How to preserve ACL, ownership, extended attr from a EXT4 rsync backup

ricky · September 5, 2025, 11:33am

I used to back up with rsync from an EXT4 filesystem to a USB drive attached to the server:

rsync -aAXvr --progress --delete /boot/* /mnt/external-backup/t20/boot

Now I want to rsync to a NAS over the network, but I’m not sure how to set the ZFS dataset ACL type. I’ve read the TrueNAS ACL primer.

Two options:

SMB/NFS4 → requires ACL mode passthrough
POSIX → no ACL mode options

Since I’ll only use rsync (not SMB/NFS4), POSIX seems preferable.

However, ChatGPT and Claude recommend passthrough:

zfs set aclmode=passthrough pool/dataset
zfs set aclinherit=passthrough pool/dataset
zfs set xattr=sa pool/dataset  # Store xattrs in system attributes for better performance

Which is the better choice? If unclear, I’ll test by restoring to check ACLs, ownership, and extended attributes.

ricky · September 5, 2025, 12:29pm

I did an experiment to compare two different acltype: nfsv4 and posix. Two dataset are created:

zfs get all tank/linux-backup | grep acl
tank/linux-backup  aclmode                  discard                  local
tank/linux-backup  aclinherit               discard                  local
tank/linux-backup  acltype                  posix                    local

zfs get all tank/share | grep acl
tank/share  aclmode                  restricted               local
tank/share  aclinherit               passthrough              local
tank/share  acltype                  nfsv4                    local

Using rsync to backup from EXT4 through ssh protocol. I found that only posix didn’t complain permission error. I verified that in NAS it preserve my UID/GID from the original EXT4.

ZFS on TrueNAS:

root@truenas[/mnt/tank/linux-backup/t30/home]# ls -ln .
total 17
drwx------. 47 1000 1000 77 Sep  5 05:11 Ricky
drwx------   2    0    0  2 Sep  5 05:13 lost+found

My EXT4 server:

[Ricky@t30:script](master)$ id Ricky
uid=1000(Ricky) gid=1000(Ricky) groups=1000(Ricky),10(wheel),973(docker),954(ollama)
[Ricky@t30:home]$ ll
total 28K
drwxr-xr-x   4 root  root  4.0K Jul 16  2024 .
dr-xr-xr-x  20 root  root  4.0K Apr 23 19:37 ..
drwx------.  2 root  root   16K Dec 28  2018 lost+found
drwx------. 47 Ricky Ricky 4.0K Sep  5 08:11 Ricky

I’m going to find a spare disk to restore from NAS and verify it can boot and run probably.

awalkerix · September 5, 2025, 1:15pm

ext4 uses POSIX ACLs, ergo if you want to preserve their permissions you need to put them on a POSIX ACL type dataset. This doesn’t impact file ownership (but note that original file ownership may be meaningless on TrueNAS unless you’re taking steps to ensure that IDs match between your servers).

ricky · September 5, 2025, 2:29pm

My goal is to restore the exact ACL, UID/GID and extended attributes in case the server that I backup from failed. I don’t really care if TrueNAS can recognize/respect the ownership of files or not.

Have you ever tried restoring from ZFS with posix acltype?

awalkerix · September 5, 2025, 6:25pm

I am aware of no differences between ZFS and EXT4 that would impact the ability to restore over rsync (assuming POSIX acltype is used). Don’t rely on chatgpt or claude. They’re both giving nonsense results. One thing that tends to trip up novices is that they don’t realize certain permissions / ownership related operations basically require you to be root.