tar restore loses ACL settings

Posted on 2014-08-03
Last Modified: 2014-08-07
I recently restored a folder from a tar archive. This folder did have extended ACL settings, but after the restore they are gone. How  do I fix this? Is tar not the right tool for saving these extended settings?
Question by:jmarkfoley
    LVL 76

    Accepted Solution

    The extended ACL is stored else where and not part of the file reference.
    To deal with archive while retaining the extended ACL settings, you would need to use getfacl to extract the extended acl settings into a file that will the be used following the restore to reapply the ACL permissions.
    LVL 1

    Author Comment

    That's what I was afraid of. I installed Samba4 as a DC/AD and implemented redirected folders. These folders were under /redirectedFolders/Users. The user files had ACL settings. Is there any why to know what these settings were or do you think I'd have to re-do the redirectedFolders from the beginning?
    LVL 76

    Expert Comment

    Usually redirected folders have user ownership only unless you would like Administrators to have access as well.
    You could setup a cron that would periodically run setfacl recursively the permissions to allow for group access.

    Did you have those users id mapped? Or are all the permissions set to smb ownership?

    Though. For smb, the settings are stored within smb.conf which arbitrates the access.
    LVL 1

    Author Comment

    smb.conf has the top-level folder configured:
        path = /redirectedFolders/Users
        comment = user folders for redirection
        read only = No
        writable = yes

    Open in new window

    but the users' sub-folders are created by AD Group Policy and extended ACL permissions are create automatically when the user connects to the domain from the Windows workstation.

    I guess I'll try removing the user subfolders and see if the get automatically created. I'll let you know.

    Since the folders are created
    LVL 13

    Expert Comment

    if you have created tarball along with using --xattrs then it will restore else will not.

    LVL 1

    Author Comment

    Sandy: --xattrs is not supported by my tar (1.26)

    Arnold: I believe I've re-set the extended permissions via WIN7, although I still might have some permission issues I'll address in a separate topic.

    Going forward - I'll save the ACLs separate using `getfacl -R /thisdir /thatdir >backupACL.txt`, and back that file up with tar. There are getfacl,  getfattr, setfacl, setfattr commands. I'll have to check the man pages to see what the differences are.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    In this tutorial I will explain how to make squid prevent malwares in five easy steps: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-…
    This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now