[pbs-devel] [PATCH proxmox-backup] fix #3336: api: remove backup group if the last snapshot is removed

Stefan Sterz s.sterz at proxmox.com
Mon Mar 14 15:18:37 CET 2022

On 14.03.22 12:36, Thomas Lamprecht wrote:
> On 14.03.22 12:13, Stefan Sterz wrote:
>> how do we move forward on this issue? the changes proposed above sound
>> rather far reaching and not really connected to the bug that sparked
>> the original patch. it might make sense to break them out into their
>> own patch series and either fix the issue at hand (bug #3336) after it
>> has been applied. alternatively we could just remove the "owner" file
>> in a given group. this should fix the bug too and would not suffer
>> from the locking problem (as we would lock its parent directory), but
>> would leave empty directories behind. please advise 😄
> I reread the actual bug and it seems that if we're Ok with just deleting
> the owner with the rather implicit reason of the last snapshot being
> deleted, allowing another authid to "snatch up" that backup group ownership,
> then just deleting the owner file would be the simplest solution.
> I'm not against that, and I definitively agree with the bug report that
> doing so is less work, but given how serious we honor the owner in general,
> it feels a bit odd to just implicitly do so on a single snapshot deletion.
> On the other hand, we also handle creation in a similar implicit matter,
> so maybe I'm overthinking it and just removing it would actually be more
> consistent/expected for users.
> So, if you don't see a problem/issue with that approach and agree with
> the last paragraph above feel free to go for deleting the owner file only.

for the most part i agree with you. i would also like to point out
that when a group is deleted (as in, not the last snapshot, but the
entire group at once) the owner is also implicitly removed (because
the entire group directory is removed). so in a way, we already delete
ownership information implicitly and the proposed solution would just
be consistent with that behavior.

however, i did some more digging and testing and it turns out that we
currently assume the owner file to be present when a group directory
exists. this affects not only sync jobs, but also verification and
more. thus, i would need to do quite a bit of refactoring to get this
to work and even more testing. so while this issue seemed simple
enough, as far as i can tell our current options are:

1. re-factor locking and remove the directory
2. re-factor how an empty group directory and the owner file is
3. add "empty" groups to the gui

in light of this, taking the gui route is possibly the easiest option.
sorry, for not being aware of this earlier.

More information about the pbs-devel mailing list