+ tmp = unquote(value, "\"");
+ if (!tmp)
+ return log_oom();
+
+ value2 = cunescape(tmp);
+ if (!value2)
+ return log_oom();
+
+ if (strv_push_pair(&i->xattrs, name, value2) < 0)
+ return log_oom();
+ name = value2 = NULL;
+ }
+
+ return r;
+}
+
+static int path_set_xattrs(Item *i, const char *path) {
+ char **name, **value;
+
+ assert(i);
+ assert(path);
+
+ STRV_FOREACH_PAIR(name, value, i->xattrs) {
+ int n;
+
+ n = strlen(*value);
+ if (lsetxattr(path, *name, *value, n, 0) < 0) {
+ log_error("Setting extended attribute %s=%s on %s failed: %m",
+ *name, *value, path);
+ return -errno;
+ }
+ }
+ return 0;
+}
+
+static int get_acls_from_arg(Item *item) {
+#ifdef HAVE_ACL
+ int r;
+ _cleanup_(acl_freep) acl_t a = NULL, d = NULL;
+
+ assert(item);
+
+ /* If force (= modify) is set, we will not modify the acl
+ * afterwards, so the mask can be added now if necessary. */
+ r = parse_acl(item->argument, &item->acl_access, &item->acl_default, !item->force);
+ if (r < 0)
+ log_warning_errno(errno, "Failed to parse ACL \"%s\": %m. Ignoring",
+ item->argument);
+#else
+ log_warning_errno(ENOSYS, "ACLs are not supported. Ignoring");
+#endif
+
+ return 0;
+}
+
+static int path_set_acl(const char *path, acl_type_t type, acl_t acl, bool modify) {
+ _cleanup_(acl_freep) acl_t cleanme = NULL;
+ int r;
+
+ if (modify) {
+ r = acls_for_file(path, type, acl, &cleanme);
+ if (r < 0)
+ return r;
+ acl = cleanme;
+ };
+
+ r = acl_set_file(path, type, acl);
+ if (r < 0) {
+ _cleanup_(acl_free_charpp) char *t;
+
+ r = -errno;
+ t = acl_to_any_text(acl, NULL, ',', TEXT_ABBREVIATE);
+ log_error_errno(r,
+ "Setting %s ACL \"%s\" on %s failed: %m",
+ type == ACL_TYPE_ACCESS ? "access" : "default",
+ strna(t), path);
+ }
+
+ return r;