Dangerous behaviour of 'precleanup.pm'

Bug #394668 reported by v3l0cir4pt0r on 2009-07-02
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mylvmbackup
High
Lenz Grimmer

Bug Description

Our config:
[mysql]
user=******
password=******
host=
port=
socket=
mycnf=/etc/my.cnf

#
# LVM-specific options
#
[lvm]
vgname=VG
lvname=LV_var
backuplv=
lvsize=2G

#
# File system specific options
#
[fs]
xfs=0
mountdir=/mnt/backup/
backupdir=/backup/
relpath=lib/mysql/

#
# Names of required external utilities
# Make sure the $PATH is set accordingly, especially for cron jobs!
#
[tools]
lvcreate=lvcreate
lvremove=lvremove
lvs=lvs
mount=mount
tar=tar
compress=gzip
# alternative tar backup compression tools
#compress=lzma
#compress=bzip2
# or (for no compression):
#compress=cat
#
rsync=rsync
rsnap=rsnap
umount=umount

#
# Other configuration options
#
[misc]
backuptype=tar
prefix=backup
suffix=_mysql
tararg=cvf
tarsuffixarg=
tarfilesuffix=.tar.gz
compressarg=--stdout --verbose --best
# for LZMA:
#compressarg=--stdout --verbose -7
# for bzip2:
#compressarg=--stdout --verbose -7
# for cat:
#compressarg= # ie. nothing
rsyncarg=-avWP
rsnaparg=7
datefmt=%Y%m%d_%H%M%S
innodb_recover=0
pidfile=/var/tmp/mylvmbackup_recoverserver.pid
skip_flush_tables=0
extra_flush_tables=0
skip_mycnf=0
hooksdir=/usr/share/mylvmbackup
skip_hooks=0
keep_snapshot=0
keep_mount=0
quiet=0

#
# Logging options. The Sys::Syslog module is required for syslog option
# See "perldoc Sys::Syslog" for more information.
#
[logging]
# 'console' (STDOUT, STDERR) or 'syslog' or 'both'.
log_method=console
# 'native', 'tcp', 'udp'. Default is 'native'
syslog_socktype=native
syslog_facility=
# If using remote syslog, don't forget to change the socket type to tcp or udp.
syslog_remotehost=

mylvmbackup - rpmbuild done on RHEL 4.6 with CPAN update for Sys:Syslog and installation of Time::Date and Config::IniFiles

The default version of precleanup.pm attempts to remove some subdirectories of / - why? Because the line:
my $dest = dirname(time2str($cfg->val('fs', 'backupdir'), time));
is returning '/', imagine how many hours of work it caused to recover one server...

Anyway, if you really want to follow the idea this line should be:
my $dest = dirname($cfg->val('fs', 'backupdir').time2str($cfg->val('misc', 'datefmt'), time));

BR
//User

Lenz Grimmer (lenzgr) wrote :

Ugh, thanks for that hint! I'll take a look at this right away.

Changed in mylvmbackup:
assignee: nobody → LenZ (lenzgr)
importance: Undecided → High
milestone: none → 0.13
Lenz Grimmer (lenzgr) wrote :

I've now fixed this problem by simply removing this hook - it simply was not suitable for general inclusion and too specific for a certain use case...

Changed in mylvmbackup:
status: New → Fix Committed
Lenz Grimmer (lenzgr) on 2009-09-06
Changed in mylvmbackup:
status: Fix Committed → Fix Released
visibility: private → public
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers