Pre and post backup lost execute permissions

Problem Description

I’ve noticed the backups had stopped syncing to the off site backup, and the email cron logs stopped mentioning the pre and post backup tasks in the emails.

On looking into the scripts, I noticed that the scripts in the directories didn’t have execute permissions:

sympl@vps3:/etc/sympl/backup.d/pre-backup.d$ ls -l
total 20
-rw-rw-r-- 1 sympl sympl  136 Jul 31  2019 00-check-root
-rw-rw-r-- 1 sympl sympl  520 Jun 21  2019 04-disable-lock
-rw-rw-r-- 1 sympl sympl 1897 Jun 21  2019 05-check-availspace
-rw-rw-r-- 1 sympl sympl  528 Jun 21  2019 06-enable-lock
lrwxrwxrwx 1 root  root    22 Jul 31  2019 20-sympl-sqldump -> /usr/bin/sympl-sqldump
-rw-rw-r-- 1 sympl sympl  529 Jun 21  2019 30-clear-orphans

Note that the sqldump is the exception.

sympl@vps3:/etc/sympl/backup.d/post-backup.d$ ls -l
total 4
-rw-rw-r-- 1 sympl sympl 191 Oct 17  2019 99-upload_backup

My Raspberry Pi has the same issue but a day earlier.

Any Error Messages

Cron emails no longer include the output of those scripts

17 April 2020 at 06:56 the pre- and post-backup procedures were included in the email.
The following day 18 April 2020 at 06:30, they were not.

Looking at /var/log/apt/history.log there is the following update of sympl-core, which seems suspicious.

Start-Date: 2020-04-17  06:56:28
Commandline: /usr/bin/unattended-upgrade
Upgrade: sympl-core:amd64 (10.0.191231.0, 10.0.200415.0)
End-Date: 2020-04-17  06:56:45

I’ve added the execute bits back with chmod a+x in both directories, and running the backup manually means the pre- and post-backup procedures are running again. However since doing this at the start of writing this forum post, the execute bits are no longer set up on the scripts.

Environment

  • Sympl Version [9.0/10.0]: Buster
  • Sympl Testing Version? [Yes/No]: Yes
  • Debian Version [Buster/Stretch]: Buster
  • Hardware Type? [Dedicated/Virtual/Pi]: VPS/Raspbery Pi
  • Hosted On? [name of hosting co]: Mythic Beasts

Looking at the backups that backup2l creates by default /usr/sbin/sympl-filesystem-security is not included (nor is anything in /usr/sbin), thus hard to do a diff and see the cause, as it appears to be the hourly cron which is the cause:

sympl@vps4:~$ ls -l /etc/cron.hourly/sympl-filesystem-security
lrwxrwxrwx 1 root root 35 Apr 20 16:15 /etc/cron.hourly/sympl-filesystem-security -> /usr/sbin/sympl-filesystem-security

I’m suspecting it’s related to the change at the end of this diff for ticket #280 Fixes #280, Adds --verbose switch. (!174) · Merge requests · Sympl / Sympl · GitLab @Kelduum

Within /etc/sympl:
Before: chmod was to remove other write for files.
After: set the permissions to 644 for files, however the execute bit is not set, which is problematic as there are some scripts which need the execute bit.

Yep, that’s the case - I’ll get a fix pushed out today.

The CI tests should have picked it up and prevented it from getting released like that, so I’ll need to update them.

Excellent, thank you.

It should all be fixed now, and a quick run of sympl update should get it back to normal.

All back to normal, thanks for the very quick fix.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.