mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2025-02-24 15:12:00 +00:00
Code Issues Releases Wiki Activity

implement --umask M

Browse source 
affects local and remote umask, secure by default M == 077
This commit is contained in:
Thomas Waldmann 2015-08-03 23:48:56 +02:00
parent 3be55bedd3
commit 9f1d92c993
4 changed files with 26 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
borg/archiver.py
View file

@ -21,7 +21,7 @@
format_file_mode, ExcludePattern, exclude_path, adjust_patterns, to_localtime, timestamp, \ format_file_mode, ExcludePattern, exclude_path, adjust_patterns, to_localtime, timestamp, \
get_cache_dir, get_keys_dir, format_timedelta, prune_within, prune_split, \ get_cache_dir, get_keys_dir, format_timedelta, prune_within, prune_split, \
Manifest, remove_surrogates, update_excludes, format_archive, check_extension_modules, Statistics, \ Manifest, remove_surrogates, update_excludes, format_archive, check_extension_modules, Statistics, \
is_cachedir, bigint_to_int, ChunkerParams is_cachedir, bigint_to_int, ChunkerParams, set_umask
from .remote import RepositoryServer, RemoteRepository from .remote import RepositoryServer, RemoteRepository
@ -220,7 +220,6 @@ def do_extract(self, args):
# be restrictive when restoring files, restore permissions later # be restrictive when restoring files, restore permissions later
if sys.getfilesystemencoding() == 'ascii': if sys.getfilesystemencoding() == 'ascii':
print('Warning: File system encoding is "ascii", extracting non-ascii filenames will not be supported.') print('Warning: File system encoding is "ascii", extracting non-ascii filenames will not be supported.')
os.umask(0o077)
repository = self.open_repository(args.archive) repository = self.open_repository(args.archive)
manifest, key = Manifest.load(repository) manifest, key = Manifest.load(repository)
archive = Archive(repository, key, manifest, args.archive.archive, archive = Archive(repository, key, manifest, args.archive.archive,
@ -511,6 +510,8 @@ def run(self, args=None):
default=False, default=False,
help='verbose output') help='verbose output')
common_parser.add_argument('--no-files-cache', dest='cache_files', action='store_false') common_parser.add_argument('--no-files-cache', dest='cache_files', action='store_false')
common_parser.add_argument('--umask', dest='umask', type=lambda s: int(s, 8), default=0o077, metavar='M',
help='set umask to M (local and remote, default: 0o077)')
# We can't use argparse for "serve" since we don't want it to show up in "Available commands" # We can't use argparse for "serve" since we don't want it to show up in "Available commands"
if args: if args:
@ -821,6 +822,7 @@ def run(self, args=None):
args = parser.parse_args(args or ['-h']) args = parser.parse_args(args or ['-h'])
self.verbose = args.verbose self.verbose = args.verbose
set_umask(args.umask)
update_excludes(args) update_excludes(args)
return args.func(args) return args.func(args)

10
borg/helpers.py
View file

@ -605,3 +605,13 @@ def int_to_bigint(value):
if value.bit_length() > 63: if value.bit_length() > 63:
return value.to_bytes((value.bit_length() + 9) // 8, 'little', signed=True) return value.to_bytes((value.bit_length() + 9) // 8, 'little', signed=True)
return value return value
def set_umask(umask):
return os.umask(umask)
def get_umask():
umask = set_umask(0)
set_umask(umask)
return umask

8
borg/remote.py
View file

@ -10,7 +10,7 @@
from . import __version__ from . import __version__
from .helpers import Error, IntegrityError from .helpers import Error, IntegrityError, get_umask
from .repository import Repository from .repository import Repository
BUFSIZE = 10 * 1024 * 1024 BUFSIZE = 10 * 1024 * 1024
@ -124,8 +124,10 @@ def __init__(self, location, create=False):
self.responses = {} self.responses = {}
self.unpacker = msgpack.Unpacker(use_list=False) self.unpacker = msgpack.Unpacker(use_list=False)
self.p = None self.p = None
# use local umask also for the remote process
umask = ['--umask', '%03o' % get_umask()]
if location.host == '__testsuite__': if location.host == '__testsuite__':
args = [sys.executable, '-m', 'borg.archiver', 'serve'] + self.extra_test_args args = [sys.executable, '-m', 'borg.archiver', 'serve'] + umask + self.extra_test_args
else: else:
args = ['ssh'] args = ['ssh']
if location.port: if location.port:
@ -134,7 +136,7 @@ def __init__(self, location, create=False):
args.append('%s@%s' % (location.user, location.host)) args.append('%s@%s' % (location.user, location.host))
else: else:
args.append('%s' % location.host) args.append('%s' % location.host)
args += ['borg', 'serve'] args += ['borg', 'serve'] + umask
self.p = Popen(args, bufsize=0, stdin=PIPE, stdout=PIPE) self.p = Popen(args, bufsize=0, stdin=PIPE, stdout=PIPE)
self.stdin_fd = self.p.stdin.fileno() self.stdin_fd = self.p.stdin.fileno()
self.stdout_fd = self.p.stdout.fileno() self.stdout_fd = self.p.stdout.fileno()

7
borg/testsuite/archiver.py
View file

@ -425,6 +425,13 @@ def test_readonly_repository(self):
# Restore permissions so shutil.rmtree is able to delete it # Restore permissions so shutil.rmtree is able to delete it
os.system('chmod -R u+w ' + self.repository_path) os.system('chmod -R u+w ' + self.repository_path)
def test_umask(self):
self.create_regular_file('file1', size=1024 * 80)
self.cmd('init', self.repository_location)
self.cmd('create', self.repository_location + '::test', 'input')
mode = os.stat(self.repository_path).st_mode
self.assertEqual(stat.S_IMODE(mode), 0o700)
def test_cmdline_compatibility(self): def test_cmdline_compatibility(self):
self.create_regular_file('file1', size=1024 * 80) self.create_regular_file('file1', size=1024 * 80)
self.cmd('init', self.repository_location) self.cmd('init', self.repository_location)