From cam.lafit at azerttyu.net Fri Jul 1 06:46:45 2011 From: cam.lafit at azerttyu.net (cam.lafit at azerttyu.net) Date: Fri, 1 Jul 2011 07:46:45 +0200 Subject: [Box Backup] Strange behaviour on date information ? In-Reply-To: References: Message-ID: Hi Thanks for your help. How many time we can have this behaviour as attributes changing ? Then it's normal, great ;) Km From chris at qwirx.com Sat Jul 2 14:56:37 2011 From: chris at qwirx.com (Chris Wilson) Date: Sat, 2 Jul 2011 14:56:37 +0100 (BST) Subject: [Box Backup] Strange behaviour on date information ? In-Reply-To: References: Message-ID: Hi Km, On Fri, 1 Jul 2011, cam.lafit at azerttyu.net wrote: > Thanks for your help. How many time we can have this behaviour as > attributes changing ? Sorry, I don't understand what you mean. The attributes changing is nothing to do with Box Backup, but only the timestamp of the most recent change backed up on the server will be reported, as the old attributes are replaced. Cheers, Chris. From cam.lafit at azerttyu.net Sat Jul 2 15:42:48 2011 From: cam.lafit at azerttyu.net (cam.lafit at azerttyu.net) Date: Sat, 2 Jul 2011 16:42:48 +0200 Subject: [Box Backup] Strange behaviour on date information ? In-Reply-To: References: Message-ID: Hi Sorry for my english ... My questions was about how many changes are stored in bbackquery. It was to know how manage BoxBackupExplorer script Km poor french guy :p Original script : http://www.joonis.de/content/BoxBackupExplorer Git repo : https://github.com/camlafit/BoxBackupExplorer/ From trelane at lavabit.com Tue Jul 12 00:51:55 2011 From: trelane at lavabit.com (trelane at lavabit.com) Date: Mon, 11 Jul 2011 19:51:55 -0400 Subject: [Box Backup] status Message-ID: <4E1B8C9B.3060801@lavabit.com> Is boxbackup still under active development? After browsing around briefly it seems like it's been a while since the last release. From achim+box at qustodium.net Wed Jul 13 10:35:14 2011 From: achim+box at qustodium.net (Achim J. Latz) Date: Wed, 13 Jul 2011 11:35:14 +0200 Subject: [Box Backup] status In-Reply-To: <4E1B8C9B.3060801@lavabit.com> References: <4E1B8C9B.3060801@lavabit.com> Message-ID: <4E1D66D2.1010603@qustodium.net> Hello: On 12/07/2011 01:51, trelane at lavabit.com wrote: > Is boxbackup still under active development? After browsing around > briefly it seems like it's been a while since the last release. As you can see from the source repo, the last code was checked in only 12 days ago: I pushed for a 1.0 release in the past but, as you noticed, I have not been very successful with that (-: Feel free to check out the latest source and build your own (Windows/*nix) binary as described here: Best regards, Achim -- Achim J. Latz, Qustodium Internet Security achim.latz at qustodium.net ? http://www.qustodium.net Data Encryption ? Backup Automatisation ? E-Mail Protection From tomas.nilsson at westint.se Wed Jul 13 14:34:49 2011 From: tomas.nilsson at westint.se (Tomas Nilsson) Date: Wed, 13 Jul 2011 15:34:49 +0200 Subject: [Box Backup] Certificate problems Message-ID: <807E78569CAA9B409EA32DC1F2CAEBFB206EA968CF@STOEXMBXC03.domain01.net> Hi, First of all, sorry for this very long mail... I'm trying to setup boxbackup to use for internal backups here at work. I have several servers and clients, and the plan is to have them all backed up on this backup server. Installation and having the client find/connect to the server works fine, but when it comes to the certificates something goes wrong. I'm mailing the list now since I just can't figure out what is wrong. I've tried the script to create the certificates, created them myself and tried everything else I could come up with, without success. I still get an error saying "SSL error while accepting connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca" This is what I do. 1. Created a directory /certificates to do all the certificate thing in.. 2. Create root certificates and setup CA by use of bbstored-certs ca init Output: Generating RSA private key, 2048 bit long modulus ............................+++ ........................+++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:An optional company name []: Signature ok subject=/CN=Backup system client root Getting Private key Generating RSA private key, 2048 bit long modulus .......................+++ .........+++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:An optional company name []: Signature ok subject=/CN=Backup system server root Getting Private key 3. Copy /certificates/ca/keys/serverRootKey.pem and /certificates/ca/keys/serverRootCSR.pem to /certificates 4. Sign certificate using bbstored-certs ca sign-server serverRootCSR.pem Output: This certificate is for backup server Backup Signing the wrong certificate compromises the security of your backup system. Would you like to sign this certificate? (type 'yes' to confirm) yes Signature ok subject=/CN=Backup system server root Getting CA Private Key Certificate signed. Install the files ca/servers/Backup-cert.pem ca/roots/clientCA.pem on the server. 5. copy and rename Backup-cert.pem to /etc/boxbackup/bbstored/bkSrv.crt.pem 6. copy clientCA.pem to /etc/boxbackup/bbstored/clientCA.pem 7. copy and rename serverRootKey.pem to /etc/boxbackup/bbstored/bkSrv.key.pem 8. Edit /etc/boxbackup/bbstored.conf and change the certificate paths there to the ones above (5-7) 9. On client server, issue key file and csr using the following command bbackupd-config /etc/boxbackup lazy 75AB23C bkSrv.westint.local /var/bbackupd /var/bbackupd/ This creates the client certificate csr I need as well as sets up the bbackupd.conf for me 10. Send off csr to bkSrv for signing. 11. Sign westsrv2.csr.pem using: bbstored-certs ca sign 75AB23C-csr.pem 12. Getting back 75AB23C-cert.pem and serverCA.pem from bkSrv and copies them to /etc/boxbackup/bbackupd/ 13. Making sure that everything in bbackupd.conf looks fine. 14. Starting the server on bkSrv by issuing bbstored -V -D (to get as much debug info as possible) 15. Starting the client on westsrv2 by issuing bbackupd -V -D Error on client: NOTICE: Starting daemon, version: 0.11rc2+2502 NOTICE: Using configuration file: /etc/boxbackup/bbackupd.conf TRACE: BackupDaemon::NotifySysadmin() called, event = backup-start INFO: About to notify administrator about event backup-start, running script '/etc/boxbackup/bbackupd/NotifySysadmin.sh backup-start' NOTICE: Beginning scan of local files TRACE: Set maximum diffing time to 120 seconds TRACE: Set keep-alive time to 120 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999993 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999965 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999947 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999931 seconds INFO: Opening connection to server 'bkSrv.westint.local'... ERROR: SSL error while connecting: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed TRACE: Obtained 10 stack frames. TRACE: Stack frame 0: bbackupd(DumpStackBacktrace()+0x26) [0x4c87c6] TRACE: Stack frame 1: bbackupd(SocketStreamTLS::Handshake(TLSContext const&, bool)+0x718) [0x498eb8] TRACE: Stack frame 2: bbackupd(SocketStreamTLS::Open(TLSContext