diff options
| author | intrigeri <intrigeri@boum.org> | 2006-10-08 00:42:47 +0000 |
|---|---|---|
| committer | intrigeri <intrigeri@boum.org> | 2006-10-08 00:42:47 +0000 |
| commit | 5eef842c2b297ded85d4f9e312f806f9c61153fb (patch) | |
| tree | cfdb7ceb2d34df85ca373a077cb70d184878cf55 | |
| parent | 2276e5df3f9aa0a653edced1acf3b2dd3b3b114e (diff) | |
| download | backupninja-5eef842c2b297ded85d4f9e312f806f9c61153fb.tar.gz backupninja-5eef842c2b297ded85d4f9e312f806f9c61153fb.tar.bz2 | |
fixed configuration files permission check
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rwxr-xr-x | src/backupninja.in | 28 |
2 files changed, 22 insertions, 10 deletions
@@ -1,4 +1,8 @@ version 0.9.5 -- unreleased + backupninja changes + . Fixed checks on configuration files permissions, since the patch + applied to fix #370396 broke this, especially for configuration files + created with permissions 000 by an older ninjahelper version. handler changes sys: . Fixed typo breaking things for VServers. diff --git a/src/backupninja.in b/src/backupninja.in index f0622bd..920d89e 100755 --- a/src/backupninja.in +++ b/src/backupninja.in @@ -131,32 +131,40 @@ function msg { function check_perms() { local file=$1 + debug "check_perms $file" local perms - perms=($(stat -L --format='%a %g %G %u %U' $file)) - local gperm=${perms[0]:1:1} - local wperm=${perms[0]:2:1} - local gid=${perms[1]} - local group=${perms[2]} - local owner=${perms[3]} + local owners + + perms=($(stat -L --format='%A' $file)) + debug "perms: $perms" + local gperm=${perms:4:3} + debug "gperm: $gperm" + local wperm=${perms:7:3} + debug "wperm: $wperm" + + owners=($(stat -L --format='%g %G %u %U' $file)) + local gid=${owners[0]} + local group=${owners[1]} + local owner=${owners[2]} if [ "$owner" != 0 ]; then echo "Configuration files must be owned by root! Dying on file $file" fatal "Configuration files must be owned by root! Dying on file $file" fi - if [ $wperm -gt 0 ]; then + if [ "$wperm" != '---' ]; then echo "Configuration files must not be world writable/readable! Dying on file $file" fatal "Configuration files must not be world writable/readable! Dying on file $file" fi - if [ $gperm -gt 0 ]; then + if [ "$gperm" != '---' ]; then case "$admingroup" in $gid|$group) :;; *) if [ "$gid" != 0 ]; then - echo "Configuration files must not be writable/readable by group ${perms[2]}! Dying on file $file" - fatal "Configuration files must not be writable/readable by group ${perms[2]}! Dying on file $file" + echo "Configuration files must not be writable/readable by group $group! Use the admingroup option in backupninja.conf. Dying on file $file" + fatal "Configuration files must not be writable/readable by group $group! Use the admingroup option in backupninja.conf. Dying on file $file" fi ;; esac |