From bb50b7fcd0161a7b9f0f87cb395e355a87a9dd17 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Mon, 6 Jul 2015 18:43:17 +0200 Subject: Allow custom backup archive permissions This change helps system administrators who want to replicate GitLab backup files without needing root permissions. --- lib/backup/manager.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/backup') diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb index 6fa2079d1a8..5103b265ed4 100644 --- a/lib/backup/manager.rb +++ b/lib/backup/manager.rb @@ -20,14 +20,14 @@ module Backup # create archive $progress.print "Creating backup archive: #{tar_file} ... " - orig_umask = File.umask(0077) - if Kernel.system('tar', '-cf', tar_file, *backup_contents) + # Set file permissions on open to prevent chmod races. + tar_system_options = {out: [tar_file, 'w', Gitlab.config.backup.archive_permissions]} + if Kernel.system('tar', '-cf', '-', *backup_contents, tar_system_options) $progress.puts "done".green else puts "creating archive #{tar_file} failed".red abort 'Backup failed' end - File.umask(orig_umask) upload(tar_file) end -- cgit v1.2.1 From c5aae3077335ab0eaafb73f51548d4c85413a1d1 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Wed, 29 Jul 2015 11:18:55 +0200 Subject: Set internal backup directory modes on create This sidesteps problems with running 'chmod' on some CIFS mounts. --- lib/backup/database.rb | 2 +- lib/backup/manager.rb | 2 -- lib/backup/repository.rb | 2 +- lib/backup/uploads.rb | 2 +- 4 files changed, 3 insertions(+), 5 deletions(-) (limited to 'lib/backup') diff --git a/lib/backup/database.rb b/lib/backup/database.rb index c5a5396cbbf..8450019980f 100644 --- a/lib/backup/database.rb +++ b/lib/backup/database.rb @@ -7,7 +7,7 @@ module Backup def initialize @config = YAML.load_file(File.join(Rails.root,'config','database.yml'))[Rails.env] @db_dir = File.join(Gitlab.config.backup.path, 'db') - FileUtils.mkdir_p(@db_dir) unless Dir.exists?(@db_dir) + FileUtils.mkdir_p(@db_dir, mode: 0700)unless Dir.exists?(@db_dir) end def dump diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb index 6fa2079d1a8..9ae4b346436 100644 --- a/lib/backup/manager.rb +++ b/lib/backup/manager.rb @@ -16,8 +16,6 @@ module Backup file << s.to_yaml.gsub(/^---\n/,'') end - FileUtils.chmod(0700, folders_to_backup) - # create archive $progress.print "Creating backup archive: #{tar_file} ... " orig_umask = File.umask(0077) diff --git a/lib/backup/repository.rb b/lib/backup/repository.rb index dfb2da9f84e..36d43d62982 100644 --- a/lib/backup/repository.rb +++ b/lib/backup/repository.rb @@ -130,7 +130,7 @@ module Backup def prepare FileUtils.rm_rf(backup_repos_path) - FileUtils.mkdir_p(backup_repos_path) + FileUtils.mkdir_p(backup_repos_path, mode: 0700) end def silent diff --git a/lib/backup/uploads.rb b/lib/backup/uploads.rb index bf43610acf6..ed445f79084 100644 --- a/lib/backup/uploads.rb +++ b/lib/backup/uploads.rb @@ -10,7 +10,7 @@ module Backup # Copy uploads from public/uploads to backup/uploads def dump - FileUtils.mkdir_p(backup_uploads_dir) + FileUtils.mkdir_p(backup_uploads_dir, mode: 0700) FileUtils.cp_r(app_uploads_dir, backup_dir) end -- cgit v1.2.1 From baa157926d432f404a41c31ad6514ff8d5366269 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Thu, 30 Jul 2015 10:17:34 +0200 Subject: Stricter mkdir's in 'rake gitlab:backup:create' --- lib/backup/database.rb | 7 +++++-- lib/backup/repository.rb | 5 ++++- lib/backup/uploads.rb | 6 +++++- 3 files changed, 14 insertions(+), 4 deletions(-) (limited to 'lib/backup') diff --git a/lib/backup/database.rb b/lib/backup/database.rb index 8450019980f..bbb230a10f0 100644 --- a/lib/backup/database.rb +++ b/lib/backup/database.rb @@ -7,7 +7,11 @@ module Backup def initialize @config = YAML.load_file(File.join(Rails.root,'config','database.yml'))[Rails.env] @db_dir = File.join(Gitlab.config.backup.path, 'db') - FileUtils.mkdir_p(@db_dir, mode: 0700)unless Dir.exists?(@db_dir) + FileUtils.rm_rf(@db_dir) + # Ensure the parent dir of @db_dir exists + FileUtils.mkdir_p(Gitlab.config.backup.path) + # Fail if somebody raced to create @db_dir before us + FileUtils.mkdir(@db_dir, mode: 0700) end def dump @@ -25,7 +29,6 @@ module Backup abort 'Backup failed' unless success $progress.print 'Compressing database ... ' - FileUtils.rm_f db_file_name_gz success = system('gzip', db_file_name) report_success(success) abort 'Backup failed: compress error' unless success diff --git a/lib/backup/repository.rb b/lib/backup/repository.rb index 36d43d62982..4d70f7883dd 100644 --- a/lib/backup/repository.rb +++ b/lib/backup/repository.rb @@ -130,7 +130,10 @@ module Backup def prepare FileUtils.rm_rf(backup_repos_path) - FileUtils.mkdir_p(backup_repos_path, mode: 0700) + # Ensure the parent dir of backup_repos_path exists + FileUtils.mkdir_p(Gitlab.config.backup.path) + # Fail if somebody raced to create backup_repos_path before us + FileUtils.mkdir(backup_repos_path, mode: 0700) end def silent diff --git a/lib/backup/uploads.rb b/lib/backup/uploads.rb index ed445f79084..1f9626644e6 100644 --- a/lib/backup/uploads.rb +++ b/lib/backup/uploads.rb @@ -10,7 +10,11 @@ module Backup # Copy uploads from public/uploads to backup/uploads def dump - FileUtils.mkdir_p(backup_uploads_dir, mode: 0700) + FileUtils.rm_rf(backup_uploads_dir) + # Ensure the parent dir of backup_uploads_dir exists + FileUtils.mkdir_p(Gitlab.config.backup.path) + # Fail if somebody raced to create backup_uploads_dir before us + FileUtils.mkdir(backup_uploads_dir, mode: 0700) FileUtils.cp_r(app_uploads_dir, backup_dir) end -- cgit v1.2.1