const&, Socket::Type, std::string const&, int)+0x2e) [0x4995ce] TRACE: Stack frame 3: bbackupd(BackupClientContext::GetConnection()+0x33f) [0x4250af] TRACE: Stack frame 4: bbackupd(BackupDaemon::SetupLocations(BackupClientContext&, Configuration const&)+0xae) [0x435c9e] TRACE: Stack frame 5: bbackupd(BackupDaemon::RunSyncNow()+0xf16) [0x43e576] TRACE: Stack frame 6: bbackupd(BackupDaemon::RunSyncNowWithExceptionHandling()+0x35) [0x43f235] TRACE: Stack frame 7: bbackupd(BackupDaemon::Run2()+0x27b) [0x440deb] TRACE: Stack frame 8: bbackupd(BackupDaemon::Run()+0x270) [0x4411b0] TRACE: Stack frame 9: bbackupd(Daemon::Main(std::string const&)+0x1402) [0x4812e2] WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at SocketStreamTLS.cpp(212) TRACE: timer: no more events, going to sleep. TRACE: BackupDaemon::NotifySysadmin() called, event = backup-error INFO: About to notify administrator about event backup-error, running script '/etc/boxbackup/bbackupd/NotifySysadmin.sh backup-error' Error on Server: NOTICE: Starting daemon, version: 0.11rc8+2714 NOTICE: Using configuration file: /etc/boxbackup/bbstored.conf INFO: Starting housekeeping INFO: Finished housekeeping ERROR: SSL error while accepting connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca TRACE: Obtained 10 stack frames. TRACE: Stack frame 0: bbstored(DumpStackBacktrace()+0x23) [0x52bb83] TRACE: Stack frame 1: bbstored(SocketStreamTLS::Handshake(TLSContext const&, bool)+0x64d) [0x4ec19d] TRACE: Stack frame 2: bbstored(ServerTLS<2201, 128, true>::HandleConnection(SocketStreamTLS&)+0x25) [0x43b305] TRACE: Stack frame 3: bbstored(ServerStream::Run2(bool&)+0x94e) [0x442c2e] TRACE: Stack frame 4: bbstored(ServerTLS<2201, 128, true>::Run2(bool&)+0x139) [0x4450c9] TRACE: Stack frame 5: bbstored(BackupStoreDaemon::Run()+0x3ea) [0x439b0a] TRACE: Stack frame 6: bbstored(Daemon::Main(std::string const&)+0x2029) [0x4c5039] TRACE: Stack frame 7: bbstored(Daemon::Main(char const*, int, char const**)+0x464) [0x4c15a4] TRACE: Stack frame 8: bbstored(main+0x90) [0x45a8a0] TRACE: Stack frame 9: /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xff) [0x7fa888517eff] WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at SocketStreamTLS.cpp(207) FATAL: Terminating due to exception Connection TLSHandshakeFailed (7/30) I've tried everything now... using the pre-defined scripts as of above, made my own scripts etc... but I just can't figure out why it doesn't work. Probably it's me doing something wrong, but what?? It can't be so that bkSrv needs a real certificate from VeriSign or a company like that, right? Thanks in advance! Tomas -------------- next part -------------- An HTML attachment was scrubbed... URL: From pjalajas at gigalock.com Wed Jul 13 18:18:10 2011 From: pjalajas at gigalock.com (Peter Jalajas, GigaLock Backup Services) Date: Wed, 13 Jul 2011 13:18:10 -0400 Subject: [Box Backup] Certificate problems In-Reply-To: <807E78569CAA9B409EA32DC1F2CAEBFB206EA968CF@STOEXMBXC03.domain01.net> References: <807E78569CAA9B409EA32DC1F2CAEBFB206EA968CF@STOEXMBXC03.domain01.net> Message-ID: Hi Tomas, On Wed, Jul 13, 2011 at 9:34 AM, Tomas Nilsson wrote: ... > I still get an error saying "SSL error while accepting connection: > error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca" ... > 3. Copy /certificates/ca/keys/serverRootKey.pem and > /certificates/ca/keys/serverRootCSR.pem to /certificates ... > 5. copy and rename Backup-cert.pem to /etc/boxbackup/bbstored/bkSrv.crt.pem > 6. copy clientCA.pem to /etc/boxbackup/bbstored/clientCA.pem > 7. copy and rename serverRootKey.pem to > /etc/boxbackup/bbstored/bkSrv.key.pem Just guessing, but maybe a owner or permissions issue on the certs? Owners of bbackupd and bbstored processes need to be able to read the certs. And do you have all the necessary files present on both sides? On my client: root 4107 1 0 Jul04 ? 00:01:07 bbackupd -rw-r--r-- 1 root root 1021 2008-05-15 12:22 serverCA.pem -rw-r--r-- 1 root root 1.7K 2008-08-01 12:06 10009999-key.pem -rw-r--r-- 1 root root 1.0K 2009-09-17 10:08 10009999-FileEncKeys.raw -rw-r--r-- 1 root root 997 2008-08-01 12:06 10009999-cert.pem On my server: root 1184 1 0 Jun11 ? 00:02:50 bbstored root 1185 1184 6 Jun11 ? 2-04:12:13 bbstored -rw-r--r-- 1 root root 1.7K 2011-01-03 15:01 srvr-key.pem -rw-r--r-- 1 root root 981 2011-01-03 15:01 srvr-cert.pem -rw-r--r-- 1 root root 1021 2011-01-03 15:01 clientCA.pem (But I think I should make those permissions 600 on both the client and server so that no other use can access them.) > 12. Getting back 75AB23C-cert.pem and serverCA.pem from bkSrv and copies > them to /etc/boxbackup/bbackupd/ Did copying tweak owner/perms? ... > Error on client: ... > ERROR:?? SSL error while connecting: error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ... > WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at > SocketStreamTLS.cpp(212) ... > Error on Server: ... > ERROR:?? SSL error while accepting connection: error:14094418:SSL > routines:SSL3_READ_BYTES:tlsv1 alert unknown ca ... > WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at > SocketStreamTLS.cpp(207) > FATAL:?? Terminating due to exception Connection TLSHandshakeFailed (7/30) ... > It can?t be so that bkSrv needs a real certificate from VeriSign or a > company like that, right? Right, for sure. You do _not_ need a "real" certificate. Hope that helps, Pete From tomas.nilsson at westint.se Thu Jul 14 12:59:28 2011 From: tomas.nilsson at westint.se (Tomas Nilsson) Date: Thu, 14 Jul 2011 13:59:28 +0200 Subject: [Box Backup] Certificate problems In-Reply-To: References: Message-ID: <807E78569CAA9B409EA32DC1F2CAEBFB206EA96A15@STOEXMBXC03.domain01.net> Hi Peter, I had settings for Boxbackup list messed up, so I received the answer in Digest mode... hence answering like this. :-) Checked my permissions and they all seem fine. Server: -rwxrwxrwx 1 _bbstored root 10 2011-07-11 13:54 accounts.txt -rwxrwxrwx 1 _bbstored root 1009 2011-07-13 15:11 bkSrv.crt.pem -rwxrwxrwx 1 _bbstored root 1679 2011-07-13 15:12 bkSrv.key.pem -rwxrwxrwx 1 _bbstored root 1021 2011-07-13 15:11 clientCA.pem Client: -rwxrwxrwx 1 root root 993 2011-07-13 15:15 75AB23C-cert.pem -rwxrwxrwx 1 root root 899 2011-07-13 15:07 75AB23C-csr.pem -rwxrwxrwx 1 root root 1024 2011-07-13 15:07 75AB23C-FileEncKeys.raw -rwxrwxrwx 1 root root 1675 2011-07-13 15:07 75AB23C-key.pem -rwxrwxrwx 1 root root 1156 2011-07-11 14:21 notifyadmin -rwxrwxrwx 1 root root 1800 2011-07-13 15:07 NotifySysadmin.sh -rwxrwxrwx 1 root root 1021 2011-07-13 15:15 serverCA.pem I changed them to 777 just to make sure, but I still get exactly the same problem as before. How is your openssl setup? Could it be something with the certificates I create that is wrong? It's all done with the scripts provided by boxbackup, but still.... it's the only possible error I can see right now. I've just used the standard settings with no changes at all.. Could it have something to do with "subject=/CN=Backup system server root" not matching the server name? I have however tried changing this to the server name or actually servername.domain.local without any success. Kind Regards, Tomas -----Ursprungligt meddelande----- Fr?n: boxbackup-bounces at boxbackup.org [mailto:boxbackup-bounces at boxbackup.org] F?r boxbackup-request at boxbackup.org Skickat: den 14 juli 2011 13:00 Till: boxbackup at boxbackup.org ?mne: Boxbackup Digest, Vol 20, Issue 5 Send Boxbackup mailing list submissions to boxbackup at boxbackup.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.boxbackup.org/cgi-bin/mailman/listinfo/boxbackup or, via email, send a message with subject or body 'help' to boxbackup-request at boxbackup.org You can reach the person managing the list at boxbackup-owner at boxbackup.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Boxbackup digest..." Today's Topics: 1. Certificate problems (Tomas Nilsson) 2. Re: Certificate problems (Peter Jalajas, GigaLock Backup Services) ---------------------------------------------------------------------- Message: 1 Date: Wed, 13 Jul 2011 15:34:49 +0200 From: Tomas Nilsson Subject: [Box Backup] Certificate problems To: "boxbackup at boxbackup.org" Message-ID: <807E78569CAA9B409EA32DC1F2CAEBFB206EA968CF at STOEXMBXC03.domain01.net> Content-Type: text/plain; charset="us-ascii" Hi, First of all, sorry for this very long mail... I'm trying to setup boxbackup to use for internal backups here at work. I have several servers and clients, and the plan is to have them all backed up on this backup server. Installation and having the client find/connect to the server works fine, but when it comes to the certificates something goes wrong. I'm mailing the list now since I just can't figure out what is wrong. I've tried the script to create the certificates, created them myself and tried everything else I could come up with, without success. I still get an error saying "SSL error while accepting connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca" This is what I do. 1. Created a directory /certificates to do all the certificate thing in.. 2. Create root certificates and setup CA by use of bbstored-certs ca init Output: Generating RSA private key, 2048 bit long modulus ............................+++ ........................+++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:An optional company name []: Signature ok subject=/CN=Backup system client root Getting Private key Generating RSA private key, 2048 bit long modulus .......................+++ .........+++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:An optional company name []: Signature ok subject=/CN=Backup system server root Getting Private key 3. Copy /certificates/ca/keys/serverRootKey.pem and /certificates/ca/keys/serverRootCSR.pem to /certificates 4. Sign certificate using bbstored-certs ca sign-server serverRootCSR.pem Output: This certificate is for backup server Backup Signing the wrong certificate compromises the security of your backup system. Would you like to sign this certificate? (type 'yes' to confirm) yes Signature ok subject=/CN=Backup system server root Getting CA Private Key Certificate signed. Install the files ca/servers/Backup-cert.pem ca/roots/clientCA.pem on the server. 5. copy and rename Backup-cert.pem to /etc/boxbackup/bbstored/bkSrv.crt.pem 6. copy clientCA.pem to /etc/boxbackup/bbstored/clientCA.pem 7. copy and rename serverRootKey.pem to /etc/boxbackup/bbstored/bkSrv.key.pem 8. Edit /etc/boxbackup/bbstored.conf and change the certificate paths there to the ones above (5-7) 9. On client server, issue key file and csr using the following command bbackupd-config /etc/boxbackup lazy 75AB23C bkSrv.westint.local /var/bbackupd /var/bbackupd/ This creates the client certificate csr I need as well as sets up the bbackupd.conf for me 10. Send off csr to bkSrv for signing. 11. Sign westsrv2.csr.pem using: bbstored-certs ca sign 75AB23C-csr.pem 12. Getting back 75AB23C-cert.pem and serverCA.pem from bkSrv and copies them to /etc/boxbackup/bbackupd/ 13. Making sure that everything in bbackupd.conf looks fine. 14. Starting the server on bkSrv by issuing bbstored -V -D (to get as much debug info as possible) 15. Starting the client on westsrv2 by issuing bbackupd -V -D Error on client: NOTICE: Starting daemon, version: 0.11rc2+2502 NOTICE: Using configuration file: /etc/boxbackup/bbackupd.conf TRACE: BackupDaemon::NotifySysadmin() called, event = backup-start INFO: About to notify administrator about event backup-start, running script '/etc/boxbackup/bbackupd/NotifySysadmin.sh backup-start' NOTICE: Beginning scan of local files TRACE: Set maximum diffing time to 120 seconds TRACE: Set keep-alive time to 120 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999993 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999965 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999947 seconds TRACE: timer: next event: KeepAliveTime expires in 119.999931 seconds INFO: Opening connection to server 'bkSrv.westint.local'... ERROR: SSL error while connecting: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed TRACE: Obtained 10 stack frames. TRACE: Stack frame 0: bbackupd(DumpStackBacktrace()+0x26) [0x4c87c6] TRACE: Stack frame 1: bbackupd(SocketStreamTLS::Handshake(TLSContext const&, bool)+0x718) [0x498eb8] TRACE: Stack frame 2: bbackupd(SocketStreamTLS::Open(TLSContext const&, Socket::Type, std::string const&, int)+0x2e) [0x4995ce] TRACE: Stack frame 3: bbackupd(BackupClientContext::GetConnection()+0x33f) [0x4250af] TRACE: Stack frame 4: bbackupd(BackupDaemon::SetupLocations(BackupClientContext&, Configuration const&)+0xae) [0x435c9e] TRACE: Stack frame 5: bbackupd(BackupDaemon::RunSyncNow()+0xf16) [0x43e576] TRACE: Stack frame 6: bbackupd(BackupDaemon::RunSyncNowWithExceptionHandling()+0x35) [0x43f235] TRACE: Stack frame 7: bbackupd(BackupDaemon::Run2()+0x27b) [0x440deb] TRACE: Stack frame 8: bbackupd(BackupDaemon::Run()+0x270) [0x4411b0] TRACE: Stack frame 9: bbackupd(Daemon::Main(std::string const&)+0x1402) [0x4812e2] WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at SocketStreamTLS.cpp(212) TRACE: timer: no more events, going to sleep. TRACE: BackupDaemon::NotifySysadmin() called, event = backup-error INFO: About to notify administrator about event backup-error, running script '/etc/boxbackup/bbackupd/NotifySysadmin.sh backup-error' Error on Server: NOTICE: Starting daemon, version: 0.11rc8+2714 NOTICE: Using configuration file: /etc/boxbackup/bbstored.conf INFO: Starting housekeeping INFO: Finished housekeeping ERROR: SSL error while accepting connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca TRACE: Obtained 10 stack frames. TRACE: Stack frame 0: bbstored(DumpStackBacktrace()+0x23) [0x52bb83] TRACE: Stack frame 1: bbstored(SocketStreamTLS::Handshake(TLSContext const&, bool)+0x64d) [0x4ec19d] TRACE: Stack frame 2: bbstored(ServerTLS<2201, 128, true>::HandleConnection(SocketStreamTLS&)+0x25) [0x43b305] TRACE: Stack frame 3: bbstored(ServerStream::Run2(bool&)+0x94e) [0x442c2e] TRACE: Stack frame 4: bbstored(ServerTLS<2201, 128, true>::Run2(bool&)+0x139) [0x4450c9] TRACE: Stack frame 5: bbstored(BackupStoreDaemon::Run()+0x3ea) [0x439b0a] TRACE: Stack frame 6: bbstored(Daemon::Main(std::string const&)+0x2029) [0x4c5039] TRACE: Stack