Home Verkennen Help
Inloggen
mirrors
/
borg
spiegel van https://github.com/borgbackup/borg
2
0
Vork 0
Bestanden Issues 0 Wiki
Bladeren bron

init: explain manifest auth compatibility

Marian Beermann 8 jaren geleden
bovenliggende
1c55930840
commit
ec4f42c9f8
2 gewijzigde bestanden met toevoegingen van 16 en 4 verwijderingen
Gecombineerde weergave Toon Diff Stats
  1. 15 3
      borg/archiver.py
  2. 1 1
      borg/key.py

+ 15 - 3
borg/archiver.py
Bestand weergeven 

@@ -127,7 +127,8 @@ class Archiver:
 
     @with_repository(create=True, exclusive=True, manifest=False)
 
     @with_repository(create=True, exclusive=True, manifest=False)
 
     def do_init(self, args, repository):
 
     def do_init(self, args, repository):
 
         """Initialize an empty repository"""
 
         """Initialize an empty repository"""
 
-        logger.info('Initializing repository at "%s"' % args.location.canonical_path())
 
+        path = args.location.canonical_path()
 
+        logger.info('Initializing repository at "%s"' % path)
 
         key = key_creator(repository, args)
 
         key = key_creator(repository, args)
 
         manifest = Manifest(key, repository)
 
         manifest = Manifest(key, repository)
 
         manifest.key = key
 
         manifest.key = key
 
@@ -135,8 +136,19 @@ class Archiver:
 
         repository.commit()
 
         repository.commit()
 
         with Cache(repository, key, manifest, warn_if_unencrypted=False):
 
         with Cache(repository, key, manifest, warn_if_unencrypted=False):
 
             pass
 
             pass
 
-        tam_file = tam_required_file(repository)
 
-        open(tam_file, 'w').close()
 
+        if key.tam_required:
 
+            tam_file = tam_required_file(repository)
 
+            open(tam_file, 'w').close()
 
+            logger.warning(
 
+                '\n'
 
+                'By default repositories initialized with this version will produce security\n'
 
+                'errors if written to with an older version (up to and including Borg 1.0.8).\n'
 
+                '\n'
 
+                'If you want to use these older versions, you can disable the check by runnning:\n'
 
+                'borg upgrade --disable-tam \'%s\'\n'
 
+                '\n'
 
+                'See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability '
 
+                'for details about the security implications.', path)
 
         return self.exit_code
 
         return self.exit_code
 
 
 
     @with_repository(exclusive=True, manifest=False)
 
     @with_repository(exclusive=True, manifest=False)

+ 1 - 1
borg/key.py
Bestand weergeven 

@@ -46,7 +46,7 @@ class RepoKeyNotFoundError(Error):
 
 
 
 class TAMRequiredError(IntegrityError):
 
 class TAMRequiredError(IntegrityError):
 
     __doc__ = textwrap.dedent("""
 
     __doc__ = textwrap.dedent("""
 
-    Manifest is unauthenticated, but authentication is required for this repository.
 
+    Manifest is unauthenticated, but it is required for this repository.
 
 
 
     This either means that you are under attack, or that you modified this repository
 
     This either means that you are under attack, or that you modified this repository
 
     with a Borg version older than 1.0.9 after TAM authentication was enabled.
 
     with a Borg version older than 1.0.9 after TAM authentication was enabled.