From f2b3a3a3835df468b5b8f495d319234d083bcdf5 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Wed, 31 Jan 2024 17:26:20 +0100 Subject: [PATCH 1/2] init: remove compatibility warning for borg <=1.0.8 The warning refers to a compatibility issue not relevant any more since borg 1.0.9 (released 2016-12). It is now better to remove this warning to make the output of borg init shorter and maybe get more people to completely read the important parts of it. --- src/borg/archiver.py | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/src/borg/archiver.py b/src/borg/archiver.py index d8f6ef344..3f6209908 100644 --- a/src/borg/archiver.py +++ b/src/borg/archiver.py @@ -318,16 +318,6 @@ class Archiver: if key.tam_required: tam_file = tam_required_file(repository) open(tam_file, 'w').close() - logger.warning( - '\n' - 'By default repositories initialized with this version will produce security\n' - 'errors if written to with an older version (up to and including Borg 1.0.8).\n' - '\n' - 'If you want to use these older versions, you can disable the check by running:\n' - 'borg upgrade --disable-tam %s\n' - '\n' - 'See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability ' - 'for details about the security implications.', shlex.quote(path)) if key.NAME != 'plaintext': logger.warning( From fb44fb50119cc7f1015a29cc41d38035ddd09708 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Thu, 1 Feb 2024 12:55:31 +0100 Subject: [PATCH 2/2] init: better borg key export instructions --- src/borg/archiver.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/borg/archiver.py b/src/borg/archiver.py index 3f6209908..18157d9ed 100644 --- a/src/borg/archiver.py +++ b/src/borg/archiver.py @@ -323,9 +323,18 @@ class Archiver: logger.warning( '\n' 'IMPORTANT: you will need both KEY AND PASSPHRASE to access this repo!\n' - 'If you used a repokey mode, the key is stored in the repo, but you should back it up separately.\n' - 'Use "borg key export" to export the key, optionally in printable format.\n' - 'Write down the passphrase. Store both at safe place(s).\n') + '\n' + 'Key storage location depends on the mode:\n' + '- repokey modes: key is stored in the repository directory.\n' + '- keyfile modes: key is stored in the home directory of this user.\n' + '\n' + 'For any mode, you should:\n' + '1. Export the borg key and store the result at a safe place:\n' + ' borg key export REPOSITORY encrypted-key-backup\n' + ' borg key export --paper REPOSITORY encrypted-key-backup.txt\n' + ' borg key export --qr-html REPOSITORY encrypted-key-backup.html\n' + '2. Write down the borg key passphrase and store it at safe place.\n' + ) @with_repository(exclusive=True, manifest=False) def do_check(self, args, repository):