frame 7: bbstored(Daemon::Main(char const*, int, char const**)+0x464) [0x4c15a4] TRACE: Stack frame 8: bbstored(main+0x90) [0x45a8a0] TRACE: Stack frame 9: /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xff) [0x7fa888517eff] WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at SocketStreamTLS.cpp(207) FATAL: Terminating due to exception Connection TLSHandshakeFailed (7/30) I've tried everything now... using the pre-defined scripts as of above, made my own scripts etc... but I just can't figure out why it doesn't work. Probably it's me doing something wrong, but what?? It can't be so that bkSrv needs a real certificate from VeriSign or a company like that, right? Thanks in advance! Tomas -------------- next part -------------- An HTML attachment was scrubbed... URL: ------------------------------ Message: 2 Date: Wed, 13 Jul 2011 13:18:10 -0400 From: "Peter Jalajas, GigaLock Backup Services" Subject: Re: [Box Backup] Certificate problems To: Box Backup Message-ID: Content-Type: text/plain; charset=windows-1252 Hi Tomas, On Wed, Jul 13, 2011 at 9:34 AM, Tomas Nilsson wrote: ... > I still get an error saying "SSL error while accepting connection: > error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca" ... > 3. Copy /certificates/ca/keys/serverRootKey.pem and > /certificates/ca/keys/serverRootCSR.pem to /certificates ... > 5. copy and rename Backup-cert.pem to /etc/boxbackup/bbstored/bkSrv.crt.pem > 6. copy clientCA.pem to /etc/boxbackup/bbstored/clientCA.pem > 7. copy and rename serverRootKey.pem to > /etc/boxbackup/bbstored/bkSrv.key.pem Just guessing, but maybe a owner or permissions issue on the certs? Owners of bbackupd and bbstored processes need to be able to read the certs. And do you have all the necessary files present on both sides? On my client: root 4107 1 0 Jul04 ? 00:01:07 bbackupd -rw-r--r-- 1 root root 1021 2008-05-15 12:22 serverCA.pem -rw-r--r-- 1 root root 1.7K 2008-08-01 12:06 10009999-key.pem -rw-r--r-- 1 root root 1.0K 2009-09-17 10:08 10009999-FileEncKeys.raw -rw-r--r-- 1 root root 997 2008-08-01 12:06 10009999-cert.pem On my server: root 1184 1 0 Jun11 ? 00:02:50 bbstored root 1185 1184 6 Jun11 ? 2-04:12:13 bbstored -rw-r--r-- 1 root root 1.7K 2011-01-03 15:01 srvr-key.pem -rw-r--r-- 1 root root 981 2011-01-03 15:01 srvr-cert.pem -rw-r--r-- 1 root root 1021 2011-01-03 15:01 clientCA.pem (But I think I should make those permissions 600 on both the client and server so that no other use can access them.) > 12. Getting back 75AB23C-cert.pem and serverCA.pem from bkSrv and copies > them to /etc/boxbackup/bbackupd/ Did copying tweak owner/perms? ... > Error on client: ... > ERROR:?? SSL error while connecting: error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ... > WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at > SocketStreamTLS.cpp(212) ... > Error on Server: ... > ERROR:?? SSL error while accepting connection: error:14094418:SSL > routines:SSL3_READ_BYTES:tlsv1 alert unknown ca ... > WARNING: Exception thrown: ConnectionException(Conn_TLSHandshakeFailed) at > SocketStreamTLS.cpp(207) > FATAL:?? Terminating due to exception Connection TLSHandshakeFailed (7/30) ... > It can?t be so that bkSrv needs a real certificate from VeriSign or a > company like that, right? Right, for sure. You do _not_ need a "real" certificate. Hope that helps, Pete ------------------------------ _______________________________________________ Boxbackup mailing list Boxbackup at boxbackup.org http://lists.boxbackup.org/cgi-bin/mailman/listinfo/boxbackup End of Boxbackup Digest, Vol 20, Issue 5 **************************************** From achim+box at qustodium.net Fri Jul 15 13:53:55 2011 From: achim+box at qustodium.net (Achim J. Latz) Date: Fri, 15 Jul 2011 14:53:55 +0200 Subject: [Box Backup] Fwd: Boxi always shows first entry with same names, even if that entry is deleted In-Reply-To: <4D39AD62.1000500@qustodium.net> References: <4D39AD62.1000500@qustodium.net> Message-ID: <4E203863.9010903@qustodium.net> Hello list: More information on the issue outlined in detail below: the "Comparison" tab uses the latest files ("snapshot") available on the server, only the "Restore" tab shows the outdated, first entry from the server. Chris, is this maybe something easily fixable? Thanks, Achim On 21/01/2011 16:59, Achim J. Latz wrote: > Hello list: > > Still having problems with the issue outlined in the message below. > > Chris, is this something that is easily fixable in Boxi's logic? > > I also just run into a situation where Boxi tells me when clicking on a > deleted folder: "Error listing directory on server: Object does not > exist", but bbackupquery from the same build can enter the directory > just fine with the "-d" command. > > One additional question on that: > > "cd -d" in bbackupquery allows to enter deleted versions of the > directory. However, there seems to be no way to choose specifically > which one, e.g. via the "-i" switch to identify one specific deleted > version of a directory. > > Could this be added? > > Thanks, Achim > > -------- Original Message -------- > Subject: Boxi always shows first entry with same names, even if that > entry is deleted > Date: Fri, 08 Oct 2010 17:28:22 +0200 > From: Achim > To: Boxbackup > > Good afternoon: > > Boxi at the moment always shows "Old Files" and "Deleted Files", > ignoring the settings in the view menu. I have just realised the > following: > > In bbackupquery, I see the following: > > query > list -d > 00000002 -dX--- F_root > 00005f40 -d---- F_root > > Two F_root, one "deleted" and the other not. > > In Boxi, I see this: > -/(server root) > +F_root > > It appears that Boxi will always show the first entry in its list, for > instance "00000002 -dX--- F_root" instead of the more recent (and not > deleted!) "00005f40 -d---- F_root". I say that because the files I get > if I go into F_root in Boxi are the outdated ones in "00000002 -dX--- > F_root". > > I am however interested in looking at "00005f40 -d---- F_root", but > simply can't access that folder at the moment. > > Is there a (simple) way to have Boxi either show all folders (and not > only "one per identical name"), or respect the setting of "View/Hide > old/deleted files"? > > Otherwise, it appears that restoring in Boxi is pretty limited at the > moment. > > Thanks, Achim > _______________________________________________ > Boxbackup mailing list > Boxbackup at boxbackup.org > http://lists.boxbackup.org/cgi-bin/mailman/listinfo/boxbackup -- Achim J. Latz, Qustodium Internet Security achim.latz at qustodium.net ? http://www.qustodium.net Data Encryption ? Backup Automatisation ? E-Mail Protection From christophe at gardon.net Fri Jul 15 14:31:34 2011 From: christophe at gardon.net (Christophe) Date: Fri, 15 Jul 2011 15:31:34 +0200 Subject: [Box Backup] Quick compare errors Message-ID: <4E204136.6020601@gardon.net> Hi, There are 2 or 3 months, I installed a boxbackupserver and two clients, all on Debian distributions. In order to verify the smooth functioning, I run every night a verification script using the "Query Tool" (quick-compare). Regularly (every 4 or 5 days), I see