Home Explore Help
Sign In
mirrors
/
borg
mirror of https://github.com/borgbackup/borg
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

deployment: synthesize alternative --restrict-to-path example

Marian Beermann 8 years ago
parent
cf1c73b4f9
commit
573cb616d3
2 changed files with 6 additions and 4 deletions
Split View Show Diff Stats
  1. 2 1
      borg/archiver.py
  2. 4 3
      docs/deployment.rst

+ 2 - 1
borg/archiver.py
View File 

@@ -1012,7 +1012,8 @@ class Archiver:
 
         subparser.set_defaults(func=self.do_serve)
 
         subparser.add_argument('--restrict-to-path', dest='restrict_to_paths', action='append',
 
                                metavar='PATH', help='restrict repository access to PATH. '
 
-                                                    'Can be specified multiple times to allow the client access to several directories.')
 
+                                                    'Can be specified multiple times to allow the client access to several directories. '
 
+                                                    'Access to all sub-directories is granted implicitly; PATH doesn\'t need to directly point to a repository.')
 
         subparser.add_argument('--append-only', dest='append_only', action='store_true',
 
                                help='only allow appending to repository segment files')
 
         init_epilog = textwrap.dedent("""

+ 4 - 3
docs/deployment.rst
View File 

@@ -55,9 +55,10 @@ Borg is instructed to restrict clients into their own paths:
 
 ``borg serve --restrict-to-path /home/backup/repos/<client fqdn>``
 
 
 The client will be able to access any file or subdirectory inside of ``/home/backup/repos/<client fqdn>``
 
-but no other directories.  You can allow a client to access several directories by passing multiple
 
-`--restrict-to-path` flags, for instance: ``borg serve --restrict-to-path /home/backup/repos/<client fqdn>/root --restrict-to-path /home/backup/repos/<client fqdn>/home``,
 
-or instead simply use `--restrict-to-path` once to restrict the client to ``/home/backup/repos/<client fqdn>/*``.
 
+but no other directories. You can allow a client to access several separate directories by passing multiple
 
+`--restrict-to-path` flags, for instance: ``borg serve --restrict-to-path /home/backup/repos/<client fqdn> --restrict-to-path /home/backup/repos/<other client fqdn>``,
 
+which could make sense if multiple machines belong to one person which should then have access to all the
 
+backups of their machines.
 
 
 There is only one ssh key per client allowed. Keys are added for ``johndoe.clnt.local``, ``web01.srv.local`` and
 
 ``app01.srv.local``. But they will access the backup under only one UNIX user account as: