Previously:
- acl_get just returned for lpathconf returning EINVAL
- acl_get silently ignored all other lpathconf errors and
implied it is not a NFS4 acl
Now:
- not sure why the EINVAL silent return was done, but it seems
wrong. guess it could be the system not implementing a check
for nfs4. but in that case guess we still would like to get
the default and access ACL!? Thus, I removed the silent return.
- raise OSError for all lpathconf errors
Cosmetic: add a nfs4_acl boolean, so the code reads better.
... to implement same semantics as on linux (only store ACL
if it defines permissions other than those defined by the
traditional file permissions).
Looks like there is no call working with an fd on FreeBSD.
This is NOT a bug fix, because the previous code contained a
check for symlinks before that line - because symlinks can not
have ACLs under Linux.
Now, this "is it a symlink" check is removed to simplify the
code and the "nofollow" variant of acl_extended_file* is used
to look at the symlink fs object (in the symlink case).
It then should tell us that this does NOT have an extended ACL
(because symlinks can't have ACLs) and so we return there.
Overall the code gets simpler and looks less suspect.
Previously, these conditions were handled the same (just return):
- no extended acl here
- some error happened (e.g. ACLs unsupported, bad file descriptor, file not found, permission error, ...)
Now there will be OSErrors for the error cases.
- ACLs are not working, if ENOTSUP ("Operation not supported") happens
- fix check for macOS
On macOS borg uses "acl_extended", not "acl_access" and
also the ACL text format is a bit different.
- macOS: run on macos-14 (on Apple Silicon!)
- macOS: use OpenSSL 3.0 from brew
- macOS: run with Python 3.11
- pip install -e .: add -v
- use up-to-date github actions
- remove libb2 references - since borg 1.2, we use blake2 indirectly via python stdlib
this was recently set to a relatively high minimum version when
locating it via pkgconfig was added. this broke the binary builds
on buster and bullseye.
i don't think borg requires a specific libacl version as long as
the api is compatible, so i now set this to 2.2.47 (from 2008).
Vladimir Malinovskii