Hi @all! I want to backup Windows files to a Linux Server including the Windows ACLs. I found this at nabble.com http://www.nabble.com/Rsync-windows-acls-td21205816.html ------------------------------------------------------------------------------------------------- On Mon, 2008-12-29 at 09:54 -0700, Michael Chletsos wrote:> Has rsync integrated windows acls into it yet?No, and the main version probably never will as rsync targets primarily unix-like systems. Windows ACL support would be fair game for a maintained patch that could be included in packagings such as cwRsync. I know of three currently available options: - If you want to back up ACLs in a way that can be restored but don't need to actually apply them to the destination files, --fake-super is supposed to be able to do this (though I'm not entirely clear on how it works). - Use rsync to copy the data and another tool such as RoboCopy to copy the ACLs. See: http://lists.samba.org/archive/rsync/2007-October/018704.html - Ask Srinivasa Battula <sbattula@...> for his modified version of rsync that supports Windows ACLs (based on a development snapshot of 2.6.9, unless it has been updated). -- Matt -------------------------------------------------------------------------------------------------- My question is: I first transfer the files with rsync and then using RoboCopy to transfer the ACLs. Where exactly do robocopy copy the ACLs? In a different file? Please help me understanding this. Further I want to ask if this the following is up to date? Found on http://archives.devshed.com/forums/networking-100/i-need-rsync-acl-support-for-windows-2025405.html ------------------------------------------------------------------------------------------ There are two opportunities for information loss in the ACL conversion: - PSIX ACLs support only read, write, and execute permissions. Thus, aspects of Windows ACLs that cannot be represented by a combination of read, write, and execute (often shown as "Special Permissions" in the Windows ACL editor) will be lost. - Rsync uses Unix-like UIDs and GIDs. To get Cygwin to convert Windows users and groups to and from UIDs and GIDs in a meaningful fashion, you must assign UIDs and GIDs to all the users on the system in the /etc/passwd and /etc/group files. See the Cygwin page I linked above for much more information. Additionally, if you are copying from one machine to another, rsync gives you the option to preserve users and groups by UID/GID or by Cygwin name (which may or may not match the Windows name depending on how you did /etc/passwd and /etc/group); see rsync's option. -- Matt --------------------------------------------------------------------------------------------- Thanks a lot for answering! Greetings, David __________________________________________________________________________ Verschicken Sie SMS direkt vom Postfach aus - in alle deutschen und viele ausl?ndische Netze zum gleichen Preis! https://produkte.web.de/webde_sms/sms
On Thu, Apr 16, 2009 at 6:40 AM, David de Lama <david.delama@web.de> wrote:> There are two opportunities for information loss in the ACL conversion: > > - PSIX ACLs support only read, write, and execute permissions. Thus, > aspects of Windows ACLs that cannot be represented by a combination of > read, write, and execute (often shown as "Special Permissions" in the > Windows ACL editor) will be lost.I assume youare talking about the "container inherit/Object inherit" concept in Windows ACLs that cannot be replicated with POSIX. There are also permissions combinations like "list directory without read", "create files but no write to other files", etc. All of these concepts are available with NFSv4-style ACLs on UNIX-like platforms. But "available" and "built-in with pervasive tools support" are two very different things. Event mappiong between Windows ACLs and NFSv4 ACLs isn't 100%. See http://wiki.linux-nfs.org/wiki/index.php/ACLs Rsync's man page inidcates support for ACLs, but does not mention what ACL model is supported. One would assume NFSv4-style, but it could also be AFS style or something else. Cygwin supports on-the-fly ACL mapping to Solaris style ACLs, which I believe are the same as NFSv4: http://www.cygwin.com/cygwin-ug-net/highlights.html#ov-hi-perm> - Rsync uses Unix-like UIDs and GIDs. To get Cygwin to convert > Windows users and groups to and from UIDs and GIDs in a meaningful > fashion, you must assign UIDs and GIDs to all the users on the system > in the /etc/passwd and /etc/group files. See the Cygwin page I linked > above for much more information. Additionally, if you are copying > from one machine to another, rsync gives you the option to preserve > users and groups by UID/GID or by Cygwin name (which may or may not > match the Windows name depending on how you did /etc/passwd and > /etc/group); see rsync's option.Presumably, if rsync supports ACLs, it supports the NFSv4 style "user@domain" or "group@domain" identifiers instead of or in addition to UID/GIDs. There's not much work going from there to supporting the windows security ID, which is just a GUID of the form "S-1-5-21-1307432495-4323513810-0945580164-1907". In windows, the mounting system maps ACL SIDs to usernames and back. Like *NIX, are a few "well-known" SIDs that are the same on every system. For example, LOCALSYSTEM has a defined SID, just as root is always mapped to user 0 on *nix. So, it seems like most of the infrastructure is there for supporting Windows ACLs in rsync cwrsync. However, it seems as though someobody needs to do the code. Being a bonehead sysadmin type and incapable of that coding myself, I can only help with testing and documentation. -- RPM
>> Rsync's man page inidcates support for ACLs, but does not mention what >> ACL model is supported. > >Rsync supports POSIX ACLs as described at http://acl.bestbits.at/ . > >> > - Rsync uses Unix-like UIDs and GIDs. [...] > >> Presumably, if rsync supports ACLs, it supports the NFSv4 style >> "user at domain" or "group at domain" identifiers instead of or in addition >> to UID/GIDs. > >POSIX ACLs just use UIDs/GIDs, so that's all rsync supports (though it >can map them from one system to another by name). > >-- >MattHi @all! Thanks for that quick answers. I first copy the files from a Win-Client to a Linux-Server with rsync. After that I (try to) use robocopy to transfer the ACLs. But I don't know where and what is copied. Because I don't see anything on the Linux-Server. Could someone help me out? Or give me some kind of "howto"? Thanks again. David ____________________________________________________________________ Psssst! Schon vom neuen WEB.DE MultiMessenger geh?rt? Der kann`s mit allen: http://www.produkte.web.de/messenger/?did=3123