Wrong home dir when mounting via borgfs using /etc/fstab

[mgrachten]

When I mount a borg repository as non-root user through the following /etc/fstab entry:

/path/to/repo /mnt/repo fuse.borgfs defaults,noauto,user 0 0

as described in the documentation, I get the following permission error.

$ mount /mnt/repo
Enter passphrase for key /path/to/repo:
Local Exception
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/dist-packages/borg/archiver.py", line 4157, in main
    exit_code = archiver.run(args)
  File "/usr/local/lib/python3.6/dist-packages/borg/archiver.py", line 4089, in run                                  
    return set_ec(func(args))
  File "/usr/local/lib/python3.6/dist-packages/borg/archiver.py", line 1324, in do_mount
    return self._do_mount(args)
  File "/usr/local/lib/python3.6/dist-packages/borg/archiver.py", line 138, in wrapper
    kwargs['manifest'], kwargs['key'] = Manifest.load(repository, compatibility)
  File "/usr/local/lib/python3.6/dist-packages/borg/helpers.py", line 334, in load
    key = key_factory(repository, cdata)
  File "/usr/local/lib/python3.6/dist-packages/borg/crypto/key.py", line 131, in key_factory
    return identify_key(manifest_data).detect(repository, manifest_data)
  File "/usr/local/lib/python3.6/dist-packages/borg/crypto/key.py", line 572, in detect
    if key.load(target, passphrase):
  File "/usr/local/lib/python3.6/dist-packages/borg/crypto/key.py", line 763, in load
    success = self._load(key_data, passphrase)
  File "/usr/local/lib/python3.6/dist-packages/borg/crypto/key.py", line 603, in _load
    self.tam_required = key.get('tam_required', tam_required(self.repository))
  File "/usr/local/lib/python3.6/dist-packages/borg/crypto/key.py", line 140, in tam_required
    file = tam_required_file(repository)
  File "/usr/local/lib/python3.6/dist-packages/borg/crypto/key.py", line 135, in tam_required_file
    security_dir = get_security_dir(bin_to_hex(repository.id))
  File "/usr/local/lib/python3.6/dist-packages/borg/helpers.py", line 494, in get_security_dir
    security_dir = os.environ.get('BORG_SECURITY_DIR', os.path.join(get_config_dir(), 'security'))
  File "/usr/local/lib/python3.6/dist-packages/borg/helpers.py", line 525, in get_config_dir
    os.makedirs(config_dir)
  File "/usr/lib/python3.6/os.py", line 210, in makedirs
    makedirs(head, mode, exist_ok)
  File "/usr/lib/python3.6/os.py", line 220, in makedirs
    mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/root/.config'

Platform: Linux hostname 4.13.0-1-marvell #1 Debian 4.13.4-2 (2017-10-15) armv5tel
Linux: debian buster/sid
Borg: 1.1.3  Python: CPython 3.6.3
PID: 10713  CWD: /home/user/bin
sys.argv: ['/usr/local/bin/borgfs', '/path/to/repo', '/mnt/repo', '-o', 'rw,noexec,nosuid,nodev']
SSH_ORIGINAL_COMMAND: None

From the backtrace it looks like the security dir is not set, resulting in borg trying to write to /root/.config, but I don't know the proper way to tell borg where to look for the security directory in the /etc/fstab scenario.

This problem does not occur when I mount the repo manually (borg mount /path/to/repo /mnt/repo).

Is this a problem with my configuration, or is the documentation incomplete on how mount a borg repo through /etc/fstab?

[Siassei]

ok, which permission to /root/.config have you? read?

but I don't know the proper way to tell borg where to look for the security directory in the

put the info to /root/.profile, /root/.bashrc or /etc/profile?

