From: Dominik Csapak <d.csapak@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: Re: [pbs-devel] [PATCH proxmox-backup] backup: check verify state of previous backup before allowing reuse
Date: Tue, 1 Sep 2020 15:47:05 +0200 [thread overview]
Message-ID: <0f626acf-ea04-748f-d76e-67ee46425147@proxmox.com> (raw)
In-Reply-To: <20200901103341.10075-1-s.reiter@proxmox.com>
sadly this is not enough to handle this in a good way
short excerpt from src/backup/chunk_store.rs
fn insert_chunk ...
--->8---
if let Ok(metadata) = std::fs::metadata(&chunk_path) {
if metadata.is_file() {
return Ok((true, metadata.len()));
} else {
bail!("Got unexpected file type on store '{}' for chunk {}",
self.name, digest_str);
}
}
---8<---
so if the chunk already exists, the server does not write it again
we need here some 'force' parameter that overwrites the corrupt chunks
otherwise the client sends all chunks, but the server never writes them
On 9/1/20 12:33 PM, Stefan Reiter wrote:
> Do not allow clients to reuse chunks from the previous backup if it has
> a failed validation result. This would result in a new "successful"
> backup that potentially references broken chunks.
>
> If the previous backup has not been verified, assume it is fine and
> continue on.
>
> Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
> ---
> src/api2/backup.rs | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/src/api2/backup.rs b/src/api2/backup.rs
> index ad608d85..c0b1d985 100644
> --- a/src/api2/backup.rs
> +++ b/src/api2/backup.rs
> @@ -652,6 +652,19 @@ fn download_previous(
> None => bail!("no previous backup"),
> };
>
> + let (manifest, _) = env.datastore.load_manifest(&last_backup.backup_dir)?;
> + let verify = manifest.unprotected["verify_state"].clone();
> + match serde_json::from_value::<SnapshotVerifyState>(verify) {
> + Ok(verify) => {
> + if verify.state != "ok" {
> + bail!("previous backup has failed verification");
> + }
> + },
> + Err(_) => {
> + // no verify state found, ignore and treat as valid
> + }
> + };
> +
> let mut path = env.datastore.snapshot_path(&last_backup.backup_dir);
> path.push(&archive_name);
>
>
prev parent reply other threads:[~2020-09-01 13:47 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-01 10:33 Stefan Reiter
2020-09-01 13:47 ` Dominik Csapak [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0f626acf-ea04-748f-d76e-67ee46425147@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox