This patch provides --fileflags, which preserves the st_flags stat() field.
Modified from a patch that was written by Rolf Grossmann.
To use this patch, run these commands for a successful build:
patch -p1 <patches/fileflags.diff
./prepare-source
./configure
make
based-on: d73762eea3f15f2c56bb3fa9394ad1883c25c949
diff --git a/Makefile.in b/Makefile.in
--- a/Makefile.in
+++ b/Makefile.in
@@ -46,7 +46,7 @@ popt_OBJS=popt/findme.o popt/popt.o popt/poptconfig.o \
popt/popthelp.o popt/poptparse.o
OBJS=$(OBJS1) $(OBJS2) $(OBJS3) $(DAEMON_OBJ) $(LIBOBJ) @BUILD_ZLIB@ @BUILD_POPT@
-TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o lib/sysxattrs.o @BUILD_POPT@
+TLS_OBJ = tls.o syscall.o t_stub.o lib/compat.o lib/snprintf.o lib/permstring.o lib/sysxattrs.o @BUILD_POPT@
# Programs we must have to run the test cases
CHECK_PROGS = rsync$(EXEEXT) tls$(EXEEXT) getgroups$(EXEEXT) getfsdev$(EXEEXT) \
@@ -128,7 +128,7 @@ getgroups$(EXEEXT): getgroups.o
getfsdev$(EXEEXT): getfsdev.o
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ getfsdev.o $(LIBS)
-TRIMSLASH_OBJ = trimslash.o syscall.o lib/compat.o lib/snprintf.o
+TRIMSLASH_OBJ = trimslash.o syscall.o t_stub.o lib/compat.o lib/snprintf.o
trimslash$(EXEEXT): $(TRIMSLASH_OBJ)
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(TRIMSLASH_OBJ) $(LIBS)
diff --git a/compat.c b/compat.c
--- a/compat.c
+++ b/compat.c
@@ -45,9 +45,11 @@ extern int checksum_seed;
extern int basis_dir_cnt;
extern int prune_empty_dirs;
extern int protocol_version;
+extern int force_change;
extern int protect_args;
extern int preserve_uid;
extern int preserve_gid;
+extern int preserve_fileflags;
extern int preserve_acls;
extern int preserve_xattrs;
extern int need_messages_from_generator;
@@ -65,7 +67,7 @@ extern char *iconv_opt;
#endif
/* These index values are for the file-list's extra-attribute array. */
-int uid_ndx, gid_ndx, acls_ndx, xattrs_ndx, unsort_ndx;
+int uid_ndx, gid_ndx, fileflags_ndx, acls_ndx, xattrs_ndx, unsort_ndx;
int receiver_symlink_times = 0; /* receiver can set the time on a symlink */
int sender_symlink_iconv = 0; /* sender should convert symlink content */
@@ -144,6 +146,8 @@ void setup_protocol(int f_out,int f_in)
uid_ndx = ++file_extra_cnt;
if (preserve_gid)
gid_ndx = ++file_extra_cnt;
+ if (preserve_fileflags || (force_change && !am_sender))
+ fileflags_ndx = ++file_extra_cnt;
if (preserve_acls && !am_sender)
acls_ndx = ++file_extra_cnt;
if (preserve_xattrs)
diff --git a/configure.ac b/configure.ac
--- a/configure.ac
+++ b/configure.ac
@@ -594,6 +594,7 @@ AC_FUNC_UTIME_NULL
AC_FUNC_ALLOCA
AC_CHECK_FUNCS(waitpid wait4 getcwd strdup chown chmod lchmod mknod mkfifo \
fchmod fstat ftruncate strchr readlink link utime utimes lutimes strftime \
+ chflags \
memmove lchown vsnprintf snprintf vasprintf asprintf setsid strpbrk \
strlcat strlcpy strtol mallinfo getgroups setgroups geteuid getegid \
setlocale setmode open64 lseek64 mkstemp64 mtrace va_copy __va_copy \
diff --git a/delete.c b/delete.c
--- a/delete.c
+++ b/delete.c
@@ -25,6 +25,7 @@
extern int am_root;
extern int make_backups;
extern int max_delete;
+extern int force_change;
extern char *backup_dir;
extern char *backup_suffix;
extern int backup_suffix_len;
@@ -97,8 +98,12 @@ static enum delret delete_dir_contents(char *fname, uint16 flags)
}
strlcpy(p, fp->basename, remainder);
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change)
+ make_mutable(fname, fp->mode, F_FFLAGS(fp), force_change);
+#endif
if (!(fp->mode & S_IWUSR) && !am_root && fp->flags & FLAG_OWNED_BY_US)
- do_chmod(fname, fp->mode | S_IWUSR);
+ do_chmod(fname, fp->mode | S_IWUSR, NO_FFLAGS);
/* Save stack by recursing to ourself directly. */
if (S_ISDIR(fp->mode)) {
if (delete_dir_contents(fname, flags | DEL_RECURSE) != DR_SUCCESS)
@@ -139,11 +144,18 @@ enum delret delete_item(char *fbuf, uint16 mode, uint16 flags)
}
if (flags & DEL_NO_UID_WRITE)
- do_chmod(fbuf, mode | S_IWUSR);
+ do_chmod(fbuf, mode | S_IWUSR, NO_FFLAGS);
if (S_ISDIR(mode) && !(flags & DEL_DIR_IS_EMPTY)) {
/* This only happens on the first call to delete_item() since
* delete_dir_contents() always calls us w/DEL_DIR_IS_EMPTY. */
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change) {
+ STRUCT_STAT st;
+ if (x_lstat(fbuf, &st, NULL) == 0)
+ make_mutable(fbuf, st.st_mode, st.st_flags, force_change);
+ }
+#endif
ignore_perishable = 1;
/* If DEL_RECURSE is not set, this just reports emptiness. */
ret = delete_dir_contents(fbuf, flags);
diff --git a/flist.c b/flist.c
--- a/flist.c
+++ b/flist.c
@@ -52,6 +52,7 @@ extern int preserve_links;
extern int preserve_hard_links;
extern int preserve_devices;
extern int preserve_specials;
+extern int preserve_fileflags;
extern int delete_during;
extern int missing_args;
extern int eol_nulls;
@@ -381,6 +382,9 @@ static void send_file_entry(int f, const char *fname, struct file_struct *file,
{
static time_t modtime;
static mode_t mode;
+#ifdef SUPPORT_FILEFLAGS
+ static uint32 fileflags;
+#endif
#ifdef SUPPORT_HARD_LINKS
static int64 dev;
#endif
@@ -424,6 +428,14 @@ static void send_file_entry(int f, const char *fname, struct file_struct *file,
xflags |= XMIT_SAME_MODE;
else
mode = file->mode;
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags) {
+ if (F_FFLAGS(file) == fileflags)
+ xflags |= XMIT_SAME_FLAGS;
+ else
+ fileflags = F_FFLAGS(file);
+ }
+#endif
if (preserve_devices && IS_DEVICE(mode)) {
if (protocol_version < 28) {
@@ -565,6 +577,10 @@ static void send_file_entry(int f, const char *fname, struct file_struct *file,
write_varint(f, F_MOD_NSEC(file));
if (!(xflags & XMIT_SAME_MODE))
write_int(f, to_wire_mode(mode));
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags && !(xflags & XMIT_SAME_FLAGS))
+ write_int(f, (int)fileflags);
+#endif
if (preserve_uid && !(xflags & XMIT_SAME_UID)) {
if (protocol_version < 30)
