Germar
commented
7 years ago Cronjobs can't access your users keyring. That's why I added the Cache Password for Cron. Please activate it.
Open ghost opened 7 years ago
Germar
commented
7 years ago Cronjobs can't access your users keyring. That's why I added the Cache Password for Cron. Please activate it.
ghost
commented
7 years ago OK, I can try this. But I have a nearly identical set-up on another computer (BiT 1.1.12 on Xubuntu 16.04 LTS, only in this case 64 bit), where I use ssh without encryption for backup. On this machine I also did not select Cache Password for Cron, yet it works with anacron without being asked to enter manually the ssh key. Something seems to be inconsistent.
Just in case it is important, on both machines I can do ssh to the target machine from a terminal without entering the password.
Germar
commented
7 years ago Just in case it is important, on both machines I can do ssh to the target machine from a terminal without entering the password.
So there is no password on the machine without encryption :wink:
ghost
commented
7 years ago Both machines are set-up with password-protected private ssh keys. The file id_rsa contains Proc-Type: 4,ENCRYPTED, also ssh-keygen -y request the password on both.
The difference I find is that the Gnome Keyring contains an entry "Password for 'profile_id_1' on 'backintime/ssh" on the machine where it works, whereas there is no such entry on the machine where it does not work.
Germar
commented
7 years ago Oh, sorry. I misunderstood that.
Please run env -i backintime --debug --backup-job in Terminal and post the output.
ghost
commented
7 years ago For running this test, I disabled Cache Password for Cron again (with that option the anacron backup worked as expected without asking the password). I get the following output (but I wonder if I should make it actually run the backup by reducing the time for anacron, because at the end it now says 'not scheduled to run now'?).
$ env -i backintime --debug --backup-job
$ DEBUG: [common/backintime.py:509 arg_parse] Arguments: {'func': <function aliasParser at 0xb63a3adc>, 'debug': True, 'replace': '--backup-job', 'alias': 'backup-job'} | unknownArgs: []
INFO: [common/backintime.py:563 aliasParser] Run command 'backup-job' instead of argument '--backup-job' due to backwards compatibility.
DEBUG: [common/backintime.py:509 arg_parse] Arguments: {'func': <function backupJob at 0xb63a3d1c>, 'debug': True, 'command': 'backup-job'} | unknownArgs: []
Back In Time
Version: 1.1.12
Back In Time comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions; type `backintime --license' for details.
DEBUG: [common/backintime.py:576 getConfig] config file: /home/oliver/.config/backintime/config
DEBUG: [common/backintime.py:577 getConfig] profiles: ['1']
DEBUG: [common/pluginmanager.py:88 PluginManager.load_plugins] Register plugin path /usr/share/backintime/plugins
DEBUG: [common/pluginmanager.py:104 PluginManager.load_plugins] Add plugin qt4plugin.py
DEBUG: [common/pluginmanager.py:104 PluginManager.load_plugins] Add plugin notifyplugin.py
DEBUG: [common/pluginmanager.py:104 PluginManager.load_plugins] Add plugin userscriptsplugin.py
DEBUG: [common/snapshots.py:774 Snapshots.get_snapshots_list] Failed to get snapshots list: [Errno 2] No such file or directory: '/home/oliver/.local/share/backintime/mnt/1_4128/backintime'
DEBUG: [common/snapshots.py:947 Snapshots.has_old_snapshots] Found old snapshots: False
INFO: [common/snapshots.py:970 Snapshots.take_snapshot] Profile "Main profile" is not scheduled to run now.Oh, sorry. Sure, I forgot to mention this. You can alternative run env -i backintime --debug backup which will force to take a new snapshot.
ghost
commented
7 years ago With this command I was asked again the two passwords and got the following output. The line starting DEBUG: [common/sshtools.py:192 SSH.unlock_ssh_agent] was printed after the first ssh password was entered, the line DEBUG: [common/encfstools.py:265 EncFS_SSH.mount] after the second encryption password.
$ env -i backintime --debug backup
DEBUG: [common/backintime.py:509 arg_parse] Arguments: {'func': <function backup at 0xb634ac44>, 'command': 'backup', 'debug': True} | unknownArgs: []
Back In Time
Version: 1.1.12
Back In Time comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions; type `backintime --license' for details.
