Home Explore Help
Sign In
mirrors
/
borg
mirror of https://github.com/borgbackup/borg
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

init: explain manifest auth compatibility

# Conflicts:
#	src/borg/archiver.py
Marian Beermann 8 years ago
parent
d15fb241bd
commit
c7c8c0fb57
2 changed files with 16 additions and 4 deletions
Unified View Show Diff Stats
  1. 15 3
      src/borg/archiver.py
  2. 1 1
      src/borg/key.py

+ 15 - 3
src/borg/archiver.py
View File 

@@ -182,7 +182,8 @@ class Archiver:
 
     @with_repository(create=True, exclusive=True, manifest=False)
 
     @with_repository(create=True, exclusive=True, manifest=False)
 
     def do_init(self, args, repository):
 
     def do_init(self, args, repository):
 
         """Initialize an empty repository"""
 
         """Initialize an empty repository"""
 
-        logger.info('Initializing repository at "%s"' % args.location.canonical_path())
 
+        path = args.location.canonical_path()
 
+        logger.info('Initializing repository at "%s"' % path)
 
         try:
 
         try:
 
             key = key_creator(repository, args)
 
             key = key_creator(repository, args)
 
         except (EOFError, KeyboardInterrupt):
 
         except (EOFError, KeyboardInterrupt):
 
@@ -194,8 +195,19 @@ class Archiver:
 
         repository.commit()
 
         repository.commit()
 
         with Cache(repository, key, manifest, warn_if_unencrypted=False):
 
         with Cache(repository, key, manifest, warn_if_unencrypted=False):
 
             pass
 
             pass
 
-        tam_file = tam_required_file(repository)
 
-        open(tam_file, 'w').close()
 
+        if key.tam_required:
 
+            tam_file = tam_required_file(repository)
 
+            open(tam_file, 'w').close()
 
+            logger.warning(
 
+                '\n'
 
+                'By default repositories initialized with this version will produce security\n'
 
+                'errors if written to with an older version (up to and including Borg 1.0.8).\n'
 
+                '\n'
 
+                'If you want to use these older versions, you can disable the check by runnning:\n'
 
+                'borg upgrade --disable-tam \'%s\'\n'
 
+                '\n'
 
+                'See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability '
 
+                'for details about the security implications.', path)
 
         return self.exit_code
 
         return self.exit_code
 
 
 
     @with_repository(exclusive=True, manifest=False)
 
     @with_repository(exclusive=True, manifest=False)

+ 1 - 1
src/borg/key.py
View File 

@@ -63,7 +63,7 @@ class RepoKeyNotFoundError(Error):
 
 
 
 class TAMRequiredError(IntegrityError):
 
 class TAMRequiredError(IntegrityError):
 
     __doc__ = textwrap.dedent("""
 
     __doc__ = textwrap.dedent("""
 
-    Manifest is unauthenticated, but authentication is required for this repository.
 
+    Manifest is unauthenticated, but it is required for this repository.
 
 
 
     This either means that you are under attack, or that you modified this repository
 
     This either means that you are under attack, or that you modified this repository
 
     with a Borg version older than 1.0.9 after TAM authentication was enabled.
 
     with a Borg version older than 1.0.9 after TAM authentication was enabled.