write_int(f, uid);
@@ -654,6 +670,9 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
{
static int64 modtime;
static mode_t mode;
+#ifdef SUPPORT_FILEFLAGS
+ static uint32 fileflags;
+#endif
#ifdef SUPPORT_HARD_LINKS
static int64 dev;
#endif
@@ -761,6 +780,10 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
modtime = first->modtime;
modtime_nsec = F_MOD_NSEC(first);
mode = first->mode;
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags)
+ fileflags = F_FFLAGS(first);
+#endif
if (preserve_uid)
uid = F_OWNER(first);
if (preserve_gid)
@@ -802,6 +825,10 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
if (chmod_modes && !S_ISLNK(mode) && mode)
mode = tweak_mode(mode, chmod_modes);
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags && !(xflags & XMIT_SAME_FLAGS))
+ fileflags = (uint32)read_int(f);
+#endif
if (preserve_uid && !(xflags & XMIT_SAME_UID)) {
if (protocol_version < 30)
@@ -960,6 +987,10 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
}
#endif
file->mode = mode;
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags)
+ F_FFLAGS(file) = fileflags;
+#endif
if (preserve_uid)
F_OWNER(file) = uid;
if (preserve_gid) {
@@ -1357,6 +1388,10 @@ struct file_struct *make_file(const char *fname, struct file_list *flist,
}
#endif
file->mode = st.st_mode;
+#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE
+ if (fileflags_ndx)
+ F_FFLAGS(file) = st.st_flags;
+#endif
if (preserve_uid)
F_OWNER(file) = st.st_uid;
if (preserve_gid)
diff --git a/generator.c b/generator.c
--- a/generator.c
+++ b/generator.c
@@ -42,8 +42,10 @@ extern int preserve_devices;
extern int preserve_specials;
extern int preserve_hard_links;
extern int preserve_executability;
+extern int preserve_fileflags;
extern int preserve_perms;
extern int preserve_times;
+extern int force_change;
extern int delete_mode;
extern int delete_before;
extern int delete_during;
@@ -470,6 +472,10 @@ int unchanged_attrs(const char *fname, struct file_struct *file, stat_x *sxp)
return 0;
if (perms_differ(file, sxp))
return 0;
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags && sxp->st.st_flags != F_FFLAGS(file))
+ return 0;
+#endif
if (ownership_differs(file, sxp))
return 0;
#ifdef SUPPORT_ACLS
@@ -521,6 +527,11 @@ void itemize(const char *fnamecmp, struct file_struct *file, int ndx, int statre
if (gid_ndx && !(file->flags & FLAG_SKIP_GROUP)
&& sxp->st.st_gid != (gid_t)F_GROUP(file))
iflags |= ITEM_REPORT_GROUP;
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags && !S_ISLNK(file->mode)
+ && sxp->st.st_flags != F_FFLAGS(file))
+ iflags |= ITEM_REPORT_FFLAGS;
+#endif
#ifdef SUPPORT_ACLS
if (preserve_acls && !S_ISLNK(file->mode)) {
if (!ACL_READY(*sxp))
@@ -1415,6 +1426,10 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
file->mode = dest_mode(file->mode, sx.st.st_mode,
dflt_perms, statret == 0);
}
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && !preserve_fileflags)
+ F_FFLAGS(file) = sx.st.st_flags;
+#endif
if (statret != 0 && basis_dir[0] != NULL) {
int j = try_dests_non(file, fname, ndx, fnamecmpbuf, &sx,
itemizing, code);
@@ -1459,10 +1474,15 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
* readable and writable permissions during the time we are
* putting files within them. This is then restored to the
* former permissions after the transfer is done. */
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && F_FFLAGS(file) & force_change
+ && make_mutable(fname, file->mode, F_FFLAGS(file), force_change))
+ need_retouch_dir_perms = 1;
+#endif
#ifdef HAVE_CHMOD
if (!am_root && (file->mode & S_IRWXU) != S_IRWXU && dir_tweaking) {
mode_t mode = file->mode | S_IRWXU;
- if (do_chmod(fname, mode) < 0) {
+ if (do_chmod(fname, mode, 0) < 0) {
rsyserr(FERROR_XFER, errno,
"failed to modify permissions on %s",
full_fname(fname));
@@ -1498,6 +1518,10 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
file->mode = dest_mode(file->mode, sx.st.st_mode, dflt_perms,
exists);
}
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && !preserve_fileflags)
+ F_FFLAGS(file) = sx.st.st_flags;
+#endif
#ifdef SUPPORT_HARD_LINKS
if (preserve_hard_links && F_HLINK_NOT_FIRST(file)
@@ -2065,12 +2089,16 @@ static void touch_up_dirs(struct file_list *flist, int ndx)
continue;
fname = f_name(file, NULL);
if (fix_dir_perms)
- do_chmod(fname, file->mode);
+ do_chmod(fname, file->mode, 0);
if (need_retouch_dir_times) {
STRUCT_STAT st;
if (link_stat(fname, &st, 0) == 0 && time_diff(&st, file))
- set_modtime(fname, file->modtime, F_MOD_NSEC(file), file->mode);
+ set_modtime(fname, file->modtime, F_MOD_NSEC(file), file->mode, 0);
}
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && F_FFLAGS(file) & force_change)
+ undo_make_mutable(fname, F_FFLAGS(file));
+#endif
if (counter >= loopchk_limit) {
if (allowed_lull)
maybe_send_keepalive(time(NULL), MSK_ALLOW_FLUSH);
diff --git a/log.c b/log.c
--- a/log.c
+++ b/log.c
@@ -713,7 +713,7 @@ static void log_formatted(enum logcode code, const char *format, const char *op,
c[5] = !(iflags & ITEM_REPORT_PERMS) ? '.' : 'p';
c[6] = !(iflags & ITEM_REPORT_OWNER) ? '.' : 'o';
c[7] = !(iflags & ITEM_REPORT_GROUP) ? '.' : 'g';
- c[8] = !(iflags & ITEM_REPORT_ATIME) ? '.' : 'u';
+ c[8] = !(iflags & ITEM_REPORT_FFLAGS) ? '.' : 'f';
c[9] = !(iflags & ITEM_REPORT_ACL) ? '.' : 'a';
c[10] = !(iflags & ITEM_REPORT_XATTR) ? '.' : 'x';
c[11] = '\0';
diff --git a/main.c b/main.c
--- a/main.c
+++ b/main.c
@@ -26,6 +26,9 @@
#if defined CONFIG_LOCALE && defined HAVE_LOCALE_H
#include <locale.h>
#endif
+#ifdef SUPPORT_FORCE_CHANGE
+#include <sys/sysctl.h>
+#endif
extern int dry_run;
extern int list_only;
@@ -51,6 +54,7 @@ extern int copy_unsafe_links;
extern int keep_dirlinks;
extern int preserve_hard_links;
extern int protocol_version;
+extern int force_change;
extern int file_total;
extern int recurse;
extern int xfer_dirs;
