View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001447||bareos-core||file daemon||public||2022-04-06 14:12||2023-03-07 12:09|
|Platform||x86_64||OS||CentOS||OS Version||stream 8|
|Summary||0001447: Restore of unencrypted files on an encrypted fd thrown an error, bur works.|
|Description||When restore files from an client that stores the files unencrypted on an client that normally only runs encrypted backups, the restore will work, but an error is thrown.|
|Steps To Reproduce||Sample config:|
PKI Signatures = Yes
PKI Encryption = Yes
PKI Cipher = aes256
PKI Master Key = ".../master.key"
PKI Keypair = ".../all.keys"
# without the cryptor config
Both can do its' backup and restore for itself to the storage. But when an restore is done, with files from client B on client A, then the files are restored as request, but for every file an error is logged:
clienta JobId 72: Error: filed/crypto.cc:168 Missing cryptographic signature for /email@example.com
and the hole job is marked as failed.
|Additional Information||Because the restore itself works, I think the job should only marked as "OK with warnings" and the "Missing cryptographic signature ..." only as an warning instant of an error.|
|Tags||No tags attached.|
Thanks you for your report. In a bug triage session, we came to the following conclusion for this case.
We understand completely the case, and agree it should be better handled by the code.
The workaround is to change your configuration as with the parameter PKI Signatures = Yes you are requesting the fact that normally you care about the signature for all data, so the job got its failing status. If you need to restore unencrypted data to that client, you should during the restore time to comment out that parameter.
On our side, nobody will work on that improvement, but feel free to propose a fix in a PR on github.
|2022-04-06 14:12||mdc||New Issue|
|2023-03-07 12:09||bruno-at-bareos||Note Added: 0004902|
|2023-03-07 12:09||bruno-at-bareos||Assigned To||=> bruno-at-bareos|
|2023-03-07 12:09||bruno-at-bareos||Status||new => resolved|
|2023-03-07 12:09||bruno-at-bareos||Resolution||open => won't fix|