search

bit-team / backintime

Back In Time - An easy-to-use backup tool for GNU/Linux using rsync in the back
https://backintime.readthedocs.io
GNU General Public License v2.0
2.12k stars 208 forks source link

Improve error message about unsupported commands on SSH destination (was: SSH backup to Hetzner Storage Box: "test" command not available) #1745

Open philipkbh opened 5 months ago

philipkbh commented 5 months ago

I am trying to set up a backup profile for my Hetzner Storage Box under a sub-account. The sub-account is accessible from outside the Hetzner network and SSH access is enabled. I have also installed the public SSH key on this sub-account so that I can use SSH without entering my password.

The problem I'm running into is that backintime tells me that it Couldn't create remote path.: /home. In the config tab I set Path to /home.

I think it's due to the structure of a Hetzner Storage Box sub-account, because when I SSH into that sub-account, the starting directory is the /home folder of that sub-account. When you create a sub-account for your Hetzner Storage Box you define a base directory and this base directory will be the /home folder. Outside this /home folder (under /) a subaccount has no permissions to do anything.

Running Back in Time 1.4.3 under Pop!_OS 22.04 LTS (Linux-6.8.0-76060800daily20240311-generic-x86_64-with-glibc2.35).

buhtz commented 5 months ago

Reminds me of #1674. Maybe this is a similar problem?

EDIT: Sorry, I realized that the linked issue is written in German. The issue was about a Synology NAS device. To my understanding the difference was between using ssh and sshfs. Both are used by BIT with the assumption that they "start" in the same folder after logging in. But on a Synology NAS it seems to be different. I never used sshfs directly on shell. But maybe you are able to test this hypothesis somehow trying ssh and sshfs on your machine? One of my other team mates is more into this topic and will catch up to you.

philipkbh commented 5 months ago

I tried a different approach by mounting the Storage Box sub-account via sshfs on my PC and doing a backup in Local mode to this mounted path. When I try to save this configuration, I get the following error:

Destination filesystem for /mnt/backup is an sshfs-mounted share. sshfs doesn't support hard-links. Please use mode 'SSH' instead.
buhtz commented 5 months ago

Hello Phillip, currently I see no way how I can help you.

We have to wait for a response from my teammate "aryoda". He is deeper into that topic.

Hetzner itself refused to provide us with a test account in the past. They also won't be helpful.

Don't hesitate to warm up the Issue if you don't get any response in some weeks.

Christian

buhtz commented 4 months ago

Did you checked #1674 ? Did this help you? Is your Issue a duplicate of it?

philipkbh commented 4 months ago

I didn't investigate further because I switched to restic with resticprofile.

buhtz commented 4 months ago

Thank you for reporting back.

rwgroenenberg commented 4 months ago

I am facing the same issue, with a Hetzner account: The debug output for checking the remote folder is:

jul 15 15:10:41 penacho backintime[445693]: Hetzner(6) :: DEBUG: [common/sshtools.py:608 SSH.checkRemoteFolder] Check remote folder
jul 15 15:10:41 penacho backintime[445693]: Hetzner(6) :: DEBUG: [common/sshtools.py:635 SSH.checkRemoteFolder] Call command: ssh -o ServerAliveInterval=240 -o LogLevel=Error -o IdentityFile=/home/robert/.ssh/id_rsa -p 23 uXXXX-sub1@uXXXX.your-storagebox.de d=0;test -e "./" || d=1;test $d -eq 1 && mkdir "./"; err=$?;test $d -eq 1 && exit $err;test -d "./" || exit 11;test -w "./" || exit 12;test -x "./" || exit 13;exit 20
jul 15 15:10:41 penacho backintime[445693]: Hetzner(6) :: DEBUG: [common/sshtools.py:645 SSH.checkRemoteFolder] Command returncode: 8

Trimming down the ssh command to just test already fails due to the restricted shell:

$ ssh -p 23 uXXXX-sub1@uXXXX.your-storagebox.de test -e "./"
Command not found. Use 'help' to get a list of available commands.
rwgroenenberg commented 4 months ago

The list of available commands is just:

/home > help
+-----------------------------------------------------------------------------+
| The following commands are available:                                       |
|   ls                                  list directory content                |
|   tree                                list directory content                |
|   cd                                  change current working directory      |
|   pwd                                 show current working directory        |
|   mkdir                               create new directory                  |
|   rmdir                               delete directory                      |
|   du                                  disk usage of files/directories       |
|   df                                  show disk usage                       |
|   dd                                  read and write files                  |
|   cat                                 output file content                   |
|   touch                               create new file                       |
|   cp                                  copy files/directories                |
|   rm                                  delete files/directories              |
|   unlink                              delete file/directory                 |
|   mv                                  move files/directories                |
|   chmod                               change file/directory permissions     |
|   md5|sha1|sha256|sha512              create hash sum of file               |
|   md5sum|sha1sum|sha256sum|sha512sum  create hash sum of file               |
|   head                                show first lines of file              |
|   tail                                show last lines of file               |
|   grep                                search for specific string in files   |
|   stat                                stat files/directory                  |
|                                                                             |
| Available as server side backend:                                           |
|   borg                                                                      |
|   rsync                                                                     |
|   scp                                                                       |
|   sftp                                                                      |
|   rclone serve restic --stdio                                               |
|                                                                             |
| Please note that this is only a restricted shell which do not               |
| support shell features like redirects or pipes.                             |
|                                                                             |
| You can find more information in our Docs:                                  |
|   https://docs.hetzner.com/robot/storage-box/                               |
+-----------------------------------------------------------------------------+

