Borg not found on the remote host.

[SimonLefort]

Describe the bug

I have two servers with Yunohost.

ServerA : Apps and data ServerB : Backups

There are a user "userA" on "ServerB" to use borg serve and receive backups. This user can't use borg so the backup failed.

Context

• Hardware: Two VPS online
• YunoHost version: Same for both

  # yunohost --version
  yunohost: 
  repo: stable
  version: 11.2.22
  yunohost-admin: 
  repo: stable
  version: 11.2.7
  moulinette: 
  repo: stable
  version: 11.2.1
  ssowat: 
  repo: stable
  version: 11.2.1.1

• I have access to my server: Through SSH and through the webadmin
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
• Using, or trying to install package version/branch:

  
  root@serverA:~$ yunohost app info borg
  description: Regularly create deduplicated, encrypted backups sent to another server using Borg
  name: Borg Backup to serverB
  version: 1.2.8~ynh2

root@serverB:~$ yunohost app info borgserver description: Offer backup storage to a friend name: Borg Server for serverA version: 1.2.8~ynh1

### Steps to reproduce

For example, if I try to see if I am concerned by [CVE-2023-36811](https://github.com/YunoHost-Apps/borg_ynh/blob/master/doc/POST_UPGRADE.d/1.2.8.md) :

$ sudo env BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -p 22 -oStrictHostKeyChecking=yes " BORG_PASSPHRASE="$(sudo yunohost app setting borg passphrase)" BORG_RELOCATED_REPO_ACCESS_IS_OK=yes BORG_REPO="$(sudo yunohost app setting borg repository)" /var/www/borg/venv/bin/borg upgrade --show-rc --check-tam $BORG_REPO Remote: bash: line 1: borg: command not found Connection closed by remote host. Is borg working on the server? terminating with error status, rc 2

But it's the same if I am connected on serverB with userA and try to execute "borg" :

userA@serverB:~$ borg --help bash: borg: command not found

userA@serverB:~$ borg="/var/www/borg/venv/bin/borg"

userA@serverB:~$ $borg --help bash: /var/www/borg/venv/bin/borg: Permission denied

### Expected behavior

userA on serverB must access to borg.

### Logs

Logs said : 

Remote: bash: line 1: borg: command not found

I also write about this problem on the forum : https://forum.yunohost.org/t/borg-borg-pas-dans-le-path/30520 

Thanks in advance.

[SimonLefort]

I try to add userA in the borg group :

root@serverB:~# groups userA
userA : userA ssh.app

root@serverB:~# id userA
uid=1001(userA) gid=1001(userA) groups=1001(userA),1002(ssh.app)

root@serverB:~# usermod -a -G borg userA

root@serverB:~# id userA
uid=1001(userA) gid=1001(userA) groups=1001(userA),993(borg),1002(ssh.app)

root@serverB:~# su userA

userA@serverB:~$ borg="/var/www/borg/venv/bin/borg"

userA@serverB:~$ $borg --help
usage: borg [-V] [-h] [--critical] [--error] [--warning]
            [--info] [--debug] [--debug-topic TOPIC] [-p]
            (...)

It helps, userA can now launch borg. I can check the last backup :

userA@serverB:~$ borg="/var/www/borg/venv/bin/borg"
userA@serverB:~$ $borg list /home/userA/backup/
(...)
_auto_conf-2024-05-31_00:00          Fri, 2024-05-31 00:00:38 [5f9....50d0]
(...)

But it doesn't allow me to do a backup.

I try to change the command in authorized_keys :

$ cat /home/userA/.ssh/authorized_keys
command="/var/www/borg/venv/bin/borg serve --storage-quota 1000G --restrict-to-repository /home/userA/backup",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc ssh-ed25519 AA(...)8i root@serverA.be

On serverA, I start borg service :

$ sudo systemctl start borg &

It doesn't fail directly :

$ sudo systemctl status borg
● borg.service - Run backup borg
     Loaded: loaded (/etc/systemd/system/borg.service; static)
     Active: activating (start) since Wed 2024-07-24 08:04:55 UTC; 14min ago
     (...)

On serverB, I can't do a borg list because there is a lock :

$ $borg list /home/userA/backup/
Failed to create/acquire the lock /home/userA/backup/lock.exclusive (timeout).

Seems good :+1: ? I am waiting to be sure...

[SimonLefort]

It works. Backup seems good since the last message. But I am afraid it will break again at the next backup...

[Gredin67]

After upgrade of borgserver app, I think I had a similar issue https://paste.yunohost.org/raw/tiguxemobu A solution might be to check on serverB : /home/serverAuser/.ssh/authorized_keys Here you may have several lines. Only keep the last one starting with command="/var/www/borgserver__14/venv/bin/borg Comment out all lines starting with command="borg

ping @zamentur @Salamandar