@@ -850,6 +854,22 @@ static int do_recv(int f_in, int f_out, char *local_name)
* points to an identical file won't be replaced by the referent. */
copy_links = copy_dirlinks = copy_unsafe_links = 0;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change & SYS_IMMUTABLE) {
+ /* Determine whether we'll be able to unlock a system immutable item. */
+ int mib[2];
+ int securityLevel = 0;
+ size_t len = sizeof securityLevel;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_SECURELVL;
+ if (sysctl(mib, 2, &securityLevel, &len, NULL, 0) == 0 && securityLevel > 0) {
+ rprintf(FERROR, "System security level is too high to force mutability on system immutable files and directories.\n");
+ exit_cleanup(RERR_UNSUPPORTED);
+ }
+ }
+#endif
+
#ifdef SUPPORT_HARD_LINKS
if (preserve_hard_links && !inc_recurse)
match_hard_links(first_flist);
diff --git a/options.c b/options.c
--- a/options.c
+++ b/options.c
@@ -55,6 +55,7 @@ int preserve_hard_links = 0;
int preserve_acls = 0;
int preserve_xattrs = 0;
int preserve_perms = 0;
+int preserve_fileflags = 0;
int preserve_executability = 0;
int preserve_devices = 0;
int preserve_specials = 0;
@@ -89,6 +90,7 @@ int numeric_ids = 0;
int msgs2stderr = 0;
int allow_8bit_chars = 0;
int force_delete = 0;
+int force_change = 0;
int io_timeout = 0;
int prune_empty_dirs = 0;
int use_qsort = 0;
@@ -573,6 +575,7 @@ static void print_rsync_version(enum logcode f)
char const *links = "no ";
char const *iconv = "no ";
char const *ipv6 = "no ";
+ char const *fileflags = "no ";
STRUCT_STAT *dumstat;
#if SUBPROTOCOL_VERSION != 0
@@ -609,6 +612,9 @@ static void print_rsync_version(enum logcode f)
#ifdef CAN_SET_SYMLINK_TIMES
symtimes = "";
#endif
+#ifdef SUPPORT_FILEFLAGS
+ fileflags = "";
+#endif
rprintf(f, "%s version %s protocol version %d%s\n",
RSYNC_NAME, RSYNC_VERSION, PROTOCOL_VERSION, subprotocol);
@@ -622,8 +628,8 @@ static void print_rsync_version(enum logcode f)
(int)(sizeof (int64) * 8));
rprintf(f, " %ssocketpairs, %shardlinks, %ssymlinks, %sIPv6, batchfiles, %sinplace,\n",
got_socketpair, hardlinks, links, ipv6, have_inplace);
- rprintf(f, " %sappend, %sACLs, %sxattrs, %siconv, %ssymtimes, %sprealloc\n",
- have_inplace, acls, xattrs, iconv, symtimes, prealloc);
+ rprintf(f, " %sappend, %sACLs, %sxattrs, %siconv, %ssymtimes, %sprealloc, %sfile-flags\n",
+ have_inplace, acls, xattrs, iconv, symtimes, prealloc, fileflags);
#ifdef MAINTAINER_MODE
rprintf(f, "Panic Action: \"%s\"\n", get_panic_action());
@@ -694,6 +700,9 @@ void usage(enum logcode F)
rprintf(F," -K, --keep-dirlinks treat symlinked dir on receiver as dir\n");
rprintf(F," -H, --hard-links preserve hard links\n");
rprintf(F," -p, --perms preserve permissions\n");
+#ifdef SUPPORT_FILEFLAGS
+ rprintf(F," --fileflags preserve file-flags (aka chflags)\n");
+#endif
rprintf(F," -E, --executability preserve the file's executability\n");
rprintf(F," --chmod=CHMOD affect file and/or directory permissions\n");
#ifdef SUPPORT_ACLS
@@ -740,7 +749,12 @@ void usage(enum logcode F)
rprintf(F," --ignore-missing-args ignore missing source args without error\n");
rprintf(F," --delete-missing-args delete missing source args from destination\n");
rprintf(F," --ignore-errors delete even if there are I/O errors\n");
- rprintf(F," --force force deletion of directories even if not empty\n");
+ rprintf(F," --force-delete force deletion of directories even if not empty\n");
+#ifdef SUPPORT_FORCE_CHANGE
+ rprintf(F," --force-change affect user-/system-immutable files/dirs\n");
+ rprintf(F," --force-uchange affect user-immutable files/dirs\n");
+ rprintf(F," --force-schange affect system-immutable files/dirs\n");
+#endif
rprintf(F," --max-delete=NUM don't delete more than NUM files\n");
rprintf(F," --max-size=SIZE don't transfer any file larger than SIZE\n");
rprintf(F," --min-size=SIZE don't transfer any file smaller than SIZE\n");
@@ -857,6 +871,10 @@ static struct poptOption long_options[] = {
{"perms", 'p', POPT_ARG_VAL, &preserve_perms, 1, 0, 0 },
{"no-perms", 0, POPT_ARG_VAL, &preserve_perms, 0, 0, 0 },
{"no-p", 0, POPT_ARG_VAL, &preserve_perms, 0, 0, 0 },
+#ifdef SUPPORT_FILEFLAGS
+ {"fileflags", 0, POPT_ARG_VAL, &preserve_fileflags, 1, 0, 0 },
+ {"no-fileflags", 0, POPT_ARG_VAL, &preserve_fileflags, 0, 0, 0 },
+#endif
{"executability", 'E', POPT_ARG_NONE, &preserve_executability, 0, 0, 0 },
{"acls", 'A', POPT_ARG_NONE, 0, 'A', 0, 0 },
{"no-acls", 0, POPT_ARG_VAL, &preserve_acls, 0, 0, 0 },
@@ -943,6 +961,14 @@ static struct poptOption long_options[] = {
{"remove-source-files",0,POPT_ARG_VAL, &remove_source_files, 1, 0, 0 },
{"force", 0, POPT_ARG_VAL, &force_delete, 1, 0, 0 },
{"no-force", 0, POPT_ARG_VAL, &force_delete, 0, 0, 0 },
+ {"force-delete", 0, POPT_ARG_VAL, &force_delete, 1, 0, 0 },
+ {"no-force-delete", 0, POPT_ARG_VAL, &force_delete, 0, 0, 0 },
+#ifdef SUPPORT_FORCE_CHANGE
+ {"force-change", 0, POPT_ARG_VAL, &force_change, ALL_IMMUTABLE, 0, 0 },
+ {"no-force-change", 0, POPT_ARG_VAL, &force_change, 0, 0, 0 },
+ {"force-uchange", 0, POPT_ARG_VAL, &force_change, USR_IMMUTABLE, 0, 0 },
+ {"force-schange", 0, POPT_ARG_VAL, &force_change, SYS_IMMUTABLE, 0, 0 },
+#endif
{"ignore-errors", 0, POPT_ARG_VAL, &ignore_errors, 1, 0, 0 },
{"no-ignore-errors", 0, POPT_ARG_VAL, &ignore_errors, 0, 0, 0 },
{"max-delete", 0, POPT_ARG_INT, &max_delete, 0, 0, 0 },
@@ -2567,6 +2593,9 @@ void server_options(char **args, int *argc_p)
if (xfer_dirs && !recurse && delete_mode && am_sender)
args[ac++] = "--no-r";
+ if (preserve_fileflags)
+ args[ac++] = "--fileflags";
+
if (do_compression && def_compress_level != Z_DEFAULT_COMPRESSION) {
if (asprintf(&arg, "--compress-level=%d", def_compress_level) < 0)
goto oom;
@@ -2660,6 +2689,16 @@ void server_options(char **args, int *argc_p)
args[ac++] = "--delete-excluded";
if (force_delete)
args[ac++] = "--force";
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change) {
+ if (force_change == ALL_IMMUTABLE)
+ args[ac++] = "--force-change";
+ else if (force_change == USR_IMMUTABLE)
+ args[ac++] = "--force-uchange";
+ else if (force_change == SYS_IMMUTABLE)
+ args[ac++] = "--force-schange";
+ }
+#endif
if (write_batch < 0)
args[ac++] = "--only-write-batch=X";
if (am_root > 1)
diff --git a/rsync.c b/rsync.c
--- a/rsync.c
+++ b/rsync.c
@@ -31,6 +31,7 @@ extern int dry_run;
extern int preserve_acls;
extern int preserve_xattrs;
extern int preserve_perms;
+extern int preserve_fileflags;
extern int preserve_executability;
extern int preserve_times;
extern int am_root;
@@ -458,6 +459,39 @@ mode_t dest_mode(mode_t flist_mode, mode_t stat_mode, int dflt_perms,
return new_mode;
}
+#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE
+/* Set a file's st_flags. */
+static int set_fileflags(const char *fname, uint32 fileflags)
+{
+ if (do_chflags(fname, fileflags) != 0) {
+ rsyserr(FERROR_XFER, errno,
+ "failed to set file flags on %s",
+ full_fname(fname));
+ return 0;
+ }
+
+ return 1;
+}
+
+/* Remove immutable flags from an object, so it can be altered/removed. */
+int make_mutable(const char *fname, mode_t mode, uint32 fileflags, uint32 iflags)
+{
+ if (S_ISLNK(mode) || !(fileflags & iflags))
+ return 0;
+ if (!set_fileflags(fname, fileflags & ~iflags))
+ return -1;
+ return 1;
+}
+
+/* Undo a prior make_mutable() call that returned a 1. */
+int undo_make_mutable(const char *fname, uint32 fileflags)
+{
+ if (!set_fileflags(fname, fileflags))
+ return -1;
+ return 1;
+}
+#endif
+
int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
const char *fnamecmp, int flags)
{
@@ -519,7 +553,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
if (am_root >= 0) {
uid_t uid = change_uid ? (uid_t)F_OWNER(file) : sxp->st.st_uid;
gid_t gid = change_gid ? (gid_t)F_GROUP(file) : sxp->st.st_gid;
- if (do_lchown(fname, uid, gid) != 0) {
+ if (do_lchown(fname, uid, gid, sxp->st.st_mode, ST_FLAGS(sxp->st)) != 0) {
/* We shouldn't have attempted to change uid
* or gid unless have the privilege. */
rsyserr(FERROR_XFER, errno, "%s %s failed",
@@ -559,7 +593,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
|| (flags & ATTRS_SET_NANO && NSEC_BUMP(file) && (uint32)sxp->st.ST_MTIME_NSEC != F_MOD_NSEC(file))
#endif
)) {
- int ret = set_modtime(fname, file->modtime, F_MOD_NSEC(file), sxp->st.st_mode);
+ int ret = set_modtime(fname, file->modtime, F_MOD_NSEC(file), sxp->st.st_mode, ST_FLAGS(sxp->st));
if (ret < 0) {
rsyserr(FERROR_XFER, errno, "failed to set times on %s",
full_fname(fname));
@@ -586,7 +620,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
#ifdef HAVE_CHMOD
if (!BITS_EQUAL(sxp->st.st_mode, new_mode, CHMOD_BITS)) {
- int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode);
+ int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode, ST_FLAGS(sxp->st));
if (ret < 0) {
rsyserr(FERROR_XFER, errno,
"failed to set permissions on %s",
@@ -598,6 +632,19 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
}
#endif
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags && !S_ISLNK(sxp->st.st_mode)
+ && sxp->st.st_flags != F_FFLAGS(file)) {
+ uint32 fileflags = F_FFLAGS(file);
+ if (flags & ATTRS_DELAY_IMMUTABLE)
+ fileflags &= ~ALL_IMMUTABLE;
+ if (sxp->st.st_flags != fileflags
+ && !set_fileflags(fname, fileflags))
+ goto cleanup;
+ updated = 1;
+ }
+#endif
+
if (INFO_GTE(NAME, 2) && flags & ATTRS_REPORT) {
if (updated)
rprintf(FCLIENT, "%s\n", fname);
@@ -672,7 +719,8 @@ int finish_transfer(const char *fname, const char *fnametmp,
/* Change permissions before putting the file into place. */
set_file_attrs(fnametmp, file, NULL, fnamecmp,
- ok_to_set_time ? ATTRS_SET_NANO : ATTRS_SKIP_MTIME);
+ ATTRS_DELAY_IMMUTABLE
+ | (ok_to_set_time ? ATTRS_SET_NANO : ATTRS_SKIP_MTIME));
/* move tmp file over real file */
if (DEBUG_GTE(RECV, 1))
@@ -689,6 +737,10 @@ int finish_transfer(const char *fname, const char *fnametmp,
}
if (ret == 0) {
/* The file was moved into place (not copied), so it's done. */
+#ifdef SUPPORT_FILEFLAGS
+ if (preserve_fileflags && F_FFLAGS(file) & ALL_IMMUTABLE)
+ set_fileflags(fname, F_FFLAGS(file));
+#endif
return 1;
}
/* The file was copied, so tweak the perms of the copied file. If it
diff --git a/rsync.h b/rsync.h
--- a/rsync.h
+++ b/rsync.h
@@ -62,6 +62,7 @@
#define XMIT_HLINK_FIRST (1<<12) /* protocols 30 - now (HLINKED files only) */
#define XMIT_IO_ERROR_ENDLIST (1<<12) /* protocols 31*- now (w/XMIT_EXTENDED_FLAGS) (also protocol 30 w/'f' compat flag) */
#define XMIT_MOD_NSEC (1<<13) /* protocols 31 - now */
+#define XMIT_SAME_FLAGS (1<<14) /* protocols ?? - now */
/* These flags are used in the live flist data. */
@@ -166,6 +167,7 @@
#define ATTRS_REPORT (1<<0)
#define ATTRS_SKIP_MTIME (1<<1)
#define ATTRS_SET_NANO (1<<2)
+#define ATTRS_DELAY_IMMUTABLE (1<<4)
#define FULL_FLUSH 1
#define NORMAL_FLUSH 0
@@ -192,6 +194,7 @@
#define ITEM_REPORT_GROUP (1<<6)
#define ITEM_REPORT_ACL (1<<7)
#define ITEM_REPORT_XATTR (1<<8)
+#define ITEM_REPORT_FFLAGS (1<<9)
#define ITEM_BASIS_TYPE_FOLLOWS (1<<11)
#define ITEM_XNAME_FOLLOWS (1<<12)
#define ITEM_IS_NEW (1<<13)
@@ -529,6 +532,28 @@ typedef unsigned int size_t;
#endif
#endif
+#define NO_FFLAGS ((uint32)-1)
+
+#ifdef HAVE_CHFLAGS
+#define SUPPORT_FILEFLAGS 1
+#define SUPPORT_FORCE_CHANGE 1
+#endif
+
+#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE
+#ifndef UF_NOUNLINK
+#define UF_NOUNLINK 0
+#endif
+#ifndef SF_NOUNLINK
+#define SF_NOUNLINK 0
+#endif
+#define USR_IMMUTABLE (UF_IMMUTABLE|UF_NOUNLINK|UF_APPEND)
+#define SYS_IMMUTABLE (SF_IMMUTABLE|SF_NOUNLINK|SF_APPEND)
+#define ALL_IMMUTABLE (USR_IMMUTABLE|SYS_IMMUTABLE)
+#define ST_FLAGS(st) (st.st_flags)
+#else
+#define ST_FLAGS(st) NO_FFLAGS
+#endif
+
/* Find a variable that is either exactly 32-bits or longer.
