mirror of https://github.com/restic/restic.git
Add support for backup/restore of security descriptors
This commit is contained in:
parent
e3e59fef24
commit
70cf8e3788
|
@ -48,13 +48,15 @@ const (
|
||||||
TypeCreationTime GenericAttributeType = "windows.creation_time"
|
TypeCreationTime GenericAttributeType = "windows.creation_time"
|
||||||
// TypeFileAttributes is the GenericAttributeType used for storing file attributes for windows files within the generic attributes map.
|
// TypeFileAttributes is the GenericAttributeType used for storing file attributes for windows files within the generic attributes map.
|
||||||
TypeFileAttributes GenericAttributeType = "windows.file_attributes"
|
TypeFileAttributes GenericAttributeType = "windows.file_attributes"
|
||||||
|
// TypeSecurityDescriptor is the GenericAttributeType used for storing security descriptors including owner, group, discretionary access control list (DACL), system access control list (SACL)) for windows files within the generic attributes map.
|
||||||
|
TypeSecurityDescriptor GenericAttributeType = "windows.security_descriptor"
|
||||||
|
|
||||||
// Generic Attributes for other OS types should be defined here.
|
// Generic Attributes for other OS types should be defined here.
|
||||||
)
|
)
|
||||||
|
|
||||||
// init is called when the package is initialized. Any new GenericAttributeTypes being created must be added here as well.
|
// init is called when the package is initialized. Any new GenericAttributeTypes being created must be added here as well.
|
||||||
func init() {
|
func init() {
|
||||||
storeGenericAttributeType(TypeCreationTime, TypeFileAttributes)
|
storeGenericAttributeType(TypeCreationTime, TypeFileAttributes, TypeSecurityDescriptor)
|
||||||
}
|
}
|
||||||
|
|
||||||
// genericAttributesForOS maintains a map of known genericAttributesForOS to the OSType
|
// genericAttributesForOS maintains a map of known genericAttributesForOS to the OSType
|
||||||
|
|
|
@ -23,6 +23,9 @@ type WindowsAttributes struct {
|
||||||
CreationTime *syscall.Filetime `generic:"creation_time"`
|
CreationTime *syscall.Filetime `generic:"creation_time"`
|
||||||
// FileAttributes is used for storing file attributes for windows files.
|
// FileAttributes is used for storing file attributes for windows files.
|
||||||
FileAttributes *uint32 `generic:"file_attributes"`
|
FileAttributes *uint32 `generic:"file_attributes"`
|
||||||
|
// SecurityDescriptor is used for storing security descriptors which includes
|
||||||
|
// owner, group, discretionary access control list (DACL), system access control list (SACL))
|
||||||
|
SecurityDescriptor *[]byte `generic:"security_descriptor"`
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -114,7 +117,7 @@ func (s statT) mtim() syscall.Timespec {
|
||||||
|
|
||||||
func (s statT) ctim() syscall.Timespec {
|
func (s statT) ctim() syscall.Timespec {
|
||||||
// Windows does not have the concept of a "change time" in the sense Unix uses it, so we're using the LastWriteTime here.
|
// Windows does not have the concept of a "change time" in the sense Unix uses it, so we're using the LastWriteTime here.
|
||||||
return syscall.NsecToTimespec(s.LastWriteTime.Nanoseconds())
|
return s.mtim()
|
||||||
}
|
}
|
||||||
|
|
||||||
// restoreGenericAttributes restores generic attributes for Windows
|
// restoreGenericAttributes restores generic attributes for Windows
|
||||||
|
@ -137,6 +140,11 @@ func (node Node) restoreGenericAttributes(path string, warn func(msg string)) (e
|
||||||
errs = append(errs, fmt.Errorf("error restoring file attributes for: %s : %v", path, err))
|
errs = append(errs, fmt.Errorf("error restoring file attributes for: %s : %v", path, err))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if windowsAttributes.SecurityDescriptor != nil {
|
||||||
|
if err := fs.SetSecurityDescriptor(path, windowsAttributes.SecurityDescriptor); err != nil {
|
||||||
|
errs = append(errs, fmt.Errorf("error restoring security descriptor for: %s : %v", path, err))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
HandleUnknownGenericAttributesFound(unknownAttribs, warn)
|
HandleUnknownGenericAttributesFound(unknownAttribs, warn)
|
||||||
return errors.CombineErrors(errs...)
|
return errors.CombineErrors(errs...)
|
||||||
|
@ -270,11 +278,18 @@ func (node *Node) fillGenericAttributes(path string, fi os.FileInfo, stat *statT
|
||||||
// Do not process file attributes and created time for windows directories like
|
// Do not process file attributes and created time for windows directories like
|
||||||
// C:, D:
|
// C:, D:
|
||||||
// Filepath.Clean(path) ends with '\' for Windows root drives only.
|
// Filepath.Clean(path) ends with '\' for Windows root drives only.
|
||||||
|
var sd *[]byte
|
||||||
|
if node.Type == "file" || node.Type == "dir" {
|
||||||
|
if sd, err = fs.GetSecurityDescriptor(path); err != nil {
|
||||||
|
return true, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Add Windows attributes
|
// Add Windows attributes
|
||||||
node.GenericAttributes, err = WindowsAttrsToGenericAttributes(WindowsAttributes{
|
node.GenericAttributes, err = WindowsAttrsToGenericAttributes(WindowsAttributes{
|
||||||
CreationTime: getCreationTime(fi, path),
|
CreationTime: getCreationTime(fi, path),
|
||||||
FileAttributes: &stat.FileAttributes,
|
FileAttributes: &stat.FileAttributes,
|
||||||
|
SecurityDescriptor: sd,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return true, err
|
return true, err
|
||||||
|
|
Loading…
Reference in New Issue