Merge pull request #5019 from MichaelEischer/fix-windows-sd-race

backup: Fix spurious "A Required Privilege Is Not Held by the Client" error
2024-08-29 16:59:06 +02:00 · 2024-08-29 16:59:06 +02:00 · a0f2dfbc19
commit a0f2dfbc19
parent 0aadfe32bb 45d05eb691
2 changed files with 22 additions and 12 deletions
--- a/changelog/unreleased/issue-5004
+++ b/changelog/unreleased/issue-5004
@ -0,0 +1,12 @@
+Bugfix: Fix spurious "A Required Privilege Is Not Held by the Client" error
+
+On Windows, creating a backup could sometimes print the following error
+
+```
+error: nodeFromFileInfo [...]: get named security info failed with: a required privilege is not held by the client.
+```
+
+This has been fixed.
+
+https://github.com/restic/restic/issues/5004
+https://github.com/restic/restic/pull/5019
--- a/internal/fs/sd_windows.go
+++ b/internal/fs/sd_windows.go
@ -48,19 +48,18 @@ func GetSecurityDescriptor(filePath string) (securityDescriptor *[]byte, err err

 	var sd *windows.SECURITY_DESCRIPTOR

-	if lowerPrivileges.Load() {
+	// store original value to avoid unrelated changes in the error check
+	useLowerPrivileges := lowerPrivileges.Load()
+	if useLowerPrivileges {
 		sd, err = getNamedSecurityInfoLow(filePath)
 	} else {
 		sd, err = getNamedSecurityInfoHigh(filePath)
 	}
 	if err != nil {
-		if !lowerPrivileges.Load() && isHandlePrivilegeNotHeldError(err) {
+		if !useLowerPrivileges && isHandlePrivilegeNotHeldError(err) {
 			// If ERROR_PRIVILEGE_NOT_HELD is encountered, fallback to backups/restores using lower non-admin privileges.
 			lowerPrivileges.Store(true)
-			sd, err = getNamedSecurityInfoLow(filePath)
-			if err != nil {
-				return nil, fmt.Errorf("get low-level named security info failed with: %w", err)
-			}
+			return GetSecurityDescriptor(filePath)
 		} else if errors.Is(err, windows.ERROR_NOT_SUPPORTED) {
 			return nil, nil
 		} else {
@ -109,20 +108,19 @@ func SetSecurityDescriptor(filePath string, securityDescriptor *[]byte) error {
 		sacl = nil
 	}

-	if lowerPrivileges.Load() {
+	// store original value to avoid unrelated changes in the error check
+	useLowerPrivileges := lowerPrivileges.Load()
+	if useLowerPrivileges {
 		err = setNamedSecurityInfoLow(filePath, dacl)
 	} else {
 		err = setNamedSecurityInfoHigh(filePath, owner, group, dacl, sacl)
 	}

 	if err != nil {
-		if !lowerPrivileges.Load() && isHandlePrivilegeNotHeldError(err) {
+		if !useLowerPrivileges && isHandlePrivilegeNotHeldError(err) {
 			// If ERROR_PRIVILEGE_NOT_HELD is encountered, fallback to backups/restores using lower non-admin privileges.
 			lowerPrivileges.Store(true)
-			err = setNamedSecurityInfoLow(filePath, dacl)
-			if err != nil {
-				return fmt.Errorf("set low-level named security info failed with: %w", err)
-			}
+			return SetSecurityDescriptor(filePath, securityDescriptor)
 		} else {
 			return fmt.Errorf("set named security info failed with: %w", err)
 		}