Make options like "--umask" available for all Borg commands. #441
Loading…
x
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
What I'm trying to do and why
I have created a special backup user to execute BorgMatic and maintain it's config files, those files related to Borg itself etc. That user is having some entries for CRON associated which then execute the actual backups using
sudo
, so things run asroot
in the end. The point is that some tasks don't need to be done asroot
, e.g. listing and deleting archives, because those are stored on an external device.The problem with this setup was that Borg applied a pretty restrictive
umask
of077
by default, which prevented my special backup user from accessing those files created, updated etc. when running asroot
. The good news is that configs of BorgMatic (somewhat) prepare for those cases already usingextra_borg_options
and using those I can change theumask
to a more permissive value of e.g.0007
. That seems to work forinit
,prune
,create
andcheck
.It doesn't seem to work for all other commands of interest supported by BorgMatic, like
list
. It as well doesn't seem to work when the special commandborg
is used to forward arbitrary unsupported commands. Would be great if one would be able to set those options for any commands.Actual behavior
The following is when adding
list
toextra_borg_options
. Thought it might work:The following is without the former changes and shows that with
list
the defaultumask
of Borg is used. This is the same for any other arbitrary Borg command.Expected behavior
Would be great to be able to forward options like
umask
really to all commands of Borg, because otherwise permission issues might happen. Remember that this option is not only applied for the repos, but for local cache, security etc. files maintained by Borg as well.https://github.com/borgbackup/borg/issues/1859#issuecomment-261727374
Thanks for considering!
Environment
borgmatic version: 1.5.15
borgmatic installation method: PIP, system wide
Borg version: 1.1.16
Python version: 3.8.10
operating system and version: Ubuntu 20.04
I had a look at my YAML file again and seem to have missed the already available
storage.umask
with the following documentation:That made me wonder if that setting really is only applied to
create
or more and after looking at the code, it's applied to other commands likeprune
,mount
etc. as well. Though, it's still not applied to all commands, I couldn't findcheck
,list
,borg
etc.The problem in my opinion is that while
umask
seems to make sense for changing commands only, BORG applies that value to locally maintained files for caches, security files etc. as well and some of those seem to be rewritten even if read-only oprations are applied to a repo only. So even after those permissions in locally maintained data might simply be wrong.BORG documents that setting for all commands as well:
https://borgbackup.readthedocs.io/en/stable/usage/general.html#common-options
The
umask
option is now implemented for all relevant actions. This will be part of the next release!Released in borgmatic 1.9.2!