diff -ruN e-smith-backup-2.2.0.old/root/etc/e-smith/events/actions/workstation-backup-dar e-smith-backup-2.2.0/root/etc/e-smith/events/actions/workstation-backup-dar --- e-smith-backup-2.2.0.old/root/etc/e-smith/events/actions/workstation-backup-dar 2013-07-06 08:13:49.000000000 -0700 +++ e-smith-backup-2.2.0/root/etc/e-smith/events/actions/workstation-backup-dar 2013-07-06 08:19:35.000000000 -0700 @@ -29,6 +29,7 @@ use File::Path; use File::Find; use POSIX ":sys_wait_h"; +use File::Glob qw(bsd_glob); use esmith::ConfigDB; sub ldie; @@ -175,7 +176,7 @@ } } - system("/bin/mkdir -p /$smbshare"); + system("/bin/mkdir", "-p", "/$smbshare"); $err = qx(/bin/mount $device "/$smbshare" 2>&1); if ($err) {ldie("Error while mounting $device /$smbshare : \n" . $err)}; @@ -193,6 +194,7 @@ open FD, '/proc/mounts'; while () { + s/\\040/ /g; # /proc/mount returns spaces as \040 which causes problems in matching next unless /\s$mntdir\s/; $err++; } @@ -326,7 +328,7 @@ $report .= "Moving backup files to target directory $setdirname \n"; -foreach (<$tmpdir/$id/$bkname*>) +foreach (bsd_glob("$tmpdir/$id/$bkname*")) { ldie("Error while moving backup file $_ from temporary dir $tmpdir/$id to $setdirname : $!") unless move($_, $setdirname); @@ -430,7 +432,7 @@ } # Check free disk space -my $df = qx(/bin/df -Ph $mntdir); +my $df = qx(/bin/df -Ph \"$mntdir\"); if ($df =~ /^\S+\s+(\S+)\s+(\S+)\s+(\S+)\s+(\d*%)/mi) { $report .= "Disk usage $2, $4 full, $3 available\n"; diff -ruN e-smith-backup-2.2.0.old/root/etc/e-smith/web/functions/backup e-smith-backup-2.2.0/root/etc/e-smith/web/functions/backup --- e-smith-backup-2.2.0.old/root/etc/e-smith/web/functions/backup 2013-07-06 08:13:49.000000000 -0700 +++ e-smith-backup-2.2.0/root/etc/e-smith/web/functions/backup 2013-07-06 11:57:19.000000000 -0700 @@ -1783,7 +1783,7 @@ # Finding existing backups - find { wanted => \&$setbackuplist, untaint => 1 }, $mntbkdir ; + find { wanted => \&$setbackuplist, untaint => 1, untaint_pattern => qr|^([-+@\w\s./]+)$|}, $mntbkdir ; my %blabels = (); my @blabels; @@ -1936,7 +1936,7 @@ # find list of available backups and verify # it contains all backups needed for full restore - find { wanted => \&$backupsetlist, untaint => 1 }, $set ; + find { wanted => \&$backupsetlist, untaint => 1, untaint_pattern => qr|^([-+@\w\s./]+)$| }, $set ; my $key; my $num = 0; @@ -2185,7 +2185,7 @@ # Finding existing backups - find { wanted => \&$setbackupflist, untaint => 1 }, $mntbkdir ; + find { wanted => \&$setbackupflist, untaint => 1, untaint_pattern => qr|^([-+@\w\s./]+)$| }, $mntbkdir ; my %blabels = (); my @blabels; @@ -2343,7 +2343,7 @@ # finding list of available backups # and verifying all needed backup files are available - find { wanted => \&$backupsetlist, untaint => 1 }, $set ; + find { wanted => \&$backupsetlist, untaint => 1, untaint_pattern => qr|^([-+@\w\s./]+)$| }, $set ; my $key; my $num = 0; @@ -2985,11 +2985,11 @@ if ($when) { - $restorerr = system ("/usr/bin/dar_manager -B $mntbkdir/dar-catalog -w $when -e '-N -R / -w' -r @restorelist"); + $restorerr = system ("/usr/bin/dar_manager -B \"$mntbkdir/dar-catalog\" -w $when -e '-N -R / -w' -r @restorelist"); } else { - $restorerr = system ("/usr/bin/dar_manager -B $mntbkdir/dar-catalog -e '-N -R / -w' -r @restorelist"); + $restorerr = system ("/usr/bin/dar_manager -B \"$mntbkdir/dar-catalog\" -e '-N -R / -w' -r @restorelist"); } if ($mounted)