backups: hide VM names in encrypted backup
Even when encrypted backup is selected, file list isn't encrypted. Do not leak VM names in the filenames.
This commit is contained in:
parent
8bdea5b0ab
commit
10100767da
@ -50,19 +50,23 @@ def get_disk_usage(file_or_dir):
|
|||||||
return sz
|
return sz
|
||||||
|
|
||||||
|
|
||||||
def file_to_backup (file_path, sz = None):
|
def file_to_backup (file_path, subdir = None):
|
||||||
if sz is None:
|
sz = get_disk_usage (file_path)
|
||||||
sz = get_disk_usage (file_path)
|
|
||||||
|
|
||||||
abs_file_path = os.path.abspath (file_path)
|
if subdir is None:
|
||||||
abs_base_dir = os.path.abspath (system_path["qubes_base_dir"]) + '/'
|
abs_file_path = os.path.abspath (file_path)
|
||||||
abs_file_dir = os.path.dirname (abs_file_path) + '/'
|
abs_base_dir = os.path.abspath (system_path["qubes_base_dir"]) + '/'
|
||||||
(nothing, dir, subdir) = abs_file_dir.partition (abs_base_dir)
|
abs_file_dir = os.path.dirname (abs_file_path) + '/'
|
||||||
assert nothing == ""
|
(nothing, dir, subdir) = abs_file_dir.partition (abs_base_dir)
|
||||||
assert dir == abs_base_dir
|
assert nothing == ""
|
||||||
|
assert dir == abs_base_dir
|
||||||
|
else:
|
||||||
|
if len(subdir) > 0 and not subdir.endswith('/'):
|
||||||
|
subdir += '/'
|
||||||
return [ { "path" : file_path, "size": sz, "subdir": subdir} ]
|
return [ { "path" : file_path, "size": sz, "subdir": subdir} ]
|
||||||
|
|
||||||
def backup_prepare(vms_list = None, exclude_list = [], print_callback = print_stdout):
|
def backup_prepare(vms_list = None, exclude_list = [],
|
||||||
|
print_callback = print_stdout, hide_vm_names=True):
|
||||||
"""If vms = None, include all (sensible) VMs; exclude_list is always applied"""
|
"""If vms = None, include all (sensible) VMs; exclude_list is always applied"""
|
||||||
files_to_backup = file_to_backup (system_path["qubes_store_filename"])
|
files_to_backup = file_to_backup (system_path["qubes_store_filename"])
|
||||||
|
|
||||||
@ -119,33 +123,36 @@ def backup_prepare(vms_list = None, exclude_list = [], print_callback = print_st
|
|||||||
# handle templates later
|
# handle templates later
|
||||||
continue
|
continue
|
||||||
|
|
||||||
|
if hide_vm_names:
|
||||||
|
subdir = 'vm%d' % vm.qid
|
||||||
|
else:
|
||||||
|
subdir = None
|
||||||
|
|
||||||
if vm.private_img is not None:
|
if vm.private_img is not None:
|
||||||
vm_sz = vm.get_disk_usage (vm.private_img)
|
files_to_backup += file_to_backup(vm.private_img, subdir)
|
||||||
files_to_backup += file_to_backup(vm.private_img, vm_sz )
|
|
||||||
|
|
||||||
if vm.is_appvm():
|
if vm.is_appvm():
|
||||||
files_to_backup += file_to_backup(vm.icon_path)
|
files_to_backup += file_to_backup(vm.icon_path, subdir)
|
||||||
if vm.updateable:
|
if vm.updateable:
|
||||||
if os.path.exists(vm.dir_path + "/apps.templates"):
|
if os.path.exists(vm.dir_path + "/apps.templates"):
|
||||||
# template
|
# template
|
||||||
files_to_backup += file_to_backup(vm.dir_path + "/apps.templates")
|
files_to_backup += file_to_backup(vm.dir_path + "/apps.templates", subdir)
|
||||||
else:
|
else:
|
||||||
# standaloneVM
|
# standaloneVM
|
||||||
files_to_backup += file_to_backup(vm.dir_path + "/apps")
|
files_to_backup += file_to_backup(vm.dir_path + "/apps", subdir)
|
||||||
|
|
||||||
if os.path.exists(vm.dir_path + "/kernels"):
|
if os.path.exists(vm.dir_path + "/kernels"):
|
||||||
files_to_backup += file_to_backup(vm.dir_path + "/kernels")
|
files_to_backup += file_to_backup(vm.dir_path + "/kernels", subdir)
|
||||||
if os.path.exists (vm.firewall_conf):
|
if os.path.exists (vm.firewall_conf):
|
||||||
files_to_backup += file_to_backup(vm.firewall_conf)
|
files_to_backup += file_to_backup(vm.firewall_conf, subdir)
