Perforce Public Knowledge Base - Preserving Linux file permissions in a workspace lost after submit or sync
× PRODUCTS SOLUTIONS CUSTOMERS LEARN SUPPORT
Downloads Company Partners Careers Contact Free Trials
Menu Search
Perforce
Reset Search
 

 

Article

Preserving Linux file permissions in a workspace lost after submit or sync

« Go Back

Information

 
Problem
Perforce only preserves coarse execute and write information, with a limited functionality to apply client side write and execute permissions via filetypes.  This means that for files in a Linux workspace, it does not preserve special file attributes such as user/group permissions, setuid/guid/sticky bits, or acl's (access control lists)  after a submit or a sync.
Solution
While the functionality to preserve all special file attributes and acl's on workspace files after a submit or sync operation is not available natively in Perforce, we can achieve the same result by invoking external tools to record the permissions prior to a submit or sync, and then reapply the original permissions at a later time when a sync or submit has removed them.

The following example is specific to a Linux workspace using the Linux commands "getfacl" and "setfacl" to record and reapply permissions on a workspace file tree. Alternative commands (on Linux or other platforms) that can record and reapply permissions recursively to a file tree may also work.

Note this is all done client side. Using triggers to run the commands automatically on submit and sync is not likely to be workable in the majority of use cases as triggers are currently server side only, so unless your workspace is located on the Perforce server (or the file system is accessible to the server), a trigger won't have access to the workspace file system. 

Essentially the process consists of 2 steps:

1. Run the getfacl command against the workspace folder you want to record the acl's for (as they exist at that time) and save the output into a file:
 
​  getfacl --absolute-names --recursive /workspace/folder/path > facls.txt

You then submit the files and they lose their acl's. You might also sync the files back down, they still won't have the original acl's.

2. Run the setfacl command to read in the file generated by getfacl to restore the acl's back to what they were when you ran getfacl.
 
  setfacl --recursive --restore=facls.txt
 

Custom tool setup

For convenience, you can configure custom tools in P4V to run the getfacl and setfacl commands via wrapper shell scripts. This allows you to right click on a workspace folder in P4V to record and reapply acl's, either from the selected folder down or for the entire workspace.

Example shell scripts are provided below. You should save them both to a location on the P4V client (or on a filesystem accessible to the client such as an NFS mount). They should have  a minimum of read and execute permission set. You can name them as you wish but in this example they are called "getfacl.sh" and "setrfacl.sh". Alternatively you could put them in a depot if you wanted them available to sync to a client. 

Now configure P4V custom tools as follows with one tool to run getfacl and one to run setfacl :
  • P4V Tools menu->Manage Custom Tools, click on New, and select New Tool from the drop down list
  • Name: The name you want to appear on the context menu; for example setfacls or getfacls
  • Add to applicable context menus: Checked
  • Application: The path to the setfacl.sh or getfacl.sh scripts. Replace with your local path to wherever you have saved the scripts
  • Arguments: Depending on how much of the workspace tree you want to process, you have the following choices: 
    •   %D : this will be replaced with the path of the selected folder in the workspace tree the tool is invoked from.
    •   $r :this will process the whole workspace tree when you right click on any folder in the workspace .
  • Run tool in terminal window: Checked

The custom tool dialogue should now look similar to the following screenshot:
 

User-added image

Following are the 2 wrapper scripts. If your path to the "sh" Bourne shell executable is in a different location modify the first line to suit. 

getfacl.sh

#!/bin/sh -f​
# Record acl's on file tree for later playback by associated setfacl.sh script.

# Generates facls.txt using getfacl command which contains the acl information in folder specified by
# %D (folder right clicked in P4V) or $r (client root) argument to custom tool.

# Assumptions and caveats:
# 1. Intended to be called from P4V custom tool.
# 2. Only intended for use on Unix/Linux workspaces and where this script is accessible to
#    host where P4V is located.
# 3. Assumes getfacl and setfacl commands are installed. They are part of the acl package.

# Usage: If %D parameter specified in custom tool, right click over the workspace folder in the workspace tab
# on P4V that you want to record the acl's for. If $r parameter specified, whole workspace tree will be
# processed.
# This will execute the getfacl command to generate a file called facls.txt which records the acls for all
# files and folders recursively in that folder. 

# Argument to script is either directory name right clicked over in P4V (%D) or client root ($r) parameter. 

# Strip off trailing ... from path
dir=`echo $1 | sed 's/\.\.\.$//'`

# Execute getfacl command.

(getfacl --absolute-names --recursive $dir > ${dir}facls.txt && echo Saved acls in ${dir}facls.txt) \
|| echo Unable to save acls to ${dir}facls.txt


setfacl.sh

#!/bin/sh -f

# Reset acl's on file tree using setacls command reading facls.txt file generated by
# associated getfacl.sh script.

# Assumptions and caveats:
# 1. Intended to be called from P4V custom tool.
# 2. Only intended for use on Unix/Linux workspaces and where this script is accessible to
#    host where P4V is located.
# 3. Assumes getfacl and setfacl commands are installed. They are part of the acl package.
# 4. Assumes getfacl.sh script has been run on same directory as specified by
#    %D or $r argument in custom tool to generate facls.txt which contains the acl information.

# Usage: If %D parameter specified in custom tool, right click over the workspace folder in the workspace tab
# on P4V that you want to restore the acl's for. If $r parameter specified, whole workspace tree will be
# processed.
# Should restore the acls for all files and folders recursively to the state recorded in facl.txt. 

# Argument to script is either directory name right clicked over in P4V (%D) or
# client root ($r) paramter. 

dir=`echo $1 | sed 's/\.\.\.$//'`

# Check facls.txt file exists and run setfacl to replay acls back from the file 
if [ -f ${dir}facls.txt ]
then
        (setfacl --recursive --restore=${dir}facls.txt \
        && echo applied acls from ${dir}facls.txt) \
        || echo Unable to restore acls from ${dir}facls.txt
else
        echo ${dir}facls.txt not found, you need to run getfacl.sh first
fi

Related Links

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255