Greetings -

I have been testing BackupPC on a guest VM on my CentOS 6.3 box.  I have the 
backups being stored on a separate partition using LVM so that I can expand 
the space in the future as needed.  My initial testing of the system was 
good, and yesterday I expanded the logical volume for the storage space. 
After rebooting the VM, I noticed that SELinux needed to do a relabel.  I 
didn't think much of it until a couple hours later when I went to look at 
BackupPC and could not see the previous test backups that had been created, 
or the log files.

When selecting Browse Backups, I get this error.
Error: Backup number for host jab-opti755 does not exist.

When selecting Log File, I get this error.
Can't open log file

A little Googling initially led me to recreate the backup file for each host 
using the /usr/share/BackupPC/bin/BackupPC_fixupBackupSummary script that is 
provided.  This did not solve the problem, as I still get the same errors as 
above.  Then remembering the SELinux relabel, I turned SELinux off 
temporarily (setenforce 0).  Now I could see the host backups and log files 
with no errors.  Turning SELinux back on again, and the errors returned.  So 
knew that it was just an improper SELinux context somewhere.  So to 
summarize, here is the information I have:

Backups are being stored on separate partition, not standard for BackupPC:
/bkupdata

Standard BackupPC storage location:
/var/lib/BackupPC

SELinux context on standard BackupPC storage location:
[root@bacteria BackupPC]# pwd
/var/lib/BackupPC
[root@bacteria BackupPC]# ls -Z
drwxr-x---. backuppc backuppc system_u:object_r:var_lib_t:s0   cpool
drwxr-x---. backuppc backuppc system_u:object_r:var_lib_t:s0   pc
drwxr-x---. backuppc backuppc system_u:object_r:var_lib_t:s0   pool
drwxr-x---. backuppc backuppc system_u:object_r:var_lib_t:s0   trash

Current SELinux context on my BackupPC storage location:
[root@bacteria bkupdata]# pwd
/bkupdata
[root@bacteria bkupdata]# ls -Z
drwxr-x---. backuppc root system_u:object_r:default_t:s0   cpool
drwx------. root     root system_u:object_r:default_t:s0   lost+found
drwxr-x---. backuppc root system_u:object_r:default_t:s0   pc
drwxr-x---. backuppc root system_u:object_r:default_t:s0   pool
drwxr-x---. backuppc root system_u:object_r:default_t:s0   trash

And one of the test hosts at this location:
[root@bacteria jab-opti755]# pwd
/bkupdata/pc/jab-opti755
[root@bacteria jab-opti755]# ls -Z
drwxr-x---. backuppc backuppc system_u:object_r:default_t:s0 0
drwxr-x---. backuppc backuppc system_u:object_r:default_t:s0 1
drwxr-x---. backuppc backuppc system_u:object_r:default_t:s0 2
drwxr-x---. backuppc backuppc system_u:object_r:default_t:s0 3
drwxr-x---. backuppc backuppc system_u:object_r:default_t:s0 4
drwxr-x---. backuppc backuppc system_u:object_r:default_t:s0 5
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 backups
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 backups.old
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 backups.save
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 LOCK
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 LOG.032013
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 XferLOG.0.z
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 XferLOG.1.z
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 XferLOG.2.z
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 XferLOG.3.z
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 XferLOG.4.z
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 XferLOG.5.z
-rw-r-----. backuppc backuppc system_u:object_r:default_t:s0 
XferLOG.bad.z.old

In reviewing my SELinux contexts listed above, I noticed that the group 
assignment for the directories under /bkupdata is root.  I have subsequently 
changed them to backuppc, and shutdown the backuppc service, shutdown and 
restarted the http service, then restarted the backuppc service.  The same 
errors persist after this change, so the issue was not just with an 
incorrect group setting.

So my question is:  What is the proper SELinux context for the BackupPC 
storage directories when those directories are not in the standard location. 
I would assume that the SELinux Type context would not be "var_lib_t" 
because it is not located in /var/lib, but don't really know for sure, and 
if not what should it be?  I don't know what it was before the SELinux 
relabel (and everything worked properly before the relabel).  If I knew what 
the right SELinux context should be I could probably fix it fairly easily, 
but would take anyone's recommendations on that approach also.  What I don't 
want to do is just leave SELinux enforcing turned off.  I am currently 
digging through my SELinux logs to try to interpret and understand them.

Please CC me directly with any replies as I only get the (infrequent) daily 
digest.  Thanks.

Jeff Boyce
Meridian Environmental
www.meridianenv.com


------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/