X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fupstream%2Fbackupninja.git;a=blobdiff_plain;f=src%2Fbackupninja.in;h=16ac7a7dc5e5417ffeae1f64b23b427ea4a562f8;hp=68c7c430c06a1587f25af3f9f2218c9b30a1ac7f;hb=f07f4b873b5d4b0dbe18df8cd6078826b2a0afd1;hpb=4f344987a910c3d7fcd7e91f445f990bc6691312 diff --git a/src/backupninja.in b/src/backupninja.in index 68c7c43..16ac7a7 100755 --- a/src/backupninja.in +++ b/src/backupninja.in @@ -1,4 +1,6 @@ #!@BASH@ +# -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*- +# # |\_ # B A C K U P N I N J A /()/ # `\| @@ -128,17 +130,37 @@ function msg { # function check_perms() { - local file=$1 - local perms=`ls -ld $file` - perms=${perms:4:6} - if [ "$perms" != "------" ]; then - echo "Configuration files must not be group or world writable/readable! Dying on file $file" - fatal "Configuration files must not be group or world writable/readable! Dying on file $file" - fi - if [ `ls -ld $file | awk '{print $3}'` != "root" ]; then - echo "Configuration files must be owned by root! Dying on file $file" - fatal "Configuration files must be owned by root! Dying on file $file" - fi + local file=$1 + local perms + perms=($(stat -L --printf='%a %g %G %u %U' $file)) + local gperm=${perms[0]:1:1} + local wperm=${perms[0]:2:1} + local gid=${perms[1]} + local group=${perms[2]} + local owner=${perms[3]} + + if [ "$owner" != 0 ]; then + echo "Configuration files must be owned by root! Dying on file $file" + fatal "Configuration files must be owned by root! Dying on file $file" + fi + + if [ $wperm -gt 0 ]; then + echo "Configuration files must not be world writable/readable! Dying on file $file" + fatal "Configuration files must not be world writable/readable! Dying on file $file" + fi + + if [ $gperm -gt 0 ]; then + case "$admingroup" in + $gid|$group) :;; + + *) + if [ "$gid" != 0 ]; then + echo "Configuration files must writable/readable by group ${perms[2]}! Dying on file $file" + fatal "Configuration files must writable/readable by group ${perms[2]}! Dying on file $file" + fi + ;; + esac + fi } # simple lowercase function @@ -148,7 +170,7 @@ function tolower() { # simple to integer function function toint() { - echo "$1" | tr [:alpha:] -d + echo "$1" | tr -d [:alpha:] } # @@ -396,6 +418,7 @@ fi # include shared functions . $libdirectory/tools +. $libdirectory/vserver setfile $conffile @@ -420,10 +443,11 @@ getconf PGSQLDUMP /usr/bin/pg_dump getconf PGSQLDUMPALL /usr/bin/pg_dumpall getconf GZIP /bin/gzip getconf RSYNC /usr/bin/rsync -getconf vservers no -getconf VSERVERINFO /usr/sbin/vserver-info -getconf VSERVER /usr/sbin/vserver -getconf VROOTDIR `if [ -f "$VSERVERINFO" ]; then $VSERVERINFO info SYSINFO |grep vserver-Rootdir | awk '{print $2}'; fi` +getconf admingroup root + +# initialize vservers support +# (get config variables and check real vservers availability) +init_vservers nodialog if [ ! -d "$configdirectory" ]; then echo "Configuration directory '$configdirectory' not found." @@ -437,11 +461,6 @@ if [ "$UID" != "0" ]; then exit 1 fi -if [ "$vservers" == "yes" -a ! -d "$VROOTDIR" ]; then - echo "vservers option set in config, but $VROOTDIR is not a directory!" - fatal "vservers option set in config, but $VROOTDIR is not a directory!" -fi - ## Process each configuration file # by default, don't make files which are world or group readable. @@ -457,12 +476,17 @@ errormsg="" if [ "$singlerun" ]; then files=$singlerun else - files=`find $configdirectory -mindepth 1 ! -name '.*.swp' | sort -n` + files=`find -L $configdirectory -mindepth 1 -maxdepth 1 -type f ! -name '.*.swp' | sort -n` + + if [ -z "$files" ]; then + fatal "No backup actions configured in '$configdirectory', run ninjahelper!" + fi fi for file in $files; do [ -f "$file" ] || continue + check_perms ${file%/*} # check containing dir check_perms $file suffix="${file##*.}" base=`basename $file`