Opened 10 years ago

Last modified 7 years ago

#387 assigned defect

Backup with SELINUX=permissive may result to restore errors due to /proc & /sys extended attributes

Reported by: kritzenthaler Owned by: Bruno Cornec
Priority: low Milestone: 3.0.5
Component: mondo Version: 2.2.9.1
Severity: normal Keywords:
Cc:

Description (last modified by Bruno Cornec)


This defect was observed on 2.2.9.2 (RHEL5.4). It should be the same on other distro though.

The following errors are encountered when trying to restore the backup:

setfattr: proc: Operation not supported
setfattr: sys: Operation not supported

Due to that, the GUI restore phase does not seem to finalize properly for a lambda end-user (even if it may have no other impacts).

It has been observed in the filelist-7 that /proc and /sys were backed-up with the following xattr:

# file: proc
security.selinux=0x73797374656d5f753a6f626a6563745f723a70726f635f743a733000
===
# file: sys
security.selinux=0x73797374656d5f753a6f626a6563745f723a73797366735f743a733000

Even if /proc and /sys sub-files/sub-dirs are not backed-up, we should also fully remove /proc and /sys from the backup. I guess removing it from the backup would avoid that kind of issue at restore time.

Note that the WA to set -E "/proc /sys" to exclude them did not work for me.

Attachments (6)

mindi.zip (22.0 KB) - added by kritzenthaler 10 years ago.
xattr_list.zip (3.1 KB) - added by kritzenthaler 10 years ago.
mondorestore.zip (23.8 KB) - added by kritzenthaler 10 years ago.
mondoarchive.zip (42.8 KB) - added by kritzenthaler 10 years ago.
screenshot_Errors_occured.jpg (92.1 KB) - added by kritzenthaler 10 years ago.
screenshot_End_of_Nuke_Restore.jpg (100.1 KB) - added by kritzenthaler 10 years ago.

Download all attachments as: .zip

Change History (10)

Changed 10 years ago by kritzenthaler

Attachment: mindi.zip added

Changed 10 years ago by kritzenthaler

Attachment: xattr_list.zip added

Changed 10 years ago by kritzenthaler

Attachment: mondorestore.zip added

Changed 10 years ago by kritzenthaler

Attachment: mondoarchive.zip added

Changed 10 years ago by kritzenthaler

Attachment: screenshot_Errors_occured.jpg added

Changed 10 years ago by kritzenthaler

Attachment: screenshot_End_of_Nuke_Restore.jpg added

comment:1 Changed 10 years ago by Bruno Cornec

Description: modified (diff)
Priority: normallow
Status: newassigned

The problem with /proc and /sys is that they are mounted in the chroot into which the system is restored before attributes are set up. Which is on one hand wrong, and then on the other hand leads to wrong xattr for those dirs. Excluding them is already done in mondoarchive. But the problem is that we need them at restore time. So probably something special for those has to be done.

It should not have a big impact in term of features so I lower the priority, and may even postpone it to post 2.2.9.2.

comment:2 Changed 10 years ago by Bruno Cornec

Milestone: 2.2.9.22.2.10

comment:3 Changed 9 years ago by Bruno Cornec

Description: modified (diff)

comment:4 Changed 7 years ago by Bruno Cornec

Milestone: 3.1.03.0.5
Note: See TracTickets for help on using tickets.