On Sun, Jan 24, 2016 at 12:19:02PM +0000, Gianfranco Costamagna wrote:
Hi Vincent!
Hey Gianfranco,
To begin with, thanks for your work on packaging borgbackup; it’s a >really great piece of software.thanks, it is nice when people use and appreciate the work done :) (I'm not doing the work all by myself, so I hope the other maintainers will read this too :) )So, I’m testing it since few days, and one of the test I had on my TODO list, was to mix archives created by an unpriviledged user and root inside a single backup repository… and it seems borg doesn’t like that experiment. :-)I'm not sure the *kernel* likes the experiment :)
Sure, but perhaps due to how borg operates. See below!
Here is the correspondent traceback: Local Exception. Traceback (most recent call last): File "/usr/lib/python3/dist-packages/borg/archiver.py", line 1261, in main exit_code = archiver.run(args) File "/usr/lib/python3/dist-packages/borg/archiver.py", line 1215, in run return args.func(args) File "/usr/lib/python3/dist-packages/borg/archiver.py", line 134, in do_create manifest, key = Manifest.load(repository) File "/usr/lib/python3/dist-packages/borg/helpers.py", line 92, in load cdata = repository.get(cls.MANIFEST_ID) File "/usr/lib/python3/dist-packages/borg/repository.py", line 415, in get self.index = self.open_index(self.get_transaction_id()) File "/usr/lib/python3/dist-packages/borg/repository.py", line 120, in get_transaction_id segments_transaction_id = self.io.get_segments_transaction_id() File "/usr/lib/python3/dist-packages/borg/repository.py", line 512, in get_segments_transaction_id if self.is_committed_segment(filename): File "/usr/lib/python3/dist-packages/borg/repository.py", line 529, in is_committed_segment with open(filename, 'rb') as fd: PermissionError: [Errno 13] Permission denied: '/mnt/backup/lamella/data/0/6148' Platform: Linux lamella 4.3.0-1-amd64 #1 SMP Debian 4.3.3-5 (2016-01-04) x86_64 Linux: debian stretch/sid LibC: glibc 2.9 Python: CPython 3.5.1+ I did not investigate this issue closely, but I guess it happens when borg tries to deduplicate data but can’t access the chunk in question‽ Your opinion?yes, this seems clearly an operating system Permission Denied, it means the user has no permission to open/change/edit the file in question.
Obviously.
I'm not sure you can work with backups with an unprivileged user if they have been created by root.you can fix the "issue" by some "sudo chmod youruser:yourgroup directory -R" but I don't think this is something that can be fixed in borg side, the kernel is complaining here and the complain is perfectly legit to me.
Well, to give a little more background about that particular test, the targeted backup repository is owned by the unpriviledged user. In this repository, the unpriviledged user backup her $HOME and the root user a subset of the root filesystem (obviously archive's names are different).
What I *did* expect from borg is that it doesn't bother with data chunks not readable by the user it has been launched with, sadly it seems it tries to read all of those chunks to deduplicate as effectively as possible and fails if it encounters one of those chunks. But hey, the deduplication currently used by borg definitely has advantages, so I'm not saying what it does is wrong but that it could perhaps be less rigid in some situations. ;-)
(otherwise we might get a bug report "hey, why other users can read my private backups? :) )
As a sysadmin, I already heard something similar. ;-)
closing in the meanwhile, feel free to reopen if I missed anything in my trace review! cheers, Gianfranco
Thanks again Gianfranco, Vincent
signature.asc
Description: PGP signature
