From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 419153571b7b34d7e345592c9ed55f22a9f54978
Date: Fri, 04 Mar 2022 10:42:16 +0000 [thread overview]
Message-ID: <4K94DT1wJXz2xks@people01.haj.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 8827 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 419153571b7b34d7e345592c9ed55f22a9f54978 (commit)
via e5ad6e2ab1c03961ab4e8e26e93e0bf69aa8e4b2 (commit)
via 026935a1375551f833997a95f63898112527a0f8 (commit)
via 270d572504cba639659037d20e720fffa64f0f0f (commit)
from a735dad621128b7057a03d805deb8aa049ae7f21 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 419153571b7b34d7e345592c9ed55f22a9f54978
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Mar 4 10:41:30 2022 +0000
backup: Make include/exclude files relative
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e5ad6e2ab1c03961ab4e8e26e93e0bf69aa8e4b2
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Mar 4 10:29:23 2022 +0000
backup: Don't restore excluded files
Sometimes, we restore a backup that has been created earlier before
exclude files have been changed. To avoid overwriting those files, we
will consider the exlude list upon restore.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 026935a1375551f833997a95f63898112527a0f8
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Mar 4 10:27:01 2022 +0000
backup: Exclude oinkmaster.conf
This file is a system configuration file and does not contain any
configruation from the user.
Since it can be overwritten in a backup and restored to an older state,
this can cause problems such as #12788.
Fixes: #12788
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 270d572504cba639659037d20e720fffa64f0f0f
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Mar 4 10:18:25 2022 +0000
backup: Abort when the backup could not be extracted
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/backup/backup.pl | 18 +++++--
config/backup/exclude | 17 ++++---
config/backup/include | 126 ++++++++++++++++++++++++------------------------
src/installer/hw.c | 4 +-
4 files changed, 89 insertions(+), 76 deletions(-)
Difference in files:
diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index 63004491c..a2337cf23 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -39,7 +39,7 @@ process_includes() {
local file
while read -r file; do
for file in ${file}; do
- if [ -e "${file}" ]; then
+ if [ -e "/${file}" ]; then
echo "${file}"
fi
done
@@ -58,7 +58,7 @@ make_backup() {
done
# Backup using global exclude/include definitions
- tar cvfz "${filename}" \
+ tar cvfz "${filename}" -C / \
--exclude-from="/var/ipfire/backup/exclude" \
--exclude-from="/var/ipfire/backup/exclude.user" \
$(process_includes "/var/ipfire/backup/include") \
@@ -71,7 +71,13 @@ make_backup() {
restore_backup() {
local filename="${1}"
- tar xvzpf "${filename}" -C /
+ # Extract backup
+ if ! tar xvzpf "${filename}" -C / \
+ --exclude-from="/var/ipfire/backup/exclude" \
+ --exclude-from="/var/ipfire/backup/exclude.user"; then
+ echo "Could not extract backup" >&2
+ return 1
+ fi
# Restart syslogd, httpd and suricata in case we've just loaded old logs
apachectl -k graceful
@@ -202,7 +208,11 @@ restore_addon_backup() {
mv "/tmp/${name}.ipf" "/var/ipfire/backup/addons/backup/${name}.ipf"
fi
- tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C /
+ # Extract backup
+ if ! tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C /; then
+ echo "Could not extract backup" >&2
+ return 1
+ fi
}
main() {
diff --git a/config/backup/exclude b/config/backup/exclude
index 68c37de48..0131a87fd 100644
--- a/config/backup/exclude
+++ b/config/backup/exclude
@@ -1,9 +1,10 @@
-/etc/sysconfig/lm_sensors
-/etc/unbound/unbound.conf
+etc/sysconfig/lm_sensors
+etc/unbound/unbound.conf
*.tmp
-/var/ipfire/ethernet/settings
-/var/ipfire/firewall/bin/*
-/var/ipfire/ovpn/openssl/*
-/var/ipfire/proxy/calamaris/bin/*
-/var/ipfire/qos/bin/qos.pl
-/var/ipfire/urlfilter/blacklists/*/*.db
+var/ipfire/ethernet/settings
+var/ipfire/firewall/bin/*
+var/ipfire/ovpn/openssl/*
