{"Schedule", store_res, ITEM(res_dir.schedule), R_SCHEDULE, 0, 0},
{"ReconnectionTime", store_time,ITEM(res_dir.reconnection_time), 0, ITEM_DEFAULT, 60 * 45},
{"AllowedBackupDirectories", store_alist_str, ITEM(res_dir.allowed_backup_dirs), 0, 0, 0},
+ {"ExlcudedBackupDirectories", store_alist_str, ITEM(res_dir.excluded_backup_dirs), 0, 0, 0},
+ {"AllowedScriptDirectories", store_alist_str, ITEM(res_dir.allowed_script_dirs), 0, 0, 0},
{NULL, NULL, {0}, 0, 0, 0}
};
if (res->res_dir.allowed_backup_dirs) {
delete res->res_dir.allowed_backup_dirs;
}
+ if (res->res_dir.excluded_backup_dirs) {
+ delete res->res_dir.excluded_backup_dirs;
+ }
+ if (res->res_dir.allowed_script_dirs) {
+ delete res->res_dir.allowed_script_dirs;
+ }
break;
case R_CONSOLE:
if (res->res_cons.dirinfo.password) {
res->res_dir.dirinfo.tls_allowed_cns = res_all.res_dir.dirinfo.tls_allowed_cns;
res->res_dir.disable_cmds = res_all.res_dir.disable_cmds;
res->res_dir.allowed_backup_dirs = res_all.res_dir.allowed_backup_dirs;
+ res->res_dir.excluded_backup_dirs = res_all.res_dir.excluded_backup_dirs;
+ res->res_dir.allowed_script_dirs = res_all.res_dir.allowed_script_dirs;
res->res_dir.console = res_all.res_dir.console;
res->res_dir.schedule = res_all.res_dir.schedule;
break;
SCHEDRES *schedule; /* Know when to connect the Director */
int reconnection_time; /* Reconnect after a given time */
alist *allowed_backup_dirs; /* Allowed to-be-backed-up directory list */
+ alist *excluded_backup_dirs; /* Excluded to-be-backed-up directory list */
+ alist *allowed_script_dirs; /* Allowed directory list to run scripts/programs from */
};
struct CLIENT {
return jcr;
}
-static bool setup_allowed_dirs(FF_PKT *ff, alist *directories)
-{
- bool ret = true;
- char *dir;
-
- if (!ff->allowed_backup_dirs) {
- ff->allowed_backup_dirs = New(alist(10, owned_by_alist));
- }
-
- POOL_MEM rpath(PM_FNAME);
- rpath.check_size(PATH_MAX);
-
- foreach_alist(dir, directories) {
- /* Add resolved directory path to the find packet list */
- ff->allowed_backup_dirs->append(bstrdup(dir));
- }
-
- return ret;
-}
-/* Setup Director-related find files packet fileds.
- * Currently supported directive:
+/* Setup Director-related find files packet fileds,
+ * it allows to check against allowed directories inside
+ * lib/find.c methods.
+ *
+ * Currently supported directives:
* - Allowed Backup Directories
+ * - Excluded Backup Directories
*
- * TODO: add Exlude Directories
*/
static bool setup_find_files(JCR *jcr, DIRRES *director)
{
FF_PKT *ff = jcr->ff;
if (director->allowed_backup_dirs) {
- if (!setup_allowed_dirs(ff, director->allowed_backup_dirs)) {
- Jmsg0(jcr, M_WARNING, 0, _("Unable to resolve some of the Allowed Directories.\n"));
- return false;
- }
+ ff->allowed_backup_dirs = director->allowed_backup_dirs;
+ }
+
+ if (director->excluded_backup_dirs) {
+ ff->excluded_backup_dirs = director->excluded_backup_dirs;
}
return true;
}
/**
- * Check if the file being processed is inside allowed directories or not.
+ * Check if the file being processed is allowed to backup or not.
*
* Returns: true if OK to backup
* false to ignore file/directory
bool ret = true;
char *dir, *pp;
- if (ff_pkt->allowed_backup_dirs) {
+ /* Check if file is not excluded at all */
+ if (ff_pkt->excluded_backup_dirs) {
+ foreach_alist(dir, ff_pkt->excluded_backup_dirs) {
+ if ((pp = b_path_match(ff_pkt->fname, dir)) == ff_pkt->fname) {
+ ret = false;
+ break;
+ }
+ }
+ }
+
+ /* If not excluded, then check if it's inside of allowed directories */
+ if (ret && ff_pkt->allowed_backup_dirs) {
foreach_alist(dir, ff_pkt->allowed_backup_dirs) {
/* The b_path_match check can be done twice here:
* For the 1st time we check if current file path contains exactly the allowed dir - if it does
if (ff->mtab_list) {
delete ff->mtab_list;
}
- if (ff->allowed_backup_dirs) {
- delete ff->allowed_backup_dirs;
- }
hard_links = term_find_one(ff);
free(ff);
return hard_links;
POOLMEM *link_save; /* save when stripping path */
POOLMEM *ignoredir_fname; /* used to ignore directories */
alist *allowed_backup_dirs; /* List of allowed directories with absolute paths */
+ alist *excluded_backup_dirs; /* List of excluded directories with absolute paths */
char *digest; /* set to file digest when the file is a hardlink */
struct stat statp; /* stat packet */
bool stat_update; /* Only file's metada needds to be updated */
projects / thirdparty / bacula.git / commitdiff
