search

ente-io / ente

Fully open source, End to End Encrypted alternative to Google Photos and Apple Photos
https://ente.io
GNU Affero General Public License v3.0
14.52k stars 748 forks source link

[auth] [linux] Ente kept deleting my contents from ~/temp directory #2563

Open nktnet1 opened 1 month ago

nktnet1 commented 1 month ago

Description

I use the ~/temp folder to test programs/scripts and for general purpose tasks. Noticed that it kept getting wiped, so I used inotifywait and auditd to track it down - turns out the culprit was ente auth.

Using the custom script below:

click to view script ```sh #!/bin/bash DIR_PATH=/home/nktnet/temp while read -r path action file; do event_text="Event: $action on $file in $path" echo " ${event_text}" | tee -a temp-monitor-log.txt # hyprctl notify 1 5000 0 "${event_text}" done < <(inotifywait -mr -e modify,create,delete,move "${DIR_PATH}") ```

The results are:

Event: CREATE on please-keep-this-file.txt in /home/nktnet/temp/
Event: CREATE on 4913 in /home/nktnet/temp/
Event: DELETE on 4913 in /home/nktnet/temp/
Event: DELETE on please-keep-this-file.txt in /home/nktnet/temp/

I believe the file 4913 was created by Ente. The file please-keep-this-file.txt was created by me, and was deleted by Ente incorrectly.

Further tracking with the Audit Framework using the rule:

-w /home/nktnet/temp -p rwa -k temp_monitor

shows the output:

time->Sun Jul 28 20:49:14 2024
type=PROCTITLE msg=audit(1722163754.859:1265): proctitle="ente_auth"
type=PATH msg=audit(1722163754.859:1265): item=0 name="/home/nktnet//temp//" inode=25959782 dev=103:05 mode=040755 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1722163754.859:1265): cwd="/home/nktnet"
type=SYSCALL msg=audit(1722163754.859:1265): arch=c000003e syscall=257 success=yes exit=28 a0=ffffff9c a1=73bb98002ad0 a2=10000 a3=0 items=1 ppid=1 pid=129004 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=tty1 ses=1 comm="DartWorker" exe="/usr/share/ente_auth/ente_auth" key="temp_monitor"
----
time->Sun Jul 28 20:49:14 2024
type=PROCTITLE msg=audit(1722163754.859:1266): proctitle="ente_auth"
type=PATH msg=audit(1722163754.859:1266): item=1 name="/home/nktnet//temp//please-keep-this-file.txt" inode=25959483 dev=103:05 mode=0100644 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1722163754.859:1266): item=0 name="/home/nktnet//temp//" inode=25959782 dev=103:05 mode=040755 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1722163754.859:1266): cwd="/home/nktnet"
type=SYSCALL msg=audit(1722163754.859:1266): arch=c000003e syscall=263 success=yes exit=0 a0=ffffff9c a1=73bb98002ad0 a2=0 a3=0 items=2 ppid=1 pid=129004 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=tty1 ses=1 comm="DartWorker" exe="/usr/share/ente_auth/ente_auth" key="temp_monitor"
----
time->Sun Jul 28 20:49:14 2024
type=PROCTITLE msg=audit(1722163754.859:1269): proctitle="ente_auth"
type=PATH msg=audit(1722163754.859:1269): item=2 name=(null) inode=25959782 dev=103:05 mode=040755 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1722163754.859:1269): item=1 name=(null) inode=25952258 dev=103:05 mode=040755 ouid=1000 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1722163754.859:1269): item=0 name="/home/nktnet//" inode=25952258 dev=103:05 mode=040755 ouid=1000 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1722163754.859:1269): cwd="/home/nktnet"
type=SYSCALL msg=audit(1722163754.859:1269): arch=c000003e syscall=263 success=yes exit=0 a0=ffffff9c a1=73bb98002ad0 a2=200 a3=0 items=3 ppid=1 pid=129004 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=tty1 ses=1 comm="DartWorker" exe="/usr/share/ente_auth/ente_auth" key=(null)
type=CONFIG_CHANGE msg=audit(1722163754.859:1269): op=remove_rule dir="/home/nktnet/temp" key="temp_monitor" list=4 res=1

Would it be possible to store ente-auth's temporary files in the XDG_CACHE_HOME directory as specified by the XDG Base Directories? For example, in

${XDG_CACHE_HOME}/ente                     # which defaults to
${HOME}/.cache/ente

This way user files on the home directory are not randomly deleted - this was difficult to debug (unsure which apps was deleting ~/temp), and lost quite a bit of work.

The code in question is likely this: https://github.com/ente-io/ente/blob/8d91b857fb0662df29d042c6f21b611272d979b4/auth/lib/core/configuration.dart#L73-L93

Related issue #2564, where user data is stored in ~/ente instead of ${XDG_DATA_HOME}/ente.

Thanks ~

Version

v3.0.17

What product are you using?

Ente Auth (installed ente-auth-bin from AUR)

What platform are you using?

Desktop - Linux

prateekmedia commented 1 day ago

Edit: I have understood the issue and seems like it was creating dir in home instead of Documents folder. Anyways I have updated the logic as you suggested. Thanks!