[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fsck w/out delete privilege



Gleb Arshinov wrote:
> Any update on releasing this?

That's coming in tarsnap 1.0.27, which will be out Real Soon Now.  Sorry
about the delay -- I've been working on back-end server performance and
the client code got stalled for a while.

> Alternately, what's the right process for copying cache from one
> machine to another?  Is it safe to just copy cache directory over?

That's the most efficient way to do it even after --fsck is available
without the delete key.  But I recommend only copying the cache *from*
the machine which has the delete key and not *to* that machine: The
cache has block reference counts, so theoretically an attacker on the
writing machine could reduce those values and cause tarsnap -d to delete
blocks which are still referenced (thereby breaking archives).

> The setup is machine public with read/write key, and private machine
> with full key.  Public machine does backups.  You then do fsck on
> private machine, delete some backups and need to restore cache on
> public.

Yep, makes sense.

-- 
Colin Percival
Security Officer, FreeBSD | freebsd.org | The power to serve
Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid