Restart Service using Web UI

Hi,

I’d like to restart the duplicati service on a machine I only have access to the Web UI. Can I do it with only the web UI? I know some kind of restart is possible when upgrading.

Thanks,

Alex

Restarting services requires admin access on the machine running the service. If you’re the administrator you can do that, but it would be wrong of the Duplicati user UI to allow this. The fact that it’s not available is correct.

but I wouldn’t guarantee that its omission is for security reasons. How do you feel about program restart? That’s currently tried during upgrades. Beta Update never gets to activate on Linux shows it’s not reliable.

Possibly it will be replaced, however the security aspects might change. Currently the autoupdater has a design-intent capability to update Duplicati without administrator privilege. I’m not sure the future way will.

Duplicati as a service - more complicate than it need be is another discussion of services and their risks.

What OS? Is Duplicati having an issue?

The service is an OS-level process. That’s what we wanted. The good is, it starts with the machine and it runs at the max authorization. But that also means we should not have control over it from a non-OS authorized context.

At the very least an unauthorized user who can do this will be able to damage its availability. And availability is one of the aspects of systems that my discipline seeks to protect. (CIA: Confidentiality, Integrity, Availability)

If the user who wants to restart the service is authorized at the OS level, let them log in the usual way and prove it. I do that with ssh and sudo. Windows users will use runas administrator or similar.

But this should not ever happen from a public web UI.

BTW and maybe this belongs in another thread but… I run duplicati as a service on three Linux boxes. All three installed and activated the new beta this week without a hitch.

The fact that it’s not available is correct.

Ok, understood. We don’t want a UI restarting the service.

All three installed and activated the new beta this week without a hitch.

This is why I’m a bit confused. Why is an upgrade, which is triggered by the WebUI allowed to restart the service, but the user shouldn’t be able to trigger the restart by the WebUI. Seems like a double standard.

The default Duplicati architecture for both service and non-service is a parent process that runs from the installation (e.g. C:\Program Files\Duplicati 2), looks for installed updates, and starts the latest as a child.
Activate button exits the child with an MAGIC_EXIT_CODE that gets parent to restart on the newer install.

root     22860     1  0 07:09 ?        00:00:00 DuplicatiServer /usr/lib/duplicati/Duplicati.Server.exe
root     22864 22860  2 07:09 ?        00:00:31 /usr/bin/mono-sgen /usr/lib/duplicati/Duplicati.Server.exe

# strace -p 22860 -p 22864 -o /tmp/strace.activate.log -tt -f 

22864 07:36:02.791955 exit_group(126)   = ?
22864 07:36:02.812334 +++ exited with 126 +++
22860 07:36:02.812473 <... futex resumed> ) = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
22860 07:36:02.812541 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22864, si_uid=0, si_status=126, si_utime=2873, si_stime=214} ---
22860 07:36:02.812615 futex(0x55d9e89f7480, FUTEX_WAKE_PRIVATE, 1) = 1
22862 07:36:02.812722 <... futex resumed> ) = 0
22862 07:36:02.812798 wait4(22864, [{WIFEXITED(s) && WEXITSTATUS(s) == 126}], WNOHANG, NULL) = 22864
22860 07:36:02.812940 rt_sigreturn({mask=[]}) = 202
22860 07:36:02.813043 futex(0x55d9eaf5fc78, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 0, NULL, 0xffffffff <unfinished ...>
22862 07:36:02.813105 futex(0x55d9eaf5fc78, FUTEX_WAKE_PRIVATE, 1) = 1
22860 07:36:02.813230 <... futex resumed> ) = 0
22862 07:36:02.813357 wait4(22863, 0x7fd9e9af7d50, WNOHANG, NULL) = -1 ECHILD (No child processes)
22862 07:36:02.813472 futex(0x55d9e89f7480, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 0, NULL, 0xffffffff <unfinished ...>
22860 07:36:02.814095 openat(AT_FDCWD, "/usr/share/Duplicati/updates", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5

Good to hear. Thanks. In terms of availability, it’s “supposed” to be a small outage, then back up on new…
Non-Windows systems are basically paired Duplicati processes, plus something above, maybe systemd.
Windows systems have Duplicati.WindowsService.exe in the mix. A maximum view (and more) is at link:

[SOLVED] Is it ok that I see 5 processes of Duplicati in Windows Task manager?

In both Windows and Linux there’s OS administrator level control (services.msc, systemctl, etc. ) needed to totally take down the service, but there’s also the hopefully-short outage when Duplicati runs the update.

The upgrade is an action undertaken by the duplicati service itself. Not completely in control of the end user. You can tell duplicatit it’s OK to upgrade when one is available, but you can’t just tell it to replace itself with an arbitrary executable that you provide.

You’re not really initiating the restart, you’re merely giving it your permission to proceed.

In fact, duplicati could check if it’s safe and then proceed all on its own.