[mgrachten]

Thanks for your help! Without sudo I don't have any permissions for anything in /root/. Since the documentation says:

To allow a regular user to use fstab entries, add the user option:

/path/to/repo /mnt/point fuse.borgfs defaults,noauto,user 0 0

I was under the impression that borg would use the .config directory of the user doing the mount. That doesn't seem to be the case.

put the info to /root/.profile,/root/.bashrc or /etc/profile?

I can do that for one user, but then only that user can mount borg repositories through /etc/fstab, right?

[Siassei]

Without sudo I don't have any permissions for anything in /root

ok, you try it as normal user.

To allow a regular user to use fstab entries, add the user option:
/path/to/repo /mnt/point fuse.borgfs defaults,noauto,user 0 0

I was under the impression that borg would use the .config directory of the user doing the mount. That doesn't seem to be the case.

ok, that's a fstab setting.

• nouser only root can mount
• users all users can mount and unmount
• user all users can mount and only the mount user can unmount

I can do that for one user, but then only that user can mount borg repositories through /etc/fstab, right?

I think it would be the best, you are explaning what you try to do. :)

[mgrachten]

I have a server where I store backups from various computers. I would like to be able to locally mount each of these repositories through /etc/fstab on that server to access the backups if I need to.

[Siassei]

Ok, I think you will mount the repository with any user on the local computer? Or at booting phase?
The simplest solution would be to use the root user to mount/umount. Keep it simple :)
Or creating an user 'borg' and use the /home/borg/ to store all information.
Or ... :)

[Siassei]

also look to chapter Environment Variables
https://borgbackup.readthedocs.io/en/stable/usage/general.html

[mgrachten]

I am aware of the environment variables borg uses, but I don't think they can be passed to borgfs when it is called through /etc/fstab.

When I mount as root, the mount directory is only readable by root, that's not what I want.

Perhaps the borgfs can be extended to support the uid mount option, so that it uses the $HOME of that user to look for the .config. If not I think it would be better to remove the part about using the user mount option in /etc/fstab from the documentation in http://borgbackup.readthedocs.io/en/stable/usage/mount.html.

[Siassei]

Perhaps the borgfs can be extended to support the uid mount option

Yeah, I look to the code and that is an issue.

I don't think they can be passed to borgfs when it is called through /etc/fstab

How you would be mounting the fstab entry?
Have you tried to customize the mount command at /etc/profile by using an alias (and passing the variables you wish to borg?).

[mgrachten]

How you would be mounting the fstab entry?

Maybe I misunderstand, but the idea would be by: mount /mnt/repo

Have you tried to customize the mount command at /etc/profile by using an alias (and passing the variables you wish to borg?).

In that case I might as well use an alias to borg mount /path/to/repo /mnt/repo in my own .profile. That kind of proves my point that user mounting a borg repo through /etc/fstab is currently not a feasible option.

[ThomasWaldmann]

Using one borg repo by different uids is asking for trouble (this is a rather general issue, not limited to borg).

See also: #3403 (comment)

If you can reproduce your other issues after fixing this fundamental "permissions mixup" issue, please re-open a new ticket for them.

[mgrachten]

Using one borg repo by different uids is asking for trouble (this is a rather general issue, not limited to borg).

Fair enough. But then I'm left with the question how user mounting through /etc/fstab is supposed to work in the first place. If I issue mount /mnt/repo as a normal user (which is allowed with the user option in /etc/fstab), I will need write permissions for /root, and that's not supposed to be the case.

[ThomasWaldmann]

Well, maybe one way is to create/update the repo with the same user that is expected to be able to work with it later (like mount it).

Alternatively, you can also try the borguser@localhost trick maybe, which de-couples the repo-files-accessing user from the input-files-reading user.

[mgrachten]

Well, maybe one way is to create/update the repo with the same user that is expected to be able to work with it later (like mount it).

That's what I'm doing. The user doing the mount is also the owner of the repo, but the permission error seems to originate from the fact that borgfs does not use the .config of that user (presumably because when mounting from /etc/fstab, the $HOME variable visible to borgfs is set to /root).