[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Duplicity-talk] Solaris: Restore/GPG issues
From: |
Scott Severtson |
Subject: |
[Duplicity-talk] Solaris: Restore/GPG issues |
Date: |
Mon, 03 Oct 2011 17:07:01 -0400 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.23) Gecko/20110922 Lightning/1.0b2 Thunderbird/3.1.15 |
All,
We'd prefer to run Duplicity as a non-root user, but it seems Duplicity
requires elevated privileges on Solaris to restore file
ownership/permissions.
When we run a restore operation as a non-root user (and Solaris'
privilege debugging enabled), we get messages like:
---
--- Start running command FETCH at 14:46:00.000 ---
Local and Remote metadata are synchronized, no sync needed.
Last full backup date: Mon Oct 3 10:44:08 2011
gpg[241]: missing privilege "ZONE" (euid = 70003, syscall = 23) needed
at setuid+0x64
gpg[387]: missing privilege "ZONE" (euid = 70003, syscall = 23) needed
at setuid+0x64
duplicity[29161]: missing privilege "file_chown_self" (euid = 70003,
syscall = 16) needed at zfs_setattr+0x2ec
Error '[Errno 1] Not owner: '/vault/restore/foo'' processing .
---
So, to allow GPG/Duplicity to set file permissions, we tried running a
restore as a root-equivalent user. Now, before we even start restoring
files, GPG fails with the following error:
---
gpg: fatal: failed to reset uid: Error 0
secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768
---
It appears GPG assumes that we're using a setuid binary, and that we
should be able to de-elevate permissions.
Any thoughts on how we can restore with permissions, but not run into
this issue with GPG?
Versions:
Duplicity: 0.6.15
GPG: 1.4.9 (from OpenCSW)
Thanks,
--Scott Severtson
- [Duplicity-talk] Solaris: Restore/GPG issues,
Scott Severtson <=