abnormal errors with the verification of old files: "WARNING: Local file 'xxx' has different contents to store file 'xxx'." The only cure I know is to refresh the local file date to re-initiate the backup update on the server. But this tinkering does not satisfy me because it changes the date of local files and it clutters the "old files" backup section. I wonder if this bug is known on my version "0.11~rc8~r2714-1~bpo60" and if there is a better way to address it. For example, is there a command to force the update of the backup to a single local file? Thank you all. -- -- Christophe GARDON NB: L'omission des accents est deliberee. From achim+box at qustodium.net Sun Jul 17 17:51:33 2011 From: achim+box at qustodium.net (Achim) Date: Sun, 17 Jul 2011 18:51:33 +0200 Subject: [Box Backup] Boxi with latest Box Backup trunk Message-ID: <57d4945b29a72705b282382db3060c97@localhost> Hello list: When trying to compile Boxi (latest trunk) with Box Backup (latest trunk) on XP SP3, I receive the following error: Making all in src make[2]: Entering directory `/usr/src/boxi_svn_i18n_new_ui/src' [CXX] main.cc In file included from ../boxbackup/lib/common/BoxPlatform.h:183, from ../boxbackup/lib/common/Box.h:18, from ../include/SandBox.h:64, from main.cc:33: ../boxbackup/lib/win32/emu.h:58:4: #error Must include emu.h before setting WINV ER ../boxbackup/lib/win32/emu.h:61:1: warning: "WINVER" redefined In file included from /usr/local/include/wx-2.8/wx/msw/app.h:92, from /usr/local/include/wx-2.8/wx/app.h:562, from /usr/local/include/wx-2.8/wx/wx.h:26, from ../include/SandBox.h:54, from main.cc:33: /usr/local/include/wx-2.8/wx/msw/wrapwin.h:38:1: warning: this is the location o f the previous definition In file included from ../boxbackup/lib/common/BoxPlatform.h:183, from ../boxbackup/lib/common/Box.h:18, from ../include/SandBox.h:64, from main.cc:33: ../boxbackup/lib/win32/emu.h:65:4: #error Must include emu.h before setting _WIN 32_WINNT ../boxbackup/lib/win32/emu.h:68:1: warning: "_WIN32_WINNT" redefined In file included from /usr/local/include/wx-2.8/wx/msw/app.h:92, from /usr/local/include/wx-2.8/wx/app.h:562, from /usr/local/include/wx-2.8/wx/wx.h:26, from ../include/SandBox.h:54, from main.cc:33: /usr/local/include/wx-2.8/wx/msw/wrapwin.h:43:1: warning: this is the location o f the previous definition make[2]: *** [main.o] Error 1 make[2]: Leaving directory `/usr/src/boxi_svn_i18n_new_ui/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/src/boxi_svn_i18n_new_ui' make: *** [all] Error 2 Compiling boxbackup stand-alone from the same Boxi directory (cd boxbackup; make) works and creates the parcels. When trying to make Boxi, I receive the above error. Is this perhaps related to this checkin [1]? As stated above, I am running XP SP3. Thanks, Achim [1] From achim+box at qustodium.net Sun Jul 17 22:22:15 2011 From: achim+box at qustodium.net (Achim J. Latz) Date: Sun, 17 Jul 2011 23:22:15 +0200 Subject: [Box Backup] Web Management Interface fixes Message-ID: <4E235287.4090206@qustodium.net> Hello list: I had a look at the Web Management Interface's [1] source code [2], and managed to update it in order to get it running under Ubuntu Lucid Lynx (10.04) with Perl 5.10. Here are the updated instructions and some fixes to accounts.cgi and DiskSets.pm, mainly due to Scoped and formatting issues. Perhaps somebody could update the source code and instructions on the web page and wiki to reflect this? I hope this is helpful, Achim PS: Visualising accounts worked, updating existing accounts does not work. [1] [2] ============================================================================ 1. # install Perl module with: # perl -MCPAN -e 'install Config::Scoped' aptitude install libconfig-scoped-perl libconvert-asn1-perl liburi-perl 2. # perl -MCPAN -e 'force install P/PT/PTHOMSEN/BoxBackup/BBConfig-0.03.tar.gz' results in the same error as reported on this list in 2009 "Illegal division by zero at -e line 1." Download and install the module manually: wget http://search.cpan.org/CPAN/authors/id/P/PT/PTHOMSEN/BoxBackup/BBConfig-0.03.tar.gz tar xvzf BBConfig-0.03.tar.gz cd BBConfig-0.03 3. vi lib/BoxBackup/Config/DiskSets.pm change line 111 # my $parser = Config::Scoped->new( file => $disksetFile ); to my $parser = Config::Scoped->new( file => $disksetFile, warnings => 'off' ); (otherwise you get the error: "is unsafe: owner is not root and not real uid at") 4. perl Makefile.PL (which will result in: Checking if your kit is complete... Warning: the following files are missing in your kit: lib/BoxBackup/Config/BBstored.pm Please inform the author. Writing Makefile for BBConfig ) 5. make && make install 6. wget http://backpan.perl.org/authors/id/L/LE/LEO/Convert-X509-0.3.tar.gz tar xvzf Convert-X509-0.3.tar.gz cd Convert-X509-0.3 perl Makefile.PL make && make install 7. get the latest versions of accounts.cgi, bb.css and apache.conf from 8. Configure apache according to apache.conf 9. Apply the following patch to accounts.cgi for some small updates/fixes: --- accounts_old.cgi 2008-11-11 01:26:11.000000000 +0100 +++ accounts.cgi 2011-07-17 23:16:23.255010198 +0200 @@ -22,18 +22,19 @@ use strict; use warnings; +use diagnostics; # Variables which you may need to change to match your installation # Changes to existing variables are NOT required to be published. -my $box_dir = "/etc/box"; +my $box_dir = "/etc/boxbackup"; my $bbstored_dir = "$box_dir/bbstored"; -my $ca_dir = "/mnt/backup/boxbackup/ca"; +my $ca_dir = "$box_dir/ca"; # You should not need to change these unless you have a non-standard installation my $bbstored_conf_file = "$box_dir/bbstored.conf"; -my $bbstoreaccounts = "/usr/local/sbin/bbstoreaccounts"; +my $bbstoreaccounts = "/usr/sbin/bbstoreaccounts"; my $accounts_db_file = undef; # my $accounts_db_file = "/etc/box/bbstored/accounts.txt"; my $raidfile_conf_file = undef; @@ -147,7 +148,7 @@ check_access($bbstored_conf_file, "BBStoreD configuration file"); -my $bbstored_conf = Config::Scoped->new(file => $bbstored_conf_file)->parse(); +my $bbstored_conf = Config::Scoped->new(file => $bbstored_conf_file, warnings => 'off' )->parse(); $accounts_db_file ||= $bbstored_conf->{'Server'}{'AccountDatabase'}; die "Missing AccountDatabase in $bbstored_conf_file" unless $accounts_db_file; @@ -336,7 +337,8 @@ $cgi->th('Used'), $cgi->th('%'), $cgi->th('Old files'), $cgi->th('%'), $cgi->th('Deleted files'), $cgi->th('%'), - $cgi->th('Directories'), $cgi->th('%'), + #$cgi->th('Directories'), $cgi->th('%'), + $cgi->th('# Directories'), $cgi->th('Soft limit'), $cgi->th('%'), $cgi->th('Hard limit'), $cgi->th('Actions') @@ -450,7 +452,8 @@ format_account_info($account_info->{'Used'}), format_account_info($account_info->{'Old files'}), format_account_info($account_info->{'Deleted files'}), - format_account_info($account_info->{'Directories'}), + #format_account_info($account_info->{'Directories'}), + $cgi->td($account_info->{'Directories'}), format_account_info($account_info->{'Soft limit'}), $cgi->td(human_format($account_info->{'Hard limit'}[0])), $cgi->td($cgi->a({-href=>url($cgi, account=>$i)}, @@ -460,8 +463,11 @@ print $cgi->end_table(); -my $account_no = $cgi->param("account"); +my $account_no = undef; +if( $cgi->param("account")) { +$account_no = $cgi->param("account"); $account_no =~ tr/0-9a-fA-F//cd; +} if (not $cgi->param("showcreate")) { From james at netinertia.co.uk Mon Jul 18 06:20:06 2011 From: james at netinertia.co.uk (James O'Gorman) Date: Mon, 18 Jul 2011 06:20:06 +0100 Subject: [Box Backup] Web Management Interface fixes In-Reply-To: <4E235287.4090206@qustodium.net> References: <4E235287.4090206@qustodium.net> Message-ID: <20110718052006.GA93056@netinertia.co.uk> Hi Achim, On Sun, Jul 17, 2011 at 11:22:15PM +0200, Achim J. Latz wrote: > Hello list: > > I had a look at the Web Management Interface's [1] source code [2], and > managed to update it in order to get it running under Ubuntu Lucid Lynx > (10.04) with Perl 5.10. Thanks for looking at this, and giving us some updates. > Here are the updated instructions and some fixes to accounts.cgi and > DiskSets.pm, mainly due to Scoped and formatting issues. > > Perhaps somebody could update the source code and instructions on the > web page and wiki to reflect this? Sure. Could you send the patch for accounts.cgi as an attachment, please? As for the Perl modules, these were written by Per. In case he's not still reading the list, it might be better to mail him directly to ask him to fix the module in CPAN. It's also worth pointing out here (for anyone interested) that Ben contributed a generic web framework some time ago. It'd be good if someone could utilise this to write an actual application server for the web client, rather than relying on bbackupquery. James From achim+box at qustodium.net Mon Jul 18 11:52:32 2011 From: achim+box at qustodium.net (Achim J. Latz) Date: Mon, 18 Jul 2011 12:52:32 +0200 Subject: [Box Backup] Web Management Interface fixes In-Reply-To: <20110718052006.GA93056@netinertia.co.uk> References: <4E235287.4090206@qustodium.net> <20110718052006.GA93056@netinertia.co.uk> Message-ID: <4E241070.2060609@qustodium.net> Hello James: On 18/07/2011 07:20, James O'Gorman wrote: >> Here are the updated instructions and some fixes to accounts.cgi and >> DiskSets.pm, mainly due to Scoped and formatting issues. >> >> Perhaps somebody could update the source code and instructions on the >> web page and wiki to reflect this? > > Sure. Could you send the patch for accounts.cgi as an attachment, > please? Enclosed, sorry for the oversight. > As for the Perl modules, these were written by Per. In case he's > not still reading the list, it might be better to mail him directly to > ask him to fix the module in CPAN. I already contacted Per off-list. > It's also worth pointing out here (for anyone interested) that Ben > contributed a generic web framework some time ago. It'd be good if > someone could utilise this to write an actual application server for the > web client, rather than relying on bbackupquery. Do you by chance have any pointers at hand? A quick search in the newsgroup and on Google did not turn up anything for me. Best regards, Achim -- Achim J. Latz, Qustodium Internet Security achim.latz at qustodium.net ? http://www.qustodium.net Data Encryption ? Backup Automatisation ? E-Mail Protection -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: wmi.patch URL: From james at netinertia.co.uk Mon Jul 18 18:27:50 2011 From: james at netinertia.co.uk (James O'Gorman) Date: Mon, 18 Jul 2011 18:27:50 +0100 Subject: [Box Backup] Web Management Interface fixes In-Reply-To: <4E241070.2060609@qustodium.net> References: <4E235287.4090206@qustodium.net> <20110718052006.GA93056@netinertia.co.uk> <4E241070.2060609@qustodium.net> Message-ID: <20110718172749.GB93056@netinertia.co.uk> Hi Achim, On Mon, Jul 18, 2011 at 12:52:32PM +0200, Achim J. Latz wrote: > > Sure. Could you send the patch for accounts.cgi as an attachment, > > please? > > Enclosed, sorry for the oversight. Thanks. I'll take a look later and test it locally before committing. > > It's also worth pointing out here (for anyone interested) that Ben > > contributed a generic web framework some time ago. It'd be good if > > someone could utilise this to write an actual application server for the > > web client, rather than relying on bbackupquery. > > Do you by chance have any pointers at hand? A quick search in the > newsgroup and on Google did not turn up anything for me. Take a look at changeset 926 (ticket #6): http://www.boxbackup.org/trac/changeset/926/ This has all everything Ben contributed, including some documentation. It might require some knowledge of the Box framework (Box Backup is just a part of that) to get something going. James From jp at jpsdomain.org Mon Jul 18 22:22:49 2011 From: jp at jpsdomain.org (JP Vossen) Date: Mon, 18 Jul 2011 17:22:49 -0400 Subject: [Box Backup] Web Management Interface fixes In-Reply-To: References: Message-ID: <4E24A429.30806@jpsdomain.org> > Date: Sun, 17 Jul 2011 23:22:15 +0200 > From: "Achim J. Latz" [...] > --- accounts_old.cgi 2008-11-11 01:26:11.000000000 +0100 > +++ accounts.cgi 2011-07-17 23:16:23.255010198 +0200 > @@ -22,18 +22,19 @@ > > use strict; > use warnings; > +use diagnostics; "use diagnostics;" is great for development but NOT recommended in production! (Also, 'splain' just cracks me up. :) See: http://search.cpan.org/dist/diagnostics/diagnostics.pm [...] KNOWN BUGS [...] Since delayed compilation is not possible, there is a systematic performance penalty. Therefore, unlike use strict and use warnings, you should not use this module in production programs. [...] Later, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| http://bashcookbook.com/ My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. From trelane at lavabit.com Tue Jul 19 17:49:48 2011 From: trelane at lavabit.com (trelane at lavabit.com) Date: Tue, 19 Jul 2011 12:49:48 -0400 (EDT) Subject: [Box Backup] windows client Message-ID: <47423.69.165.175.201.1311094188.squirrel@lavabit.com> I appear to have successfully set up bb server on a linux box and got a Windows client to send a lot of data to it. However this happens when I run bbackupquery.exe on said client: INFO: Using configuration file C:\Program Files\boxbackup\bbackupd.conf INFO: Connecting to store... And that's it. I'm running bbstored -D on the server and it reports nothing about a bbackupquery connection. bbackupd is still talking to the server though. Is this a common problem? What could I be doing wrong? Does boxbackup not do VSS? I thought I read that it did, but clearly I was mistaken. I want very much to like and use boxbackup. In theory it is great. In practice I have some reservations. Correct me if I'm off base. Development seems slow. The Windows support seems iffy. That soft RAID stuff just worries me...who thought that up? Mandatory encryption is overkill. Not to just complain here, but those are my thoughts. From chris at qwirx.com Wed Jul 20 00:49:40 2011 From: chris at qwirx.com (Chris Wilson) Date: Wed, 20 Jul 2011 00:49:40 +0100 (BST) Subject: [Box Backup] windows client In-Reply-To: <47423.69.165.175.201.1311094188.squirrel@lavabit.com> References: <47423.69.165.175.201.1311094188.squirrel@lavabit.com> Message-ID: Hi, On Tue, 19 Jul 2011, trelane at lavabit.com wrote: > I appear to have successfully set up bb server on a linux box and got a > Windows client to send a lot of data to it. However this happens when I > run bbackupquery.exe on said client: > > INFO: Using configuration file C:\Program Files\boxbackup\bbackupd.conf > INFO: Connecting to store... > > And that's it. I'm running bbstored -D on the server and it reports > nothing about a bbackupquery connection. bbackupd is still talking to the > server though. Is this a common problem? What could I be doing wrong? Could port 2201 be blocked by a firewall on the server? > Does boxbackup not do VSS? I thought I read that it did, but clearly I > was mistaken. There is an experimental build of the Windows client with some VSS support here: http://www.boxbackup.org/trac/browser/box/chris/win32/vss-preview. However, there have been reports that it crashes, so I would not recommend its use in production, only for testing and bug reports. > I want very much to like and use boxbackup. In theory it is great. In > practice I have some reservations. Correct me if I'm off base. > Development seems slow. Not enough developers, so yes, guilty as charged. > The Windows support seems iffy. I think basic Windows support is quite good, up to the level of other platforms, with automated tests which pass. Support for Windows-specific features such as a GUI is lacking. > That soft RAID stuff just worries me...who thought that up? The original developer. It has some nice ideas. It's not required at all, you can just disable it, and we currently recommend that you do as it's deprecated and will probably be removed quite soon. > Mandatory encryption is overkill. Hard to argue with you on that, but it's part of the design objectives, for better or worse. It's supposed to be secure. Otherwise you could just use rsync. Cheers, Chris. -- _____ __ _ \ __/ / ,__(_)_ | Chris Wilson Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer | \__/_/_/_//_/___/ | We are GNU : free your mind & your software | From chris at qwirx.com Wed Jul 20 01:04:26 2011 From: chris at qwirx.com (Chris Wilson) Date: Wed, 20 Jul 2011 01:04:26 +0100 (BST) Subject: [Box Backup] Quick compare errors In-Reply-To: <4E204136.6020601@gardon.net> References: <4E204136.6020601@gardon.net> Message-ID: Hi Christophe, On Fri, 15 Jul 2011, Christophe wrote: > In order to verify the smooth functioning, I run every night a verification > script using the "Query Tool" (quick-compare). > Regularly (every 4 or 5 days), I see abnormal errors with the verification of > old files: "WARNING: Local file 'xxx' has different contents to store file > 'xxx'." Could it be that the file is in use or has been recently modified at the time of the last backup? > The only cure I know is to refresh the local file date to re-initiate the > backup update on the server. If so, then it should be fixed automatically at the next backup without you having to do anything, as long as it is no longer in use and has not changed for at least MinimumFileAge seconds. > But this tinkering does not satisfy me because it changes the date of local > files and it clutters the "old files" backup section. Yes, it should not be necessary, I agree. > I wonder if this bug is known on my version "0.11~rc8~r2714-1~bpo60" and > if there is a better way to address it. It's not a known bug, but if you cannot explain it by the logic above, could you help us to debug it by running bbackupd with the -V option and reporting what it says about the file that later fails on compare? > For example, is there a command to force the update of the backup to a > single local file? Not currently, sorry. Even if there was, it would also "clutter the old files" as you complain about above. Cheers, Chris. -- _____ __ _ \ __/ / ,__(_)_ | Chris Wilson Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer | \__/_/_/_//_/___/ | We are GNU : free your mind & your software | From achim+box at qustodium.net Wed Jul 20 14:50:46 2011 From: achim+box at qustodium.net (Achim J. Latz) Date: Wed, 20 Jul 2011 15:50:46 +0200 Subject: [Box Backup] Web Management Interface fixes In-Reply-To: <4E24A429.30806@jpsdomain.org> References: <4E24A429.30806@jpsdomain.org> Message-ID: <4E26DD36.5080402@qustodium.net> Hello JP: On 18/07/2011 23:22, JP Vossen wrote: >> --- accounts_old.cgi 2008-11-11 01:26:11.000000000 +0100 >> +++ accounts.cgi 2011-07-17 23:16:23.255010198 +0200 >> @@ -22,18 +22,19 @@ >> >> use strict; >> use warnings; >> +use diagnostics; > > "use diagnostics;" is great for development but NOT recommended in > production! Thanks for catching that, I had that enabled during development/fixing and did not take it out afterwards! Best regards, Achim -- Achim J. Latz, Qustodium Internet Security achim.latz at qustodium.net ? http://www.qustodium.net Data Encryption ? Backup Automatisation ? E-Mail Protection From chris at qwirx.com Thu Jul 21 11:53:40 2011 From: chris at qwirx.com (Chris Wilson) Date: Thu, 21 Jul 2011 11:53:40 +0100 (BST) Subject: [Box Backup] [OT] Web Developer++ position in the UK Message-ID: Hi all, I hope you will forgive me for advertising for the company that is my day job, just this once. Are you looking to use your technical skills for social benefit? We are a not-for-profit organisation focusing on IT in international development, and we are looking for an exceptional software engineer to join our team. The person we?re looking for would be passionate about: * Software engineering and open source technology; * International development; * Being part of a small, supportive team where everyone mucks in. You can find more details at: We support part-time and remote working, so you would still have time to work in your own business. Several of us have other jobs outside of Aptivate, particularly consulting. We are based in Cambridge, UK and we usually meet once a month in Cambridge, London or Brighton, so candidates might prefer to be already living or willing to relocate to somewhere within a hundred miles of London. To apply, send us a copy of your CV or other description of your relevant experience, a description of why you?d like to work with us, and some examples of previous work. Do get in touch if you?d like any more information. recruitment at aptivate.org http://www.aptivate.org +44 1223 760887 Thanks in advance, Chris. -- _____ __ _ \ __/ / ,__(_)_ | Chris Wilson Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer | \__/_/_/_//_/___/ | We are GNU : free your mind & your software | From alkim1234 at gmail.com Mon Jul 25 19:20:15 2011 From: alkim1234 at gmail.com (alkim1234 at gmail.com) Date: Mon, 25 Jul 2011 11:20:15 -0700 Subject: [Box Backup] Standalone Restoration Message-ID: <20110725182015.GA10091@elements.EECS.Berkeley.EDU> Hi, I'm contemplating on whether to use Box as my backup system. The only thing I'm worried about is that Box uses its own custom format, and requires the server/client model to access it. Is there a standalone tool that can access the storage directly without server (in case the server crashes)? Theoretically, it should be possible if I have the client