Your message dated Mon, 31 May 2021 16:18:26 +0000 with message-id <e1lnkcu-0009jv...@fasolo.debian.org> and subject line Bug#946349: fixed in backintime 1.2.1-3 has caused the Debian Bug report #946349, regarding backintime-qt: Backup initiated from the GUI overwrites remote backup path permissions to 0700 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 946349: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946349 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: backintime-qt Version: 1.2.1-2 Severity: important Tags: upstream Dear Maintainer, backing up to a ssh-mounted remote path forces the remote paths access permissions to 0700 when initiating the backup from the GUI. How to reproduce: - start up backintime-qt - set up a configuration to back up a directory to a ssh-mounted remote directory - check the access permissions of the remote directory (normally 0755) - trigger a backup - check the access permissions of the remote directory, now they are set to 0700. It‘s also reproducible with an existing configuration: - make sure the remote directory's permissions are different than 0700, for example 0750. - start up backintime-qt - trigger a backup - check the access permissions of the remote directory, now they are set to 0700. I did some code analysis and this is what I believe causes the bug: When being started up backintime-qt ssh-mounts the remote path calling MountControl.mount() in /usr/share/backintime/common/mount.py from package backintime-common. MountControl.mount() forces the mount point‘s permissions to 0700 (see details below). When the actual mount happens the mount point‘s permissions gets substituted by the remote path‘s permissions. While the remote path still is mounted MountControl.mount() is called again when starting a backup. With both calls MountControl.mount() calls Mount.createMountStructure(). Mount.createMountStructure() always calls tool.mkdir(self.currentMountpoint, 0o700) in /usr/share/backintime/common/tools.py. Function mkdir(path, mode) does a chmod to the given or a default mode if the given path already exist! So, when MountControl.mount() is called with an already mounted remote path, the remote path‘s permissions get‘s replaced! Expectation: Backintime should never alter the remote path‘s permissions as they may be crafted for a specific purpose. Please forward this issue to upstream. There are two issues at upstream not tracked down yet, which seem to refer to the same flaw: https://github.com/bit-team/backintime/issues/954 https://github.com/bit-team/backintime/issues/974 Regards, Sven -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.3.0-2-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages backintime-qt depends on: ii backintime-common 1.2.1-2 ii libnotify-bin 0.7.8-1 ii policykit-1 0.105-26 ii python3 3.7.5-1 ii python3-dbus.mainloop.pyqt5 5.12.3+dfsg-3+b1 ii python3-pyqt5 5.12.3+dfsg-3+b1 ii x11-utils 7.7+4 Versions of packages backintime-qt recommends: ii python3-secretstorage 2.3.1-2 Versions of packages backintime-qt suggests: pn meld | kompare <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: backintime Source-Version: 1.2.1-3 Done: Fabian Wolff <fabi.wo...@arcor.de> We believe that the bug you reported is fixed in the latest version of backintime, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 946...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Fabian Wolff <fabi.wo...@arcor.de> (supplier of updated backintime package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 31 May 2021 15:14:50 +0200 Source: backintime Architecture: source Version: 1.2.1-3 Distribution: unstable Urgency: medium Maintainer: Jonathan Wiltshire <j...@debian.org> Changed-By: Fabian Wolff <fabi.wo...@arcor.de> Closes: 946349 Changes: backintime (1.2.1-3) unstable; urgency=medium . * Cherry-pick patch for #946349 from upstream Git repository (Closes: #946349). Checksums-Sha1: c444516d95d86820cca910652b90ff2744d171b8 2052 backintime_1.2.1-3.dsc 0a288d62658f7b825a88573034650a7c174284ec 7260 backintime_1.2.1-3.debian.tar.xz 2f30e7157e5b44b064e0539e2b96a0ac98b4fd95 6101 backintime_1.2.1-3_source.buildinfo Checksums-Sha256: 22f74b70e51ed3e2be51fb109427a898a0cc115e945d9beaffb7ca63f539077b 2052 backintime_1.2.1-3.dsc 0a3ca9ab29e8c5c527fe81403955ee82188fc5b2ebfb26da9bd9434346c7c6ef 7260 backintime_1.2.1-3.debian.tar.xz d9b6f1778c726058e434f0aceee4bfb566935525c9c37dd449b2af5efd0e2deb 6101 backintime_1.2.1-3_source.buildinfo Files: b99deb0c591ba29f7e8c390e16504514 2052 utils optional backintime_1.2.1-3.dsc 2db0c20052528e6108e4728407581c9a 7260 utils optional backintime_1.2.1-3.debian.tar.xz b1aefb2be2f9117acd1267ab00fb4eb0 6101 utils optional backintime_1.2.1-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmC1CTEACgkQkWT6HRe9 XTZenRAAzM9QMZzSL2Nn1l/qGU1OW9UFnHupiKzUJSLcVu3nJZzuvTeU+IKPuroJ FkdBdAyWOLHuqEwB9ZQ9QyEgy013tPQ5uTuHhHKo5QpqmQrvVulBl87/peveafmq TLH9ste/oTSY/S5QjAslPpiiPkbscx7yhZBAlZ2gpSc5Jt/Lkuo9OnicTj1fXND4 ppmrQH3Qh1uSKsgTQvFAfxNxxShxhrJ5bp3/tEP5LPAN8bIm7fnyyZS77FYGjXL0 wc9b8fjHUCt3bmGld2gAzZ+yIZsDS1mmkJWyKpHHWIpVIZE9c5MJ9mPoJHoedi2F PYJYa1jSU4XcQ9VnlZZYzs7d+RzrLbB2utpMu5lxHlZ3kfds8gCk3qtoyZrqgUxS aotDxpCxHl5RNtYb1c2Mo3M511ycGluhEm6JlKrkUPsduXmq7zPMZCGsPzmmMYpn VMriELN1lHHN9b8lgHiuhfd3GKbpNNZZaN7AOc1y1vhW3vMcygsEEoVFXSvNdGcA KtEsM6bLYNMECkQvtnOc/OZE19OnTmqeQcU1hqt8IiaekW8HX+fOeTUVcscyHAjI l3NA7mJ+iCATc582Yc8nO+94ijJiZAmR0y2UKauhL/Inj0RmV6TL3xWD7x9FU8mv iQAG9OTrkrUKeyeo4ONSW8+abh8Lq3Rv65DRerJFI1qsObQ009w= =WqzF -----END PGP SIGNATURE-----
--- End Message ---
