forked from TrueCloudLab/restic
local: mark repository files as read-only
This is intended to prevent accidental modifications of data files. Marking the files as read-only was accidentally removed in #1258.
This commit is contained in:
parent
40ee17167e
commit
f4282aa6fd
3 changed files with 5 additions and 4 deletions
|
@ -130,9 +130,10 @@ func (b *Local) Save(ctx context.Context, h restic.Handle, rd restic.RewindReade
|
||||||
return errors.Wrap(err, "Close")
|
return errors.Wrap(err, "Close")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// try to mark file as read-only to avoid accidential modifications
|
||||||
// ignore if the operation fails as some filesystems don't allow the chmod call
|
// ignore if the operation fails as some filesystems don't allow the chmod call
|
||||||
// e.g. exfat and network file systems with certain mount options
|
// e.g. exfat and network file systems with certain mount options
|
||||||
err = setNewFileMode(filename, backend.Modes.File)
|
err = setFileReadonly(filename, backend.Modes.File)
|
||||||
if err != nil && !os.IsPermission(err) {
|
if err != nil && !os.IsPermission(err) {
|
||||||
return errors.Wrap(err, "Chmod")
|
return errors.Wrap(err, "Chmod")
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,6 +9,6 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
// set file to readonly
|
// set file to readonly
|
||||||
func setNewFileMode(f string, mode os.FileMode) error {
|
func setFileReadonly(f string, mode os.FileMode) error {
|
||||||
return fs.Chmod(f, mode)
|
return fs.Chmod(f, mode&^0222)
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,6 @@ import (
|
||||||
// We don't modify read-only on windows,
|
// We don't modify read-only on windows,
|
||||||
// since it will make us unable to delete the file,
|
// since it will make us unable to delete the file,
|
||||||
// and this isn't common practice on this platform.
|
// and this isn't common practice on this platform.
|
||||||
func setNewFileMode(f string, mode os.FileMode) error {
|
func setFileReadonly(f string, mode os.FileMode) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue