fix(backup): reset HOME when dropping to the backup user in runBackupOp

runBackupOp dropped privileges to $docker_install_user with `sudo -E`,
which preserves the CALLER's environment — including HOME. The caller is
the manager (libreportal), so restic-running-as-dockerinstall ended up
with HOME=/home/libreportal and tried to mkdir
`/home/libreportal/.cache/restic` for its cache. dockerinstall can't
write into libreportal's home, so every backup ran with:

    unable to open cache: mkdir /home/libreportal/.cache/restic: permission denied

twice (once in backup, once in the verify-via-scratch-restore step), with
restic falling back to a no-cache run that's a few × slower than it
should be.

Add `-H` (sudo's "reset HOME to target user's home"). Now restic sees
HOME=/home/dockerinstall, creates ~/.cache/restic there (dockerinstall
owns its own home, no help needed), and the warning is gone. Confirmed
live: a `backup app create linkding` round-trip is silent on cache, and
the dir lands at /home/dockerinstall/.cache/restic, mode 0700, correctly
owned.

All restic/borg/kopia calls funnel through runBackupOp, so this single
character fix covers every backup-tool invocation.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
librelad 2026-05-26 21:56:43 +01:00
parent 2fc63b154f
commit 18e692ffbb

View File

@ -82,8 +82,13 @@ runInstallWrite() {
# password and BORG_/RESTIC_/KOPIA_ env vars reach the tool. Never root — the
# scoped sudoers lets the manager drop to this user. Single funnel so the
# backup subsystem's privilege drop has one audit point.
# -H resets HOME to the target user's so restic finds (or creates) its cache
# under /home/$docker_install_user/.cache/restic instead of inheriting the
# manager's HOME (which dockerinstall can't write into, surfacing as
# "unable to open cache: mkdir /home/libreportal/.cache/restic: permission denied"
# on every backup).
runBackupOp() {
sudo -E -u "$docker_install_user" "$@"
sudo -E -H -u "$docker_install_user" "$@"
}
# Run one of the ROOT-OWNED LibrePortal helpers installed (root:root 0755) under