Duplicity

SElinux xattrs support for duplicity

Bug #829405 reported by jo akweb
26
This bug affects 5 people
Affects Status Importance Assigned to Milestone
Duplicity
New
Undecided
Unassigned
duplicity (Fedora)
Won't Fix
Undecided

Bug Description

(This is more a feature request than a bug report - I hope that's ok.)

As of duplicity-0.6.14, it doesn't seem to support SElinux file attributes. Without these attributes preserved, it can be virtually impossible to restore a working Redhat or CentOS system, where by default SElinux is activated.

It should be possible to extend duplicity to support these attributes, because rsync provides an command line switch (--xattrs) for this.

Revision history for this message
In , NM (nm-redhat-bugs) wrote :

Description of problem:
SELinux context of restored files are not preserved.

Version-Release number of selected component (if applicable):
duplicity 0.6.22
Linux myhost.home 3.12.6-300.fc20.x86_64 #1 SMP Mon Dec 23 16:44:31 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

How reproducible: always

Steps to Reproduce:
1. duplicity --verbosity=9 --encrypt-key=12345678 --rsync-options="-avX" /Some/File file:///path/to/duplicity/backup
2. Restore the file into the different directory.
3. Compare SELinux context before and after.

Actual results:
Observe different SELinux context.

Expected results:
Expected to have the same SELinux context.

Additional info:
Attempts to use 'rsync://...' instead of 'file:///...' fails for root user as sshd prevents direct root logins.

Revision history for this message
In , Rahul (rahul-redhat-bugs) wrote :

Would you mind filing this upstream at

https://bugs.launchpad.net/duplicity

Thanks!

Revision history for this message
In , NM (nm-redhat-bugs) wrote :

Apparently it is reported as

#829405 SElinux xattrs support for duplicity

Revision history for this message
_AnK (andk) wrote :

I observe similar with a newer version of duplicity.

Description of problem:
SELinux context of restored files are not preserved.

Version-Release number of selected component (if applicable):
duplicity 0.6.22
Linux myhost.home 3.12.6-300.fc20.x86_64 #1 SMP Mon Dec 23 16:44:31 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

How reproducible: always

Steps to Reproduce:
1. duplicity --verbosity=9 --encrypt-key=12345678 --rsync-options="-avX" /Some/File file:///path/to/duplicity/backup
2. Restore the file into the different directory.
3. Compare SELinux context before and after.

Actual results:
Observe different SELinux context.

Expected results:
Expected to have the same SELinux context.

Additional info:
Attempts to use 'rsync://...' instead of 'file:///...' fails for root user as sshd prevents direct root logins.

Revision history for this message
In , Rahul (rahul-redhat-bugs) wrote :

Will keep an eye on it and pull in the changes when upstream implements it.
Thanks!

Revision history for this message
In , NM (nm-redhat-bugs) wrote :

Yes, i think it is important.

Revision history for this message
Paolo Donadeo (paolo.donadeo) wrote :

It can still be reproduced in duplicity 0.6.24. As @andk wrote, this is not a bug, but it's really a showstopper.

Revision history for this message
In , Fedora (fedora-redhat-bugs) wrote :

This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.

Revision history for this message
In , Fedora (fedora-redhat-bugs) wrote :

This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora 'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 20 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

Revision history for this message
In , Fedora (fedora-redhat-bugs) wrote :

Fedora 20 changed to end-of-life (EOL) status on 2015-06-23. Fedora 20 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

Bug Watch Updater (bug-watch-updater)
Changed in duplicity (Fedora):
importance: Unknown → Undecided
status: Unknown → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.