DEBUG: [common/backintime.py:576 getConfig] config file: /home/oliver/.config/backintime/config
DEBUG: [common/backintime.py:577 getConfig] profiles: ['1']
DEBUG: [common/pluginmanager.py:88 PluginManager.load_plugins] Register plugin path /usr/share/backintime/plugins
DEBUG: [common/pluginmanager.py:104 PluginManager.load_plugins] Add plugin qt4plugin.py
DEBUG: [common/pluginmanager.py:104 PluginManager.load_plugins] Add plugin notifyplugin.py
DEBUG: [common/pluginmanager.py:104 PluginManager.load_plugins] Add plugin userscriptsplugin.py
DEBUG: [common/snapshots.py:774 Snapshots.get_snapshots_list] Failed to get snapshots list: [Errno 2] No such file or directory: '/home/oliver/.local/share/backintime/mnt/1_5298/backintime'
DEBUG: [common/snapshots.py:947 Snapshots.has_old_snapshots] Found old snapshots: False
DEBUG: [common/snapshots.py:1984 Snapshots.flockExclusive] Set flock /tmp/backintime.lock
INFO: [common/snapshots.py:985 Snapshots.take_snapshot] Lock
INFO: [common/tools.py:803 inhibitSuspend] Inhibit Suspend started. Reason: take snapshot
DEBUG: [common/tools.py:611 keyring_supported] Found appropriate keyring 'keyring.backends.file'
DEBUG: [common/tools.py:611 keyring_supported] Found appropriate keyring 'keyring.backends.file'
DEBUG: [common/sshtools.py:192 SSH.unlock_ssh_agent] Add private key /home/oliver/.ssh/id_rsa to ssh agent
DEBUG: [common/sshtools.py:197 SSH.unlock_ssh_agent] Password available: True
DEBUG: [common/sshtools.py:213 SSH.unlock_ssh_agent] Provide password through temp FIFO
DEBUG: [common/encfstools.py:265 EncFS_SSH.mount] Mount sshfs
DEBUG: [common/mount.py:300 SSH.mountprocess_lock_acquire] Acquire mountprocess lock /home/oliver/.local/share/backintime/mnt/5298.lock
DEBUG: [common/sshtools.py:374 SSH.check_ping_host] Check ping host
DEBUG: [common/sshtools.py:383 SSH.check_ping_host] Host ihp-pc49.ethz.ch is available
DEBUG: [common/sshtools.py:248 SSH.check_fuse] Check fuse
DEBUG: [common/sshtools.py:250 SSH.check_fuse] sshfs is missing
DEBUG: [common/mount.py:309 SSH.mountprocess_lock_release] Release mountprocess lock /home/oliver/.local/share/backintime/mnt/5298.lock
ERROR: [common/snapshots.py:996 Snapshots.take_snapshot] sshfs not found. Please install e.g. 'apt-get install sshfs'
INFO: [common/snapshots.py:998 Snapshots.take_snapshot] UnlockHu! sshfs is missing how comes this?
But the main issue is Found appropriate keyring 'keyring.backends.file'. BiT has a whitelist of backends that are allowed. keyring.backends.file is not one of them.
Is python3-secretstorage installed? Please post the output of dpkg -l | grep 'python3-keyring\|python3-secretstorage'
ghost
commented
7 years ago Output is as follows
$ dpkg -l | grep 'python3-keyring\|python3-secretstorage'
ii python3-keyring 7.3-1ubuntu1 all store and access your passwords safely - Python 3 version of the package
ii python3-secretstorage 2.1.3-1 all Python module for storing secrets - Python 3.x versionOh, sorry. I forgot the false positive Found appropriate keyring 'keyring.backends.file' message was just a logic error in the debug message.
And sshfs is missing is because missing PATH. So the correct test command would be env -i PATH=/usr/sbin:/usr/bin:/sbin:/bin backintime --debug backup
I was able to reproduce this and understand now what you mean when you said it's inconsistent. Will have a look soon.
buhtz
commented
2 years ago Keyrings & Co are not "my topic". This is a maybe related Debian issue https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998105
aryoda
commented
1 year ago I have fixed some issues in the keyring logic of BiT. Would it be possible to use the most-recent dev version to re-test your issue and report if it still exists?
I was able to reproduce this and understand now what you mean when you said it's inconsistent. Will have a look soon.
@Germar Your comment is six years old so I don't expect you to remember that detail (but if it would be helpful and be honored with a "master mind" badge ;-)
Germar
commented
1 year ago Sorry I can't remember without diving deep into it again. But I do remember having the same Bug every now and then on my own machine until I replaced BiT
I set up a non-root, encrypted ssh backup, with 'Safe Passwords to Keyring' selected. This works flawlessly if manually started in the BiT GUI with 'Take snapshot'. If running automatically (I tried repeatedly by anacron and 'at boot') I am still asked each time to enter both ssh and encryption passwords manually when I am logged in. The 'Cache Password for Cron' option is not selected.
I do find two credentials with the correct passwords stored in the Keyring: "Password for 'profile_id_1' on ''backintime/ssh_encfs" "Password for 'profile_id_1' on ''backintime/ssh_encfs_2"
Version information: BiT 1.1.12 on Xubuntu 16.04 LTS (32 bit).
On some different computers I have set-up unencrypted ssh backups, which works all as expected.