* If some code depends on 32-bit truncation, it will need to
* take special action in a "#if SIZEOF_INT32 > 4" section. */
@@ -716,6 +741,7 @@ extern int file_extra_cnt;
extern int inc_recurse;
extern int uid_ndx;
extern int gid_ndx;
+extern int fileflags_ndx;
extern int acls_ndx;
extern int xattrs_ndx;
@@ -757,6 +783,11 @@ extern int xattrs_ndx;
/* When the associated option is on, all entries will have these present: */
#define F_OWNER(f) REQ_EXTRA(f, uid_ndx)->unum
#define F_GROUP(f) REQ_EXTRA(f, gid_ndx)->unum
+#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE
+#define F_FFLAGS(f) REQ_EXTRA(f, fileflags_ndx)->unum
+#else
+#define F_FFLAGS(f) NO_FFLAGS
+#endif
#define F_ACL(f) REQ_EXTRA(f, acls_ndx)->num
#define F_XATTR(f) REQ_EXTRA(f, xattrs_ndx)->num
#define F_NDX(f) REQ_EXTRA(f, unsort_ndx)->num
diff --git a/rsync.yo b/rsync.yo
--- a/rsync.yo
+++ b/rsync.yo
@@ -362,6 +362,7 @@ to the detailed description below for a complete description. verb(
-K, --keep-dirlinks treat symlinked dir on receiver as dir
-H, --hard-links preserve hard links
-p, --perms preserve permissions
+ --fileflags preserve file-flags (aka chflags)
-E, --executability preserve executability
--chmod=CHMOD affect file and/or directory permissions
-A, --acls preserve ACLs (implies -p)
@@ -398,7 +399,10 @@ to the detailed description below for a complete description. verb(
--ignore-missing-args ignore missing source args without error
--delete-missing-args delete missing source args from destination
--ignore-errors delete even if there are I/O errors
- --force force deletion of dirs even if not empty
+ --force-delete force deletion of dirs even if not empty
+ --force-change affect user/system immutable files/dirs
+ --force-uchange affect user-immutable files/dirs
+ --force-schange affect system-immutable files/dirs
--max-delete=NUM don't delete more than NUM files
--max-size=SIZE don't transfer any file larger than SIZE
--min-size=SIZE don't transfer any file smaller than SIZE
@@ -658,7 +662,8 @@ specified, in which case bf(-r) is not implied.
Note that bf(-a) bf(does not preserve hardlinks), because
finding multiply-linked files is expensive. You must separately
-specify bf(-H).
+specify bf(-H). Note also that for backward compatibility, bf(-a)
+currently does bf(not) imply the bf(--fileflags) option.
dit(--no-OPTION) You may turn off one or more implied options by prefixing
the option name with "no-". Not all options may be prefixed with a "no-":
@@ -963,7 +968,7 @@ they would be using bf(--copy-links).
Without this option, if the sending side has replaced a directory with a
symlink to a directory, the receiving side will delete anything that is in
the way of the new symlink, including a directory hierarchy (as long as
-bf(--force) or bf(--delete) is in effect).
+bf(--force-delete) or bf(--delete) is in effect).
See also bf(--keep-dirlinks) for an analogous option for the receiving
side.
@@ -1147,6 +1152,29 @@ Note that the bf(-X) option does not copy rsync's special xattr values (e.g.
those used by bf(--fake-super)) unless you repeat the option (e.g. -XX).
This "copy all xattrs" mode cannot be used with bf(--fake-super).
+dit(bf(--fileflags)) This option causes rsync to update the file-flags to be
+the same as the source files and directories (if your OS supports the
+bf(chflags)(2) system call). Some flags can only be altered by the super-user
+and some might only be unset below a certain secure-level (usually single-user
+mode). It will not make files alterable that are set to immutable on the
+receiver. To do that, see bf(--force-change), bf(--force-uchange), and
+bf(--force-schange).
+
+dit(bf(--force-change)) This option causes rsync to disable both user-immutable
+and system-immutable flags on files and directories that are being updated or
+deleted on the receiving side. This option overrides bf(--force-uchange) and
+bf(--force-schange).
+
+dit(bf(--force-uchange)) This option causes rsync to disable user-immutable
+flags on files and directories that are being updated or deleted on the
+receiving side. It does not try to affect system flags. This option overrides
+bf(--force-change) and bf(--force-schange).
+
+dit(bf(--force-schange)) This option causes rsync to disable system-immutable
+flags on files and directories that are being updated or deleted on the
+receiving side. It does not try to affect user flags. This option overrides
+bf(--force-change) and bf(--force-uchange).
+
dit(bf(--chmod)) This option tells rsync to apply one or more
comma-separated "chmod" modes to the permission of the files in the
transfer. The resulting value is treated as though it were the permissions
@@ -1502,12 +1530,13 @@ display as a "*missing" entry in the bf(--list-only) output.
dit(bf(--ignore-errors)) Tells bf(--delete) to go ahead and delete files
even when there are I/O errors.
