[Borgbackup] Problems after borg client upgrade
Gareth Evans
donotspam at fastmail.fm
Sun Feb 25 17:39:04 EST 2024
I use borg client 1.2.4 on Debian bookworm with 1.2.7 on a FreeBSD server, of which (the server) I am not in control.
Repos are encrypted using local keyfiles, and were created quite some time ago.
On the first day of the month, the last-day-of-last-month's repo is converted to that month's archive for the year. I have a script which does:
borg delete redacted at redacted:$repo::m$lastmonth
borg rename redacted at redacted:$repo::d$yesterday m$lastmonth
$ borg --version
borg 1.2.4
$ sudo borg check redacted at redacted:etc
$
After upgrading the client version to 1.2.7 from bookworm-backports, problems are reported with the archives which have been renamed.
--
$ sudo borg check redacted at redacted:etc
Archive TAM authentication issue for archive m07: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
Archive TAM authentication issue for archive m08: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
Archive TAM authentication issue for archive m09: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
Archive TAM authentication issue for archive m10: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
Archive TAM authentication issue for archive m11: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
Archive TAM authentication issue for archive m12: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
Archive TAM authentication issue for archive m01: Data integrity error: Archive authentication did not verify
This archive will be *removed* from the manifest! It will be deleted.
162 orphaned objects found!
Archive consistency check complete, problems found.
--
Listing, for example, m01 produces
--
$ sudo borg list redacted at redacted:etc::m01
Data integrity error: Archive authentication did not verify
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/borg/archiver.py", line 5343, in main
exit_code = archiver.run(args)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/archiver.py", line 5263, in run
return set_ec(func(args))
^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/archiver.py", line 189, in wrapper
return method(self, args, repository=repository, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/archiver.py", line 1385, in do_list
return self._list_archive(args, repository, manifest, key)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/archiver.py", line 1414, in _list_archive
_list_inner(cache=None)
File "/usr/lib/python3/dist-packages/borg/archiver.py", line 1402, in _list_inner
archive = Archive(repository, key, manifest, args.location.archive, cache=cache,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/archive.py", line 488, in __init__
self.load(info.id)
File "/usr/lib/python3/dist-packages/borg/archive.py", line 501, in load
self.metadata = self._load_meta(self.id)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/archive.py", line 493, in _load_meta
archive, self.tam_verified, _ = self.key.unpack_and_verify_archive(data, force_tam_not_required=True)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/borg/crypto/key.py", line 329, in unpack_and_verify_archive
raise ArchiveTAMInvalid()
borg.crypto.key.ArchiveTAMInvalid: Data integrity error: Archive authentication did not verify
Platform: Linux qwerty 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64
Linux: Unknown Linux
Borg: 1.2.7 Python: CPython 3.11.2 msgpack: 1.0.3 fuse: pyfuse3 3.2.1 [pyfuse3,llfuse]
PID: 1369927 CWD: /home/user
sys.argv: ['/usr/bin/borg', 'list', 'redacted at redacted:etc::m01']
SSH_ORIGINAL_COMMAND: None
--
It is still possible to create new repos, which check OK, but not to list the affected repos due to errors like the above.
Is this a bug?
I can't see anything relevant in the change log
https://borgbackup.readthedocs.io/en/stable/changes.html#upgrade-notes
I wonder if a borg upgrade would help, but I can't see a way to upgrade a remote keyfile-encrypted repo.
$ sudo ssh redacted at redacted borg upgrade -v etc
making a hardlink copy in /data1/home/redacted/etc.before-upgrade-2024-02-25-22:22:35
opening attic repository with borg and converting
no key file found for repository
converting repo index /data1/home/redacted/etc/index.91850
converting 74 segments...
converting borg 0.xx to borg current
no key file found for repository
$
This appears to fail, as the same output appears if the command is repeated - I presume because the keyfile is not provided - how can it be?
The problems disappear if borg client is reverted to 1.2.4
Any ideas what has happened or how to fix it would be much appreciated.
Thanks,
Gareth
More information about the Borgbackup
mailing list