[python-win32] Backup up Windows ACLs

[Ben Timby]

On Fri, Mar 18, 2011 at 9:40 PM, Randy Syring <rsyring at inteli-com.com> wrote:
>
> On 03/18/2011 08:21 PM, Ben Timby wrote:
>>
>> I would suggest looking at Samba. This would help you solve two problems.
>>
>> 1. Transporting files to the Linux server.
>> 2. The ACL issue, you can use extended ACL support, which, when
>> integrated with a Windows domain, can map UID/GID to objects in the
>> domain. Winbind allows this by mapping Windows objects to UID/GID on
>> the Linux machine through the magic of nsswitch.
>
> It might help w/ the ACL issue.  It looks like posix ACLs lose some
> fidelity, but with ZFS and NFS v4 ACLs, there is a much greater precision.
>  However, this would defeat some of what I am looking for b/c I want to
> transfer files w/ rsync.  Just doing a copy to network share might feasibly
> keep the ACLs, but, I think, would send all files over the network.

rsync syncs to a directory as well as it syncs to a remote server.
Just use rsync to sync to the network drive, and samba will transfer
only the diff. You will see some reads as rsync calculates the
checksums of each file to calculate the diff though. Of course it only
does this if the file's date changed, so most compares will be fast
timestamp compares only. In the case where a file actually changes, a
network read (via samba) will happen so that rsync can calculate each
block's checksum for the comparison.

>> Another possiblity is to look for an archive format that supports the
>> meta data you want. For example on Linux tar contains all the modes
>> and other file meta data needed to restore the files. If there is not
>> an existing similar archive format you can use on Windows, then you
>> can "extend" one by appending a .catalog file that contains the
>> pickled file meta data. Then a simple python module can create the
>> .catalog file and then create the archive using the regular tool
>> appending the .catalog to it. Restoring would be equally simple by
>> extracting the files and then restoring the meta data (and deleting
>> the .catalog file).
>
> A possibility, but I want to only send deltas over the network.  So I won't
> be packaging/zipping files.
>
> I guess, I could keep a data store of flat files of some kind with ACL
> information.  Each backup operation would go through directories, re-create
> the flat file with ACL info, then backup the actual files in that directory,
> backup the file with ACL info, then repeat.

Archive does not necessarily mean compress. Also, one big file deltas
just as easily as a bunch of small ones. The storage will be more
compact as you don't waste block sized chunks on small files.

The flip side, with the rsync approach, just create the ACL file and
let rsync sync it. For a restore, sync back and then apply the ACLs.

Either option has it's merits, I think you have quite a few possibilities now.