Previously:
- acl_get just returned for lpathconf returning EINVAL
- acl_get silently ignored all other lpathconf errors and
implied it is not a NFS4 acl
Now:
- not sure why the EINVAL silent return was done, but it seems
wrong. guess it could be the system not implementing a check
for nfs4. but in that case guess we still would like to get
the default and access ACL!? Thus, I removed the silent return.
- raise OSError for all lpathconf errors
Cosmetic: add a nfs4_acl boolean, so the code reads better.
... to implement same semantics as on linux (only store ACL
if it defines permissions other than those defined by the
traditional file permissions).
Looks like there is no call working with an fd on FreeBSD.
This is NOT a bug fix, because the previous code contained a
check for symlinks before that line - because symlinks can not
have ACLs under Linux.
Now, this "is it a symlink" check is removed to simplify the
code and the "nofollow" variant of acl_extended_file* is used
to look at the symlink fs object (in the symlink case).
It then should tell us that this does NOT have an extended ACL
(because symlinks can't have ACLs) and so we return there.
Overall the code gets simpler and looks less suspect.
Previously, these conditions were handled the same (just return):
- no extended acl here
- some error happened (e.g. ACLs unsupported, bad file descriptor, file not found, permission error, ...)
Now there will be OSErrors for the error cases.
- ACLs are not working, if ENOTSUP ("Operation not supported") happens
- fix check for macOS
On macOS borg uses "acl_extended", not "acl_access" and
also the ACL text format is a bit different.
Also: use ERROR loglevel for these (not WARNING).
A different amount of index entries was already logged as error
and led to "error_found = True" in repository.check.
Different values in the rebuilt index vs. the on-disk index were
only logged on warning level, but did not lead to error_found = True.
Guess there is no reason why these should not be errors and lead to
error_found = True, so this was fixed in this commit.
Minor related change: change report_error function args, so it can be
called like logger.error - including giving a format AND args.
The warning refers to a compatibility issue not relevant any
more since borg 1.0.9 (released 2016-12).
It is now better to remove this warning to make the output
of borg init shorter and maybe get more people to completely
read the important parts of it.
borg init calls this. If there is a PermissionError, it is
usually fs permission issue at path or its parent directory.
Don't give a traceback, but rather an error msg and a specific exit code.
That rather long traceback was not pretty.
Of course users should usually have valid nonce files,
but multiple users managed to corrupt the file contents somehow.
Also:
- add Error / ErrorWithTraceback exception classes to RPC layer.
- add hex_to_bin helper
- also call hex_to_bin for the local nonce file (security dir)
