Rate this page del.icio.us  Digg slashdot StumbleUpon

Tips from an RHCE: Tar vs. Star — The battle of xattrs

by

Contributed by Forrest Taylor

In Red Hat® Enterprise Linux® 4, tar could not handle the extra information stored in ext2 and ext3 file systems called Extended Attributes (EAs or xattrs). This is a potential problem for backups, because SELinux and ACLs use these Extended Attributes to store the security contexts and access control lists respectively. star shone brightly as it has options for backing up and restoring each of these attributes.

Great strides have taken place in rebuilding tar to acknowledge these Extended Attributes, and with Red Hat Enterprise Linux 5 comes a new tar with options for xattrs. tar now has three options for creating an archive with xattrs in mind:

--selinux Archive the SELinux attributes of the files and directories
--acls Archive the ACL attributes of files and directories
--xattrs Archive all Extended Attributes of files and directories.
This includes both SELinux and ACL attributes, as well as any other xattr.

Optionally, if you don’t want to use the xattrs there are three other options:

--no-selinux Do not use the SELinux attributes
--no-acls Do not use the ACL attributes
--no-xattrs Do not use any xattrs, including SELinux and ACL.

By default, tar does not archive the xattrs, thus the previous three options are normally used at the time of restore.

Additionally, newly created file systems in Red Hat Enterprise Linux 5 now contain the acl and user_xattr default mount options, so these tar options are necessary for good backups.

Red Hat’s acclaimed training programs offer a lifetime of experience in a week’s worth of class instruction. And a good portion of the credit for that success goes to the Red Hat Certified Instructors that make a Red Hat training course something special. They have the best tips, and the trickiest tricks. So we thought we’d ask ‘em to share. The information provided in this article is for your information only. The origin of this information may be internal or external to Red Hat. While Red Hat attempts to verify the validity of this information before it is posted, Red Hat makes no express or implied claims to its validity.

This entry was posted by on Monday, July 2nd, 2007 at 4:36 pm and is filed under tips and tricks. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

5 responses to “Tips from an RHCE: Tar vs. Star — The battle of xattrs”

  1. Marc Rechte says:
    July 6th, 2007 at 7:44 am

    Hi,

    Do you mean that star is not supported by Red Hat ? If not which one would you recommend and why ?

    Thanks

  2. Forrest Taylor says:
    July 9th, 2007 at 5:17 pm

    Marc,

    star is supported by Red Hat. In Red Hat Enterprise Linux 4, tar would not backup the xattrs, including the SELinux and ACL attributes. star, however, is able to backup the xattrs. In Red Hat Enterprise Linux 5, both star and tar can archive the extended attributes.

    As for recommendations, if you are using Red Hat Enterprise 4 and you use the SELinux attributes, or you use ACLs, you must use star to archive these extended attributes.

    If you use Red Hat Enterprise Linux 5, you may use either one–I recommend using the one with which you are most comfortable.

  3. gizovezucicn says:
    July 28th, 2007 at 4:42 am

    gizovezucicn

    nice post

  4. John Grant says:
    August 1st, 2007 at 3:33 am

    The comment “newly created file systems in Red Hat Enterprise Linux 5 now contain the acl and user_xattr default mount options” contradicts RH300 Unit 5 Page 86 which says “Filesystems create(sic) post-install will not have ACL’s(sic) active by default.”

    So which is correct? Should I tune2fs all filesystems to activate ACLs?

  5. Seamus says:
    August 8th, 2007 at 6:51 am

    @John – I have just checked this with a RHEL5 filesystem created at boot and mounted with no additional options.

    setfacl -m u:[user]:rwx /path/to/file adds an ACL

    ls -Z /path/to/file lists SELinux attributes

    From reading my RH300 manual, it looks like any filesystems created during installation will support these attributes by default but any created post-install will not.

Links

Tags

Archives