That was a “fun” debugging session…
Worse, it preserves “special” files like the ones in /dev or /var which aren’t removable by anyone other than root. Love extracting a system file backup in my file server as a regular user in order to get just a few files out of it, and promptly not being able to fully delete it afterward without SSHing into the server and using sudo.
I don’t get how a regular user can even create files like that. Sounds like a security vulnerability.
Since no one has yet mentioned, by default if you’re running tar as a non-root user it extracts files with owner/umask of the current user and if you run it as root (or superuser) it’ll preserve ownership and permissions. From tar man page:
–no-same-owner
Extract files as yourself (default for ordinary users).
–no-same-permissions
Apply the user’s umask when extracting permissions from the archive (default for ordinary users).
As mentioned, with root the defaults are to keep UID/permissions as they are in the archive. (–preserve-permissions and --same-owner).
Really good callout! Thanks for adding that
Just bear in mind that uid 1001 on one machine is not generally uid 1001 on another, and that if you copy the tar off machine you’re more than likely giving permission to somebody other than the intended target
That’s a feature, not a bug. It’s an archive after all.
It’s even a tape archiving tool. Just pretty much nobody uses it in the original way any more.
Very much one of those “if it ain’t broke, don’t replace it” tools.
but also the way it puts file data one after the other can be beneficial for compression, especially if you can define the order of the files somehow
I just assumed that whenever it would be expanded that the contents would have the default permissions for that user.
It’s actually a cool feature I just feel dumb for how long it took me to realize this was the issue.
that can be done too. tarballed software normally doesn’t have permissions attached I think
That’s what an archiving program is supposed to do.
You can even archive extended attributes with the
‘--xattrsflag.Good to know if you use xattrs as a tagging system.
I’ve never heard of an archiving program that didn’t.
IIRC zip can, but doesn’t by default. Source : wasted 8 hours trying to figure out why something didn’t work anymore (had to switch from tar to zip because stupid security system wouldn’t let me transfer the tar file)
tar -czf <folder> mv folder.{tar.gz,zip}Just use archive.pdf
I thought that, since users would be different between machines, there’s no point in keeping this kind of information.
You can sync user and daemon UIDs across machines with LDAP and SSSD.
And even if you don’t do that, keeping the information is useful when restoring to the same machine
mostly anything on windows
Yeah I did notice that. Never really had a use for such a feature though.
Well having the wrong permissions in system files will mess up your system. So when you restore from backup and want the backed-up permissions too.
Never thought of using .tar folders for that. Makes sense.
Learned to make use of this the hard way when transferring a directory over a FAT32 USB drive messed up the permissions.
I uses to use 7z for my archives but it dropped the permissions. Now I tar it first into a
.tar.7zaka.t7zwhen I want maximum compression.
