Google drive mount overwrites file instead of modifying it

Xenorf · March 1, 2025, 11:46pm

Hello!

I am using rclone to synchronize my password manager stored on Google Drive. I have a systemctl service running for my user and it works fine. But there is a downside. When I modify the password database on my computer, instead of making the modification remotely, it deletes the existing file and creates a new one with the same name.

This is not a Google Drive issue because making modifications from my phone doesn't give the same outcome.

This is really annoying because it breaks the synchronization of my database on other devices and it removes my version history on Google Drive.

I looked for relevant options available when mounting the drive but didn't find any. Can someone help? Is there a workaround? Did I misconfigured something?

My rclone version:

rclone v1.69.1
- os/version: arch (64 bit)
- os/kernel: 6.13.4-arch1-1 (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.24.0
- go/linking: dynamic
- go/tags: none

My service:

[Unit]
Description=rclone mount service
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
ExecStart=/usr/bin/rclone mount keepassxc:KeepassXC %h/documents/keepassxc

[Install]
WantedBy=default.target

My config:

[keepassxc]
type = drive
scope = drive
token = XXX
team_drive =

asdffdsa · March 1, 2025, 11:55pm

welcome to the forum,

afiak, that is how rclone works, depending on --vfs-cache-mode
if you edit/modify a file, then

rclone downloads the entire file from gdrive to local
keepass open, edits, saves the local file
rclone uploads the entire file, from local to gdrive

how are you doing that, rclone or what?

Xenorf · March 2, 2025, 11:00am

Hey, thank you your answer. God, this is exactly what I needed, --vfs-cache-mode writes fixes the overwriting behavior.

A bit more context on my setup since you asked:
To synchronize my database on other devices I either use the thick Google Drive client for Windows devices or Keepass2Android for my mobile devices. These don't have the same overwriting behavior. Keepass2Android doesn't automatically reopen the database once it has been overwritten by rclone though.

Thank you again!

asdffdsa · March 2, 2025, 3:13pm

yeah, i also use keepass2android, but the offline version, that has no network access.
and i do not use google products.

i have a different setup, not using rclone mount.
i want the original database to be on local, not cloud.
i do not trust accessing a critical database via rclone mount and/or gdrive desktop client.

my main database is local on my windows machine. each time i make a change+save to the database:

on windows, a keepass trigger runs a .cmd script that uses rclone to copy the .kdbx from local to cloud
on android, i use termux to run a .sh script, that uses rclone to download the .kdbx from cloud to local

in pseudo code

1. rclone copy c:\path\to\database\01.kdbx remote:current --backup-dir=remote:archive/%date%%time%

2.
source="remote:current"
dest="/storage/emulated/0/keepass/"
log="--log-level=DEBUG --log-file=./rclone.txt"

rclone copy  $source $dest   --include='01.kdbx' --max-depth=1 --no-traverse    $log
rclone check $dest   $source --include='01.kdbx' --download    --max-depth=1    $log

Xenorf · March 2, 2025, 5:29pm

Interesting, you basically make a copy instead of mounting the whole thing. Will it propagate both ways, regardless of the device used to make the modifications on your database?

asdffdsa · March 2, 2025, 5:44pm

tl;dr - the data in the keepass database is way too important to trust third parties, different programs on different operating system doing cloud sync on gdrive, rclone mount and so on.
all that seem very fragile to me.

no, i found that approach too fragile, too many moving parts, and having to trust some third-party keepass2android to modify a database that will be used by official keepass. as keepass changes it database format and fixed bugs, no trust that keeppass2android will do the same.

in addition, keepass is audited, whereas keepass2online, no idea
Many thanks to the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) and mgm security partners for sponsoring and performing a code analysis of KeePass 2.x (project CAOS 3.0 German, press report German). No security vulnerabilities classified as medium, high or critical were found

is keepass2android still supported as it has not been updated in over a year?
has many bugs not getting fixed.
https://github.com/PhilippC/keepass2android/issues

system · March 5, 2025, 5:44pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.