[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Duplicity and put only backend permissions
From: |
edgar . soldin |
Subject: |
Re: [Duplicity-talk] Duplicity and put only backend permissions |
Date: |
Fri, 24 Apr 2015 15:37:40 +0200 |
User-agent: |
Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 |
not exactly.
you will not be able to resume or retry, but provided your connection is good
and you can afford the traffic you'll have a one shot backend, where
- you'll start a new backup on every run*
- a hacked source cannot destroy/manipulate your older backups
..ede
* (you will still need a way to disable resuming in duplicity)
On 24.04.2015 15:20, Kenneth Loafman wrote:
> I guess that's right. If they could not overwrite, they probably could not
> delete either, so kinda useless as a target.
>
> On Fri, Apr 24, 2015 at 7:24 AM, <address@hidden <mailto:address@hidden>>
> wrote:
>
> ok, in conclusion that would mean that resume will build a potentially
> partially uploaded volume and try to upload it. if there is already a file
> with the same name, if only partial, the backup will fail in case it cannot
> overwrite mentioned file.
>
> that would mean the initial idea of a write once backend would require a
> possibility to disable resuming, which are potentially doomed to fail.
>
> ..ede/duply.net <http://duply.net>
>
> On 24.04.2015 13 <tel:24.04.2015%2013>:24, Kenneth Loafman wrote:
> > No, that's not what I meant. When duplicity resumes, it looks at the
> manifest. If the volume is in the manifest, it's assumed to have uploaded.
> If not, it restarts at the next volume. Whatever volume may have been
> partially built (in temp space), or uploaded (partially), will be ignored.
> >
> > ...Ken
> >
> >
> > On Fri, Apr 24, 2015 at 5:04 AM, <address@hidden
> <mailto:address@hidden> <mailto:address@hidden <mailto:address@hidden>>>
> wrote:
> >
> > so resumes only happen on local incomplete volumes? but not if an
> upload was interrupted?
> >
> > on a sidenote: retrying uploads will of course fail as well with
> Christian's approach.
> >
> > ..ede
> >
> > On 24.04.2015 11 <tel:24.04.2015%2011> <tel:24.04.2015%2011>:50,
> Kenneth Loafman wrote:
> > > It would only be able to resume by rewriting and resending the
> incomplete volume and continuing from there. The upload part is in a
> temporary volume and is not saved.
> > >
> > > ...Ken
> > >
> > >
> > > On Fri, Apr 24, 2015 at 4:00 AM, <address@hidden
> <mailto:address@hidden> <mailto:address@hidden <mailto:address@hidden>>
> <mailto:address@hidden <mailto:address@hidden> <mailto:address@hidden
> <mailto:address@hidden>>>> wrote:
> > >
> > > On 23.04.2015 18:13, Christian Saga wrote:
> > > > Hi there,
> > > > I was just thinking about a new setup. Basically allowing
> duplicity to only write new objects to S3 and not allow deletion of old items.
> > > > This would allow me to have the backups secured, in case
> the server gets hijacked.
> > > >
> > > > Do you know if this would pose problems with duplicity?
> > >
> > > it should not
> > >
> > > >I feel, it is only writing new objects for full and
> incremental backups to s3. Only the purge would delete old versions? If I
> would turn the purge off, then it should work?
> > >
> > > the purge would either fail or succeed, but in reality not
> have done anything depending of the implementation in the backend code.
> either way not an issue according to your write only strategy.
> > >
> > > > Or is there any other action, that would need the
> possibility to change files in the backend instead of just uploading?
> > > >
> > >
> > > be aware of interrupted uploads. currently duplicity might
> try to resume a backu0p and in turn overwrite a volume on the backend, which
> would defeat your purpose.
> > >
> > > Ken: what does happen if the upload part during a resumed
> backup fails? would duplicity fail but try resuming again on the next run?
> > >
> > > ..ede/duply.net <http://duply.net> <http://duply.net>
> <http://duply.net>
> > >
> > >
> >
> >
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden <mailto:address@hidden>
> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>
>
>
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>
- [Duplicity-talk] Duplicity and put only backend permissions, Christian Saga, 2015/04/23
- Re: [Duplicity-talk] Duplicity and put only backend permissions, edgar . soldin, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, Kenneth Loafman, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, edgar . soldin, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, Kenneth Loafman, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, edgar . soldin, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, Kenneth Loafman, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions,
edgar . soldin <=
- Re: [Duplicity-talk] Duplicity and put only backend permissions, Kenneth Loafman, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, edgar . soldin, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, Christian Saga, 2015/04/24
- Re: [Duplicity-talk] Duplicity and put only backend permissions, edgar . soldin, 2015/04/26
- Re: [Duplicity-talk] Duplicity and put only backend permissions, Christian Saga, 2015/04/28