@ class Archiver: chunker_params=args.chunker_params, start=t0, start_monotonic=t0_monotonic, log_json=args.log_json) metadata_collector = MetadataCollector(noatime=not args.atime, noctime=args.noctime, - noflags=args.nobsdflags or args.noflags, numeric_owner=args.numeric_owner, nobirthtime=args.nobirthtime) + noflags=args.nobsdflags or args.noflags, noacls=args.noacls, + numeric_owner=args.numeric_owner, nobirthtime=args.nobirthtime) cp = ChunksProcessor(cache=cache, key=key, add_item=archive.add_item, write_checkpoint=archive.write_checkpoint, checkpoint_interval=args.checkpoint_interval, rechunkify=False) @@ -3379,6 +3382,8 @@ class Archiver: help='deprecated, use ``--noflags`` instead') fs_group.add_argument('--noflags', dest='noflags', action='store_true', help='do not read and store flags (e.g. NODUMP, IMMUTABLE) into archive') + fs_group.add_argument('--noacls', dest='noacls', action='store_true', + help='do not read and store ACLs into archive') fs_group.add_argument('--sparse', dest='sparse', action='store_true', help='detect sparse holes in input (supported only by fixed chunker)') fs_group.add_argument('--files-cache', metavar='MODE', dest='files_cache_mode', @@ -3797,6 +3802,8 @@ class Archiver: help='deprecated, use ``--noflags`` instead') subparser.add_argument('--noflags', dest='noflags', action='store_true', help='do not extract/set flags (e.g. NODUMP, IMMUTABLE)') + subparser.add_argument('--noacls', dest='noacls', action='store_true', + help='do not extract/set ACLs') subparser.add_argument('--stdout', dest='stdout', action='store_true', help='write all extracted data to stdout') subparser.add_argument('--sparse', dest='sparse', action='store_true',