Various changes to sbosrcarch-wrapper.
* Introduce a test to make sure the script is being run by the correct user. * Do all testing before locking. * Drop disk caches before starting work. * Check for files with the wrong owner/group before doing a sync. * Run the mirror script with the configured group as primary.
This commit is contained in:
parent
3eae23d1a8
commit
8349b685f1
1 changed files with 39 additions and 23 deletions
|
|
@ -3,6 +3,9 @@
|
|||
|
||||
# Configuration.
|
||||
COMMAND="/opt/bin/sbosrcarch"
|
||||
DEPOSITORY="/data/depository/sbosrcarch"
|
||||
SBOSRCARCH_USER="sbosrcarch"
|
||||
DEPOSITORY_GROUP="depository"
|
||||
LOGSDIR="/var/log/duplication/sbosrcarch/$(printf "%(%Y/%m)T")"
|
||||
LOGFILE="$(printf "%(%Y%m%d-%H%M%S)T")-$$"
|
||||
# Where from/to to send emails. Comment for no emailing.
|
||||
|
|
@ -22,9 +25,25 @@ notify() {
|
|||
return 0
|
||||
}
|
||||
|
||||
# Don't run as root!
|
||||
(( $(id -u) == 0 )) && {
|
||||
printf "%s: %s\\n" "${0##*/}" "don't run me as root - it messes up permissions!" >&2
|
||||
# Logs are only for root.
|
||||
umask 027
|
||||
|
||||
# Only run for the configured sbosrcarch user.
|
||||
[[ "$(whoami)" != "$SBOSRCARCH_USER" ]] && {
|
||||
printf "%s: %s\\n" "${0##*/}" "must be run by the '$SBOSRCARCH_USER' user - use su to run manually" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Make sure the logs directory exists.
|
||||
# shellcheck disable=SC2174
|
||||
mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || {
|
||||
printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Make sure the command to do the work is runnable.
|
||||
[[ ! -x "$COMMAND" ]] && {
|
||||
printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
|
|
@ -43,27 +62,24 @@ if [[ "$FLOCK" != "$0" ]]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
# Logs are only for root.
|
||||
umask 027
|
||||
# Drop the caches as sometimes old user/groups are cached.
|
||||
sudo /opt/sbin/drop-caches
|
||||
|
||||
# Make sure the logs directory exists.
|
||||
# shellcheck disable=SC2174
|
||||
mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || {
|
||||
printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Make sure the command to do the work is runnable.
|
||||
[[ ! -x "$COMMAND" ]] && {
|
||||
printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Do the sbosrcarch work.
|
||||
"$COMMAND" "${@:-update}" >"$LOGSDIR/$LOGFILE" 2>&1
|
||||
ERR="$?"
|
||||
printf "\\n" >>"$LOGSDIR/$LOGFILE"
|
||||
"$COMMAND" "status" >>"$LOGSDIR/$LOGFILE" 2>&1
|
||||
# Make sure there's no errant ownerships.
|
||||
#WRONG_PERMS="$(find "$DEPOSITORY" \( \! -user "$SBOSRCARCH_USER" -o \! -group "$DEPOSITORY_GROUP" \) -a \! -path "$DEPOSITORY" -printf "%u:%g\t%P\n")"
|
||||
if [[ -n "$WRONG_PERMS" ]]; then
|
||||
printf "%s\\n" "This run has been aborted!" >"$LOGSDIR/$LOGFILE"
|
||||
printf "%s\\n" "The following files in have errant permissions:" >>"$LOGSDIR/$LOGFILE"
|
||||
printf "%s\\n" "$WRONG_PERMS" >>"$LOGSDIR/$LOGFILE"
|
||||
ERR=-1
|
||||
else
|
||||
# Do the sbosrcarch work.
|
||||
sg "$DEPOSITORY_GROUP" -c "$COMMAND ${1:-update}" >"$LOGSDIR/$LOGFILE" 2>&1
|
||||
ERR="$?"
|
||||
printf "\\n" >>"$LOGSDIR/$LOGFILE"
|
||||
sg "$DEPOSITORY_GROUP" -c "$COMMAND status" >>"$LOGSDIR/$LOGFILE" 2>&1
|
||||
(( ERR += $? ))
|
||||
fi
|
||||
|
||||
# Tell the sysadmin what went on.
|
||||
if (( "$ERR" == 0 )); then
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue