Compare commits
7 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
83bac5876d | ||
|
|
bbd568260a | ||
|
|
63906d328f | ||
|
|
831d9ae9a2 | ||
|
|
8345eb3217 | ||
|
|
71886bee68 | ||
|
|
7a51d286f2 |
2 changed files with 37 additions and 5 deletions
18
btv
18
btv
|
|
@ -8,6 +8,7 @@ import datetime
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
import shlex
|
import shlex
|
||||||
|
import shutil
|
||||||
import sys
|
import sys
|
||||||
import time
|
import time
|
||||||
import socket
|
import socket
|
||||||
|
|
@ -198,9 +199,9 @@ def serialize(snap, outdir, key, snap_from=None):
|
||||||
## prepare directories
|
## prepare directories
|
||||||
##
|
##
|
||||||
if snap_from:
|
if snap_from:
|
||||||
name = "%s diff from %s" %(snap.name, snap_from.name)
|
name = "%s to %s" %(snap_from.name, snap.name)
|
||||||
else:
|
else:
|
||||||
name = "%s full" %(snap.name)
|
name = snap.name
|
||||||
|
|
||||||
directory = os.path.join(outdir, name)
|
directory = os.path.join(outdir, name)
|
||||||
os.makedirs(directory)
|
os.makedirs(directory)
|
||||||
|
|
@ -246,21 +247,28 @@ def serialize(snap, outdir, key, snap_from=None):
|
||||||
## final touches
|
## final touches
|
||||||
##
|
##
|
||||||
|
|
||||||
## add a self-check executable
|
## add self-check and unpack executables
|
||||||
with open(os.path.join(directory, "check-integrity.sh"), "w") as f:
|
with open(os.path.join(directory, "check-integrity.sh"), "w") as f:
|
||||||
f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n")
|
f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n")
|
||||||
os.chmod(f.name, 0o555)
|
os.chmod(f.name, 0o500)
|
||||||
|
|
||||||
|
unpack_path = os.path.join(directory, "unpack.sh")
|
||||||
|
shutil.copy("/usr/share/btv/unpack.sh", unpack_path)
|
||||||
|
os.chmod(unpack_path, 0o500)
|
||||||
|
|
||||||
## fix permissions and ownership of created objects
|
## fix permissions and ownership of created objects
|
||||||
outdir_stat = os.stat(outdir)
|
outdir_stat = os.stat(outdir)
|
||||||
os.chown(directory, outdir_stat.st_uid, outdir_stat.st_gid)
|
os.chown(directory, outdir_stat.st_uid, outdir_stat.st_gid)
|
||||||
|
os.chmod(directory, 0o700)
|
||||||
|
|
||||||
for file in os.listdir(directory):
|
for file in os.listdir(directory):
|
||||||
path = os.path.join(directory, file)
|
path = os.path.join(directory, file)
|
||||||
os.chown(path, outdir_stat.st_uid, outdir_stat.st_gid)
|
os.chown(path, outdir_stat.st_uid, outdir_stat.st_gid)
|
||||||
|
|
||||||
if path.endswith(".aes") or path.endswith(".sha512"):
|
if path.endswith(".aes") or path.endswith(".sha512"):
|
||||||
os.chmod(path, 0o100)
|
os.chmod(path, 0o400)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
|
|
|
||||||
24
unpack.sh
Normal file
24
unpack.sh
Normal file
|
|
@ -0,0 +1,24 @@
|
||||||
|
#! /bin/zsh
|
||||||
|
|
||||||
|
TIMESTAMP=($(basename "$(pwd)"))
|
||||||
|
OUTDIR="$1"
|
||||||
|
KEYFILE="$2"
|
||||||
|
|
||||||
|
function die {
|
||||||
|
>&2 echo "$2"
|
||||||
|
exit $1
|
||||||
|
}
|
||||||
|
|
||||||
|
[[ "$0" != "./unpack.sh" ]] && die 1 "This can only be executed from the snapshot directory itself."
|
||||||
|
[[ ! -d "$OUTDIR" ]] && die 1 "The first argument must be a directory to unpack subvolumes into."
|
||||||
|
[[ ! -f "$KEYFILE" ]] && die 1 "The second argument must be a readable keyfile."
|
||||||
|
./check-integrity.sh || die 2 "This snapshot failed integrity checks."
|
||||||
|
|
||||||
|
### end of checks
|
||||||
|
|
||||||
|
for ARCHIVE in *btrfs.zst.aes
|
||||||
|
do
|
||||||
|
openssl enc -d -aes-256-cbc -pbkdf2 -salt -pass "file:$KEYFILE" < "$ARCHIVE" | zstd -d | btrfs receive "$OUTDIR" || die 3 "Failed to unpack subvolume."
|
||||||
|
SUBVOL_NAME=${ARCHIVE%%.btrfs.zst.aes}
|
||||||
|
mv "${OUTDIR}/${SUBVOL_NAME}" "${OUTDIR}/${SUBVOL_NAME}.${TIMESTAMP[1]}" || die 4 "Failed to rename subvolume."
|
||||||
|
done
|
||||||
Loading…
Add table
Add a link
Reference in a new issue