|
||||||
if 'appmenus_whitelist' in vm_files and \
|
if 'appmenus_whitelist' in vm_files and \
|
||||||
os.path.exists(os.path.join(vm.dir_path, vm_files['appmenus_whitelist'])):
|
os.path.exists(os.path.join(vm.dir_path, vm_files['appmenus_whitelist'])):
|
||||||
files_to_backup += file_to_backup(
|
files_to_backup += file_to_backup(
|
||||||
os.path.join(vm.dir_path, vm_files['appmenus_whitelist']))
|
os.path.join(vm.dir_path, vm_files['appmenus_whitelist']),
|
||||||
|
subdir)
|
||||||
|
|
||||||
if vm.updateable:
|
if vm.updateable:
|
||||||
sz = vm.get_disk_usage(vm.root_img)
|
files_to_backup += file_to_backup(vm.root_img, subdir)
|
||||||
files_to_backup += file_to_backup(vm.root_img, sz)
|
|
||||||
vm_sz += sz
|
|
||||||
|
|
||||||
s = ""
|
s = ""
|
||||||
fmt="{{0:>{0}}} |".format(fields_to_display[0]["width"] + 1)
|
fmt="{{0:>{0}}} |".format(fields_to_display[0]["width"] + 1)
|
||||||
@ -158,7 +165,7 @@ def backup_prepare(vms_list = None, exclude_list = [], print_callback = print_st
|
|||||||
s += fmt.format("AppVM" + (" + Sys" if vm.updateable else ""))
|
s += fmt.format("AppVM" + (" + Sys" if vm.updateable else ""))
|
||||||
|
|
||||||
fmt="{{0:>{0}}} |".format(fields_to_display[2]["width"] + 1)
|
fmt="{{0:>{0}}} |".format(fields_to_display[2]["width"] + 1)
|
||||||
s += fmt.format(size_to_human(vm_sz))
|
s += fmt.format(size_to_human(vm.get_disk_utilization()))
|
||||||
|
|
||||||
if vm.is_running():
|
if vm.is_running():
|
||||||
s += " <-- The VM is running, please shut it down before proceeding with the backup!"
|
s += " <-- The VM is running, please shut it down before proceeding with the backup!"
|
||||||
@ -171,9 +178,12 @@ def backup_prepare(vms_list = None, exclude_list = [], print_callback = print_st
|
|||||||
# already handled
|
# already handled
|
||||||
continue
|
continue
|
||||||
vm_sz = vm.get_disk_utilization()
|
vm_sz = vm.get_disk_utilization()
|
||||||
template_subdir = os.path.relpath(
|
if hide_vm_names:
|
||||||
vm.dir_path,
|
template_subdir = 'vm%d' % vm.qid
|
||||||
system_path["qubes_base_dir"]) + '/'
|
else:
|
||||||
|
template_subdir = os.path.relpath(
|
||||||
|
vm.dir_path,
|
||||||
|
system_path["qubes_base_dir"]) + '/'
|
||||||
template_to_backup = [ {
|
template_to_backup = [ {
|
||||||
"path": vm.dir_path + '/.',
|
"path": vm.dir_path + '/.',
|
||||||
"size": vm_sz,
|
"size": vm_sz,
|
||||||
@ -204,7 +214,10 @@ def backup_prepare(vms_list = None, exclude_list = [], print_callback = print_st
|
|||||||
if vm.qid in vms_for_backup_qid:
|
if vm.qid in vms_for_backup_qid:
|
||||||
vm.backup_content = True
|
vm.backup_content = True
|
||||||
vm.backup_size = vm.get_disk_utilization()
|
vm.backup_size = vm.get_disk_utilization()
|
||||||
vm.backup_path = os.path.relpath(vm.dir_path, system_path["qubes_base_dir"])
|
if hide_vm_names:
|
||||||
|
vm.backup_path = 'vm%d' % vm.qid
|
||||||
|
else:
|
||||||
|
vm.backup_path = os.path.relpath(vm.dir_path, system_path["qubes_base_dir"])
|
||||||
|
|
||||||
# Dom0 user home
|
# Dom0 user home
|
||||||
if not 'dom0' in exclude_list:
|
if not 'dom0' in exclude_list:
|
||||||
|
@ -72,7 +72,10 @@ def main():
|
|||||||
|
|
||||||
files_to_backup = None
|
files_to_backup = None
|
||||||
try:
|
try:
|
||||||
files_to_backup = backup_prepare(vms_list=vms, exclude_list=options.exclude_list)
|
files_to_backup = backup_prepare(
|
||||||
|
vms_list=vms,
|
||||||
|
exclude_list=options.exclude_list,
|
||||||
|
hide_vm_names=options.encrypt)
|
||||||
except QubesException as e:
|
except QubesException as e:
|
||||||
print >>sys.stderr, "ERROR: %s" % str(e)
|
print >>sys.stderr, "ERROR: %s" % str(e)
|
||||||
exit(1)
|
exit(1)
|
||||||
|
Loading…
Reference in New Issue
Block a user