aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--AUTHORS1
-rw-r--r--ChangeLog5
-rw-r--r--etc/backupninja.conf.in4
-rwxr-xr-xsrc/backupninja.in44
4 files changed, 43 insertions, 11 deletions
diff --git a/AUTHORS b/AUTHORS
index 4181b73..8b615d1 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -15,3 +15,4 @@ cmccallum@thecsl.org
Daniel.Bonniot@inria.fr
Brad Fritz <brad@fritzfam.com> -- trac patch
garcondumonde@riseup.net
+Martin Krafft madduck@debian.org -- admingroup patch \ No newline at end of file
diff --git a/ChangeLog b/ChangeLog
index 07430ce..b1e9fd7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@ version 0.9.4 -- unreleased
. Fixed bug in toint(), and thus isnow(), which caused it
to not work when run from cron.
. Recursively ignore subdirs in /etc/backup.d (Closes: #361102)
+ . Add admingroup option to configuration to allow a group that can
+ read/write configurations (instead of only allowing root). Checks
+ and complains about group-readable files only when the group differs
+ from the one in the configuration file (default is root as before).
+ Thanks to Martin Krafft for the patch (Closes: #370396).
handler changes
Added tar handler
mysql:
diff --git a/etc/backupninja.conf.in b/etc/backupninja.conf.in
index 362eb59..10ac2bb 100644
--- a/etc/backupninja.conf.in
+++ b/etc/backupninja.conf.in
@@ -25,6 +25,10 @@ reportsuccess = yes
# even if there was no error. (default = yes)
reportwarning = yes
+# set to the administration group that is allowed to
+# read/write configuration files in /etc/backup.d
+admingroup = root
+
#######################################################
# for most installations, the defaults below are good #
#######################################################
diff --git a/src/backupninja.in b/src/backupninja.in
index 2835a3c..57936da 100755
--- a/src/backupninja.in
+++ b/src/backupninja.in
@@ -130,17 +130,37 @@ function msg {
#
function check_perms() {
- local file=$1
- local perms=`ls -ld $file`
- perms=${perms:4:6}
- if [ "$perms" != "------" ]; then
- echo "Configuration files must not be group or world writable/readable! Dying on file $file"
- fatal "Configuration files must not be group or world writable/readable! Dying on file $file"
- fi
- if [ `ls -ld $file | awk '{print $3}'` != "root" ]; then
- echo "Configuration files must be owned by root! Dying on file $file"
- fatal "Configuration files must be owned by root! Dying on file $file"
- fi
+ local file=$1
+ local perms
+ perms=($(stat -L --printf='%a %g %G %u %U' $file))
+ local gperm=${perms[0]:1:1}
+ local wperm=${perms[0]:2:1}
+ local gid=${perms[1]}
+ local group=${perms[2]}
+ local owner=${perms[3]}
+
+ if [ "$owner" != 0 ]; then
+ echo "Configuration files must be owned by root! Dying on file $file"
+ fatal "Configuration files must be owned by root! Dying on file $file"
+ fi
+
+ if [ $wperm -gt 0 ]; then
+ echo "Configuration files must not be world writable/readable! Dying on file $file"
+ fatal "Configuration files must not be world writable/readable! Dying on file $file"
+ fi
+
+ if [ $gperm -gt 0 ]; then
+ case "$admingroup" in
+ $gid|$group) :;;
+
+ *)
+ if [ "$gid" != 0 ]; then
+ echo "Configuration files must writable/readable by group ${perms[2]}! Dying on file $file"
+ fatal "Configuration files must writable/readable by group ${perms[2]}! Dying on file $file"
+ fi
+ ;;
+ esac
+ fi
}
# simple lowercase function
@@ -423,6 +443,7 @@ getconf PGSQLDUMP /usr/bin/pg_dump
getconf PGSQLDUMPALL /usr/bin/pg_dumpall
getconf GZIP /bin/gzip
getconf RSYNC /usr/bin/rsync
+getconf admingroup root
# initialize vservers support
# (get config variables and check real vservers availability)
@@ -461,6 +482,7 @@ fi
for file in $files; do
[ -f "$file" ] || continue
+ check_perms ${file%/*} # check containing dir
check_perms $file
suffix="${file##*.}"
base=`basename $file`