-dit(bf(--force)) This option tells rsync to delete a non-empty directory
+dit(bf(--force-delete)) This option tells rsync to delete a non-empty directory
when it is to be replaced by a non-directory. This is only relevant if
deletions are not active (see bf(--delete) for details).
-Note for older rsync versions: bf(--force) used to still be required when
-using bf(--delete-after), and it used to be non-functional unless the
+This option can be abbreviated bf(--force) for backward compatibility.
+Note that some older rsync versions used to still require bf(--force)
+when using bf(--delete-after), and it used to be non-functional unless the
bf(--recursive) option was also enabled.
dit(bf(--max-delete=NUM)) This tells rsync not to delete more than NUM
@@ -2144,7 +2173,7 @@ with older versions of rsync, but that also turns on the output of other
verbose messages).
The "%i" escape has a cryptic output that is 11 letters long. The general
-format is like the string bf(YXcstpoguax), where bf(Y) is replaced by the
+format is like the string bf(YXcstpogfax), where bf(Y) is replaced by the
type of update being done, bf(X) is replaced by the file-type, and the
other letters represent attributes that may be output if they are being
modified.
@@ -2200,7 +2229,7 @@ quote(itemization(
sender's value (requires bf(--owner) and super-user privileges).
it() A bf(g) means the group is different and is being updated to the
sender's value (requires bf(--group) and the authority to set the group).
- it() The bf(u) slot is reserved for future use.
+ it() The bf(f) means that the fileflags information changed.
it() The bf(a) means that the ACL information changed.
it() The bf(x) means that the extended attribute information changed.
))
diff --git a/syscall.c b/syscall.c
--- a/syscall.c
+++ b/syscall.c
@@ -38,6 +38,7 @@ extern int am_root;
extern int am_sender;
extern int read_only;
extern int list_only;
+extern int force_change;
extern int inplace;
extern int preallocate_files;
extern int preserve_perms;
@@ -67,7 +68,23 @@ int do_unlink(const char *fname)
{
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
- return unlink(fname);
+ if (unlink(fname) == 0)
+ return 0;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM) {
+ STRUCT_STAT st;
+
+ if (x_lstat(fname, &st, NULL) == 0
+ && make_mutable(fname, st.st_mode, st.st_flags, force_change) > 0) {
+ if (unlink(fname) == 0)
+ return 0;
+ undo_make_mutable(fname, st.st_flags);
+ }
+ /* TODO: handle immutable directories */
+ errno = EPERM;
+ }
+#endif
+ return -1;
}
#ifdef SUPPORT_LINKS
@@ -128,14 +145,37 @@ int do_link(const char *fname1, const char *fname2)
}
#endif
-int do_lchown(const char *path, uid_t owner, gid_t group)
+int do_lchown(const char *path, uid_t owner, gid_t group, mode_t mode, uint32 fileflags)
{
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
#ifndef HAVE_LCHOWN
#define lchown chown
#endif
- return lchown(path, owner, group);
+ if (lchown(path, owner, group) == 0)
+ return 0;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM) {
+ if (fileflags == NO_FFLAGS) {
+ STRUCT_STAT st;
+ if (x_lstat(path, &st, NULL) == 0) {
+ mode = st.st_mode;
+ fileflags = st.st_flags;
+ }
+ }
+ if (fileflags != NO_FFLAGS
+ && make_mutable(path, mode, fileflags, force_change) > 0) {
+ int ret = lchown(path, owner, group);
+ undo_make_mutable(path, fileflags);
+ if (ret == 0)
+ return 0;
+ }
+ errno = EPERM;
+ }
+#else
+ mode = fileflags = 0; /* avoid compiler warning */
+#endif
+ return -1;
}
int do_mknod(const char *pathname, mode_t mode, dev_t dev)
@@ -175,7 +215,7 @@ int do_mknod(const char *pathname, mode_t mode, dev_t dev)
return -1;
close(sock);
#ifdef HAVE_CHMOD
- return do_chmod(pathname, mode);
+ return do_chmod(pathname, mode, 0);
#else
return 0;
#endif
@@ -192,7 +232,22 @@ int do_rmdir(const char *pathname)
{
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
- return rmdir(pathname);
+ if (rmdir(pathname) == 0)
+ return 0;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM) {
+ STRUCT_STAT st;
+
+ if (x_lstat(pathname, &st, NULL) == 0
+ && make_mutable(pathname, st.st_mode, st.st_flags, force_change) > 0) {
+ if (rmdir(pathname) == 0)
+ return 0;
+ undo_make_mutable(pathname, st.st_flags);
+ }
+ errno = EPERM;
+ }
+#endif
+ return -1;
}
int do_open(const char *pathname, int flags, mode_t mode)
@@ -206,7 +261,7 @@ int do_open(const char *pathname, int flags, mode_t mode)
}
#ifdef HAVE_CHMOD
-int do_chmod(const char *path, mode_t mode)
+int do_chmod(const char *path, mode_t mode, uint32 fileflags)
{
int code;
if (dry_run) return 0;
@@ -229,17 +284,74 @@ int do_chmod(const char *path, mode_t mode)
} else
code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
#endif /* !HAVE_LCHMOD */
+#ifdef SUPPORT_FORCE_CHANGE
+ if (code < 0 && force_change && errno == EPERM && !S_ISLNK(mode)) {
+ if (fileflags == NO_FFLAGS) {
+ STRUCT_STAT st;
+ if (x_lstat(path, &st, NULL) == 0)
+ fileflags = st.st_flags;
+ }
+ if (fileflags != NO_FFLAGS
+ && make_mutable(path, mode, fileflags, force_change) > 0) {
+ code = chmod(path, mode & CHMOD_BITS);
+ undo_make_mutable(path, fileflags);
+ if (code == 0)
+ return 0;
+ }
+ errno = EPERM;
+ }
+#else
+ fileflags = 0; /* avoid compiler warning */
+#endif
if (code != 0 && (preserve_perms || preserve_executability))
return code;
return 0;
}
#endif
+#ifdef HAVE_CHFLAGS
+int do_chflags(const char *path, uint32 fileflags)
+{
+ if (dry_run) return 0;
+ RETURN_ERROR_IF_RO_OR_LO;
+ return chflags(path, fileflags);
+}
+#endif
+
int do_rename(const char *fname1, const char *fname2)
{
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
- return rename(fname1, fname2);
+ if (rename(fname1, fname2) == 0)
+ return 0;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM) {
+ STRUCT_STAT st1, st2;
+ int became_mutable;
+
+ if (x_lstat(fname1, &st1, NULL) != 0)
+ goto failed;
+ became_mutable = make_mutable(fname1, st1.st_mode, st1.st_flags, force_change) > 0;
+ if (became_mutable && rename(fname1, fname2) == 0)
+ goto success;
+ if (x_lstat(fname2, &st2, NULL) == 0
+ && make_mutable(fname2, st2.st_mode, st2.st_flags, force_change) > 0) {
+ if (rename(fname1, fname2) == 0) {
+ success:
+ if (became_mutable) /* Yes, use fname2 and st1! */
+ undo_make_mutable(fname2, st1.st_flags);
+ return 0;
+ }
+ undo_make_mutable(fname2, st2.st_flags);
+ }
+ /* TODO: handle immutable directories */
+ if (became_mutable)
+ undo_make_mutable(fname1, st1.st_flags);
+ failed:
+ errno = EPERM;
+ }
+#endif
+ return -1;
}
#ifdef HAVE_FTRUNCATE
diff --git a/t_stub.c b/t_stub.c
--- a/t_stub.c
+++ b/t_stub.c
@@ -28,6 +28,7 @@ int protect_args = 0;
int module_id = -1;
int relative_paths = 0;
int module_dirlen = 0;
+int force_change = 0;
int preserve_acls = 0;
int preserve_times = 0;
int preserve_xattrs = 0;
@@ -102,3 +103,23 @@ filter_rule_list daemon_filter_list;
{
return cst || !flg ? 16 : 1;
}
+
+#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE
+ int make_mutable(UNUSED(const char *fname), UNUSED(mode_t mode), UNUSED(uint32 fileflags), UNUSED(uint32 iflags))
+{
+ return 0;
+}
+
+/* Undo a prior make_mutable() call that returned a 1. */
+ int undo_make_mutable(UNUSED(const char *fname), UNUSED(uint32 fileflags))
+{
+ return 0;
+}
+#endif
+
+#ifdef SUPPORT_XATTRS
+ int x_lstat(UNUSED(const char *fname), UNUSED(STRUCT_STAT *fst), UNUSED(STRUCT_STAT *xst))
+{
+ return -1;
+}
+#endif
diff --git a/util.c b/util.c
--- a/util.c
+++ b/util.c
@@ -33,6 +33,7 @@ extern int relative_paths;
extern int preserve_times;
extern int preserve_xattrs;
extern int preallocate_files;
+extern int force_change;
extern char *module_dir;
extern unsigned int module_dirlen;
extern char *partial_dir;
@@ -115,9 +116,36 @@ void print_child_argv(const char *prefix, char **cmd)
rprintf(FCLIENT, " (%d args)\n", cnt);
}
+#ifdef SUPPORT_FORCE_CHANGE
+static int try_a_force_change(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode, uint32 fileflags)
+{
+ if (fileflags == NO_FFLAGS) {
+ STRUCT_STAT st;
+ if (x_lstat(fname, &st, NULL) == 0)
+ fileflags = st.st_flags;
+ }
+
+ if (fileflags != NO_FFLAGS && make_mutable(fname, mode, fileflags, force_change) > 0) {
+ int ret, save_force_change = force_change;
+
+ force_change = 0; /* Make certain we can't come back here. */
+ ret = set_modtime(fname, modtime, mod_nsec, mode, fileflags);
+ force_change = save_force_change;
+
+ undo_make_mutable(fname, fileflags);
+
+ return ret;
+ }
+
+ errno = EPERM;
+
+ return -1;
+}
+#endif
+
/* This returns 0 for success, 1 for a symlink if symlink time-setting
* is not possible, or -1 for any other error. */
-int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode)
+int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode, uint32 fileflags)
{
static int switch_step = 0;
@@ -142,6 +170,11 @@ int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode)
#include "case_N.h"
if (do_utimensat(fname, modtime, mod_nsec) == 0)
break;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM
+ && try_a_force_change(fname, modtime, mod_nsec, mode, fileflags) == 0)
+ break;
+#endif
if (errno != ENOSYS)
return -1;
switch_step++;
@@ -152,6 +185,11 @@ int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode)
#include "case_N.h"
if (do_lutimes(fname, modtime, mod_nsec) == 0)
break;
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM
+ && try_a_force_change(fname, modtime, mod_nsec, mode, fileflags) == 0)
+ break;
+#endif
if (errno != ENOSYS)
return -1;
switch_step++;
@@ -175,6 +213,13 @@ int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode)
if (do_utime(fname, modtime, mod_nsec) == 0)
break;
#endif
+#ifdef SUPPORT_FORCE_CHANGE
+ if (force_change && errno == EPERM
+ && try_a_force_change(fname, modtime, mod_nsec, mode, fileflags) == 0)
+ break;
+#else
+ fileflags = 0; /* avoid compiler warning */
+#endif
return -1;
}
diff --git a/xattrs.c b/xattrs.c
--- a/xattrs.c
+++ b/xattrs.c
@@ -1224,7 +1224,7 @@ int set_stat_xattr(const char *fname, struct file_struct *file, mode_t new_mode)
mode = (fst.st_mode & _S_IFMT) | (fmode & ACCESSPERMS)
| (S_ISDIR(fst.st_mode) ? 0700 : 0600);
if (fst.st_mode != mode)
- do_chmod(fname, mode);
+ do_chmod(fname, mode, ST_FLAGS(fst));
if (!IS_DEVICE(fst.st_mode))
fst.st_rdev = 0; /* just in case */
diff -Nurp a/config.h.in b/config.h.in
--- a/config.h.in
+++ b/config.h.in
@@ -76,6 +76,9 @@
/* Define to 1 if vsprintf has a C99-compatible return value */
#undef HAVE_C99_VSNPRINTF
+/* Define to 1 if you have the `chflags' function. */
+#undef HAVE_CHFLAGS
+
/* Define to 1 if you have the `chmod' function. */
#undef HAVE_CHMOD
diff -Nurp a/configure.sh b/configure.sh
--- a/configure.sh
+++ b/configure.sh
@@ -7706,6 +7706,7 @@ fi
for ac_func in waitpid wait4 getcwd strdup chown chmod lchmod mknod mkfifo \
fchmod fstat ftruncate strchr readlink link utime utimes lutimes strftime \
+ chflags \
memmove lchown vsnprintf snprintf vasprintf asprintf setsid strpbrk \
strlcat strlcpy strtol mallinfo getgroups setgroups geteuid getegid \
setlocale setmode open64 lseek64 mkstemp64 mtrace va_copy __va_copy \
diff -Nurp a/proto.h b/proto.h
--- a/proto.h
+++ b/proto.h
@@ -298,6 +298,8 @@ int read_ndx_and_attrs(int f_in, int f_o
void free_sums(struct sum_struct *s);
mode_t dest_mode(mode_t flist_mode, mode_t stat_mode, int dflt_perms,
int exists);
+int make_mutable(const char *fname, mode_t mode, uint32 fileflags, uint32 iflags);
+int undo_make_mutable(const char *fname, uint32 fileflags);
int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
const char *fnamecmp, int flags);
void sig_int(int sig_num);
@@ -322,11 +324,12 @@ int do_unlink(const char *fname);
int do_symlink(const char *lnk, const char *fname);
ssize_t do_readlink(const char *path, char *buf, size_t bufsiz);
int do_link(const char *fname1, const char *fname2);
-int do_lchown(const char *path, uid_t owner, gid_t group);
+int do_lchown(const char *path, uid_t owner, gid_t group, mode_t mode, uint32 fileflags);
int do_mknod(const char *pathname, mode_t mode, dev_t dev);
int do_rmdir(const char *pathname);
int do_open(const char *pathname, int flags, mode_t mode);
-int do_chmod(const char *path, mode_t mode);
+int do_chmod(const char *path, mode_t mode, uint32 fileflags);
+int do_chflags(const char *path, uint32 fileflags);
int do_rename(const char *fname1, const char *fname2);
