CedarBackup2.extend.encrypt

Package CedarBackup2 :: Package extend :: Module encrypt

[show private | hide private]

Module CedarBackup2.extend.encrypt

Provides an extension to encrypt staging directories.

When this extension is executed, all backed-up files in the configured Cedar Backup staging directory will be encrypted using gpg. Any directory which has already been encrypted (as indicated by the cback.encrypt file) will be ignored.

This extension requires a new configuration section <encrypt> and is intended to be run immediately after the standard stage action or immediately before the standard store action. Aside from its own configuration, it requires the options and staging configuration sections in the standard Cedar Backup configuration file.

Author: Kenneth J. Pronovici <pronovic@ieee.org>

Classes
`EncryptConfig`	Class representing encrypt configuration.
`LocalConfig`	Class representing this extension's configuration document.

Function Summary
	`executeAction(configPath, options, config)` Executes the encrypt backup action.
	`_confirmGpgRecipient(recipient)` Confirms that a recipient's public key is known to GPG.
	`_encryptDailyDir(dailyDir, encryptMode, encryptTarget, backupUser, backupGroup)` Encrypts the contents of a daily staging directory.
	`_encryptFile(sourcePath, encryptMode, encryptTarget, backupUser, backupGroup, removeSource)` Encrypts the source file using the indicated mode.
	`_encryptFileWithGpg(sourcePath, recipient)` Encrypts the indicated source file using GPG.
	`_findDailyDirs(stagingDir)` Returns a list of all daily staging directories that have not yet been encrypted.
	`_writeIndicator(dailyDir, backupUser, backupGroup)` Writes the encrypt indicator file into a daily staging directory.

Variable Summary
`str`	`ENCRYPT_INDICATOR` = `'cback.encrypt'`
`list`	`GPG_COMMAND` = `['gpg']`
`list`	`INDICATOR_PATTERNS` = `['cback\\..*']`
`Logger`	`logger` = `<logging.Logger instance at 0x402f0e8c>`
`list`	`VALID_ENCRYPT_MODES` = `['gpg']`

Function Details

executeAction(configPath, options, config)

Executes the encrypt backup action.

Parameters:: configPath - Path to configuration file on disk.
(type=String representing a path on disk.); options - Program command-line options.
(type=Options object.); config - Program configuration.
(type=Config object.)

Raises:: ValueError - Under many generic error conditions; IOError - If there are I/O problems reading or writing files

_confirmGpgRecipient(recipient)

Confirms that a recipient's public key is known to GPG. Throws an exception if there is a problem, or returns normally otherwise.

Parameters:: recipient - Recipient name

Raises:: IOError - If the recipient's public key is not known to GPG.

_encryptDailyDir(dailyDir, encryptMode, encryptTarget, backupUser, backupGroup)

Encrypts the contents of a daily staging directory.

Files that match INDICATOR_PATTERNS (i.e. "cback.store", "cback.stage", etc.) are assumed to be indicator files and are ignored. All other files are encrypted.

The only valid encrypt mode is "gpg".

Parameters:: dailyDir - Daily directory to encrypt; encryptMode - Encryption mode (only "gpg" is allowed); encryptTarget - Encryption target (GPG recipient for "gpg" mode); backupUser - User that target files should be owned by; backupGroup - Group that target files should be owned by

Raises:: ValueError - If the encrypt mode is not supported.; ValueError - If the daily staging directory does not exist.

_encryptFile(sourcePath, encryptMode, encryptTarget, backupUser, backupGroup, removeSource=False)

Encrypts the source file using the indicated mode.

The encrypted file will be owned by the indicated backup user and group. If removeSource is True, then the source file will be removed after it is successfully encrypted.

Currently, only the "gpg" encrypt mode is supported.

Parameters:: sourcePath - Absolute path of the source file to encrypt; encryptMode - Encryption mode (only "gpg" is allowed); encryptTarget - Encryption target (GPG recipient); backupUser - User that target files should be owned by; backupGroup - Group that target files should be owned by; removeSource - Indicates whether to remove the source file

Returns:: Path to the newly-created encrypted file.

Raises:: ValueError - If an invalid encrypt mode is passed in.; IOError - If there is a problem accessing, encrypting or removing the source file.

_encryptFileWithGpg(sourcePath, recipient)

Encrypts the indicated source file using GPG.

The encrypted file will be in GPG's binary output format and will have the same name as the source file plus a ".gpg" extension. The source file will not be modified or removed by this function call.

Parameters:: sourcePath - Absolute path of file to be encrypted.; recipient - Recipient name to be passed to GPG's "-r" option

Returns:: Path to the newly-created encrypted file.

Raises:: IOError - If there is a problem encrypting the file.

_findDailyDirs(stagingDir)

Returns a list of all daily staging directories that have not yet been encrypted.

The encrypt indicator file cback.encrypt will be written to a daily staging directory once that directory is encrypted. So, this function looks at each daily staging directory within the configured staging directory, and returns a list of those which do not contain the indicator file.

Parameters:: stagingDir - Configured staging directory (config.targetDir)

Returns:: List of absolute paths to daily staging directories.

_writeIndicator(dailyDir, backupUser, backupGroup)

Writes the encrypt indicator file into a daily staging directory.

Parameters:: dailyDir - Daily staging directory; backupUser - User that indicator file should be owned by; backupGroup - Group that indicator file should be owned by

Variable Details

ENCRYPT_INDICATOR

Type:: str
Value:: 'cback.encrypt'

GPG_COMMAND

Type:: list
Value:: ['gpg']

INDICATOR_PATTERNS

Type:: list
Value:: ['cback\\..*']

logger

Type:: Logger
Value:: <logging.Logger instance at 0x402f0e8c>

VALID_ENCRYPT_MODES

Type:: list
Value:: ['gpg']

Generated by Epydoc 2.1 on Tue Jan 30 23:16:58 2007

http://epydoc.sf.net