Uploaded image for project: 'Percona XtraBackup'
  1. Percona XtraBackup
  2. PXB-2154

Xbstream displayed the encrypt-key in process during backup decryption

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 8.0.10, 2.4.19
    • Fix Version/s: 2.4.20, 8.0.11
    • Component/s: None
    • Labels:

      Description

      PS8.0.19-10 is running with encryption options

      Take full backup with streaming, compression, and encryption

      ./xtrabackup --user=root --password='' --backup --target-dir=$HOME/dbbackup_PS8/full -S $HOME/PS130320_8_0_19_10_debug/socket.sock --datadir=$HOME/PS130320_8_0_19_10_debug/data --keyring_file_data=$HOME/PS130320_8_0_19_10_debug/keyring --xtrabackup-plugin-dir=$HOME/pxb_8_0_11_debug/lib/plugin --transition-key=secret_key --history=PXB_default --encrypt=AES256 --encrypt-key=mHU3Zs5sRcSB7zBAJP1BInPP5lgShKly --encrypt-threads=10 --encrypt-chunk-size=128K --compress=lz4 --compress-threads=10 --stream=xbstream > $HOME/dbbackup_PS8/fullbackup.xbstream

      The xtrabackup process is displayed as

      ps -ef|grep xtrabackup
      mchawla 3498 4927 42 15:30 pts/2 00:00:02 ./xtrabackup --user=root --password= --backup --target-dir=/home/mchawla/dbbackup_PS8/full -S /home/mchawla/PS130320_8_0_19_10_debug/socket.sock --datadir=/home/mchawla/PS130320_8_0_19_10_debug/data --keyring_file_data=/home/mchawla/PS130320_8_0_19_10_debug/keyring --xtrabackup-plugin-dir=/home/mchawla/pxb_8_0_11_debug/lib/plugin --transition-key=x xxxxxxxx --history=PXB_default --encrypt=AES256 --encrypt-key=x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --encrypt-threads=10 --encrypt-chunk-size=128K --compress=lz4 --compress-threads=10 --stream=xbstream

      Extract, decrypt and decompress the full backup

      ./xbstream --directory=$HOME/dbbackup_PS8/full --extract --verbose --decrypt=AES256 --encrypt-key=mHU3Zs5sRcSB7zBAJP1BInPP5lgShKly --decompress --decompress-threads=10 < $HOME/dbbackup_PS8/fullbackup.xbstream

      The xbstream process is displayed as

      ps -ef|grep xbstream
      mchawla 5179 4927 67 16:25 pts/2 00:00:01 ./xbstream --directory=/home/mchawla/dbbackup_PS8/full --extract --verbose --decrypt=AES256 --encrypt-key=mHU3Zs5sRcSB7zBAJP1BInPP5lgShKly --decompress --decompress-threads=10

      Issue: The encrypt-key is visible in the process. The same issue needs to be corrected for xbcrypt binary also.

        Smart Checklist

          Attachments

            Activity

              People

              Assignee:
              rahul.malik Rahul Malik
              Reporter:
              manish.chawla Manish Chawla
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 1 hour, 30 minutes
                  1h 30m