From 71886bee68b11ff0433713087ecb4bc343146b9d Mon Sep 17 00:00:00 2001 From: Martin Sekera Date: Sun, 30 May 2021 23:53:47 +0200 Subject: [PATCH 1/6] chmod rank2 dir as well --- btv | 1 + 1 file changed, 1 insertion(+) diff --git a/btv b/btv index 1de3c82..1f9a5c1 100755 --- a/btv +++ b/btv @@ -254,6 +254,7 @@ def serialize(snap, outdir, key, snap_from=None): ## fix permissions and ownership of created objects outdir_stat = os.stat(outdir) os.chown(directory, outdir_stat.st_uid, outdir_stat.st_gid) + os.chmod(directory, 0o500) for file in os.listdir(directory): path = os.path.join(directory, file) From 8345eb3217f00633f8d80c9869cae4a1e117c545 Mon Sep 17 00:00:00 2001 From: Martin Sekera Date: Mon, 31 May 2021 12:08:53 +0200 Subject: [PATCH 2/6] chmod dirs rwx instead of r-x so they can be moved --- btv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/btv b/btv index 1f9a5c1..d2348b1 100755 --- a/btv +++ b/btv @@ -254,7 +254,7 @@ def serialize(snap, outdir, key, snap_from=None): ## fix permissions and ownership of created objects outdir_stat = os.stat(outdir) os.chown(directory, outdir_stat.st_uid, outdir_stat.st_gid) - os.chmod(directory, 0o500) + os.chmod(directory, 0o700) for file in os.listdir(directory): path = os.path.join(directory, file) From 831d9ae9a292df58cc240562675600e368eec1db Mon Sep 17 00:00:00 2001 From: Martin Sekera Date: Sun, 1 Aug 2021 09:36:19 +0200 Subject: [PATCH 3/6] add unpack script to every snapshot --- btv | 6 +++++- unpack.sh | 24 ++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 unpack.sh diff --git a/btv b/btv index d2348b1..5646eff 100755 --- a/btv +++ b/btv @@ -8,6 +8,7 @@ import datetime import json import os import shlex +import shutil import sys import time import socket @@ -246,11 +247,14 @@ def serialize(snap, outdir, key, snap_from=None): ## final touches ## - ## add a self-check executable + ## add self-check and unpack executables with open(os.path.join(directory, "check-integrity.sh"), "w") as f: f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n") os.chmod(f.name, 0o500) + shutil.copy("/usr/share/btv/unpack.sh", "unpack.sh") + os.chmod("unpack.sh", 0o500) + ## fix permissions and ownership of created objects outdir_stat = os.stat(outdir) os.chown(directory, outdir_stat.st_uid, outdir_stat.st_gid) diff --git a/unpack.sh b/unpack.sh new file mode 100644 index 0000000..f78a8ba --- /dev/null +++ b/unpack.sh @@ -0,0 +1,24 @@ +#! /bin/zsh + +TIMESTAMP=($(basename "$(pwd)")) +OUTDIR="$1" +KEYFILE="$2" + +function die { + >&2 echo "$2" + exit $1 +} + +[[ "$0" != "./unpack.sh" ]] && die 1 "This can only be executed from the snapshot directory itself." +[[ ! -d "$OUTDIR" ]] && die 1 "The first argument must be a directory to unpack subvolumes into." +[[ ! -f "$KEYFILE" ]] && die 1 "The second argument must be a readable keyfile." +./check-integrity.sh || die 2 "This snapshot failed integrity checks." + +### end of checks + +for ARCHIVE in *btrfs.zst.aes +do + openssl enc -d -aes-256-cbc -pbkdf2 -salt -pass "file:$KEYFILE" < "$ARCHIVE" | zstd -d | btrfs receive "$OUTDIR" || die 3 "Failed to unpack subvolume." + SUBVOL_NAME=${ARCHIVE%%.btrfs.zst.aes} + mv "${OUTDIR}/${SUBVOL_NAME}" "${OUTDIR}/${SUBVOL_NAME}.${TIMESTAMP[1]}" || die 4 "Failed to rename subvolume." +done From 63906d328f7f2c2f99d98b7d56ceee4d7a127a4f Mon Sep 17 00:00:00 2001 From: Martin Sekera Date: Sun, 1 Aug 2021 09:56:32 +0200 Subject: [PATCH 4/6] fix unpack.sh directory --- btv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/btv b/btv index 5646eff..85701d2 100755 --- a/btv +++ b/btv @@ -252,7 +252,7 @@ def serialize(snap, outdir, key, snap_from=None): f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n") os.chmod(f.name, 0o500) - shutil.copy("/usr/share/btv/unpack.sh", "unpack.sh") + shutil.copy("/usr/share/btv/unpack.sh", os.path.join(directory, "unpack.sh")) os.chmod("unpack.sh", 0o500) ## fix permissions and ownership of created objects From bbd568260aa6e5fd5ba91dea0032f55f1b523856 Mon Sep 17 00:00:00 2001 From: Martin Sekera Date: Sun, 1 Aug 2021 10:14:40 +0200 Subject: [PATCH 5/6] fix unpack.sh chmod --- btv | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/btv b/btv index 85701d2..fd3ea57 100755 --- a/btv +++ b/btv @@ -252,8 +252,9 @@ def serialize(snap, outdir, key, snap_from=None): f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n") os.chmod(f.name, 0o500) - shutil.copy("/usr/share/btv/unpack.sh", os.path.join(directory, "unpack.sh")) - os.chmod("unpack.sh", 0o500) + unpack_path = os.path.join(directory, "unpack.sh") + shutil.copy("/usr/share/btv/unpack.sh", unpack_path) + os.chmod(unpack_path, 0o500) ## fix permissions and ownership of created objects outdir_stat = os.stat(outdir) From 83bac5876dc98dc46f8b4c02c06f718d8521e45a Mon Sep 17 00:00:00 2001 From: Martin Sekera Date: Sun, 15 Jan 2023 18:53:52 +0100 Subject: [PATCH 6/6] simplify shapshot naming --- btv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/btv b/btv index fd3ea57..206c75c 100755 --- a/btv +++ b/btv @@ -199,9 +199,9 @@ def serialize(snap, outdir, key, snap_from=None): ## prepare directories ## if snap_from: - name = "%s diff from %s" %(snap.name, snap_from.name) + name = "%s to %s" %(snap_from.name, snap.name) else: - name = "%s full" %(snap.name) + name = snap.name directory = os.path.join(outdir, name) os.makedirs(directory)