[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] fails trying to save xattr where no xattr exist
Re: [rdiff-backup-users] fails trying to save xattr where no xattr exists
Sun, 13 Jul 2008 17:49:45 -0400
On Jul 13, 2008, at 5:01 PM, martin f krafft wrote:
also sprach Andrew Ferguson <address@hidden> [2008.07.13.2205
You can use the attached eas_acls.py to work around this issue
in CVS as well). Simply replace the one in your Python installation
this file (on client and server) and you'll be good to go.
This seems to work, thanks.
Excellent. It also fits with my SELinux theory (below).
This suggests that there's some xattr-related stuff going on, but
/etc/apache2/passwd/passwd.bit does not have any xattr attached,
according to getfattr; the filesystem isn't even mounted with the
user_xattr option. Interestingly, rdiff-backup thinks that extended
attributes are supported:
The failure is happening on the destination filesystem. What does
/dev/mapper/vg0-srv on /srv type ext3 (rw,acl,user_xattr)
So, yup, xattr support on destination.
Also, what is the rdiff-backup command you are using? It must be
detecting extended attributes support -- trust me, it has no
/usr/bin/rdiff-backup --verb 4 --print-statistics --exclude
'/var/lock' --exclude '/var/run' --exclude '/var/cache' --exclude
'/var/lib/apt' --exclude '/var/lib/amavis' --exclude '/var/tmp'
--include '/var' --include '/etc' --include '/root' --include '/srv'
--include '/usr/local' --include '/boot/grub' --include
'/var/cache/debconf' --exclude '/*'
Besides, since the OS reported a 'Operation not permitted' error
'Operation not supported', it further confirms that extended
are supported at the destination. Besites, getfattr command can lie
-- it does not need to return extended attributes which you do not
permission to read (eg, system.*, security.*)
Even as root?
Yes. The kernel specifically hides some branches of the EA namespace.
Furthermore, for rdiff-backup's pain, the BSD and Linux kernels behave
differently in this regard -- Linux only lets you set user.*
attributes, while BSD lets you set anything that's NOT system.*
(IIRC) ... both have different rules about which you can read. And,
internally, ACLs and SELinux policies become extended attributes
(Again, with special namespaces, which you may or may not be able to
read and may or may not be able to write...).
Unfortunately, the end result is that we must play this sort of trial-
and-error game to see how much we can get rdiff-backup to properly
backup and restore across all platforms.
Apart, we don't use EAs and as I said, the source filesystem doesn't
even support them.
It may not support *user* extended attributes. If you use SELinux,
that could explain it.