keys, right? Thanks, Albert From chris at qwirx.com Tue Jul 26 14:39:53 2011 From: chris at qwirx.com (Chris Wilson) Date: Tue, 26 Jul 2011 14:39:53 +0100 (BST) Subject: [Box Backup] Standalone Restoration In-Reply-To: <20110725182015.GA10091@elements.EECS.Berkeley.EDU> References: <20110725182015.GA10091@elements.EECS.Berkeley.EDU> Message-ID: Hi Albert, On Mon, 25 Jul 2011, alkim1234 at gmail.com wrote: > I'm contemplating on whether to use Box as my backup system. The only > thing I'm worried about is that Box uses its own custom format, and > requires the server/client model to access it. Is there a standalone > tool that can access the storage directly without server (in case the > server crashes)? Theoretically, it should be possible if I have the > client keys, right? Yes, but "theoretically" is a way away from "in practice". If you only want the latest version of the file, then at least you don't need to reassemble it from reverse diffs. But you still need to get the IV from the file header, remove the header and trailer and decrypt the remaining blocks using AES with your private key. At least I think that's what you'd have to do. I've never tried it. I'm working on providing a way for bbackupd to access a local copy of the files directly, without needing to run bbstored, but it's not finished yet. Cheers, Chris. -- _____ __ _ \ __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer | \ _/_/_/_//_/___/ | Stop nuclear war http://www.nuclearrisk.org | From alkim1234 at gmail.com Tue Jul 26 20:45:32 2011 From: alkim1234 at gmail.com (alkim1234 at gmail.com) Date: Tue, 26 Jul 2011 12:45:32 -0700 Subject: [Box Backup] Standalone Restoration Message-ID: <20110726194532.GL10091@elements.EECS.Berkeley.EDU> Hi, I'm contemplating on whether to use Box as my backup system. The only thing I'm worried about is that Box uses its own custom format, and requires the server/client model to access it. Is there a standalone tool that can access the storage directly without server (in case the server crashes)? Theoretically, it should be possible if I have the client keys, right? Thanks, Albert From alkim1234 at gmail.com Tue Jul 26 21:04:54 2011 From: alkim1234 at gmail.com (alkim1234 at gmail.com) Date: Tue, 26 Jul 2011 13:04:54 -0700 Subject: [Box Backup] Standalone Restoration (continued) Message-ID: <20110726200454.GM10091@elements.EECS.Berkeley.EDU> Hi, > I'm working on providing a way for bbackupd to access a local copy of the > files directly, without needing to run bbstored, but it's not finished > yet. This sounds great. Do you have an ETA on this? Just wondering how far off into the future this would be. At this point, it seems my server is more likely to fail than my client. Thanks for the quick response. Albert Sorry for starting another thread, I didn't the join the mailing list beforehand. From chris at qwirx.com Wed Jul 27 00:39:02 2011 From: chris at qwirx.com (Chris Wilson) Date: Wed, 27 Jul 2011 00:39:02 +0100 (BST) Subject: [Box Backup] Standalone Restoration (continued) In-Reply-To: <20110726200454.GM10091@elements.EECS.Berkeley.EDU> References: <20110726200454.GM10091@elements.EECS.Berkeley.EDU> Message-ID: Hi Albert, On Tue, 26 Jul 2011, alkim1234 at gmail.com wrote: >> I'm working on providing a way for bbackupd to access a local copy of >> the files directly, without needing to run bbstored, but it's not >> finished yet. > > This sounds great. Do you have an ETA on this? Just wondering how far > off into the future this would be. At this point, it seems my server is > more likely to fail than my client. Thanks for the quick response. Sorry I can't give you an ETA, this is one of several "free time" projects for me. I'd say the work is about 40% done right now, since around the end of last year. Cheers, Chris. -- _____ __ _ \ __/ / ,__(_)_ | Chris Wilson Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer | \__/_/_/_//_/___/ | We are GNU : free your mind & your software | From christophe at gardon.net Wed Jul 27 15:48:28 2011 From: christophe at gardon.net (Christophe) Date: Wed, 27 Jul 2011 16:48:28 +0200 Subject: [Box Backup] Quick compare errors (in reply to : Boxbackup Digest, Vol 20, Issue 10) In-Reply-To: References: Message-ID: <4E30253C.9070703@gardon.net> Le 20/07/2011 13:00, boxbackup-request at boxbackup.org spoke thusly:
> Message: 3 Date: Wed, 20 Jul 2011 01:04:26 +0100 (BST) From: Chris > Wilson Subject: Re: [Box Backup] Quick compare > errors To: Box Backup Message-ID: > > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Hi Christophe, Hi Chris, First of all, I'm sorry to reply just now: my spam filter quarantined some emails by mistake. > On Fri, 15 Jul 2011, Christophe wrote: >> In order to verify the smooth functioning, I run every night a verification >> script using the "Query Tool" (quick-compare). >> Regularly (every 4 or 5 days), I see abnormal errors with the verification of >> old files: "WARNING: Local file 'xxx' has different contents to store file >> 'xxx'." > Could it be that the file is in use or has been recently modified at the > time of the last backup? The backup of these files is done in two steps. First, I sync my Windows computer (when idle) to a samba local server. Then BoxBackup backups local samba server to a BB remote server. >> The only cure I know is to refresh the local file date to re-initiate the >> backup update on the server. > If so, then it should be fixed automatically at the next backup without > you having to do anything, as long as it is no longer in use and has not > changed for at least MinimumFileAge seconds. Files reported in error by the comparison are old (more than a month) and have not been used. Because of the backup in two stages, I do not think these files can be locked. >> But this tinkering does not satisfy me because it changes the date of local >> files and it clutters the "old files" backup section. > Yes, it should not be necessary, I agree. > >> I wonder if this bug is known on my version "0.11~rc8~r2714-1~bpo60" and >> if there is a better way to address it. > It's not a known bug, but if you cannot explain it by the logic above, > could you help us to debug it by running bbackupd with the -V option and > reporting what it says about the file that later fails on compare? I removed the 'touch' of my script to see if a file comparison error today will be tomorrow. I'm afraid to remember that these errors are not corrected and accumulate, but I could re-start the demon bbackupd with-V as suggested with good reason. >> For example, is there a command to force the update of the backup to a >> single local file? > Not currently, sorry. Even if there was, it would also "clutter the old > files" as you complain about above. Absolutely true: I had not thought about. :-( Thank you sincerely for your responses Chris. I will return to mail the log if necessary. Regards. > > Cheers, Chris. > -- _____ __ _ \ __/ / ,__(_)_ | Chris Wilson > Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL > Developer | \__/_/_/_//_/___/ | We are GNU : free your mind & your > software | -- Christophe GARDON NB: L'omission des accents est deliberee.