Commit 61c06c5e authored by Vinnie Okada's avatar Vinnie Okada

Change permissions on backup files

Use more restrictive permissions for backup tar files and for the db,
uploads, and repositories directories inside the tar files.
parent 5bbc70da
...@@ -34,6 +34,7 @@ v 7.9.0 (unreleased) ...@@ -34,6 +34,7 @@ v 7.9.0 (unreleased)
- Add a service to send updates to an Irker gateway (Romain Coltel) - Add a service to send updates to an Irker gateway (Romain Coltel)
- Add brakeman (security scanner for Ruby on Rails) - Add brakeman (security scanner for Ruby on Rails)
- Slack username and channel options - Slack username and channel options
- Restrict permissions on backup files
- Add grouped milestones from all projects to dashboard. - Add grouped milestones from all projects to dashboard.
- Web hook sends pusher email as well as commiter - Web hook sends pusher email as well as commiter
- Add Bitbucket omniauth provider. - Add Bitbucket omniauth provider.
......
...@@ -11,22 +11,28 @@ module Backup ...@@ -11,22 +11,28 @@ module Backup
s[:tar_version] = tar_version s[:tar_version] = tar_version
tar_file = "#{s[:backup_created_at].to_i}_gitlab_backup.tar" tar_file = "#{s[:backup_created_at].to_i}_gitlab_backup.tar"
orig_pwd = Dir.pwd
Dir.chdir(Gitlab.config.backup.path) Dir.chdir(Gitlab.config.backup.path)
File.open("#{Gitlab.config.backup.path}/backup_information.yml", "w+") do |file| File.open("#{Gitlab.config.backup.path}/backup_information.yml", "w+") do |file|
file << s.to_yaml.gsub(/^---\n/,'') file << s.to_yaml.gsub(/^---\n/,'')
end end
FileUtils.chmod_R(0700, %w{db uploads repositories})
# create archive # create archive
$progress.print "Creating backup archive: #{tar_file} ... " $progress.print "Creating backup archive: #{tar_file} ... "
orig_umask = File.umask(0077)
if Kernel.system('tar', '-cf', tar_file, *BACKUP_CONTENTS) if Kernel.system('tar', '-cf', tar_file, *BACKUP_CONTENTS)
$progress.puts "done".green $progress.puts "done".green
else else
puts "creating archive #{tar_file} failed".red puts "creating archive #{tar_file} failed".red
abort 'Backup failed' abort 'Backup failed'
end end
File.umask(orig_umask)
upload(tar_file) upload(tar_file)
Dir.chdir(orig_pwd)
end end
def upload(tar_file) def upload(tar_file)
...@@ -51,11 +57,13 @@ module Backup ...@@ -51,11 +57,13 @@ module Backup
def cleanup def cleanup
$progress.print "Deleting tmp directories ... " $progress.print "Deleting tmp directories ... "
if Kernel.system('rm', '-rf', *BACKUP_CONTENTS) BACKUP_CONTENTS.each do |dir|
$progress.puts "done".green if FileUtils.rm_rf(File.join(Gitlab.config.backup.path, dir))
else $progress.puts "done".green
puts "deleting tmp directory failed".red else
abort 'Backup failed' puts "deleting tmp directory '#{dir}' failed".red
abort 'Backup failed'
end
end end
end end
......
...@@ -10,17 +10,17 @@ describe 'gitlab:app namespace rake task' do ...@@ -10,17 +10,17 @@ describe 'gitlab:app namespace rake task' do
Rake::Task.define_task :environment Rake::Task.define_task :environment
end end
def run_rake_task(task_name)
Rake::Task[task_name].reenable
Rake.application.invoke_task task_name
end
describe 'backup_restore' do describe 'backup_restore' do
before do before do
# avoid writing task output to spec progress # avoid writing task output to spec progress
allow($stdout).to receive :write allow($stdout).to receive :write
end end
let :run_rake_task do
Rake::Task["gitlab:backup:restore"].reenable
Rake.application.invoke_task "gitlab:backup:restore"
end
context 'gitlab version' do context 'gitlab version' do
before do before do
Dir.stub glob: [] Dir.stub glob: []
...@@ -36,7 +36,9 @@ describe 'gitlab:app namespace rake task' do ...@@ -36,7 +36,9 @@ describe 'gitlab:app namespace rake task' do
it 'should fail on mismatch' do it 'should fail on mismatch' do
YAML.stub load_file: {gitlab_version: "not #{gitlab_version}" } YAML.stub load_file: {gitlab_version: "not #{gitlab_version}" }
expect { run_rake_task }.to raise_error SystemExit expect { run_rake_task('gitlab:backup:restore') }.to(
raise_error SystemExit
)
end end
it 'should invoke restoration on mach' do it 'should invoke restoration on mach' do
...@@ -44,9 +46,56 @@ describe 'gitlab:app namespace rake task' do ...@@ -44,9 +46,56 @@ describe 'gitlab:app namespace rake task' do
expect(Rake::Task["gitlab:backup:db:restore"]).to receive :invoke expect(Rake::Task["gitlab:backup:db:restore"]).to receive :invoke
expect(Rake::Task["gitlab:backup:repo:restore"]).to receive :invoke expect(Rake::Task["gitlab:backup:repo:restore"]).to receive :invoke
expect(Rake::Task["gitlab:shell:setup"]).to receive :invoke expect(Rake::Task["gitlab:shell:setup"]).to receive :invoke
expect { run_rake_task }.to_not raise_error expect { run_rake_task('gitlab:backup:restore') }.to_not raise_error
end end
end end
end # backup_restore task end # backup_restore task
describe 'backup_create' do
def tars_glob
Dir.glob(File.join(Gitlab.config.backup.path, '*_gitlab_backup.tar'))
end
before :all do
# Record the existing backup tars so we don't touch them
existing_tars = tars_glob
# Redirect STDOUT and run the rake task
orig_stdout = $stdout
$stdout = StringIO.new
run_rake_task('gitlab:backup:create')
$stdout = orig_stdout
@backup_tar = (tars_glob - existing_tars).first
end
after :all do
FileUtils.rm(@backup_tar)
end
it 'should set correct permissions on the tar file' do
expect(File.exist?(@backup_tar)).to be_truthy
expect(File::Stat.new(@backup_tar).mode.to_s(8)).to eq('100600')
end
it 'should set correct permissions on the tar contents' do
tar_contents, exit_status = Gitlab::Popen.popen(
%W{tar -tvf #{@backup_tar} db uploads repositories}
)
expect(exit_status).to eq(0)
expect(tar_contents).to match('db/')
expect(tar_contents).to match('uploads/')
expect(tar_contents).to match('repositories/')
expect(tar_contents).not_to match(/^.{4,9}[rwx]/)
end
it 'should delete temp directories' do
temp_dirs = Dir.glob(
File.join(Gitlab.config.backup.path, '{db,repositories,uploads}')
)
expect(temp_dirs).to be_empty
end
end # backup_create task
end # gitlab:app namespace end # gitlab:app namespace
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment