rs-backup-suite icon indicating copy to clipboard operation
rs-backup-suite copied to clipboard

Published 20 hours ago verified publisher icon phoerious

Why the root only permissions

Open tukoz opened this issue 6 years ago • 2 comments

Before I go further, please what is the reason for the default root only permissions on every rs-backup executables && conf files?

user@client $ /usr/bin/rs-backup-run -n                                                
/usr/bin/rs-backup-run: ligne 36: /etc/rs-backup/client-config: permission denied
/usr/bin/rs-backup-run: ligne 43: /usr/bin/rs-version: permission denied
/usr/bin/rs-backup-run: ligne 150 : [: 4 : unary operator expected

Default permissions on the client:

user@client $ ls -l /usr/bin/rs*
-rwxr-x--- 1 root root 23528 Apr  9 18:00 /usr/bin/rs-backup-run            
-rwxr-x--- 1 root root  1779 Apr  9 18:00 /usr/bin/rs-version
user@client $ ls -ld /etc/rs*
drwxrwx---  2 root      root        4096 Apr 26 10:46 rs-backup

Same occurs once I can access the server after chmoding the above to 755:

user@client $ /usr/bin/rs-backup-run -nv                                      
INFO: Running without root privileges, only backing up user home directory...
INFO: Starting backup of '/home/USER' (DRY RUN)...                          
bash: /usr/bin/rs-run-ssh-cmd: Permission denied
...
ERROR: Backup failed! Error message: bash: /usr/bin/rs-run-ssh-cmd: Permission denied

Default permissions on the server:

root@server:~# ls -l /usr/bin/rs-run-ssh-cmd
-rwxrwx---+ 1 root backup 2001 Apr  3 17:50 /usr/bin/rs-run-ssh-cmd

tukoz avatar Apr 26 '18 09:04 tukoz

The install script preserves the permissions that the file has in the repository. client/usr/bin/rs-backup-suite has permissions 755 in the repository. If it has something else on your system, then either something's wrong with your umask or you changed permissions.

phoerious avatar Apr 26 '18 19:04 phoerious

Thank you phoerious.

I use the default umask on both the server (Debian Jessie) and clients (Debian Stretch and Ubuntu 16.04), with nothing added/changed in the users' environment variables:

/etc/init.d/ssh:umask 022
/etc/login.defs:#       UMASK           Default "umask" value.
UMASK           022

Yet for some reasons I get ACLs:

$ git clone https://github.com/phoerious/rs-backup-suite.git
$ ls -l rs-backup-suite/

total 56
drwxrwx---+ 4 USER users  4096 May 16 17:33 client
-rwxrwx---+ 1 USER users  9871 May 16 17:33 install.sh
-rw-rw----+ 1 USER users 17806 May 16 17:33 README.md
drwxrwx---+ 5 USER users  4096 May 16 17:33 server
lrwxrwxrwx  1 USER users    10 May 16 17:33 uninstall.sh -> install.sh

OK. What I totally forgot is that this system is a NAS (OpenMediaVault) with ACL rules that freakin superseed the standard CLI/system ones. I'll start it all over again and come back here report how it goes. Hopefully soon, this time.

tukoz avatar May 16 '18 15:05 tukoz