New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issues when roll-backing a transaction in append-only mode #3579

Closed
angristan opened this Issue Jan 26, 2018 · 6 comments

Comments

Projects
None yet
3 participants
@angristan

angristan commented Jan 26, 2018

Hello,

I'm trying to use the append only-mode and rollback a to a specific transaction after a deletion. See below:

root@lyra ~# borg init borg -e none
root@lyra ~# borg config borg append_only 1
root@lyra ~# cat borg/config | grep append
append_only = 1
root@lyra ~# borg create borg::etc1 /etc/
root@lyra ~# borg create borg::etc2 /etc/
root@lyra ~# borg list borg
etc1                                 Fri, 2018-01-26 22:31:09 [9482e8937b26059de8c04c49ca2536c4b3b9e3b810eedcf48175700a1763c8b7]
etc2                                 Fri, 2018-01-26 22:31:18 [c6bbcc70bbd8f1ba5d95cddec5794813d613b4da69604247eaffe052195bd6b2]
root@lyra ~# borg delete borg::etc2
root@lyra ~# borg list borg
etc1                                 Fri, 2018-01-26 22:31:09 [9482e8937b26059de8c04c49ca2536c4b3b9e3b810eedcf48175700a1763c8b7]
root@lyra ~# cat borg/transactions
transaction 3, UTC time 2018-01-26T21:31:13.067620
transaction 5, UTC time 2018-01-26T21:31:18.862268
transaction 7, UTC time 2018-01-26T21:31:34.493100
root@lyra ~# rm borg/index.7 borg/hints.7
root@lyra ~# rm borg/data/0/{6,7}
root@lyra ~# borg list borg
Cache is newer than repository - do you have multiple, independently updated repos with same ID?

Is there something I'm missreading from the doc?

By the way, this is very confusing. This may be related to #3504, but for me, we should have a write-only mode that denies every delete and prune commands. We then wouldn't have to deal with transactions, as data can't be deleted in the first place.

Also, if I'm understand correctly, if you write data in not append-only mode, the data is permanently deleted:

Be aware that as soon as you write to the repo in non-append-only mode (e.g. prune, delete or create archives from an admin machine), it will remove the deleted objects permanently (including the ones that were already marked as deleted, but not removed, in append-only mode).

Isn't this a major flaw?

If I'm backing up on a remote server, and I only allow the backup server to launch borg serve with append-only, that would mean that I have to add a cron on the backup server to execute borg prune in non-append-only mode. But as all this is done automatically, that would mean I have 24 hours to check (how?!) that someone deleted one or multiple backups on my backup server.

Please tell me If I'm missing something, but this seems way more complex that it could be.

@enkore

This comment has been minimized.

Contributor

enkore commented Jan 26, 2018

It's that complex because --append-only exposes an accidental implementation detail of an implementation detail of an internal low-level abstraction.

@angristan

This comment has been minimized.

angristan commented Jan 27, 2018

That doesn't help much :(

@ThomasWaldmann

This comment has been minimized.

Member

ThomasWaldmann commented Jan 28, 2018

The only specific problem i can see (besides it being non-trivial) is that borg list complains about "cache is newer than repo", which is expected in that case. So borg delete --cache-only repo to delete the not-matching cache.

@angristan

This comment has been minimized.

angristan commented Jan 28, 2018

When should I use borg delete --cache-only repo?

@ThomasWaldmann

This comment has been minimized.

Member

ThomasWaldmann commented Jan 28, 2018

In general: when you have reasons to want to get rid of the local cache for that repo.
In your case, due to the transaction rollback, the local cache is out of sync (in a unusual way).
The cache will get rebuild automatically. Depending on repo size and archive count, it may take a while.

@enkore

This comment has been minimized.

Contributor

enkore commented Jan 28, 2018

I think that ~/.config/borg/security would also need to be reset.

@ThomasWaldmann ThomasWaldmann added this to the 1.1.x milestone Feb 26, 2018

@ThomasWaldmann ThomasWaldmann self-assigned this Mar 9, 2018

ThomasWaldmann added a commit that referenced this issue Mar 12, 2018

Merge pull request #3680 from ThomasWaldmann/transaction-rollback-docs
docs: extend append-only repo rollback docs, fixes #3579

ThomasWaldmann added a commit to ThomasWaldmann/borg that referenced this issue Mar 17, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment