1 /* Cumulus: Efficient Filesystem Backup to the Cloud
2 * Copyright (C) 2006-2009, 2012 The Cumulus Developers
3 * See the AUTHORS file for a list of contributors.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 /* Main entry point for Cumulus. Contains logic for traversing the filesystem
21 * and constructing a backup. */
34 #include <sys/sysmacros.h>
35 #include <sys/types.h>
58 #include "third_party/sha1.h"
66 /* Version information. This will be filled in by the Makefile. */
67 #ifndef CUMULUS_VERSION
68 #define CUMULUS_VERSION Unknown
70 #define CUMULUS_STRINGIFY(s) CUMULUS_STRINGIFY2(s)
71 #define CUMULUS_STRINGIFY2(s) #s
72 static const char cumulus_version[] = CUMULUS_STRINGIFY(CUMULUS_VERSION);
74 static RemoteStore *remote = NULL;
75 static TarSegmentStore *tss = NULL;
76 static MetadataWriter *metawriter = NULL;
78 /* Buffer for holding a single block of data read from a file. */
79 static const size_t LBS_BLOCK_SIZE = 1024 * 1024;
80 static char *block_buf;
82 /* Local database, which tracks objects written in this and previous
83 * invocations to help in creating incremental snapshots. */
86 /* Selection of files to include/exclude in the snapshot. */
87 PathFilterList filter_rules;
89 bool flag_rebuild_statcache = false;
91 /* Whether verbose output is enabled. */
94 /* Attempts to open a regular file read-only, but with safety checks for files
95 * that might not be fully trusted. */
96 int safe_open(const string& path, struct stat *stat_buf)
100 /* Be paranoid when opening the file. We have no guarantee that the
101 * file was not replaced between the stat() call above and the open()
102 * call below, so we might not even be opening a regular file. We
103 * supply flags to open to to guard against various conditions before
104 * we can perform an lstat to check that the file is still a regular
106 * - O_NOFOLLOW: in the event the file was replaced by a symlink
107 * - O_NONBLOCK: prevents open() from blocking if the file was
109 * We also add in O_NOATIME, since this may reduce disk writes (for
110 * inode updates). However, O_NOATIME may result in EPERM, so if the
111 * initial open fails, try again without O_NOATIME. */
112 fd = open(path.c_str(), O_RDONLY|O_NOATIME|O_NOFOLLOW|O_NONBLOCK);
114 fd = open(path.c_str(), O_RDONLY|O_NOFOLLOW|O_NONBLOCK);
117 fprintf(stderr, "Unable to open file %s: %m\n", path.c_str());
121 /* Drop the use of the O_NONBLOCK flag; we only wanted that for file
123 long flags = fcntl(fd, F_GETFL);
124 fcntl(fd, F_SETFL, flags & ~O_NONBLOCK);
126 /* Re-check file attributes, storing them into stat_buf if that is
128 struct stat internal_stat_buf;
129 if (stat_buf == NULL)
130 stat_buf = &internal_stat_buf;
132 /* Perform the stat call again, and check that we still have a regular
134 if (fstat(fd, stat_buf) < 0) {
135 fprintf(stderr, "fstat: %m\n");
140 if ((stat_buf->st_mode & S_IFMT) != S_IFREG) {
141 fprintf(stderr, "file is no longer a regular file!\n");
149 /* Read data from a file descriptor and return the amount of data read. A
150 * short read (less than the requested size) will only occur if end-of-file is
152 ssize_t file_read(int fd, char *buf, size_t maxlen)
154 size_t bytes_read = 0;
157 ssize_t res = read(fd, buf, maxlen);
161 fprintf(stderr, "error reading file: %m\n");
163 } else if (res == 0) {
175 /* Read the contents of a file (specified by an open file descriptor) and copy
176 * the data to the store. Returns the size of the file (number of bytes
177 * dumped), or -1 on error. */
178 int64_t dumpfile(int fd, dictionary &file_info, const string &path,
179 struct stat& stat_buf)
182 list<string> object_list;
183 const char *status = NULL; /* Status indicator printed out */
185 /* Look up this file in the old stat cache, if we can. If the stat
