aboutsummaryrefslogtreecommitdiff
path: root/handlers
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2005-08-20 15:37:57 +0000
committerintrigeri <intrigeri@boum.org>2005-08-20 15:37:57 +0000
commit6b6154879b591c79750b329f3ecce9a074de5cb3 (patch)
tree31d53c48c1d172bb423d7ce9f4420a2a730fb133 /handlers
parentbfe530dc59b9cec4a0cbdfdaafb5addb0e4484b2 (diff)
downloadbackupninja-6b6154879b591c79750b329f3ecce9a074de5cb3.tar.gz
backupninja-6b6154879b591c79750b329f3ecce9a074de5cb3.tar.bz2
Security fix: duplicity handler used to put the gpg passphase on the command line.
Diffstat (limited to 'handlers')
-rw-r--r--handlers/dup10
1 files changed, 5 insertions, 5 deletions
diff --git a/handlers/dup b/handlers/dup
index 22f915f..176ac3e 100644
--- a/handlers/dup
+++ b/handlers/dup
@@ -131,17 +131,17 @@ execstr=${execstr//\\*/\\\\\\*}
debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
if [ ! $test ]; then
+ export PASSPHRASE=$password
output=`nice -n $nicelevel \
su -c \
- "export PASSPHRASE=$password \
- && duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
+ "duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
code=$?
- if [ "$code" == "0" ]; then
+ if [ $code -eq 0 ]; then
debug $output
info "Duplicity finished successfully."
else
- warning $output
- warning "Duplicity failed."
+ debug $output
+ fatal "Duplicity failed."
fi
fi