duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] permission denied

From: edgar . soldin
Subject: Re: [Duplicity-talk] permission denied
Date: Tue, 16 May 2017 11:38:53 +0200
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 
On 16.05.2017 11:06, harry via Duplicity-talk wrote:
> Hi, 
> 
> I'm trying to use duplicity now to backup to a remote location where an
> actual non-root user 'duplicity' (without the quotes) has been created.
> This user has no permission to create directories at the root level.
> Yet it seems duplicity wants to create the whole target's path anew at 
> every invocation. Of course this leads to a lot of 'permission denied's.
> 
> Something like this (anonymised and edited for readability):
> 
> $ duplicity -v8 --ssh-askpass /rw
> par2+pexpect+scp://duplicity@<IP>//path/to/backup/directory/duplicity/home/user
> blah
> blah
> blah
> Running 'sftp  -oServerAliveInterval=15 -oServerAliveCountMax=2
> duplicity@<IP>' State = sftp, Before = 'duplicity@<IP>'s' 
> State = sftp, Before = 'Connected to <IP>' sftp command: 'mkdir
> "/path"' 
> State = sftp, Before = 'mkdir "/path"
> Couldn't create directory: Failure'
> sftp command: 'cd "/path"'
> State = sftp, Before = 'cd "/path"'
> sftp command: 'mkdir "to"'
> State = sftp, Before = 'mkdir "to"
> Couldn't create directory: Failure'
> etc
> etc
> 
> It appears to me that duplicity requires remote-root rights by trying
> to create the remote path.
> 
> Is there a possibility to tell duplicity to just *check* whether the 
> path exists and to only create (mkdir) the parts that don't (yet) 
> exist?

probably, it's just nobody implemented that yet.

the backend simply tries to mkdir to make sure the folder needed is there. 
usually that's not an issue. do these "errors" also show up when not using 
extra verbosity?
 
> Then the administrator can create a 'zone' for duplicity to work in 
> and where it can have rights to create directories, without having 
> to expose the root of the drive to a non-root deserving external user.
> 

you may want to try the lftp+sftp:// backend, which has a test for folder and 
create only if missing routine. it needs lftp installed, which uses the cmd 
line ssh binaries internally.

..ede/duply.net
reply via email to
[Prev in Thread] Current Thread [Next in Thread]