Skip to content

Limits and safety

MinaConfigGuard is strict by default and refuses unsafe operations.

Global locking

A single global lock is shared by: - manual backup - restore - scheduler - reload - shutdown backup

If the lock is busy: - manual backup is refused - restore is refused - reload is refused - scheduler and shutdown backup may be skipped

Backup limits

  • backup.maxTotalMb
    • Hard cap for any backup plan
    • If exceeded, backup is refused

FULL mode include/exclude: - include lists restrict what is backed up - exclude lists remove unwanted folders or extensions - Mina runtime paths (backups, reports) are always excluded

Diff limits

  • diff.content.maxFiles

    • Limits number of files printed with content diff

  • diff.content.maxBytesPerFile

    • Skips content diff for large files

  • --max-lines

    • /cg diff --max-lines is clamped to 20..2000

Restore safety

Restore refuses: - unsafe paths (absolute paths, traversal segments) - restoring ConfigGuard runtime paths - missing or invalid meta.json - missing payload files - payload hash or size mismatch - too many files ( estore.maxFilesPerRun) - overwriting huge files ( estore.maxBytesPerFile)

Atomic writes

  • Restore uses atomic writes per file to reduce partial write risk