int do_ftruncate(int fd, OFF_T size);
void trim_trailing_slashes(char *name);
@@ -367,7 +370,7 @@ void set_nonblocking(int fd);
void set_blocking(int fd);
int fd_pair(int fd[2]);
void print_child_argv(const char *prefix, char **cmd);
-int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode);
+int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode, uint32 fileflags);
int make_path(char *fname, int flags);
int full_write(int desc, const char *ptr, size_t len);
int copy_file(const char *source, const char *dest, int ofd, mode_t mode);
diff -Nurp a/rsync.1 b/rsync.1
--- a/rsync.1
+++ b/rsync.1
@@ -438,6 +438,7 @@ to the detailed description below for a
\-K, \-\-keep\-dirlinks treat symlinked dir on receiver as dir
\-H, \-\-hard\-links preserve hard links
\-p, \-\-perms preserve permissions
+ \-\-fileflags preserve file\-flags (aka chflags)
\-E, \-\-executability preserve executability
\-\-chmod=CHMOD affect file and/or directory permissions
\-A, \-\-acls preserve ACLs (implies \-p)
@@ -474,7 +475,10 @@ to the detailed description below for a
\-\-ignore\-missing\-args ignore missing source args without error
\-\-delete\-missing\-args delete missing source args from destination
\-\-ignore\-errors delete even if there are I/O errors
- \-\-force force deletion of dirs even if not empty
+ \-\-force\-delete force deletion of dirs even if not empty
+ \-\-force\-change affect user/system immutable files/dirs
+ \-\-force\-uchange affect user\-immutable files/dirs
+ \-\-force\-schange affect system\-immutable files/dirs
\-\-max\-delete=NUM don'\&t delete more than NUM files
\-\-max\-size=SIZE don'\&t transfer any file larger than SIZE
\-\-min\-size=SIZE don'\&t transfer any file smaller than SIZE
@@ -761,7 +765,8 @@ specified, in which case \fB\-r\fP is no
.IP
Note that \fB\-a\fP \fBdoes not preserve hardlinks\fP, because
finding multiply\-linked files is expensive. You must separately
-specify \fB\-H\fP.
+specify \fB\-H\fP. Note also that for backward compatibility, \fB\-a\fP
+currently does \fBnot\fP imply the \fB\-\-fileflags\fP option.
.IP
.IP "\-\-no\-OPTION"
You may turn off one or more implied options by prefixing
@@ -1101,7 +1106,7 @@ they would be using \fB\-\-copy\-links\f
Without this option, if the sending side has replaced a directory with a
symlink to a directory, the receiving side will delete anything that is in
the way of the new symlink, including a directory hierarchy (as long as
-\fB\-\-force\fP or \fB\-\-delete\fP is in effect).
+\fB\-\-force\-delete\fP or \fB\-\-delete\fP is in effect).
.IP
See also \fB\-\-keep\-dirlinks\fP for an analogous option for the receiving
side.
@@ -1315,6 +1320,33 @@ Note that the \fB\-X\fP option does not
those used by \fB\-\-fake\-super\fP) unless you repeat the option (e.g. \-XX).
This \(dq\© all xattrs\(dq\& mode cannot be used with \fB\-\-fake\-super\fP.
.IP
+.IP "\fB\-\-fileflags\fP"
+This option causes rsync to update the file\-flags to be
+the same as the source files and directories (if your OS supports the
+\fBchflags\fP(2) system call). Some flags can only be altered by the super\-user
+and some might only be unset below a certain secure\-level (usually single\-user
+mode). It will not make files alterable that are set to immutable on the
+receiver. To do that, see \fB\-\-force\-change\fP, \fB\-\-force\-uchange\fP, and
+\fB\-\-force\-schange\fP.
+.IP
+.IP "\fB\-\-force\-change\fP"
+This option causes rsync to disable both user\-immutable
+and system\-immutable flags on files and directories that are being updated or
+deleted on the receiving side. This option overrides \fB\-\-force\-uchange\fP and
+\fB\-\-force\-schange\fP.
+.IP
+.IP "\fB\-\-force\-uchange\fP"
+This option causes rsync to disable user\-immutable
+flags on files and directories that are being updated or deleted on the
+receiving side. It does not try to affect system flags. This option overrides
+\fB\-\-force\-change\fP and \fB\-\-force\-schange\fP.
+.IP
+.IP "\fB\-\-force\-schange\fP"
+This option causes rsync to disable system\-immutable
+flags on files and directories that are being updated or deleted on the
+receiving side. It does not try to affect user flags. This option overrides
+\fB\-\-force\-change\fP and \fB\-\-force\-uchange\fP.
+.IP
.IP "\fB\-\-chmod\fP"
This option tells rsync to apply one or more
comma\-separated \(dq\&chmod\(dq\& modes to the permission of the files in the
@@ -1705,13 +1737,14 @@ display as a \(dq\&*missing\(dq\& entry
Tells \fB\-\-delete\fP to go ahead and delete files
even when there are I/O errors.
.IP
-.IP "\fB\-\-force\fP"
+.IP "\fB\-\-force\-delete\fP"
This option tells rsync to delete a non\-empty directory
when it is to be replaced by a non\-directory. This is only relevant if
deletions are not active (see \fB\-\-delete\fP for details).
.IP
-Note for older rsync versions: \fB\-\-force\fP used to still be required when
-using \fB\-\-delete\-after\fP, and it used to be non\-functional unless the
+This option can be abbreviated \fB\-\-force\fP for backward compatibility.
+Note that some older rsync versions used to still require \fB\-\-force\fP
+when using \fB\-\-delete\-after\fP, and it used to be non\-functional unless the
\fB\-\-recursive\fP option was also enabled.
.IP
.IP "\fB\-\-max\-delete=NUM\fP"
@@ -2429,7 +2462,7 @@ with older versions of rsync, but that a
verbose messages).
.IP
The \(dq\&%i\(dq\& escape has a cryptic output that is 11 letters long. The general
-format is like the string \fBYXcstpoguax\fP, where \fBY\fP is replaced by the
+format is like the string \fBYXcstpogfax\fP, where \fBY\fP is replaced by the
type of update being done, \fBX\fP is replaced by the file\-type, and the
other letters represent attributes that may be output if they are being
modified.
@@ -2499,7 +2532,7 @@ sender\(cq\&s value (requires \fB\-\-own
A \fBg\fP means the group is different and is being updated to the
sender\(cq\&s value (requires \fB\-\-group\fP and the authority to set the group).
.IP o
-The \fBu\fP slot is reserved for future use.
+The \fBf\fP means that the fileflags information changed.
.IP o
The \fBa\fP means that the ACL information changed.
.IP o