Projects/random-commands
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Various changes to sbosrcarch-wrapper.

Browse source 
* Introduce a test to make sure the script is being run by the correct user.
* Do all testing before locking.
* Drop disk caches before starting work.
* Check for files with the wrong owner/group before doing a sync.
* Run the mirror script with the configured group as primary.
This commit is contained in:
Darren 'Tadgy' Austin 2026-05-24 00:32:48 +01:00
commit 8349b685f1
1 changed files with 39 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

62
sbosrcarch-wrapper
View file

@ -3,6 +3,9 @@
# Configuration. # Configuration.
COMMAND="/opt/bin/sbosrcarch" COMMAND="/opt/bin/sbosrcarch"
DEPOSITORY="/data/depository/sbosrcarch"
SBOSRCARCH_USER="sbosrcarch"
DEPOSITORY_GROUP="depository"
LOGSDIR="/var/log/duplication/sbosrcarch/$(printf "%(%Y/%m)T")" LOGSDIR="/var/log/duplication/sbosrcarch/$(printf "%(%Y/%m)T")"
LOGFILE="$(printf "%(%Y%m%d-%H%M%S)T")-$$" LOGFILE="$(printf "%(%Y%m%d-%H%M%S)T")-$$"
# Where from/to to send emails. Comment for no emailing. # Where from/to to send emails. Comment for no emailing.
@ -22,9 +25,25 @@ notify() {
return 0 return 0
} }
# Don't run as root! # Logs are only for root.
(( $(id -u) == 0 )) && { umask 027
printf "%s: %s\\n" "${0##*/}" "don't run me as root - it messes up permissions!" >&2
# Only run for the configured sbosrcarch user.
[[ "$(whoami)" != "$SBOSRCARCH_USER" ]] && {
printf "%s: %s\\n" "${0##*/}" "must be run by the '$SBOSRCARCH_USER' user - use su to run manually" >&2
exit 1
}
# Make sure the logs directory exists.
# shellcheck disable=SC2174
mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || {
printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2
exit 1
}
# Make sure the command to do the work is runnable.
[[ ! -x "$COMMAND" ]] && {
printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2
exit 1 exit 1
} }
@ -43,27 +62,24 @@ if [[ "$FLOCK" != "$0" ]]; then
fi fi
fi fi
# Logs are only for root. # Drop the caches as sometimes old user/groups are cached.
umask 027 sudo /opt/sbin/drop-caches
# Make sure the logs directory exists. # Make sure there's no errant ownerships.
# shellcheck disable=SC2174 #WRONG_PERMS="$(find "$DEPOSITORY" \( \! -user "$SBOSRCARCH_USER" -o \! -group "$DEPOSITORY_GROUP" \) -a \! -path "$DEPOSITORY" -printf "%u:%g\t%P\n")"
mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || { if [[ -n "$WRONG_PERMS" ]]; then
printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2 printf "%s\\n" "This run has been aborted!" >"$LOGSDIR/$LOGFILE"
exit 1 printf "%s\\n" "The following files in have errant permissions:" >>"$LOGSDIR/$LOGFILE"
} printf "%s\\n" "$WRONG_PERMS" >>"$LOGSDIR/$LOGFILE"
ERR=-1
# Make sure the command to do the work is runnable. else
[[ ! -x "$COMMAND" ]] && { # Do the sbosrcarch work.
printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2 sg "$DEPOSITORY_GROUP" -c "$COMMAND ${1:-update}" >"$LOGSDIR/$LOGFILE" 2>&1
exit 1 ERR="$?"
} printf "\\n" >>"$LOGSDIR/$LOGFILE"
sg "$DEPOSITORY_GROUP" -c "$COMMAND status" >>"$LOGSDIR/$LOGFILE" 2>&1
# Do the sbosrcarch work. (( ERR += $? ))
"$COMMAND" "${@:-update}" >"$LOGSDIR/$LOGFILE" 2>&1 fi
ERR="$?"
printf "\\n" >>"$LOGSDIR/$LOGFILE"
"$COMMAND" "status" >>"$LOGSDIR/$LOGFILE" 2>&1
# Tell the sysadmin what went on. # Tell the sysadmin what went on.
if (( "$ERR" == 0 )); then if (( "$ERR" == 0 )); then