BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] Permission denied during backup

2008-12-20 00:26:17
Subject: Re: [BackupPC-users] Permission denied during backup
From: Adam Goryachev <mailinglists AT websitemanagers.com DOT au>
To: Backuppc-Users <backuppc-users AT lists.sourceforge DOT net>
Date: Sat, 20 Dec 2008 16:24:21 +1100 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Holger Parplies wrote:
> Hi,
> 
> Adam Goryachev wrote on 2008-12-20 00:55:45 +1100 [Re: [BackupPC-users] 
> Permission denied during backup]:
>> [...]
>> BTW, not likely relevant in this specific case, but root can't access
>> all files... damn, in trying to prove this to myself, I noticed it
>> didn't work. However, I seem to recall that it was possible to deny root
>> access to files by making the either owner/group root, and then setting
>> permissions for owner/group to 0.
> 
>> can anyone confirm if this was only valid in older versions of linux, or
>> suggest cases where it is valid?
> 
> I don't think it was ever possible to block root access by restrictive owner
> or group permissions, but I'm not sure. I might have a 0.95c kernel somewhere,
> but I somehow doubt it would handle my SATA disks ;-).

Well, I was thinking more of a 1.2 or 1.4 kernel version... It would
have to be prior to linux having capabilities... I am fairly sure it
happened, (because I was surprised when it did), but not 100% :)

> Johan Ehnberg wrote on 2008-12-19 16:29:10 +0200 [Re: [BackupPC-users] 
> Permission denied during backup]:
>> [...]
>> You are right about root not being perfectly omnipotent. Here's one 
>> quite different case which I see in my logs all the time:
>> Remote[1]: rsync: readlink "/home/johan/.gvfs" failed: Permission denied 
>> (13)
> /home/johan is on NFS, right?

Doesn't need to be...

>> 'ls -la' gives (note the size!)
>> dr-x------  2 johan johan      0 2008-12-19 14:39 .gvfs
> Strange. Even an empty directory needs to contain '.' and '..' entries (and
> the link count 2 suggests that it does). How any file system would store that
> in 0 bytes ... maybe in the inode? Mis-information from the NFS server? What
> FS type is this (on the server)?
>> 'sudo ls -la' gives
>> d?????????  ? ?     ?          ?                ? .gvfs
> I can't remember having seen that kind of 'ls' output, but a failure to stat()
> /home/johan/.gvfs has more to do with the permissions on /home/johan than the
> subdirectory. The results you get from mismatched 'r' and 'x' permissions on
> directories tend to be confusing (being able to read a directory but not
> access (and thus stat()) the files in it, or being able to access the files
> but not read the directory).

adamg@adamg-laptop:~$ id
uid=1000(adamg) gid=1000(adamg) groups=1000(adamg)
adamg@adamg-laptop:~$ ls -ld .gvfs
dr-x------ 2 adamg adamg 0 2008-12-17 10:19 .gvfs

It looks normal enough, except that 0 byte size...

adamg@adamg-laptop:~$ ls -la .gvfs
total 3
dr-x------  2 adamg adamg    0 2008-12-17 10:19 .
drwxr-xr-x 76 adamg adamg 3296 2008-12-18 21:28 ..

It does indeed contain the two sub directories... as per usual..

adamg@adamg-laptop:~$ sudo bash
root@adamg-laptop:~# id
uid=0(root) gid=0(root) groups=0(root)
root@adamg-laptop:~# cd /home/adamg
root@adamg-laptop:~# ls -ld .gvfs
ls: cannot access .gvfs: Permission denied
root@adamg-laptop:~# ls -la .gvfs
ls: cannot access .gvfs: Permission denied
root@adamg-laptop:~# ls -l .gvfs
ls: cannot access .gvfs: Permission denied

Nope, root doesn't seem to have access to it... just doesn't work

root@adamg-laptop:~# ls -ld
drwxr-xr-x 76 adamg adamg 3296 2008-12-18 21:28 .

root does have permissions on the parent directory (/home/adamg)

root@adamg-laptop:~# mount
/dev/sda3 on / type reiserfs (rw,notail)
gvfs-fuse-daemon on /home/adamg/.gvfs type fuse.gvfs-fuse-daemon
(rw,nosuid,nodev,user=adamg)

Just a normal reiserfs V3 file system... nothing special here...

However, the second line of output does tell us a lot more about what is
going on :) It is a mountpoint, and what is inside is it's own FS....

So, probably better to pass --one-file-system to rsync rather than
worrying about trying to exclude /proc, /sys, etc...

Regards,
Adam
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklMgYUACgkQGyoxogrTyiVDkwCeP+ZZuZt8fz7tOMn78PhpqtJ1
QtkAoJrVY5Ty8JWAbvYvHn0Burdsjaa5
=nFqq
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] Client initiated backups, input wanted, dan
Next by Date:  Re: [BackupPC-users] Client initiated backups, input wanted, Les Mikesell
Previous by Thread:  Re: [BackupPC-users] Permission denied during backup, Holger Parplies
Next by Thread:  Re: [BackupPC-users] Permission denied during backup, Johan Ehnberg
Indexes:  [Date] [Thread] [Top] [All Lists]