fix(backup): make captured file staging readable by the backup user
The container capture preserved the app's ownership (e.g. www-data 0640), so restic still hit permission denied on the staging copy. chown the staging tree to the backup user after capture (modes unchanged, so the owner reads fine); real ownership is reapplied from the descriptor on restore. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
c460f7afcb
commit
3a1cd8464e
@ -78,6 +78,13 @@ backupFilesCapture()
|
||||
mkdir -p "$stage"
|
||||
# Read in the container's namespace, write the plain tree to staging.
|
||||
if docker exec "$container" tar -C "$cpath" -cf - . 2>/dev/null | tar -xf - -C "$stage" 2>/dev/null; then
|
||||
# The capture preserves the app's ownership (e.g. www-data, 0640),
|
||||
# which the backup user still couldn't read. Hand the staging tree to
|
||||
# the backup user so restic can read it; modes are unchanged, so the
|
||||
# owner can now read everything. Real ownership is reapplied from the
|
||||
# descriptor on restore.
|
||||
chown -R "$docker_install_user":"$docker_install_user" "$stage" 2>/dev/null \
|
||||
|| sudo chown -R "$docker_install_user":"$docker_install_user" "$stage" 2>/dev/null
|
||||
isSuccessful "captured $subdir ($(du -sh "$stage" 2>/dev/null | cut -f1))"
|
||||
else
|
||||
isError "capture of $subdir from $container failed"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user