projects
/
matthijs
/
upstream
/
backupninja-vserver.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Security fix: duplicity handler used to put the gpg passphase on the command line.
[matthijs/upstream/backupninja-vserver.git]
/
handlers
/
dup
diff --git
a/handlers/dup
b/handlers/dup
index 3b4d0323947d4e84775e262a6b1a189c98b95915..176ac3eae8e5c3066371d07fd4a2086d42b5e9e2 100644
(file)
--- a/
handlers/dup
+++ b/
handlers/dup
@@
-39,7
+39,7
@@
if [ "$vservers" == "yes" ]; then
[ -d "$VROOTDIR" ] || fatal "vservers enabled, but $VROOTDIR does not exist!"
if [ "$vsnames" == "all" ]; then
vsnames=""
[ -d "$VROOTDIR" ] || fatal "vservers enabled, but $VROOTDIR does not exist!"
if [ "$vsnames" == "all" ]; then
vsnames=""
- for vserver in `ls $VROOTDIR | grep -
v lost+found | grep -v ARCHIVES
`; do
+ for vserver in `ls $VROOTDIR | grep -
E -v "lost+found|ARCHIVES"
`; do
vsnames="$vserver $vsnames"
done
else
vsnames="$vserver $vsnames"
done
else
@@
-62,7
+62,7
@@
fi
if [ "$testconnect" == "yes" ]; then
debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
if [ ! $test ]; then
if [ "$testconnect" == "yes" ]; then
debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
if [ ! $test ]; then
- result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'
2>&1
`
+ result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'`
if [ "$result" != "1" ]; then
fatal "Can't connect to $desthost as $destuser."
else
if [ "$result" != "1" ]; then
fatal "Can't connect to $desthost as $destuser."
else
@@
-131,17
+131,17
@@
execstr=${execstr//\\*/\\\\\\*}
debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
if [ ! $test ]; then
debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
if [ ! $test ]; then
+ export PASSPHRASE=$password
output=`nice -n $nicelevel \
su -c \
output=`nice -n $nicelevel \
su -c \
- "export PASSPHRASE=$password \
- && duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
+ "duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
code=$?
code=$?
- if [
"$code" == "0"
]; then
+ if [
$code -eq 0
]; then
debug $output
info "Duplicity finished successfully."
else
debug $output
info "Duplicity finished successfully."
else
-
warnin
g $output
-
warning
"Duplicity failed."
+
debu
g $output
+
fatal
"Duplicity failed."
fi
fi
fi
fi