• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 256
  • Last Modified:

tar restore loses ACL settings

I recently restored a folder from a tar archive. This folder did have extended ACL settings, but after the restore they are gone. How  do I fix this? Is tar not the right tool for saving these extended settings?
0
jmarkfoley
Asked:
jmarkfoley
  • 3
  • 2
1 Solution
 
arnoldCommented:
The extended ACL is stored else where and not part of the file reference.
To deal with archive while retaining the extended ACL settings, you would need to use getfacl to extract the extended acl settings into a file that will the be used following the restore to reapply the ACL permissions.
0
 
jmarkfoleyAuthor Commented:
That's what I was afraid of. I installed Samba4 as a DC/AD and implemented redirected folders. These folders were under /redirectedFolders/Users. The user files had ACL settings. Is there any why to know what these settings were or do you think I'd have to re-do the redirectedFolders from the beginning?
0
 
arnoldCommented:
Usually redirected folders have user ownership only unless you would like Administrators to have access as well.
You could setup a cron that would periodically run setfacl recursively the permissions to allow for group access.

Did you have those users id mapped? Or are all the permissions set to smb ownership?

Though. For smb, the settings are stored within smb.conf which arbitrates the access.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
jmarkfoleyAuthor Commented:
smb.conf has the top-level folder configured:
[Users]
    path = /redirectedFolders/Users
    comment = user folders for redirection
    read only = No
    writable = yes

Open in new window


but the users' sub-folders are created by AD Group Policy and extended ACL permissions are create automatically when the user connects to the domain from the Windows workstation.

I guess I'll try removing the user subfolders and see if the get automatically created. I'll let you know.

Since the folders are created
0
 
SandyCommented:
if you have created tarball along with using --xattrs then it will restore else will not.

TY/SA
0
 
jmarkfoleyAuthor Commented:
Sandy: --xattrs is not supported by my tar (1.26)

Arnold: I believe I've re-set the extended permissions via WIN7, although I still might have some permission issues I'll address in a separate topic.

Going forward - I'll save the ACLs separate using `getfacl -R /thisdir /thatdir >backupACL.txt`, and back that file up with tar. There are getfacl,  getfattr, setfacl, setfattr commands. I'll have to check the man pages to see what the differences are.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now