From 61c06c5e1ae87914343312b956d5b289d568b71f Mon Sep 17 00:00:00 2001 From: Vinnie Okada Date: Sun, 15 Mar 2015 12:54:36 -0600 Subject: Change permissions on backup files Use more restrictive permissions for backup tar files and for the db, uploads, and repositories directories inside the tar files. --- lib/backup/manager.rb | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'lib/backup') diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb index ab8db4e9837..1a4f28d106d 100644 --- a/lib/backup/manager.rb +++ b/lib/backup/manager.rb @@ -11,22 +11,28 @@ module Backup s[:tar_version] = tar_version tar_file = "#{s[:backup_created_at].to_i}_gitlab_backup.tar" + orig_pwd = Dir.pwd Dir.chdir(Gitlab.config.backup.path) File.open("#{Gitlab.config.backup.path}/backup_information.yml", "w+") do |file| file << s.to_yaml.gsub(/^---\n/,'') end + FileUtils.chmod_R(0700, %w{db uploads repositories}) + # create archive $progress.print "Creating backup archive: #{tar_file} ... " + orig_umask = File.umask(0077) if Kernel.system('tar', '-cf', tar_file, *BACKUP_CONTENTS) $progress.puts "done".green else puts "creating archive #{tar_file} failed".red abort 'Backup failed' end + File.umask(orig_umask) upload(tar_file) + Dir.chdir(orig_pwd) end def upload(tar_file) @@ -51,11 +57,13 @@ module Backup def cleanup $progress.print "Deleting tmp directories ... " - if Kernel.system('rm', '-rf', *BACKUP_CONTENTS) - $progress.puts "done".green - else - puts "deleting tmp directory failed".red - abort 'Backup failed' + BACKUP_CONTENTS.each do |dir| + if FileUtils.rm_rf(File.join(Gitlab.config.backup.path, dir)) + $progress.puts "done".green + else + puts "deleting tmp directory '#{dir}' failed".red + abort 'Backup failed' + end end end -- cgit v1.2.1 From 06aafb73640da21a4277961c5c6da61496f0e8db Mon Sep 17 00:00:00 2001 From: Vinnie Okada Date: Thu, 19 Mar 2015 19:24:57 -0600 Subject: Call chdir() with a block --- lib/backup/manager.rb | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) (limited to 'lib/backup') diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb index 1a4f28d106d..c6087830b40 100644 --- a/lib/backup/manager.rb +++ b/lib/backup/manager.rb @@ -11,28 +11,27 @@ module Backup s[:tar_version] = tar_version tar_file = "#{s[:backup_created_at].to_i}_gitlab_backup.tar" - orig_pwd = Dir.pwd - Dir.chdir(Gitlab.config.backup.path) + Dir.chdir(Gitlab.config.backup.path) do + File.open("#{Gitlab.config.backup.path}/backup_information.yml", + "w+") do |file| + file << s.to_yaml.gsub(/^---\n/,'') + end - File.open("#{Gitlab.config.backup.path}/backup_information.yml", "w+") do |file| - file << s.to_yaml.gsub(/^---\n/,'') - end + FileUtils.chmod_R(0700, %w{db uploads repositories}) - FileUtils.chmod_R(0700, %w{db uploads repositories}) + # create archive + $progress.print "Creating backup archive: #{tar_file} ... " + orig_umask = File.umask(0077) + if Kernel.system('tar', '-cf', tar_file, *BACKUP_CONTENTS) + $progress.puts "done".green + else + puts "creating archive #{tar_file} failed".red + abort 'Backup failed' + end + File.umask(orig_umask) - # create archive - $progress.print "Creating backup archive: #{tar_file} ... " - orig_umask = File.umask(0077) - if Kernel.system('tar', '-cf', tar_file, *BACKUP_CONTENTS) - $progress.puts "done".green - else - puts "creating archive #{tar_file} failed".red - abort 'Backup failed' + upload(tar_file) end - File.umask(orig_umask) - - upload(tar_file) - Dir.chdir(orig_pwd) end def upload(tar_file) -- cgit v1.2.1