I have discovered a serious bug in rdiff-backup 1.1.5-3~bpo.1 from debian
backports.org, were, when creating a backup as a none root user on the
backup repository side, rdiff-backup fails to backup device files and
possibly other special files.
When rdiff-backup fails in this case it reports no errors and exits
cleanly, giving the user the false impression that the backup was
successful. This may result in data lose when a recover is attempted.
Normally the read end usually needs root privileges to read and send
special files for backup, but the write end may not be running as root for
security reasons. I have created a test case were this is done on the
localhost as root, to read the files for backup, and a normal user to
write the backup.
I have created and attached a test case script that demonstrates the bug,
and a patch to overcome it.
Brian McDonald
-----------------------
The following is a script that demonstrates the flaw.
cat test_case.sh
#!/bin/sh
# A script to demonstrate a bug in rdiff-backup where it fails to backup
# device files when the backup writing end is not run as root.
usage () {
echo
echo "You need to launch this script as root for the demonstration to run
correctly. It will switch to the specified user when necessary.
test_case.sh takes one argument, the name of an unprivileged user to run as
when creating the backup.
test_case.sh <user>
example: su -c '/path/to/test_case.sh rdiffbkup'
or as root: /path/to/test_case.sh rdiffbkup
were rdiffbkup is a user without root privileges that can run rdiff-backup and
has read/write privileges in /tmp/.
"
exit 69
}
[ `id -u` != 0 ] && usage
[ $# != 1 ] && usage
[ "$1" = "root" ] && usage
cd /tmp/
echo
read -p "test_case.sh is about to remove /tmp/foo and /tmp/bar
Do you wish to continue? [y|anything else to quit]" ANS
echo
[ "$ANS" != "y" ] && { echo "You decided to quit." ; exit 69 ; }
rm -rf --preserve-root /tmp/foo /tmp/bar
echo "Source and target directories, if they existed, have been removed."
echo
mkdir -vm 755 /tmp/foo
dd if=/dev/urandom of=/tmp/foo/testfile bs=1K count=1
chmod -v --preserve-root o+r /tmp/foo/testfile
cp -a /dev/null /tmp/foo/
ls -la /tmp/foo
echo
echo "A new source directory has been set up with a device file and"
echo "a regular file."
echo
echo "Backing up /tmp/foo as user \"$1\"."
echo
echo "su -m -c 'rdiff-backup --terminal-verbosity 2 --verbosity 9
--print-statistics ::/tmp/foo /tmp/bar' \"$1\""
su -m -c 'rdiff-backup --terminal-verbosity 2 --verbosity 9 \
--print-statistics ::/tmp/foo /tmp/bar' "$1"
echo
echo "You can visually scan the preceding output for 'UpdateError' and also
notice rdiff-backup reported that it completed with 'Errors 0'."
echo
read -p "test_case.sh can list the contents of '/tmp/bar' and the metedata file
so you can examine them for the presence of '/dev/null' and its metedata.
NOTE: You can also examine the files in '/tmp/bar/rdiff-backup-data/' after this
script has completed.
Do you wish to continue? [y|anything else to quit]" ANS
echo
[ "$ANS" != "y" ] && { echo "You decided to quit." ; exit 69 ; }
echo 'ls -al /tmp/bar/*'
ls -al /tmp/bar/*
echo
zcat /tmp/bar/rdiff-backup-data/mirror_metadata*
exit 0
-----------------
The following is a patch that repairs the flaw.
cat rpath.py.patch
--- rpath.py.bkup 2005-12-31 21:46:05.000000000 -0500
+++ rpath.py 2006-10-24 15:27:17.844217400 -0400
@@ -343,9 +343,11 @@
"""
for key in self.data.keys(): # compare dicts key by key
if key in ('uid', 'gid', 'uname', 'gname'): pass
- elif (key == 'type' and self.isspecial() and
+ elif ((key == 'devnums' or key == 'type') and
self.isspecial() and
other.isreg() and other.getsize() == 0):
- pass # Special files may be replaced with
emptyregular files
+ pass # Device and other special files may be
replaced
+ # with empty regular files and in the
caseof device
+ # files they therefore won't have the
'devnums' key set
elif key == 'atime' and not Globals.preserve_atime: pass
elif key == 'ctime': pass
elif key == 'devloc' or key == 'nlink': pass
_______________________________________________
rdiff-backup-users mailing list at address@hidden
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki