How to exclude FUSE mountpoints on Linux?

Hi,

I’ve been using Duplicati on Windows and have now moved on to trying it on my Fedora machines.

I’m getting “permission denied” warnings on the FUSE mountpoints that XRDP creates in /home/$USER/thinclient_drives.

2025-02-07 13:54:52 +00 - [Warning-Duplicati.Library.Main.Operation.Backup.FileEnumerationProcess-FileAccessError]: Error reported while accessing file: /home/martin/thinclient_drives/
UnauthorizedAccessException: Access to the path '/home/martin/thinclient_drives' is denied.
2025-02-07 13:54:52 +00 - [Warning-Duplicati.Library.Main.Operation.Backup.FileEnumerationProcess-PathProcessingErrorBlockDevice]: Failed to process path: /home/martin/thinclient_drives/
UnauthorizedAccessException: Permission denied

drwx------. 1 martin martin 0 Feb  7 10:35 /home/martin/thinclient_drives/

I’ve tried excluding them from the backup by folder, glob expression and the system files filter but I still get the warnings.

Is there a way to do this?

Thanks

I suspect a bug in order of testing, where path is checked first to see if it’s a block device.

and sometime later in order of testing, excludes are considered. Is that the best ordering?

I assume there’s a lot of stuff in /home/martin and you wouldn’t want to include each one?

That would be one way to stop tree walk of /home/martin from not respecting the exclude.

If you exclude a higher-up folder, that would probably work, but there’s no reasonable one.

Thanks. I’m not sure if FUSE mountpoints appear as directories to whatever IsBlockDevice() calls. I think they might do as they’re backed by block devices rather than being device nodes themselves.

Maybe it would be better for path exclusions to be done first and thereby prevent attempts to access anything that won’t be backed up but there may be good reasons for why it works the current way.

I’d prefer not to explicitly include directories as there is a risk that this will get out of date and I want everything in /home backed up.

It seems it should be possible to disable the creation of these problematic directories in the xrdp config so I’ll probably try that first

There’s probably something similar to what the stat command runs somewhere underneath.
You could try that to see what it looks like and whether you get any unexpected access errors.

We have to wait for a developer opinion on approaches, I think.

What user is Duplicati running as? Most likely guesses would be martin or root.
FUSE access checking is different from on the local filesystem, to avoid accidents.

Why don’t other users have access to the mounted filesystem?

Basically if you can avoid an early warning, then you might get to intended exclude.
But there are other consequences to changing FUSE access, so please think it out.

It’s running as root, I just installed the latest RPM.

I think it was a poor decision by xrdp to create these files in home directories. It looks like the change to /etc/xrpd/sesman.ini has worked. The directory hasn’t appeared again after a restart, which should stop the warnings.

1 Like

The idea was to defer the filter check until later, as it is usually the slowest operation.

The error message “FileAccessError” is not reported there there, it happens when trying to access the file later. If that line failed, you would see “PathProcessingErrorBlockDevice” in the error message.

I guess that fixes the problem at the souce :+1: