Error when using gocryptfs in reverse mode with Docker and rsyncing

[fsutter]

Hi,

when I use gocryptfs in reverse mode and rsyncing to another host I get this kind of error messages:

rsync: mknod "/volume1/backup/ds920p/docker_crypted/fciybjntMQ9HjgJ6u8kLsQ/xz0AFT5_NXDTsQbE3zRKyQ/I_GEPHDEkgcX6nDxMUg0cNNLa-VukytSUu7b01ZSZVg/kic1W7LRqwRYXoueQRuKwg" failed: No such file or directory (2)
rsync: mknod "/volume1/backup/ds920p/docker_crypted/fciybjntMQ9HjgJ6u8kLsQ/xz0AFT5_NXDTsQbE3zRKyQ/rHjWu2tN7ISvzBW-bEhaxA/txffX9E0DJZpd6EkROe3Ow/YavZe-jvPMa0uXWPXIiMZQ" failed: Address already in use (98)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1355) [sender=3.0.9

If I rsync the original filesystem (before applying gocryptfs) I have no problem.

I initialize gocryptfs like that:
gocryptfs -q -reverse /volume1/$1 /tmp/$1_crypted
And after I try to rsync /tmp/$1_crypted.

I use gocryptfs 1.8.0.

Many thanks in advance and kind regards,

Frédéric Sutter

[rfjakob]

Interesting. How is this ds920p mounted? Using cifs or nfs?

[fsutter]

/volume1/backup/ds920p is on another server, I rsync with this command:
rsync -e "ssh -p $SYNC_PORT" -az --delete-after /tmp/$1_crypted $SYNC_USER@$SYNC_HOST:$/volume1/backup/ds920p

Both servers are Synology NAS.
I use the script to backup my nas.

[LicoMonch]

$SYNC_USER is probably lacking the permission to create devs .. try rsync again with '--no-devices' ('--no-specials' is also a good idea for non-root users)

I also recommend to close the issue here, as this has (imho) nothing to do with gocryptfs

[fsutter]

@LicoMonch It is related to gocryptfs, read my first post!
Without gocryptfs, my rsync operation works perfectly.
But when I encrypt before resynching, it stops working.

regards,

Frédéric Sutter

[LicoMonch]

@fsutter
yep, got me there, sorry for not recognizing that enough

But the problem is still the same: rsync doesn't work.

As long es you can localy read the files in your reverse-mount there is no issue on gocryptfs .. and you never mentioned something like that ;)

I still recommend to check the source and destination, grab verbose logs, trying a local copy with rsync, etc, etc, etc and ask at a list related to rsync ..

[fsutter]

@LicoMonch I've checked and in fact I cannot make a cd in the directory /tmp/docker_crypted/fciybjntMQ9HjgJ6u8kLsQ/xz0AFT5_NXDTsQbE3zRKyQ/I_GEPHDEkgcX6nDxMUg0cNNLa-VukytSUu7b01ZSZVg/kic1W7LRqwRYXoueQRuKwg "built" by gocryptfs.
Even a sudo cd doens't work.
As I said the uncrypted directory is fully accessible.
IMHO gocryptfs is messing up something with file permissions.

regards,

fsutter

[LicoMonch]

@fsutter
I'm no expert in remote debugging other people setups, but you should check some obvious things:

1. probably kic1W7LRqwRYXoueQRuKwg is no directory? (try 'stat')

2. is the rest of the path /tmp/docker_crypted/fciybjntMQ9HjgJ6u8kLsQ/xz0AFT5_NXDTsQbE3zRKyQ/I_GEPHDEkgcX6nDxMUg0cNNLa-VukytSUu7b01ZSZVg/ there?

3. if the rest is also not there: why does rsunc tries to transfer it? (use dry-run and verbose statistics/output)

4. did you ever tried a simple test-dir with some test subdirs and some test files, reverse mounted it and used the rsync on it?

5. does a local rsync of the reverse mount work?

6. turn your head twice - maybe you forgot something? (-allow_other ?)

[LicoMonch]

Has I said the uncrypted directory is fully accessible.

Well, Ok, so should be working with gocryptfs too .. but it's still another filesystem and especially reverse mount should not be treated like the original filesystem.

[rfjakob]

I must say this looks like a problem in gocryptfs.

Can you maybe reproduce this with a fresh docker container that does not have any sensitive data in it, and make a tar.gz of it to post it here?

[rfjakob]

@LicoMonch Yes maybe gocryptfs shows kic1W7LRqwRYXoueQRuKwg as a non-directory, while it actually should be a directory

[Safari77]

rclone v1.53.2 stopped working, gocryptfs panics

15:22:53.414101 rx 3344: READ n2565 {Fh 7 [42143744 +131072)  L 0 RDONLY,0x8000}
15:22:53.414274 rx 3342: READ n2565 {Fh 7 [42012672 +131072)  L 0 RDONLY,0x8000}
15:22:53.414787 rx 3346: READ n2565 {Fh 7 [42274816 +131072)  L 0 RDONLY,0x8000}
15:22:53.414806 tx 3336:     OK,  131072b data "\xcb\xd3<\"!-\xa7\xc4"...
15:22:53.414874 rx 3348: GETATTR n1446 {Fh 0}
panic: interface conversion: *fusefrontend_reverse.File is not fs.FileGetattrer: missing method Getattr

goroutine 451 [running]:
github.com/rfjakob/gocryptfs/internal/fusefrontend_reverse.(*Node).Getattr(0xc00034c880, 0x5620579784c0, 0xc000593e60, 0x562057939800, 0xc000218050, 0xc0000fc108, 0x0)
        github.com/rfjakob/gocryptfs/internal/fusefrontend_reverse/node.go:69 +0x273
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).getattr(0xc00011e000, 0x5620579784c0, 0xc000593e60, 0xc00034c880, 0x562057939800, 0xc000218050, 0xc0000fc108, 0xbfded1ef58ba7b13)
        github.com/hanwen/go-fuse/[email protected]/fs/bridge.go:500 +0x2d4
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetAttr(0xc00011e000, 0xc0000e0000, 0xc0000fc198, 0xc0000fc108, 0x0)
        github.com/hanwen/go-fuse/[email protected]/fs/bridge.go:488 +0x11c
github.com/hanwen/go-fuse/v2/fuse.doGetAttr(0xc000120000, 0xc0000fc000)
        github.com/hanwen/go-fuse/[email protected]/fuse/opcode.go:287 +0x6f
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000120000, 0xc0000fc000, 0xc000000000)
        github.com/hanwen/go-fuse/[email protected]/fuse/server.go:472 +0x2c1
github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000120000, 0xc000288001)
        github.com/hanwen/go-fuse/[email protected]/fuse/server.go:445 +0x18c
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest
        github.com/hanwen/go-fuse/[email protected]/fuse/server.go:312 +0x419

[2]-  Exit 2                  gocryptfs -fusedebug -fg -passfile x.txt -q -reverse /media/x /mnt/4T/backup/x (wd: ~/gocryptfs)

[rfjakob]

Sami, this is with gocryptfs v2.0-beta1?

[Safari77]

Sami, this is with gocryptfs v2.0-beta1?

Yes, the latest git version.

[rfjakob]

@Safari77 fixed via 1c1692c

[rfjakob]

@fsutter can you try https://github.com/rfjakob/gocryptfs/releases/tag/v2.0-beta2 ?

[fsutter]

@rfjakob I've tried https://github.com/rfjakob/gocryptfs/releases/tag/v2.0-beta2 and I still have the same error :(

regards,

[rfjakob]

@fsutter , is it possible to get that tar.gz ( #519 (comment) ) ?

[rfjakob]

Closing for inactivity, please reopen at will