[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Incremental backup when data changes but timestamp
From: |
Nate Eldredge |
Subject: |
Re: [Duplicity-talk] Incremental backup when data changes but timestamp does not |
Date: |
Sun, 14 May 2023 11:28:14 -0600 (MDT) |
On Sun, 14 May 2023, Kenneth Loafman via Duplicity-talk wrote:
Nate,
I agree with @ede on this one. It's too much of an edge case to mess
with. Why someone would put out a different package with files of the same
name, size, and mtime smells of malware to me. I'd be suspicious of the
package and not even try to back it up. What is it from / for?
Sure. Fetch and unpack the following two deb packages using `dpkg-deb
-x`. They are official Ubuntu main packages for 22.10 and 23.04
respectively, and they passed all the usual apt hash/signature
verifications, so should be legit.
https://mirrors.kernel.org/ubuntu/pool/main/m/mysql-8.0/mysql-client-core-8.0_8.0.33-0ubuntu0.22.10.1_amd64.deb
https://mirrors.kernel.org/ubuntu/pool/main/m/mysql-8.0/mysql-client-core-8.0_8.0.33-0ubuntu0.23.04.1_amd64.deb
After unpacking you can ls --full-time and see:
-rwxr-xr-x 1 nate nate 6961336 2023-04-21 08:17:04.000000000 -0600
./22.10/usr/bin/mysql
-rwxr-xr-x 1 nate nate 6961336 2023-04-21 08:17:04.000000000 -0600
./23.04/usr/bin/mysql
But their md5sums:
ea523ffa72478689e44eecf820639f97 ./22.10/usr/bin/mysql
29a317295fdd63836d05a3440c4fe0e6 ./23.04/usr/bin/mysql
The package maintainer probably fired off builds of
mysql-8.0_8.0.33-0ubuntu0 for all current Ubuntu versions in parallel, and
so it's not surprising that by luck, the corresponding mysql binaries
got built within the same second. It's also not surprising that differing
compiler and library versions would result in the files being different
but having the same size (things like code/data alignment would hide
adding or removing a byte here or there).
So, this will bite everyone like me who had mysql-client-core-8.0
installed on an Ubuntu 22.10 system, which they then upgraded via the
normal do-release-upgrade to 23.04. Nothing unusual at all.
In fact, duplicity's own packages come very close to the same issue: fetch
https://code.launchpad.net/~duplicity-team/+archive/ubuntu/duplicity-release-git/+files/duplicity_1.2.3-ppa202305091626~ubuntu22.10.1_amd64.deb
https://code.launchpad.net/~duplicity-team/+archive/ubuntu/duplicity-release-git/+files/duplicity_1.2.3-ppa202305091626~ubuntu23.04.1_amd64.deb
and notice:
-rw-r--r-- 1 nate nate 276 2023-05-09 10:34:42.000000000 -0600
./dup22.10/usr/share/doc/duplicity/changelog.Debian.gz
-rw-r--r-- 1 nate nate 274 2023-05-09 10:34:41.000000000 -0600
./dup23.04/usr/share/doc/duplicity/changelog.Debian.gz
If your computer were just a little faster, and your gzip compression
just a little luckier, they could easily both have coincided.
--
Nate Eldredge
nate@thatsmathematics.com