rdiff-backup-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] fails trying to save xattr where no xattr exist

From: Andrew Ferguson
Subject: Re: [rdiff-backup-users] fails trying to save xattr where no xattr exists
Date: Sun, 13 Jul 2008 17:49:45 -0400 

On Jul 13, 2008, at 5:01 PM, martin f krafft wrote:
also sprach Andrew Ferguson <address@hidden> [2008.07.13.2205 +0200]:
You can use the attached eas_acls.py to work around this issue (patch is in CVS as well). Simply replace the one in your Python installation with 
this file (on client and server) and you'll be good to go.


This seems to work, thanks.


Excellent. It also fits with my SELinux theory (below).


This suggests that there's some xattr-related stuff going on, but
/etc/apache2/passwd/passwd.bit does not have any xattr attached,
according to getfattr; the filesystem isn't even mounted with the
user_xattr option. Interestingly, rdiff-backup thinks that extended
attributes are supported:
The failure is happening on the destination filesystem. What does mount 
report there?


/dev/mapper/vg0-srv on /srv type ext3 (rw,acl,user_xattr)


So, yup, xattr support on destination.




Also, what is the rdiff-backup command you are using? It must be
detecting extended attributes support -- trust me, it has no ability to 
pretend. ;-)


/usr/bin/rdiff-backup --verb 4 --print-statistics --exclude
'/var/lock' --exclude '/var/run' --exclude '/var/cache' --exclude
'/var/lib/apt' --exclude '/var/lib/amavis' --exclude '/var/tmp'
--include '/var' --include '/etc' --include '/root' --include '/srv'
--include '/usr/local' --include '/boot/grub' --include
'/var/cache/debconf' --exclude '/*'
/ address@hidden::rdiff-backup/
Besides, since the OS reported a 'Operation not permitted' error and NOT 'Operation not supported', it further confirms that extended attributes are supported at the destination. Besites, getfattr command can lie to you -- it does not need to return extended attributes which you do not have permission to read (eg, system.*, security.*) 

Even as root?
Yes. The kernel specifically hides some branches of the EA namespace. Furthermore, for rdiff-backup's pain, the BSD and Linux kernels behave differently in this regard -- Linux only lets you set user.* attributes, while BSD lets you set anything that's NOT system.* (IIRC) ... both have different rules about which you can read. And, internally, ACLs and SELinux policies become extended attributes (Again, with special namespaces, which you may or may not be able to read and may or may not be able to write...).
Unfortunately, the end result is that we must play this sort of trial- and-error game to see how much we can get rdiff-backup to properly backup and restore across all platforms. 


Apart, we don't use EAs and as I said, the source filesystem doesn't
even support them.
It may not support *user* extended attributes. If you use SELinux, that could explain it. 


Andrew
reply via email to
[Prev in Thread] Current Thread [Next in Thread]