Skip to content
Snippets Groups Projects

pg_dump in temp dir to harden backup directory

Merged pg_dump in temp dir to harden backup directory
7771-harden-postgres-backup into master
Merged Hahn Axel (hahn) requested to merge 7771-harden-postgres-backup into master
Compare
and
1 file
+ 12
7
Compare changes
  • Side-by-side
  • Inline
plugins/localdump/pgsql.sh
+ 12
7
@@ -2,7 +2,7 @@
# ================================================================================
#
# LOCALDUMP :: POSTGRES
# create gzipped plain text backups from each scheme
# Create gzipped plain text backups from each scheme
#
# --------------------------------------------------------------------------------
# ah - Axel Hahn <axel.hahn@iml.unibe.ch>
@@ -17,6 +17,7 @@
# 2024-12-13 ah v1.6 backup uses a snapshot db
# 2024-12-16 ah v1.7 on snapshot mode it can fallback for single database to normal pg_dump of origin
# 2024-12-17 ah v1.8 handle env variables to disable snapshots or set times for disconnect
# 2025-02-03 ah v1.9 pg_dump in temp directory; dump file will be moved to backup dir
# ================================================================================
if [ -z "$BACKUP_TARGETDIR" ]; then
@@ -65,9 +66,6 @@ function pgsql.backup(){
create_targetdir
# ----- change owner of directory because of su command
chown ${PGUSER}. "${BACKUP_TARGETDIR}"
# ----- GO
# prevent could not change directory to "/root": Permission denied
@@ -112,12 +110,13 @@ function pgsql.backup(){
test $bUseSnapshot4DB -eq 1 && SNAPSHOTDB="${snapshotprefix}${DATABASE}"
OUTFILE="${BACKUP_TARGETDIR}/$(get_outfile ${DATABASE}).sql"
TMPOUTFILE="/tmp/$(get_outfile ${DATABASE}).sql"
myrc=0
# drop snapshot db first - just in case
if [ $bUseSnapshot4DB -eq 1 ]; then
echo -n " snapshot ."
echo -n "snapshot ."
su ${PGUSER} -c "dropdb ${SNAPSHOTDB}" >/dev/null 2>&1
echo -n "."
test $bDisconnect -ne 0 && su ${PGUSER} -c "psql ${BACKUP_PARAMS} -c \"
@@ -137,14 +136,20 @@ function pgsql.backup(){
if [ $myrc -eq 0 ]; then
echo -n "backup ... "
if su ${PGUSER} -c "pg_dump ${BACKUP_PARAMS} -Fp ${SNAPSHOTDB} >$OUTFILE"; then
if su ${PGUSER} -c "pg_dump ${BACKUP_PARAMS} -Fp ${SNAPSHOTDB} >$TMPOUTFILE"; then
fetchrc >/dev/null
test $bUseSnapshot4DB -eq 1 && (
echo -n "delete snapshot ... "
su ${PGUSER} -c "dropdb ${SNAPSHOTDB}"
)
db._compressDumpfile "$OUTFILE"
echo -n "move temp to target ... "
if mv "$TMPOUTFILE" "$OUTFILE"; then
db._compressDumpfile "$OUTFILE"
else
fetchrc
cecho error "Failed."
fi
else
fetchrc
test $bUseSnapshot4DB -eq 1 && su ${PGUSER} -c "dropdb ${SNAPSHOTDB}"