Hi,
abel elenas wrote on 2014-06-23 13:03:31 +0200 [[BackupPC-users] Error:
directory is empty ... on cgi/website]:
>
> trying to restore a backup recently i've got this message on the backup
> website :
> [...]
> [Directory] /var/lib/BackupPC//pc/toto/65 is empty
>
> indeed the folder is not empty , and i can restore some file by command line
> [...]
> The basic rights thing are ok , and i have allready try to chmod a+r on
> none accessible backup
first of all, 'chmod a+r' is always wrong, and it basically translates to "I
have no idea how 'the basic rights thing' works".
1.) Only two things should have access to your backups:
- the backuppc user and
- the BackupPC CGI script (BackupPC_Admin or whatever your Linux
distribution may have renamed it to).
Giving "others" read permission to your backups means that anyone on the
machine (and possibly anyone able to abuse any service provided by the
machine) can read any data in the backup, including, if you back it up,
sensitive system information (such as /etc/shadow) or private user data.
You accomplish that preferably by running the BackupPC_Admin script as
the backuppc user (by means of setuid or a web server mechanism such as
suexec), or, if that is for some reason totally impossible, at least
restricing access to a group the web server is in (this would still be
exploitable via a malicious or buggy CGI script). What you don't do is
give the web server *and anyone else* read permission - particularly on
a web server, where a misconfiguration would mean "the whole world is
allowed to see these files".
2.) Permissions don't suddenly "go bad". If it worked before, then some change
led to your problems. Chances are that change was *not* someone
restricting permissions on the files in question. The correct fix is to
find and undo that change. Or to at least *understand* the change and
work around it.
The question to ask is: since when does it not work? What was done at this
point in time? You might have copied your data to a different hard disk,
done a system upgrade, installed a new kernel, ...
3.) In any case, you'd need +rx on directories - +r alone won't help much.
In particular, you'd also need the permissions on all *parent
directories*, so changing some individual pc/hostname/nnn directories
is very unlikely to have any effect whatsoever - luckily, I'd say in this
case.
> thing that can be instersting is :
>
> ls 65 :
> backupInfo fd$
>
> yep no attrib file there ... i will found one in fd$ ...
I don't think there should be one there, so, no, that's not interesting, apart
from telling us that you have a single share named 'd$' :-).
> si if anyone have any clue tips on how to reallow my website to see my
> backup...
SElinux? Incorrect permissions on BackupPC_Admin? Upgrade to Perl without
setuid support? Change of backuppc's UID? Your web server is running on a
different machine and you changed any of a number of things?
If it's not obvious, the tip is: tell us at least *something* about your
setup, so we can stop guessing. Tell us what you recently changed ("recently"
meaning "before things stopped working"). Please confirm that it actually
*did* work at some point in the past.
Hope that helps.
Regards,
Holger
P.S.: The fact that you can apparently restore files from the command line
seems to indicate that it's only a matter of BackupPC_Admin not being
able to access the directories while the contents are, in fact, ok ...
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|