[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] permission denied
From: |
harry |
Subject: |
Re: [Duplicity-talk] permission denied |
Date: |
Tue, 16 May 2017 10:17:57 +0000 |
On Tue, 16 May 2017 11:38:53 +0200
"edgar.soldin--- via Duplicity-talk" <address@hidden> wrote:
> On 16.05.2017 11:06, harry via Duplicity-talk wrote:
> > Hi,
> >
> > I'm trying to use duplicity now to backup to a remote location
> > where an actual non-root user 'duplicity' (without the quotes) has
> > been created. This user has no permission to create directories at
> > the root level. Yet it seems duplicity wants to create the whole
> > target's path anew at every invocation. Of course this leads to a
> > lot of 'permission denied's.
> >
> > Something like this (anonymised and edited for readability):
> >
> > $ duplicity -v8 --ssh-askpass /rw
> > par2+pexpect+scp://duplicity@<IP>//path/to/backup/directory/duplicity/home/user
> > blah
> > blah
> > blah
> > Running 'sftp -oServerAliveInterval=15 -oServerAliveCountMax=2
> > duplicity@<IP>' State = sftp, Before = 'duplicity@<IP>'s'
> > State = sftp, Before = 'Connected to <IP>' sftp command: 'mkdir
> > "/path"'
> > State = sftp, Before = 'mkdir "/path"
> > Couldn't create directory: Failure'
> > sftp command: 'cd "/path"'
> > State = sftp, Before = 'cd "/path"'
> > sftp command: 'mkdir "to"'
> > State = sftp, Before = 'mkdir "to"
> > Couldn't create directory: Failure'
> > etc
> > etc
> >
> > It appears to me that duplicity requires remote-root rights by
> > trying to create the remote path.
> >
> > Is there a possibility to tell duplicity to just *check* whether
> > the path exists and to only create (mkdir) the parts that don't
> > (yet) exist?
>
> probably, it's just nobody implemented that yet.
>
> the backend simply tries to mkdir to make sure the folder needed is
> there. usually that's not an issue. do these "errors" also show up
> when not using extra verbosity?
The error that I get when I give the credentials of a non-root user
without verbosity is:
Attempt 1 failed. BackendException: Error running 'sftp
-oServerAliveInterval=15 -oServerAliveCountMax=2
duplicity@<IP>': Permission denied
> > Then the administrator can create a 'zone' for duplicity to work in
> > and where it can have rights to create directories, without having
> > to expose the root of the drive to a non-root deserving external
> > user.
> >
>
> you may want to try the lftp+sftp:// backend, which has a test for
> folder and create only if missing routine. it needs lftp installed,
> which uses the cmd line ssh binaries internally.
That seems to work, thanks.
Harry
> ..ede/duply.net
>
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/duplicity-talk