I'm afraid this may be a bit too restricted to get BIT working :-/

buhtz commented 4 months ago

For my own and because Hetzner once reject my requests, I am not much motivated investing resources into this. But I am also open for suggestions how to solve, RPs and test scenarios. The "test -e" command just tests if the folder does exist. Maybe "stat" could be used for this instead. But I am unable to test this because Hetzner won't provide us an account.

They provide rsync, restic, borg on their servers. If they wont to support Back In Time they do have enough man power doing so. We are open for PRs.

rwgroenenberg commented 3 months ago

Hetzner has confirmed that support for BackInTime is on their roadmap, but can't say when it will be available... I'll see if I can get it to work with mounting the storage box locally (in the mean time I'm using Borg+Vorta)

buhtz commented 3 months ago

Great to here that Hetzner will jump in. Let's see if they suggest the use of another command then test or if they add test to their platform.

buhtz commented 3 months ago

Can you please do me a favour and test this command (replace login credentials):

ssh -o ServerAliveInterval=240 -o LogLevel=Error -o IdentityFile=/home/robert/.ssh/id_rsa -p 23 uXXXX-sub1@uXXXX.your-storagebox.de d=0;[ -e "./" ] || d=1

I replaced test -e with [ -e ].

Can you please also provide the output of echo $SHELL after logging into the Hetzern shell.

rwgroenenberg commented 3 months ago

Unfortunately their shell is really restricted.

The suggested command doesn't work:

/home > d=0;[ -e "./" ] || d=1 Command not found. Use 'help' to get a list of available commands.

Even a simple a simple assignment fails:

/home > d=0 Command not found. Use 'help' to get a list of available commands.

On 26-08-2024 13:33, buhtz wrote:

Can you please do me a favour and test this command (replace login credentials):

|ssh -o ServerAliveInterval=240 -o LogLevel=Error -o IdentityFile=/home/robert/.ssh/id_rsa -p 23 @.*** d=0;[ -e "./" ] || d=1 |

I replaced |test -e| with |[ -e ]|.

— Reply to this email directly, view it on GitHub https://github.com/bit-team/backintime/issues/1745#issuecomment-2309988118, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEY2JRDZZEYQCKPHXLQ2EM3ZTMHBRAVCNFSM6AAAAABIURJVIWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMBZHE4DQMJRHA. You are receiving this because you commented.Web Bug from https://github.com/notifications/beacon/AEY2JRFEXXIX557ELUJRF7LZTMHBRA5CNFSM6AAAAABIURJVIWWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTUJV6PRM.gifMessage ID: @.***>

[ { @.": "http://schema.org", @.": "EmailMessage", "potentialAction": { @.": "ViewAction", "target": "https://github.com/bit-team/backintime/issues/1745#issuecomment-2309988118", "url": "https://github.com/bit-team/backintime/issues/1745#issuecomment-2309988118", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { @.": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

buhtz commented 2 months ago

OK, lets try stat

ssh -o ServerAliveInterval=240 -o LogLevel=Error -o IdentityFile=/home/robert/.ssh/id_rsa -p 23 uXXXX-sub1@uXXXX.your-storagebox.de d=0;stat "./" || d=1

This should work. But the question is if we should use stat by default, or just as a fallback if test is not available.

buhtz commented 2 months ago

Hello Robert, can you please test the last command I suggested on your Hetzer Box please?

rwgroenenberg commented 2 months ago

It will not work as already the variable assignment 'd=0' is not supported.

buhtz commented 2 months ago

It will not work as already the variable assignment 'd=0' is not supported.

Mhm... It worked on my bash. So this is another Hetzer-restriction?

Do you have any other ideas? Or can we just say Hetzer is not supported and improving the error message.

buhtz commented 2 months ago

Suggested approach

Do not support restricted systems like Hetzer is using. Improve the error message to make it more clear to the user what is going on. Maybe do a previous check if commands are available or not. Also add a FAQ entry about known error messages in context of Hetzner boxes.

buhtz commented 1 month ago
buhtz commented 11 hours ago

https://www.mail-archive.com/bit-dev@python.org/msg00119.html