diff options
| author | Micah Anderson <micah@riseup.net> | 2006-06-09 17:27:21 +0000 | 
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2006-06-09 17:27:21 +0000 | 
| commit | 489e294c50b6cba7545a110d26edd43e6b6e55ea (patch) | |
| tree | fd541fac1e850d7d64384835caad5b501e34bb64 /src/backupninja.in | |
| parent | 8589faa7f04c8d29298da45ad17ffecacc4498cb (diff) | |
| download | backupninja-489e294c50b6cba7545a110d26edd43e6b6e55ea.tar.gz backupninja-489e294c50b6cba7545a110d26edd43e6b6e55ea.tar.bz2 | |
Added a slightly modified version of the anti-fascist patch (allows for
a configurable admingroup to be set, instead of forcing it to be root),
closes debian bug#370396
Diffstat (limited to 'src/backupninja.in')
| -rwxr-xr-x | src/backupninja.in | 44 | 
1 files changed, 33 insertions, 11 deletions
| diff --git a/src/backupninja.in b/src/backupninja.in index 2835a3c..57936da 100755 --- a/src/backupninja.in +++ b/src/backupninja.in @@ -130,17 +130,37 @@ function msg {  #  function check_perms() { -	local file=$1 -	local perms=`ls -ld $file` -	perms=${perms:4:6} -	if [ "$perms" != "------" ]; then -		echo "Configuration files must not be group or world writable/readable! Dying on file $file" -		fatal "Configuration files must not be group or world writable/readable! Dying on file $file" -	fi -	if [ `ls -ld $file | awk '{print $3}'` != "root" ]; then -		echo "Configuration files must be owned by root! Dying on file $file" -		fatal "Configuration files must be owned by root! Dying on file $file" -	fi +   local file=$1 +   local perms +   perms=($(stat -L --printf='%a %g %G %u %U' $file)) +   local gperm=${perms[0]:1:1} +   local wperm=${perms[0]:2:1} +   local gid=${perms[1]} +   local group=${perms[2]} +   local owner=${perms[3]} + +   if [ "$owner" != 0 ]; then +      echo "Configuration files must be owned by root! Dying on file $file" +      fatal "Configuration files must be owned by root! Dying on file $file" +   fi +    +   if [ $wperm -gt 0 ]; then +      echo "Configuration files must not be world writable/readable! Dying on file $file" +      fatal "Configuration files must not be world writable/readable! Dying on file $file" +   fi + +   if [ $gperm -gt 0 ]; then +      case "$admingroup" in +         $gid|$group) :;; + +         *) +           if [ "$gid" != 0 ]; then +              echo "Configuration files must writable/readable by group ${perms[2]}! Dying on file $file" +              fatal "Configuration files must writable/readable by group ${perms[2]}! Dying on file $file" +           fi +         ;; +         esac +   fi  }  # simple lowercase function @@ -423,6 +443,7 @@ getconf PGSQLDUMP /usr/bin/pg_dump  getconf PGSQLDUMPALL /usr/bin/pg_dumpall  getconf GZIP /bin/gzip  getconf RSYNC /usr/bin/rsync +getconf admingroup root  # initialize vservers support  # (get config variables and check real vservers availability) @@ -461,6 +482,7 @@ fi  for file in $files; do  	[ -f "$file" ] || continue +        check_perms ${file%/*} # check containing dir  	check_perms $file  	suffix="${file##*.}"  	base=`basename $file` | 
