summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDmitriy Zaporozhets <dzaporozhets@gitlab.com>2015-03-17 02:13:44 +0000
committerDmitriy Zaporozhets <dzaporozhets@gitlab.com>2015-03-17 02:13:44 +0000
commitc42262b43b009af990e5769840391862d64a1c2d (patch)
tree9c6a6c89ddc662cc72c87bb6d984c31f1c394dba /lib
parentc6586b1283a94c8f08bc669f4d8a9384b263073e (diff)
parent8587a2937020eca2fda3efbcf31862697e7f5b3f (diff)
downloadgitlab-ce-c42262b43b009af990e5769840391862d64a1c2d.tar.gz
Merge branch 'backup-permissions' into 'master'
Change permissions on backup files Use more restrictive permissions for backup tar files and for the db, uploads, and repositories directories inside the tar files. See #1894. Now the backup task recursively `chmod`s the `db/`, `uploads/`, and `repositories/` folders with 0700 permissions, and the tar file is created as 0600. cc @sytse See merge request !1703
Diffstat (limited to 'lib')
-rw-r--r--lib/backup/manager.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb
index ab8db4e9837..b499e5755bd 100644
--- a/lib/backup/manager.rb
+++ b/lib/backup/manager.rb
@@ -17,14 +17,18 @@ module Backup
file << s.to_yaml.gsub(/^---\n/,'')
end
+ FileUtils.chmod_R(0700, %w{db uploads repositories})
+
# create archive
$progress.print "Creating backup archive: #{tar_file} ... "
+ orig_umask = File.umask(0077)
if Kernel.system('tar', '-cf', tar_file, *BACKUP_CONTENTS)
$progress.puts "done".green
else
puts "creating archive #{tar_file} failed".red
abort 'Backup failed'
end
+ File.umask(orig_umask)
upload(tar_file)
end
View Lorry Controller Status