Since v1.5.3 anacron-like jobs keeps asking for SSH key password - release critical (was: scheduled backup with anacron doesn't work anymore)

[big-ant]

I do have backintime configured with anacron, worked like a charm before v1.5.3. Now I get every 15 minutes the attached password query. The SSH Key file is not password protected. Same issue if I set a password to the private ssh key file.

Manual execution in terminal works fine instead:

_/usr/sbin/backintime backup
WARNING: Determined normalized locale code "de_DE.UTF-8" (from language code "de") not available (or invalid). The code will be ignored. This might lead to unusual display of dates and timestamps, but it does not affect the functionality of the application. Used locale is "('de_CH', 'UTF-8')".

Back In Time
Version: 1.5.3

Back In Time comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions; type `backintime --license' for details.

WARNING: Determined normalized locale code "de_DE.UTF-8" (from language code "de") not available (or invalid). The code will be ignored. This might lead to unusual display of dates and timestamps, but it does not affect the functionality of the application. Used locale is "('de_CH', 'UTF-8')".
INFO: Lock
INFO: Mountpoint /root/.local/share/backintime/mnt/24700AAF/mountpoint is already mounted
INFO: Take a new snapshot. Profile: 1 backant
INFO: Call rsync to take the snapshot
INFO: Save config file
INFO: Save permissions
INFO: Mountpoint /root/.local/share/backintime/mnt/24700AAF/mountpoint still in use. Keep mounted.
INFO: Unlock_

Crontab:

_#Back In Time system entry, this will be edited by the gui:
*/15 * * * * /usr/sbin/nice -n19 /usr/sbin/ionice -c2 -n7 /usr/sbin/backintime backup-job >/dev/null_

_[root@xxx]# backintime --diagnostics
WARNING: Determined normalized locale code "de_DE.UTF-8" (from language code "de") not available (or invalid). The code will be ignored. This might lead to unusual display of dates and timestamps, but it does not affect the functionality of the application. Used locale is "('de_CH', 'UTF-8')".
WARNING: Determined normalized locale code "de_DE.UTF-8" (from language code "de") not available (or invalid). The code will be ignored. This might lead to unusual display of dates and timestamps, but it does not affect the functionality of the application. Used locale is "('de_CH', 'UTF-8')".
qt.qpa.theme.dbus: Session DBus not running.
qt.qpa.theme.dbus: Application will not react to setting changes.
 Check your DBus installation.
{
    "backintime": {
        "name": "Back In Time",
        "version": "1.5.3",
        "running-as-root": false,
        "latest-config-version": 6,
        "local-config-file": "/root/.config/backintime/config",
        "local-config-file-found": true,
        "global-config-file": "/etc/backintime/config",
        "global-config-file-found": false,
        "started-from": "/usr/share/backintime/common",
        "user-callback": "/root/.config/backintime/user-callback",
        "keyring-supported": false
    },
    "host-setup": {
        "OS": {
            "/etc/os-release": "EndeavourOS",
            "/etc/arch-release": "\n",
            "/etc/lsb-release": "DISTRIB_ID=\"EndeavourOS\"\nDISTRIB_RELEASE=\"rolling\"\nDISTRIB_DESCRIPTION=\"EndeavourOS Linux\"\nDISTRIB_CODENAME=\"rolling\"\n"
        },
        "platform": "Linux-6.6.63-1-lts-x86_64-with-glibc2.40",
        "system": "Linux #1 SMP PREEMPT_DYNAMIC Fri, 22 Nov 2024 15:39:56 +0000",
        "display-system": "wayland",
        "locale": "de_CH, UTF-8",
        "PATH": "/usr/local/bin:/usr/bin:/usr/local/sbin:/var/lib/flatpak/exports/bin:/usr/lib/jvm/default/bin:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl",
        "RSYNC_OLD_ARGS": "(not set)",
        "RSYNC_PROTECT_ARGS": "(not set)"
    },
    "python-setup": {
        "python": "3.12.7 main Oct  1 2024 11:15:50 CPython GCC 14.2.1 20240910",
        "python-executable": "/usr/bin/python",
        "python-executable-symlink": true,
        "python-executable-resolved": "/usr/bin/python3.12",
        "sys.path": [
            "/usr/share/backintime/qt/plugins",
            "/usr/share/backintime/common/plugins",
            "/usr/share/backintime/plugins",
            "/usr/share/backintime/common",
            "/usr/lib/python312.zip",
            "/usr/lib/python3.12",
            "/usr/lib/python3.12/lib-dynload",
            "/usr/lib/python3.12/site-packages"
        ],
        "qt": {
            "Version": "PyQt 6.8.0.dev2410211537 / Qt 6.8.0",
            "Theme": "Adwaita",
            "Theme Search Paths": [
                "/var/lib/flatpak/exports/share/icons",
                "/usr/share/icons",
                ":/icons"
            ],
            "Fallback Theme": "",
            "Fallback Search Paths": []
        }
    },
    "external-programs": {
        "rsync": {
            "version": "3.3.0",
            "protocol": "31.0",
            "capabilities": "file_bits: 64; inum_bits: 64; timestamp_bits: 64; long_int_bits: 64; socketpairs: True; symlinks: True; symtimes: True; hardlinks: True; hardlink_specials: True; hardlink_symlinks: True; IPv6: True; atimes: True; batchfiles: True; inplace: True; append: True; ACLs: True; xattrs: True; secluded_args: optional; iconv: True; prealloc: True; stop_at: True; crtimes: False",
            "optimizations": "SIMD_roll: True; asm_roll: False; openssl_crypto: True; asm_MD5: False",
            "checksum_list": "xxh128, xxh3, xxh64, md5, md4, sha1, none",
            "compress_list": "zstd, lz4, zlibx, zlib, none",
            "daemon_auth_list": "sha512, sha256, sha1, md5, md4"
        },
        "ssh": "OpenSSH_9.9p1, OpenSSL 3.4.0 22 Oct 2024",
        "sshfs": "3.7.3",
        "encfs": "(no encfs)",
        "shell": "/bin/bash",
        "shell-version": "GNU bash, version 5.2.37(1)-release (x86_64-pc-linux-gnu)"
    }
}

[buhtz]

Hello Roman,

Thank you for taking the time to report the bug and providing the details. I appreciate your feedback, will investigate the issue,
and work on a solution to the best of my ability.

Can you send me a screenshot of your Manage profiles (first tab) window please.

If you have any more details to share, feel free to reach out.

Not sure when we'll find the time to work on it. But currently I categorize this as release critical. So this issue need to be investigated and fixed before the next release. I am assuming that I might have introduced this behavior not long ago.

Please see the projects background information to get an idea about our workflow and priorities:

• Maintenance status
• The team
• Strategy outline / Roadmap

Best regards,

[big-ant]

Maybe important to mention that my NAS is not constantly online and only running between 7pm and 11pm as I don't want it to run 24 hours a day. As soon as my NAS is online again the snapshot is executed on the next 15 minute time period.

Yesterday I did revert to v1.5.2 which is running smoothly instead ...

[big-ant]

Addendum: I just observed that the daily backup is running automatically, when my NAS is online - but windows pops up every 15 minutes nevertheless.

[buhtz]

Roman: Can you give me a screenshot of your settings dialog, too?

Usually I don't use keys with passwords/passphrases. So first of all I have to investigate how this should work. I have to ask some beginner questions. See your screenshot:

I don't see a password.
And I don't see a checkbox to store the password somehow.

To my understanding it is regular behavior of BIT to ask for the password in this case. Isn't it?

[big-ant]

There's no password as my key file is NOT password protected ... But window appears nevertheless ... It shouldn't ask for a password anyway.

BUT ... I guess I did sort it out now. It's permission related. As soon as the backup command backintime --backup is running with sudo rights it's working. If not I get the following error in the terminal: "Failed to unlock SSH private key **/home/antux/.ssh/back2ant_id_rsa: /home/antux/.ssh/back2ant_id_rsa: No such file or directory". But the key is stored in a different folder (~/keys/), see profile configuration screen. As soon as I copy the key file into the ~/.ssh folder it seems to work without sudo rights and without password prompts.

I will check tomorrow if backup runs without hassles ...

[buhtz]

Thank you for adding this details. This lowers the problem and I don't see this as release critical anymore.
But it still is a bug.

There is a profile configured using a SSH key without passphrase.
The key file exists but is not accessible because of permissions on file system level.

1. One problem is that there is no check and error message about that situation somehow. Or there might be a problem with the path used to search ssh-key-files for.

2. The other problem is that BIT asks for a passphrase where none was configured.

So you found two bugs at once. Congrats! 🤣 🎉 🎈

Do you remember the original permissions (incl. user and group) of ~/keys/ and ~/keys/back2and_id_rsa?

[big-ant]

Hi @buhtz, this issue is maybe PEBKAC related. I just realized that I had 2 profiles configured. One profile in the 'Back In Time (root)' version of the application (path working, newer profile) and one with the 'non-root version' (path not working, older profile). 'Non-root profile' indicating the key path to the '.ssh' folder (where the key isn't available) and the 'root version' showing to the 'keys' folder where the key is stored.

Apparently the backup command execution changed from version 1.5.2 (profile execution from root version) and 1.5.3 (execution of non-root version). Is that possible? Cheers, Roman

[buhtz]

Hi Roman,

Apparently the backup command execution changed from version 1.5.2 (profile execution from root version) and 1.5.3 (execution of non-root version). Is that possible?

I can not remember of such a modification. I also checked the diff and can not find an indication of it. So I am 99.9% sure. ;)

• v1.5.2...v1.5.3
• https://fossies.org/diffs/backintime/1.5.2_vs_1.5.3/

[big-ant]

Hmm ... I moved my backup profile to 'non-root' version now and will check back tomorrow ... Just wondering if using the root version is still an option, maybe reconfiguring from scratch ...

[big-ant]

Backintime works now flawlessly after deletion of old configuration and re-configuration.