|The common prefix. |
|#define||FSVS_PROP_COMMIT_PIPE FSVS_PROP_PREFIX "commit-pipe"|
|The name for the commit-pipe property. |
|#define||FSVS_PROP_UPDATE_PIPE FSVS_PROP_PREFIX "update-pipe"|
|The name of the update-pipe property. |
|#define||FSVS_PROP_INSTALL_CMD FSVS_PROP_PREFIX "install"|
|Local install commandline. |
|#define||FSVS_PROP_ORIG_MD5 FSVS_PROP_PREFIX "original-md5"|
|The MD5 of the original (un-encoded) data. |
subversiondoesn't know them.
|#define FSVS_PROP_COMMIT_PIPE FSVS_PROP_PREFIX "commit-pipe"|
The name for the commit-pipe property.
If this property is set for a file, this file gets filtered by the given command on its way to the repository. This is mostly used for backups, to protect data.
To make that easier to understand, here's an example. You're versioning your
cd /etc fsvs urls <your repository url>
/etc/ssh/ssh_host_keyand so on would all get transmitted to the repository. Now we could say that if the machine crashes hard, a changed ssh-key is the least of our worries - so we simply exclude it from backup.
fsvs ignore './ssh/ssh_host_*key'
gpgto encrypt them on backup. You generate a key, whose private key gets kept in a secure place, but not (only) on this machine; because if the machine gets damaged, the backups could no longer be decrypted.
gpg --import-key ..... fsvs propset fsvs:commit-pipe 'gpg -er <backup-key>' shadow
Encrypted data cannot be deltified, so the few marked files will take their full space in the repository. (Although
gpg compresses the files before encryption, so it won't be that bad.)
|#define FSVS_PROP_INSTALL_CMD FSVS_PROP_PREFIX "install"|
Local install commandline.
chmod $m $tmp- set the stored access mode.
chown $u.$g $tmp || chown $U.$G $tmp- set user and group by the stored strings, and if that fails, by the uid and gid.
touch -t$t $tmp- set the stored access mode.
mv $tmp $destrename to destination name.
You could get a more or less equivalent operation by using
fsvs propset fsvs:update-pipe \ '/usr/bin/install -g$g -o$u -m$m $tmp $dest' \ [paths]
The environment gets prepared as outlined above - you get the variables
$G(group name and gid),
$U(owner name and uid),
$m(octal mode, like
$t(mtime in form yyyymmddHHMM.SS - like used with GNU touch(1)),
$tmp(name of temporary file) and
$dest(destination name) set.
After the given program completed
ENOENTis not seen as an error, in case your install program moved the file), and
|#define FSVS_PROP_ORIG_MD5 FSVS_PROP_PREFIX "original-md5"|
The MD5 of the original (un-encoded) data.
Used for encoded entries, see FSVS_PROP_COMMIT_PIPE.
If we do a sync-repos (or update), we need the cleartext-MD5 to know whether the entry has changed; this entry holds it.
|#define FSVS_PROP_UPDATE_PIPE FSVS_PROP_PREFIX "update-pipe"|
The name of the update-pipe property.
This is the reverse thing to FSVS_PROP_COMMIT_PIPE; it's used in the same way.
Extending the example before:
fsvs propset fsvs:commit-pipe 'gpg -er <backup-key>' shadow fsvs propset fsvs:update-pipe 'gpg -d' shadow