186 * information indicates that the file has not changed, do not bother
187 * re-reading the entire contents. Even if the information has been
188 * changed, we can use the list of old blocks in the search for a sub-block
189 * incremental representation. */
191 list<ObjectReference> old_blocks;
193 bool found = metawriter->find(path);
195 old_blocks = metawriter->get_blocks();
198 && !flag_rebuild_statcache
199 && metawriter->is_unchanged(&stat_buf)) {
202 /* If any of the blocks in the object have been expired, then we should
203 * fall back to fully reading in the file. */
204 for (list<ObjectReference>::const_iterator i = old_blocks.begin();
205 i != old_blocks.end(); ++i) {
206 const ObjectReference &ref = *i;
207 if (!db->IsAvailable(ref)) {
214 /* If everything looks okay, use the cached information */
216 file_info["checksum"] = metawriter->get_checksum();
217 for (list<ObjectReference>::const_iterator i = old_blocks.begin();
218 i != old_blocks.end(); ++i) {
219 const ObjectReference &ref = *i;
220 object_list.push_back(ref.to_string());
223 size = stat_buf.st_size;
227 /* If the file is new or changed, we must read in the contents a block at a
230 scoped_ptr<Hash> file_hash(Hash::New());
232 subfile.load_old_blocks(old_blocks);
235 ssize_t bytes = file_read(fd, block_buf, LBS_BLOCK_SIZE);
239 fprintf(stderr, "Backup contents for %s may be incorrect\n",
244 file_hash->update(block_buf, bytes);
246 // Sparse file processing: if we read a block of all zeroes, encode
248 bool all_zero = true;
249 for (int i = 0; i < bytes; i++) {
250 if (block_buf[i] != 0) {
256 // Either find a copy of this block in an already-existing segment,
257 // or index it so it can be re-used in the future
258 double block_age = 0.0;
261 scoped_ptr<Hash> block_hash(Hash::New());
262 block_hash->update(block_buf, bytes);
263 string block_csum = block_hash->digest_str();
266 ref = ObjectReference(ObjectReference::REF_ZERO);
267 ref.set_range(0, bytes);
269 ref = db->FindObject(block_csum, bytes);
272 list<ObjectReference> refs;
274 // Store a copy of the object if one does not yet exist
276 LbsObject *o = new LbsObject;
279 /* We might still have seen this checksum before, if the object
280 * was stored at some time in the past, but we have decided to
281 * clean the segment the object was originally stored in
282 * (FindObject will not return such objects). When rewriting
283 * the object contents, put it in a separate group, so that old
284 * objects get grouped together. The hope is that these old
285 * objects will continue to be used in the future, and we
286 * obtain segments which will continue to be well-utilized.
287 * Additionally, keep track of the age of the data by looking
288 * up the age of the block which was expired and using that
289 * instead of the current time. */
290 if (db->IsOldObject(block_csum, bytes,
291 &block_age, &object_group)) {
292 if (object_group == 0) {
293 o->set_group("data");
295 o->set_group(string_printf("compacted-%d",
301 o->set_group("data");
305 subfile.analyze_new_block(block_buf, bytes);
306 refs = subfile.create_incremental(tss, o, block_age);
308 if (flag_rebuild_statcache && ref.is_normal()) {
309 subfile.analyze_new_block(block_buf, bytes);
310 subfile.store_analyzed_signatures(ref);
315 while (!refs.empty()) {
316 ref = refs.front(); refs.pop_front();
318 // The file-level checksum guarantees integrity of the data.
319 // To reduce the metadata log size, do not include checksums on
320 // individual objects.
321 ref.clear_checksum();
323 object_list.push_back(ref.to_string());
332 file_info["checksum"] = file_hash->digest_str();
335 // Sanity check: if the file looks like it hasn't changed, then the
336 // newly-computed checksum should match the checksum in the statcache. If
337 // not, we have possible disk corruption and report a warning.
339 && metawriter->is_unchanged(&stat_buf)
340 && file_info["checksum"] != metawriter->get_checksum()) {
342 "Warning: Checksum for %s does not match expected value\n"
346 metawriter->get_checksum().c_str(),
347 file_info["checksum"].c_str());
350 if (verbose && status != NULL)
351 printf(" [%s]\n", status);
353 string blocklist = "";
354 for (list<string>::iterator i = object_list.begin();
355 i != object_list.end(); ++i) {
356 if (i != object_list.begin())
360 file_info["data"] = blocklist;
365 /* Look up a user/group and convert it to string form (either strictly numeric
366 * or numeric plus symbolic). Caches the results of the call to
367 * getpwuid/getgrgid. */
368 string user_to_string(uid_t uid) {
369 static map<uid_t, string> user_cache;
370 map<uid_t, string>::const_iterator i = user_cache.find(uid);
371 if (i != user_cache.end())
374 string result = encode_int(uid);
375 struct passwd *pwd = getpwuid(uid);
376 if (pwd != NULL && pwd->pw_name != NULL) {
377 result += " (" + uri_encode(pwd->pw_name) + ")";
379 user_cache[uid] = result;
383 string group_to_string(gid_t gid) {
384 static map<gid_t, string> group_cache;
385 map<gid_t, string>::const_iterator i = group_cache.find(gid);
386 if (i != group_cache.end())
389 string result = encode_int(gid);
390 struct group *grp = getgrgid(gid);
391 if (grp != NULL && grp->gr_name != NULL) {
392 result += " (" + uri_encode(grp->gr_name) + ")";
394 group_cache[gid] = result;
398 /* Dump a specified filesystem object (file, directory, etc.) based on its
399 * inode information. If the object is a regular file, an open filehandle is
401 void dump_inode(const string& path, // Path within snapshot
402 const string& fullpath, // Path to object in filesystem
403 struct stat& stat_buf, // Results of stat() call
404 int fd) // Open filehandle if regular file
407 dictionary file_info;
412 printf("%s\n", path.c_str());
413 metawriter->find(path);
415 file_info["name"] = uri_encode(path);
416 file_info["mode"] = encode_int(stat_buf.st_mode & 07777, 8);
417 file_info["ctime"] = encode_int(stat_buf.st_ctime);
418 file_info["mtime"] = encode_int(stat_buf.st_mtime);
419 file_info["user"] = user_to_string(stat_buf.st_uid);
420 file_info["group"] = group_to_string(stat_buf.st_gid);
422 time_t now = time(NULL);
423 if (now - stat_buf.st_ctime < 30 || now - stat_buf.st_mtime < 30)
424 if ((stat_buf.st_mode & S_IFMT) != S_IFDIR)
425 file_info["volatile"] = "1";
427 if (stat_buf.st_nlink > 1 && (stat_buf.st_mode & S_IFMT) != S_IFDIR) {
428 file_info["links"] = encode_int(stat_buf.st_nlink);
431 file_info["inode"] = encode_int(major(stat_buf.st_dev))
432 + "/" + encode_int(minor(stat_buf.st_dev))
433 + "/" + encode_int(stat_buf.st_ino);
437 switch (stat_buf.st_mode & S_IFMT) {
446 inode_type = ((stat_buf.st_mode & S_IFMT) == S_IFBLK) ? 'b' : 'c';
447 file_info["device"] = encode_int(major(stat_buf.st_rdev))
448 + "/" + encode_int(minor(stat_buf.st_rdev));
453 /* Use the reported file size to allocate a buffer large enough to read
454 * the symlink. Allocate slightly more space, so that we ask for more
455 * bytes than we expect and so check for truncation. */
456 buf = new char[stat_buf.st_size + 2];
457 len = readlink(fullpath.c_str(), buf, stat_buf.st_size + 1);
459 fprintf(stderr, "error reading symlink: %m\n");
460 } else if (len <= stat_buf.st_size) {
462 file_info["target"] = uri_encode(buf);
463 } else if (len > stat_buf.st_size) {
464 fprintf(stderr, "error reading symlink: name truncated\n");
472 file_size = dumpfile(fd, file_info, path, stat_buf);
473 file_info["size"] = encode_int(file_size);
476 return; // error occurred; do not dump file
478 if (file_size != stat_buf.st_size) {
479 fprintf(stderr, "Warning: Size of %s changed during reading\n",
481 file_info["volatile"] = "1";
