Hello!
I would like to become a Fedora package maintainer. I've long been a proponent of Free Software, and have been a Fedora user for about three years now (Gentoo before that, and Red Hat before that). I work at Red Hat as a contributor to the Pulp project:
I've been contributing to Fedora by running alphas, betas, and rawhide and trying to file quality bug reports with Fedora and upstream projects so that bugs can get fixed before they get released to the stable Fedoras. I've enjoyed this work, and want to get more involved so I decided to pursue becoming a package maintainer.
I've filed a request to add a new package called ari-backup:
https://bugzilla.redhat.com/show_bug.cgi?id=1269609
ari-backup is a simple wrapper around rdiff-backup that allows admins to describe their backup jobs in simple Python files. It adds the ability to manage LVM or ZFS snapshots so that the backups can be crash consistent. I am one of the contributors to ari-backup.
Let me know if there is anything I can or should do to aide in the review process. I look forward to participating even more in Fedora!
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On 10/07/2015 01:37 PM, Randy Barlow wrote:
I've filed a request to add a new package called ari-backup:
My package reviewer and I had some questions about whether the permissions I have set in my spec file are justifiable or not. This software is a backup server, and the spec file I have created configured the backup store (/var/lib/ari-backup) to have restrictive permissions (root:root, 0700). The reasoning is that I didn't want to assume that it would be OK for other users who may have access to the backup server to be able to see files from other systems that have been stored there.
Additionally, the folder /etc/ari-backup/jobs.d contains job configuration files, and is also configured for 0700. This is to prevent any information about what is being backed up (and how it is being backed up) from leaking. The backup jobs in there are Python scripts, and can contain arbitrary code to be executed during the backup jobs.
What do others think? Are the permissions I have selected in my spec file appropriate for a backup server?
- -- R
On 1.11.2015 18:54, Randy Barlow wrote:
On 10/07/2015 01:37 PM, Randy Barlow wrote:
I've filed a request to add a new package called ari-backup:
My package reviewer and I had some questions about whether the permissions I have set in my spec file are justifiable or not. This software is a backup server, and the spec file I have created configured the backup store (/var/lib/ari-backup) to have restrictive permissions (root:root, 0700). The reasoning is that I didn't want to assume that it would be OK for other users who may have access to the backup server to be able to see files from other systems that have been stored there.
Additionally, the folder /etc/ari-backup/jobs.d contains job configuration files, and is also configured for 0700. This is to prevent any information about what is being backed up (and how it is being backed up) from leaking. The backup jobs in there are Python scripts, and can contain arbitrary code to be executed during the backup jobs.
What do others think? Are the permissions I have selected in my spec file appropriate for a backup server?
Generally principle of least privileges is okay, so I agree with your proposal in general.
On the other hand I have to ask if the server must be running under root? Shoudn't it run under a dedicated user, e.g. 'aribackup'?
In that case filesystem permissions should be root:aribackup 770.
On Mon, Nov 2, 2015 at 3:05 AM, Petr Spacek pspacek@redhat.com wrote:
Generally principle of least privileges is okay, so I agree with your proposal in general.
On the other hand I have to ask if the server must be running under root? Shoudn't it run under a dedicated user, e.g. 'aribackup'?
In that case filesystem permissions should be root:aribackup 770.
Hmm... I don't know why I didn't think of that as a long time BackupPC user...
So a user could be setup but would they need to be setup as a sudo'er like BackupPC?
Thanks, Richard
Petr Spacek wrote:
On the other hand I have to ask if the server must be running under root? Shoudn't it run under a dedicated user, e.g. 'aribackup'?
In that case filesystem permissions should be root:aribackup 770.
Hi Petr!
ari-backup is really just a convenient wrapper around rdiff-backup. rdiff-backup can be run as a non-root user, but running it as root on the backup server has the advantage of allowing it to preserve the ownership information of the files being backed up. This way, the backup store has the same UID/GIDs as the source, which can be convenient during restores.
If you find this concerning, I may be able to rework ari-backup to make the user that jobs get run under configurable (with a default to an ari-backup user). Users like me who prefer to backup files with the privileges needed to maintain the ownership could simply adjust a configuration file. Do you think that would be a good way to go?