Version 3.9: pi-manage backup create... not working correctly anymore

In version 3.9 the “pi-manage backup create” doesn’t seem to work correctly anymore. Database dumps are not included in the privacyidea-backup-XXXXXXXX.tgz
Installation type: ubuntu 22.04.3 with “pi ubuntu package”.
This happens after update from 3.8.1 and on a fresh 3.9 installation also.

Error output from ssh:

root@machine:/home/piadmin# pi-manage backup create

         _                    _______  _______

___ () _____ _______ __/ / _ / __/ _ |
/ _ / __/ / |/ / _ `/ / // // // // / _// __ |
/ .
/
/ /
/|
/_,/_/_, ///// ||
/
/ /___/
v3.9

Usage: mysqldump [OPTIONS] database [tables]
OR mysqldump [OPTIONS] --databases [OPTIONS] DB1 [DB2 DB3…]
OR mysqldump [OPTIONS] --all-databases [OPTIONS]
For more options, use mysqldump --help
tar: Removing leading /' from member names tar: Removing leading /’ from hard link targets
tar: /var/lib/privacyidea/backup/dbdump-20231009-1856.sql: Cannot stat: No such file or directory
tar: Exiting with failure status due to previous errors
Traceback (most recent call last):
File “/usr/bin/pi-manage”, line 1739, in
manager.run()
File “/opt/privacyidea/lib/python3.10/site-packages/flask_script/init.py”, line 417, in run
result = self.handle(argv[0], argv[1:])
File “/opt/privacyidea/lib/python3.10/site-packages/flask_script/init.py”, line 386, in handle
res = handle(*args, **config)
File “/opt/privacyidea/lib/python3.10/site-packages/flask_script/commands.py”, line 216, in call
return self.run(*args, **kwargs)
File “/usr/bin/pi-manage”, line 341, in create
os.unlink(sqlfile)
FileNotFoundError: [Errno 2] No such file or directory: ‘/var/lib/privacyidea/backup/dbdump-20231009-1856.sql’
root@machine:/home/piadmin#

Perhaps this is a Python related problem? Is there a workaround to get the backup running again?
Any help or idea is very appreciated.

Looks like the call() in line 322 should not do this via a shell. Use shell=False.

In 3.8 we sent a single string as command, which actually request shell=True.

Would you mind opening an isse at github?

Thanks
Cornelius