From 77a39282de6fdc98cad1270c6b5b6105629d5e5a Mon Sep 17 00:00:00 2001 From: Axel Burri Date: Wed, 14 Jul 2021 20:34:40 +0200 Subject: [PATCH] ssh_filter_btrbk.sh: allow quoted files --- ssh_filter_btrbk.sh | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/ssh_filter_btrbk.sh b/ssh_filter_btrbk.sh index a9ace42..c1d47b7 100755 --- a/ssh_filter_btrbk.sh +++ b/ssh_filter_btrbk.sh @@ -16,7 +16,9 @@ compress_list="gzip|pigz|bzip2|pbzip2|xz|lzop|lz4|zstd" # note that the backslash is NOT a metacharacter in a POSIX bracket expression! option_match='-[a-zA-Z0-9=-]+' # matches short as well as long options -file_match='/[0-9a-zA-Z_@+./-]*' # matches file path (equal to $file_match in btrbk) +file_match_sane='/[0-9a-zA-Z_@+./-]*' # matches file path (equal to $file_match in btrbk < 0.32.0) +file_match="/[^']*" # btrbk >= 0.32.0 quotes file arguments: match all but single quote +file_arg_match="('${file_match}'|${file_match_sane})" # support btrbk < 0.32.0 log_cmd() { @@ -52,13 +54,17 @@ run_cmd() reject_filtered_cmd() { if [[ -n "$restrict_path_list" ]]; then - # match any of restrict_path_list with or without trailing slash, + # match any of restrict_path_list, # or any file/directory (matching file_match) below restrict_path - path_match="(${restrict_path_list})(${file_match})?" + path_match="'(${restrict_path_list})(${file_match})?'" + path_match_legacy="(${restrict_path_list})(${file_match_sane})?" else # match any absolute file/directory (matching file_match) - path_match="${file_match}" + path_match="'${file_match}'" + path_match_legacy="${file_match_sane}" fi + # btrbk >= 0.32.0 quotes files, allow both (legacy) + path_match="(${path_match}|${path_match_legacy})" if [[ -n "$allow_compress" ]]; then decompress_match="(${compress_list}) -d -c( -[pT][0-9]+)?" @@ -163,9 +169,9 @@ done # NOTE: subvolume queries are NOT affected by "--restrict-path": # btrbk also calls show/list on the mount point of the subvolume -allow_exact_cmd "${sudo_prefix}btrfs subvolume (show|list)( ${option_match})* ${file_match}"; +allow_exact_cmd "${sudo_prefix}btrfs subvolume (show|list)( ${option_match})* ${file_arg_match}"; allow_cmd "${sudo_prefix}readlink" # resolve symlink -allow_exact_cmd "${sudo_prefix}test -d ${file_match}" # check directory (only for compat=busybox) +allow_exact_cmd "${sudo_prefix}test -d ${file_arg_match}" # check directory (only for compat=busybox) allow_exact_cmd "cat /proc/self/mountinfo" # resolve mountpoints allow_exact_cmd "cat /proc/self/mounts" # legacy, for btrbk < 0.27.0