490 fprintf(stderr, "Unknown inode type: mode=%x\n", stat_buf.st_mode);
494 file_info["type"] = string(1, inode_type);
496 metawriter->add(file_info);
499 /* Converts a path to the normalized form used in the metadata log. Paths are
500 * written as relative (without any leading slashes). The root directory is
501 * referred to as ".". */
502 string metafile_path(const string& path)
504 const char *newpath = path.c_str();
507 if (*newpath == '\0')
512 void try_merge_filter(const string& path, const string& basedir)
514 struct stat stat_buf;
515 if (lstat(path.c_str(), &stat_buf) < 0)
517 if ((stat_buf.st_mode & S_IFMT) != S_IFREG)
519 int fd = safe_open(path, NULL);
523 /* As a very crude limit on the complexity of merge rules, only read up to
524 * one block (1 MB) worth of data. If the file doesn't seems like it might
525 * be larger than that, don't parse the rules in it. */
526 ssize_t bytes = file_read(fd, block_buf, LBS_BLOCK_SIZE);
528 if (bytes < 0 || bytes >= static_cast<ssize_t>(LBS_BLOCK_SIZE - 1)) {
529 /* TODO: Add more strict resource limits on merge files? */
531 "Unable to read filter merge file (possibly size too large\n");
534 filter_rules.merge_patterns(metafile_path(path), basedir,
535 string(block_buf, bytes));
538 void scanfile(const string& path)
541 struct stat stat_buf;
544 string output_path = metafile_path(path);
546 if (lstat(path.c_str(), &stat_buf) < 0) {
547 fprintf(stderr, "lstat(%s): %m\n", path.c_str());
551 bool is_directory = ((stat_buf.st_mode & S_IFMT) == S_IFDIR);
552 if (!filter_rules.is_included(output_path, is_directory))
555 if ((stat_buf.st_mode & S_IFMT) == S_IFREG) {
556 fd = safe_open(path, &stat_buf);
561 dump_inode(output_path, path, stat_buf, fd);
566 /* If we hit a directory, now that we've written the directory itself,
567 * recursively scan the directory. */
569 DIR *dir = opendir(path.c_str());
572 fprintf(stderr, "Error reading directory %s: %m\n",
578 vector<string> contents;
579 while ((ent = readdir(dir)) != NULL) {
580 string filename(ent->d_name);
581 if (filename == "." || filename == "..")
583 contents.push_back(filename);
588 sort(contents.begin(), contents.end());
592 /* First pass through the directory items: look for any filter rules to
593 * merge and do so. */
594 for (vector<string>::iterator i = contents.begin();
595 i != contents.end(); ++i) {
599 else if (path == "/")
602 filename = path + "/" + *i;
603 if (filter_rules.is_mergefile(metafile_path(filename))) {
605 printf("Merging directory filter rules %s\n",
608 try_merge_filter(filename, output_path);
612 /* Second pass: recursively scan all items in the directory for backup;
613 * scanfile() will check if the item should be included or not. */
614 for (vector<string>::iterator i = contents.begin();
615 i != contents.end(); ++i) {
616 const string& filename = *i;
619 else if (path == "/")
620 scanfile("/" + filename);
622 scanfile(path + "/" + filename);
625 filter_rules.restore();
629 void usage(const char *program)
634 "Usage: %s [OPTION]... --dest=DEST PATHS...\n"
635 "Produce backup snapshot of files in SOURCE and store to DEST.\n"
638 " --dest=PATH path where backup is to be written\n"
639 " --upload-script=COMMAND\n"
640 " program to invoke for each backup file generated\n"
641 " --exclude=PATTERN exclude files matching PATTERN from snapshot\n"
642 " --include=PATTERN include files matching PATTERN in snapshot\n"
643 " --dir-merge=PATTERN parse files matching PATTERN to read additional\n"
644 " subtree-specific include/exclude rules during backup\n"
645 " --localdb=PATH local backup metadata is stored in PATH\n"
646 " --tmpdir=PATH path for temporarily storing backup files\n"
647 " (defaults to TMPDIR environment variable or /tmp)\n"
648 " --filter=COMMAND program through which to filter segment data\n"
649 " (defaults to \"bzip2 -c\")\n"
