mirror of https://github.com/borgbackup/borg.git
init: explain manifest auth compatibility
This commit is contained in:
parent
1c55930840
commit
ec4f42c9f8
|
@ -127,7 +127,8 @@ class Archiver:
|
||||||
@with_repository(create=True, exclusive=True, manifest=False)
|
@with_repository(create=True, exclusive=True, manifest=False)
|
||||||
def do_init(self, args, repository):
|
def do_init(self, args, repository):
|
||||||
"""Initialize an empty repository"""
|
"""Initialize an empty repository"""
|
||||||
logger.info('Initializing repository at "%s"' % args.location.canonical_path())
|
path = args.location.canonical_path()
|
||||||
|
logger.info('Initializing repository at "%s"' % path)
|
||||||
key = key_creator(repository, args)
|
key = key_creator(repository, args)
|
||||||
manifest = Manifest(key, repository)
|
manifest = Manifest(key, repository)
|
||||||
manifest.key = key
|
manifest.key = key
|
||||||
|
@ -135,8 +136,19 @@ class Archiver:
|
||||||
repository.commit()
|
repository.commit()
|
||||||
with Cache(repository, key, manifest, warn_if_unencrypted=False):
|
with Cache(repository, key, manifest, warn_if_unencrypted=False):
|
||||||
pass
|
pass
|
||||||
tam_file = tam_required_file(repository)
|
if key.tam_required:
|
||||||
open(tam_file, 'w').close()
|
tam_file = tam_required_file(repository)
|
||||||
|
open(tam_file, 'w').close()
|
||||||
|
logger.warning(
|
||||||
|
'\n'
|
||||||
|
'By default repositories initialized with this version will produce security\n'
|
||||||
|
'errors if written to with an older version (up to and including Borg 1.0.8).\n'
|
||||||
|
'\n'
|
||||||
|
'If you want to use these older versions, you can disable the check by runnning:\n'
|
||||||
|
'borg upgrade --disable-tam \'%s\'\n'
|
||||||
|
'\n'
|
||||||
|
'See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability '
|
||||||
|
'for details about the security implications.', path)
|
||||||
return self.exit_code
|
return self.exit_code
|
||||||
|
|
||||||
@with_repository(exclusive=True, manifest=False)
|
@with_repository(exclusive=True, manifest=False)
|
||||||
|
|
|
@ -46,7 +46,7 @@ class RepoKeyNotFoundError(Error):
|
||||||
|
|
||||||
class TAMRequiredError(IntegrityError):
|
class TAMRequiredError(IntegrityError):
|
||||||
__doc__ = textwrap.dedent("""
|
__doc__ = textwrap.dedent("""
|
||||||
Manifest is unauthenticated, but authentication is required for this repository.
|
Manifest is unauthenticated, but it is required for this repository.
|
||||||
|
|
||||||
This either means that you are under attack, or that you modified this repository
|
This either means that you are under attack, or that you modified this repository
|
||||||
with a Borg version older than 1.0.9 after TAM authentication was enabled.
|
with a Borg version older than 1.0.9 after TAM authentication was enabled.
|
||||||
|
|
Loading…
Reference in New Issue