+var/ipfire/proxy/calamaris/bin/*
+var/ipfire/qos/bin/qos.pl
+var/ipfire/suricata/oinkmaster.conf
+var/ipfire/urlfilter/blacklists/*/*.db
diff --git a/config/backup/include b/config/backup/include
index 3b96b1d62..809a49601 100644
--- a/config/backup/include
+++ b/config/backup/include
@@ -1,63 +1,63 @@
-/etc/conntrackd/conntrackd.conf
-/etc/group
-/etc/hosts*
-/etc/httpd/server.crt
-/etc/httpd/server.csr
-/etc/httpd/server-ecdsa.crt
-/etc/httpd/server-ecdsa.csr
-/etc/httpd/server-ecdsa.key
-/etc/httpd/server.key
-/etc/ipsec.user.*
-/etc/ipsec.user-post.conf
-/etc/logrotate.d
-/etc/passwd
-/etc/shadow
-/etc/ssh/sshd_config
-/etc/ssh/ssh_host*
-/etc/squid/squid.conf.local
-/etc/squid/squid.conf.pre.local
-/etc/sysconfig/*
-/etc/sysconfig/firewall.local
-/etc/sysconfig/rc.local
-/etc/unbound
-/root/.bash_history
-/root/.gitconfig
-/root/.ssh
-/var/ipfire/auth/users
-/var/ipfire/backup/addons/backup
-/var/ipfire/backup/exclude.user
-/var/ipfire/backup/include.user
-/var/ipfire/captive/*
-/var/ipfire/*/*.conf
-/var/ipfire/*/config
-/var/ipfire/dhcp/*
-/var/ipfire/dns
-/var/ipfire/dnsforward/*
-/var/ipfire/*/enable
-/var/ipfire/*/*enable*
-/var/ipfire/ethernet/aliases
-/var/ipfire/ethernet/wireless
-/var/ipfire/firewall
-/var/ipfire/fwhosts
-/var/ipfire/main/*
-/var/ipfire/ovpn
-/var/ipfire/ovpn/collectd.vpn
-/var/ipfire/*/*.pem
-/var/ipfire/ppp
-/var/ipfire/proxy
-/var/ipfire/qos/*
-/var/ipfire/qos/bin/qos.sh
-/var/ipfire/suricata/*.conf
-/var/ipfire/suricata/*.yaml
-/var/ipfire/suricata/providers-settings
-/var/ipfire/*/settings
-/var/ipfire/time/
-/var/ipfire/urlfilter
-/var/ipfire/vpn
-/var/lib/suricata
-/var/log/ip-acct/*
-/var/log/rrd/*
-/var/log/rrd/collectd
-/var/log/vnstat
-/var/tmp/idsrules-*.tar.gz
-/var/tmp/idsrules-*.rules
+etc/conntrackd/conntrackd.conf
+etc/group
+etc/hosts*
+etc/httpd/server.crt
+etc/httpd/server.csr
+etc/httpd/server-ecdsa.crt
+etc/httpd/server-ecdsa.csr
+etc/httpd/server-ecdsa.key
+etc/httpd/server.key
+etc/ipsec.user.*
+etc/ipsec.user-post.conf
+etc/logrotate.d
+etc/passwd
+etc/shadow
+etc/ssh/sshd_config
+etc/ssh/ssh_host*
+etc/squid/squid.conf.local
+etc/squid/squid.conf.pre.local
+etc/sysconfig/*
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/unbound
+root/.bash_history
+root/.gitconfig
+root/.ssh
+var/ipfire/auth/users
+var/ipfire/backup/addons/backup
+var/ipfire/backup/exclude.user
+var/ipfire/backup/include.user
+var/ipfire/captive/*
+var/ipfire/*/*.conf
+var/ipfire/*/config
+var/ipfire/dhcp/*
+var/ipfire/dns
+var/ipfire/dnsforward/*
+var/ipfire/*/enable
+var/ipfire/*/*enable*
+var/ipfire/ethernet/aliases
+var/ipfire/ethernet/wireless
+var/ipfire/firewall
+var/ipfire/fwhosts
+var/ipfire/main/*
+var/ipfire/ovpn
+var/ipfire/ovpn/collectd.vpn
+var/ipfire/*/*.pem
+var/ipfire/ppp
+var/ipfire/proxy
+var/ipfire/qos/*
+var/ipfire/qos/bin/qos.sh
+var/ipfire/suricata/*.conf
+var/ipfire/suricata/*.yaml
+var/ipfire/suricata/providers-settings
+var/ipfire/*/settings
+var/ipfire/time/
+var/ipfire/urlfilter
+var/ipfire/vpn
+var/lib/suricata
+var/log/ip-acct/*
+var/log/rrd/*
+var/log/rrd/collectd
+var/log/vnstat
+var/tmp/idsrules-*.tar.gz
+var/tmp/idsrules-*.rules
diff --git a/src/installer/hw.c b/src/installer/hw.c
index 17e0bbb01..5cba2a261 100644
--- a/src/installer/hw.c
+++ b/src/installer/hw.c
@@ -1204,7 +1204,9 @@ char* hw_find_backup_file(const char* output, const char* search_path) {
int hw_restore_backup(const char* output, const char* backup_path, const char* destination) {
char command[STRING_SIZE];
- snprintf(command, sizeof(command), "/bin/tar xzpf %s -C %s", backup_path, destination);
+ snprintf(command, sizeof(command), "/bin/tar xzpf %s -C %s "
+ "--exclude-from=%s/var/ipfire/backup/exclude --exclude-from=%s/var/ipfire/backup/exclude.user",
+ backup_path, destination, destination, destination);
int rc = mysystem(output, command);
if (rc)
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2022-03-04 10:42 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4K94DT1wJXz2xks@people01.haj.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox