Chandler
2023-Feb-02 22:23 UTC
How to backup/restore NFS data and preserve ACL's on Linux?
On the backup system, I have mounted the directories to backup over NFS (v4.2),
then rsync is run on the backup system (by root) to copy the data from NFS to
its local filesystem (ZFS with xattr and posixacl properties).
I can verify the backup system can see the source ACL's with nfs4_getfacl.
I can also create and verify ACL's on the backup file system with
set/getfacl. I guess the problem arises due to differences in NFS and posix ACL
formats and mapping between them? I read a bunch this morning and tried various
commands. The best I could come up with was something like this:
rsync -aAX --filter='-x system.posix_acl' --fake-super
I guess I literally have to remove/filter out the original ACL metadata, because
without the filter, rsync saves `user.rsync.%stat` in the xattrs but when I
checked the data with `getfattr -d`, it doesn't have any of the ACL data.
and `--fake-super` appears to be needed, otherwise rsync tries to write nfs4
ACL's, which aren't compatible with linux:
rsync: [receiver] rsync_xal_set:
lsetxattr("testacldata","system.nfs4_acl") failed: Operation
not supported (95)
With both flags, I am getting an additional `user.rsync.system.nfs4_acl` saved
in the xattrs as a base64 encoded string I guess (begins with 0s). I tried
giving the data after "0s" to `base64 -d` and it spits out somewhat
readable data and I can at least see the second gid in there, from the original
ACL.
So is this the best I can do?
Then if I ever need to restore this data:
Mount the backup data over NFS on the restore system. I can see the
`user.rsync.%stat` and `user.rsync.system.nfs4_acl` in the backup data. All the
backup data is now saved with root.root as the owner.group so it's essential
to somehow map the rsync xattrs back to the restored data... how to do that? or
any other ideas to do this right?
Thanks