Password cache and encrypted home directory

[buhtz]

I need an advice on this topic because I don't understand all the details and implications.

The config's default value about "use password cache" depends on the fact if the home directory is encrypted or not. If encrypted the default is False and otherwise True.

backintime/common/config.py

Lines 846 to 853 in 8c7afef

	def passwordUseCache(self, profile_id = None, mode = None):
	if mode is None:
	mode = self.snapshotsMode(profile_id)
	default = not tools.checkHomeEncrypt()
	#?Cache password in RAM so it can be read by cronjobs.
	#?Security issue: root might be able to read that password, too.
	#?<MODE> must be the same as \fIprofile<N>.snapshots.mode\fR;;true if home is not encrypted
	return self.profileBoolValue('snapshots.%s.password.use_cache' % mode, default, profile_id)

backintime/common/tools.py

Lines 1178 to 1201 in 8c7afef

	def checkHomeEncrypt():
	"""
	Return ``True`` if users home is encrypted
	"""
	home = os.path.expanduser('~')
	if not os.path.ismount(home):
	return False
	if checkCommand('ecryptfs-verify'):
	try:
	subprocess.check_call(['ecryptfs-verify', '--home'],
	stdout=subprocess.DEVNULL,
	stderr=subprocess.DEVNULL)
	except subprocess.CalledProcessError:
	pass
	else:
	return True
	if checkCommand('encfs'):
	proc = subprocess.Popen(['mount'], stdout=subprocess.PIPE, universal_newlines = True)
	mount = proc.communicate()[0]
	r = re.compile('^encfs on %s type fuse' % home)
	for line in mount.split('\n'):
	if r.match(line):
	return True
	return False

First of all I would like to understand why it is important to check that.

I am assuming this behavior is somehow relevant and can not just be removed. So I ask for suggestions about how to refactor this. It is my feeling that this checkHomeEncrypt() call shouldn't be in the Config class. If this check is relevant it should be done somewhere else. But where?

Using git grep indicates no other place where this function is called.

That issue is related to PR #1850 about introducing a new class about configuration management.

There is a commit from 2013 related to that function (check_home_encrypt() named) I will investigate further: 255e5ff

[buhtz]

If home dir is encrypted or not only affects the default value for "use password cache" setting. It does not disable/enable the whole checkbox. The user is still able to set "use password cache" True/False no matter if home is encrypted or not.

So I see not much value in it.

Remove it?

Or move that check back into the settingsdialog in a first place and deal with it later.

EDIT:
The function does check if the home directory is encrypted via "eCryptFS". To my knowledge that is outdated and uncommon today. But of course not gone. I would vote to remove that function without replacement and don't care if the home dir is encrypted or not.
Otherwise I would like to understand why eCryptFS is relevant when it comes to password caching. Maybe other encryption alternatives are also a problem in context of password caching.

EDIT2: Diving into the password caching related code gives me a headache. Not much documentation in there. @Germar can you give us a hand here? Why is it a problem to cache a password when the home dir is eCryptFS encrypted?

[buhtz]

I did some test on a VM.

• I setup latest BIT dev version on Ubuntu 24.
• The home directory is encrypted via eCryptFS.
• I setup a "local encrypted" snapshot profile.
• Schedule on every 5 minutes and made sure that the files to backup are modified between the runs.
• Use the default value (False) for "cache password for cron".
• I was asked everytime for the encfs password when cron started bit.

Then...

• I checked the checkbox "cache password for cron" (True).
• The backups are still running. No problem. No questions about the password.

So I see no problem with using password cache on an ecryptfs home dir.

I searched the commit history and old issues. I couldn't find an indicator or explanation why this might be a problem.