Security fix: duplicity handler used to put the gpg passphase on the command line.

[matthijs/upstream/backupninja.git] / etc / backup.d / example.dup

diff --git a/etc/backup.d/example.dup b/etc/backup.d/example.dup
index 5dfd3a2b928cc1d800ba1d879363baa019b9c7bf..cd64dd5b6452deb537be5062273a74b74cc6f58e 100644 (file)
--- a/etc/backup.d/example.dup
+++ b/etc/backup.d/example.dup
@@ -15,7 +15,8 @@ nicelevel = 19
 [gpg]
 
 # passphrase needed to unlock the GnuPG key
-password = "a_very_complicated_passphrase"
+# NB: do not quote it, and it should not contain any quote
+password = a_very_complicated_passphrase
 
 # default is no, for backward compatibility with backupninja <= 0.5.
 # when set to yes, encryptkey option must be set below.
@@ -58,6 +59,18 @@ include = /usr/local/sbin
 include = /var/lib/dpkg/status
 include = /var/lib/dpkg/status-old
 
+# If vservers = yes in /etc/backupninja.conf then the following variables can
+# be used:
+# vsnames = all | <vserver1> <vserver2> ... (default = all)
+# vsinclude = <path>
+# Any path specified in vsinclude is added to the include list for each vserver
+# listed in vsnames (or all if vsnames = all).
+# E.g. vsinclude = /home will backup the /home partition in every vserver
+# listed in vsnames. If you have vsnames = "foo bar baz", this vsinclude will
+# add to the include list /vservers/foo/home, /vservers/bar/home and
+# /vservers/baz/home.
+# Vservers paths are derived from $VROOTDIR.
+
 # rdiff-backup specific comment, TO ADAPT
 # files to exclude from the backup
 # (supports globbing with '*')