On 9/18/2018 7:44 AM, Frank Steiner via rsync wrote:> Hi,
>
> the man page states
>
> For systems that support extended-attribute namespaces, a copy being
> done by a super-user copies all namespaces except system.*.
>
> That's the reason why NFAv4 ACLs are not copied as they are in the
> system.nfs4_acl (or system.nfs4acl) namespace.
>
> Why are those namespaces excluded?
>
> Not being able rsync ACLs von NFSv4 is a major drawback now that
> NFsv4 becomes standard oder v3 and ACLs are getting more widely used.
----
Because they are storing them in the security (sometimes also
called system) section and not the 'root' section (at least on XFS).
The linux kernel disallows you reading ex-attrs with the Security
label.
I don't particularly like it for the same reasons you don't.
It takes patching a linux kernel to enable them being copied. I've
done it but more as proof of theory. Problem comes in when you restore
attribute to a secure namespace. Are those attrs really secure when you
take them "off the system". If not, you could modify them, then if
they are copied to a target, you could use modified attrs to
give yourself root capabilities.
So...have to solve that before it can be safely allowed.
NeverTheLess, it's still a potential hole to allow copying of such
security attrs. Unless you want to change the way security attrs are
stored to use 4k-long signing strings to ensure non-tampering, I don't
see how you can do it...and doing that would be adding 4k to each
attribute...UG!