650 " --filter-extension=EXT\n"
651 " string to append to segment files\n"
652 " (defaults to \".bz2\")\n"
653 " --signature-filter=COMMAND\n"
654 " program though which to filter descriptor\n"
655 " --scheme=NAME optional name for this snapshot\n"
656 " --intent=FLOAT DEPRECATED: ignored, and will be removed soon\n"
657 " --full-metadata do not re-use metadata from previous backups\n"
658 " --rebuild-statcache re-read all file data to verify statcache\n"
659 " -v --verbose list files as they are backed up\n"
661 "Exactly one of --dest or --upload-script must be specified.\n",
662 cumulus_version, program
666 int main(int argc, char *argv[])
670 string backup_dest = "", backup_script = "";
671 string localdb_dir = "";
672 string backup_scheme = "";
673 string signature_filter = "";
675 string tmp_dir = "/tmp";
676 if (getenv("TMPDIR") != NULL)
677 tmp_dir = getenv("TMPDIR");
680 static struct option long_options[] = {
681 {"localdb", 1, 0, 0}, // 0
682 {"filter", 1, 0, 0}, // 1
683 {"filter-extension", 1, 0, 0}, // 2
684 {"dest", 1, 0, 0}, // 3
685 {"scheme", 1, 0, 0}, // 4
686 {"signature-filter", 1, 0, 0}, // 5
687 {"intent", 1, 0, 0}, // 6, DEPRECATED
688 {"full-metadata", 0, 0, 0}, // 7
689 {"tmpdir", 1, 0, 0}, // 8
690 {"upload-script", 1, 0, 0}, // 9
691 {"rebuild-statcache", 0, 0, 0}, // 10
692 {"include", 1, 0, 0}, // 11
693 {"exclude", 1, 0, 0}, // 12
694 {"dir-merge", 1, 0, 0}, // 13
695 // Aliases for short options
696 {"verbose", 0, 0, 'v'},
701 int c = getopt_long(argc, argv, "v", long_options, &long_index);
707 switch (long_index) {
709 localdb_dir = optarg;
712 filter_program = optarg;
714 case 2: // --filter-extension
715 filter_extension = optarg;
718 backup_dest = optarg;
721 backup_scheme = optarg;
723 case 5: // --signature-filter
724 signature_filter = optarg;
728 "Warning: The --intent= option is deprecated and will "
729 "be removed in the future.\n");
731 case 7: // --full-metadata
732 flag_full_metadata = true;
737 case 9: // --upload-script
738 backup_script = optarg;
740 case 10: // --rebuild-statcache
741 flag_rebuild_statcache = true;
743 case 11: // --include
744 filter_rules.add_pattern(PathFilterList::INCLUDE, optarg, "");
746 case 12: // --exclude
747 filter_rules.add_pattern(PathFilterList::EXCLUDE, optarg, "");
749 case 13: // --dir-merge
750 filter_rules.add_pattern(PathFilterList::DIRMERGE, optarg, "");
753 fprintf(stderr, "Unhandled long option!\n");
768 if (optind == argc) {
773 if (backup_dest == "" && backup_script == "") {
775 "Error: Backup destination must be specified using --dest= or --upload-script=\n");
780 if (backup_dest != "" && backup_script != "") {
782 "Error: Cannot specify both --dest= and --upload-script=\n");
787 // Default for --localdb is the same as --dest
788 if (localdb_dir == "") {
789 localdb_dir = backup_dest;
791 if (localdb_dir == "") {
793 "Error: Must specify local database path with --localdb=\n");
798 block_buf = new char[LBS_BLOCK_SIZE];
800 /* Initialize the remote storage layer. If using an upload script, create
801 * a temporary directory for staging files. Otherwise, write backups
802 * directly to the destination directory. */
803 if (backup_script != "") {
804 tmp_dir = tmp_dir + "/cumulus." + generate_uuid();
805 if (mkdir(tmp_dir.c_str(), 0700) < 0) {
806 fprintf(stderr, "Cannot create temporary directory %s: %m\n",
810 remote = new RemoteStore(tmp_dir, backup_script=backup_script);
812 remote = new RemoteStore(backup_dest);
815 /* Store the time when the backup started, so it can be included in the
820 = TimeFormat::format(now, TimeFormat::FORMAT_FILENAME, true);
822 /* Open the local database which tracks all objects that are stored
823 * remotely, for efficient incrementals. Provide it with the name of this
825 string database_path = localdb_dir + "/localdb.sqlite";
827 db->Open(database_path.c_str(), timestamp.c_str(), backup_scheme.c_str());
829 tss = new TarSegmentStore(remote, db);
831 /* Initialize the stat cache, for skipping over unchanged files. */
832 metawriter = new MetadataWriter(tss, localdb_dir.c_str(), timestamp.c_str(),
833 backup_scheme.c_str());
835 for (int i = optind; i < argc; i++) {
839 ObjectReference root_ref = metawriter->close();
840 string backup_root = root_ref.to_string();
848 /* Write out a summary file with metadata for all the segments in this
849 * snapshot (can be used to reconstruct database contents if needed), and
850 * contains hash values for the segments for quick integrity checks. */
851 string dbmeta_filename = "snapshot-";
852 if (backup_scheme.size() > 0)
853 dbmeta_filename += backup_scheme + "-";
854 dbmeta_filename += timestamp + ".meta" + filter_extension;
855 RemoteFile *dbmeta_file = remote->alloc_file(dbmeta_filename, "meta");
856 scoped_ptr<FileFilter> dbmeta_filter(FileFilter::New(dbmeta_file->get_fd(),
858 if (dbmeta_filter == NULL) {
859 fprintf(stderr, "Unable to open descriptor output file: %m\n");
862 FILE *dbmeta = fdopen(dbmeta_filter->get_wrapped_fd(), "w");
864 std::set<string> segment_list = db->GetUsedSegments();
865 for (std::set<string>::iterator i = segment_list.begin();
866 i != segment_list.end(); ++i) {
867 map<string, string> segment_metadata = db->GetSegmentMetadata(*i);
868 if (segment_metadata.size() > 0) {
869 map<string, string>::const_iterator j;
870 for (j = segment_metadata.begin();
871 j != segment_metadata.end(); ++j)
873 fprintf(dbmeta, "%s: %s\n",
874 j->first.c_str(), j->second.c_str());
876 fprintf(dbmeta, "\n");
880 dbmeta_filter->wait();
883 = Hash::hash_file(dbmeta_file->get_local_path().c_str());
888 /* All other files should be flushed to remote storage before writing the
889 * backup descriptor below, so that it is not possible to have a backup
890 * descriptor written out depending on non-existent (not yet written)
894 /* Write a backup descriptor file, which says which segments are needed and
895 * where to start to restore this snapshot. The filename is based on the
896 * current time. If a signature filter program was specified, filter the
897 * data through that to give a chance to sign the descriptor contents. */
898 string desc_filename = "snapshot-";
899 if (backup_scheme.size() > 0)
900 desc_filename += backup_scheme + "-";
901 desc_filename = desc_filename + timestamp + ".cumulus";
903 RemoteFile *descriptor_file = remote->alloc_file(desc_filename,
905 scoped_ptr<FileFilter> descriptor_filter(
906 FileFilter::New(descriptor_file->get_fd(), signature_filter.c_str()));
907 if (descriptor_filter == NULL) {
908 fprintf(stderr, "Unable to open descriptor output file: %m\n");
911 FILE *descriptor = fdopen(descriptor_filter->get_wrapped_fd(), "w");
913 fprintf(descriptor, "Format: Cumulus Snapshot v0.11\n");
914 fprintf(descriptor, "Producer: Cumulus %s\n", cumulus_version);
915 string timestamp_local
916 = TimeFormat::format(now, TimeFormat::FORMAT_LOCALTIME, false);
917 fprintf(descriptor, "Date: %s\n", timestamp_local.c_str());
918 if (backup_scheme.size() > 0)
919 fprintf(descriptor, "Scheme: %s\n", backup_scheme.c_str());
920 fprintf(descriptor, "Root: %s\n", backup_root.c_str());
922 if (dbmeta_csum.size() > 0) {
923 fprintf(descriptor, "Segment-metadata: %s\n", dbmeta_csum.c_str());
926 fprintf(descriptor, "Segments:\n");
927 for (std::set<string>::iterator i = segment_list.begin();
928 i != segment_list.end(); ++i) {
929 fprintf(descriptor, " %s\n", i->c_str());
933 if (descriptor_filter->wait() < 0) {
934 fatal("Signature filter process error");
937 descriptor_file->send();
942 if (backup_script != "") {
943 if (rmdir(tmp_dir.c_str()) < 0) {
945 "Warning: Cannot delete temporary directory %s: %m\n",