diff --git a/drop-caches b/drop-caches deleted file mode 100755 index c6f10e6..0000000 --- a/drop-caches +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -# Used by the mirroring user to refresh the nfs cache before doing a mirroring run. - -echo 3 >/proc/sys/vm/drop_caches diff --git a/mirror b/mirror index 201a4c0..3a28814 100755 --- a/mirror +++ b/mirror @@ -17,7 +17,7 @@ MAX_RUNS="3" # Maximum number of runs IPV4="5.101.171.215" DATADIR="/data/depository" RSYNC_COMMAND="/usr/bin/rsync" -RSYNC_REMOTE_OPTIONS=('-4' "--address=$IPV4" '--no-motd' '--contimeout=30' '--timeout=60' '-aH' '--no-owner' '--no-group' '--chmod=go-w,+rX' '--partial' '--partial-dir=.rsync-tmp' '--delete-delay' '--delay-updates') +RSYNC_REMOTE_OPTIONS=('-4' "--address=$IPV4" '--no-motd' '--contimeout=30' '--timeout=60' '-aH' '--chmod=go-w,+rX' '--partial' '--partial-dir=.rsync-tmp' '--delete-delay' '--delay-updates') RSYNC_LOCAL_OPTIONS=('-aH' '--chmod=go-w,+rX' '--partial' '--partial-dir=.rsync-tmp' '--delay-updates') # RSYNC_VERBOSE=('--verbose' '--human-readable') # RSYNC_VERBOSE=('--progress' '--verbose' '--stats' '--human-readable') @@ -163,24 +163,6 @@ SLACKARCHIVE_FILTER=('--exclude=source/' '--include=/slackware-15.0' '--include= ####################################################################################################################################### -# Only allow the script to be run from the wrapper. -[[ ! -v MIRRORING_USER ]] && { - echo "ERROR: this script should only be run by mirror-wrapper" >&2 - exit 1 -} - -# Make sure the users match. -[[ "$(whoami)" != "$MIRRORING_USER" ]] && { - echo "ERROR: this script should be run by the '$MIRRORING_USER' only - use su to run manually" >&2 - exit 1 -} - -# Move to the depository directory. -cd "$DATADIR" >/dev/null 2>&1 || { - echo "ERROR: $DATADIR does not exist." >&2 - exit 1 -} - # Only allow one copy of the script to run at any time. # shellcheck disable=SC2154 if [[ "$FLOCK" != "$0" ]]; then @@ -196,6 +178,12 @@ if [[ "$FLOCK" != "$0" ]]; then fi fi +# Move to the depository directory. +cd "$DATADIR" >/dev/null 2>&1 || { + echo "ERROR: $DATADIR does not exist." >&2 + exit 1 +} + # Variables declare -a LFTP_LIST RSYNC_LIST diff --git a/mirror-wrapper b/mirror-wrapper index 9f9c532..61be5f4 100755 --- a/mirror-wrapper +++ b/mirror-wrapper @@ -3,10 +3,6 @@ # Configuration. COMMAND="/opt/bin/mirror" -DEPOSITORY="/data/depository" -MIRRORING_USER="mirroring" -SBOSRCARCH_USER="sbosrcarch" -DEPOSITORY_GROUP="depository" LOGSDIR="/var/log/duplication/mirroring/$(printf "%(%Y/%m)T")" LOGFILE="$(printf "%(%Y%m%d-%H%M%S)T")-$$" MIN_LOGFILE_SIZE="650" # Used to prevent unnecessary emails - only messages over this size are sent. @@ -26,22 +22,9 @@ notify() { return 0 } -# Only run for the configured mirroring user. -[[ "$(whoami)" != "$MIRRORING_USER" ]] && { - printf "%s: %s\\n" "${0##*/}" "must be run by the '$MIRRORING_USER' user - use su to run manually" >&2 - exit 1 -} - -# Make sure the logs directory exists. -# shellcheck disable=SC2174 -mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || { - printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2 - exit 1 -} - -# Make sure the command to do the work is runnable. -[[ ! -x "$COMMAND" ]] && { - printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2 +# Don't run as root! +(( $(id -u) == 0 )) && { + printf "%s: %s\\n" "${0##*/}" "don't run me as root - it messes up permissions!" >&2 exit 1 } @@ -63,22 +46,22 @@ fi # Logs are only for root. umask 027 -# Drop the caches as sometimes old user/groups are cached. -sudo /opt/sbin/drop-caches +# Make sure the logs directory exists. +# shellcheck disable=SC2174 +mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || { + printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2 + exit 1 +} -# Make sure there's no errant ownerships. -WRONG_PERMS="$(find "$DEPOSITORY" \( \( \! -user "$MIRRORING_USER" -a \! -user "$SBOSRCARCH_USER" \) -o \( \! -group "$DEPOSITORY_GROUP" \) \) -a \! -path "$DEPOSITORY" -printf "%u:%g\t%P\n")" -if [[ -n "$WRONG_PERMS" ]]; then - printf "%s\\n" "This sync has been aborted!" >"$LOGSDIR/$LOGFILE" - printf "%s\\n" "The following files in have errant permissions:" >>"$LOGSDIR/$LOGFILE" - printf "%s\\n" "$WRONG_PERMS" >>"$LOGSDIR/$LOGFILE" - ERR=-1 -else - # Do the mirroring work. - export MIRRORING_USER - sg "$DEPOSITORY_GROUP" -c "$COMMAND" "$@" >"$LOGSDIR/$LOGFILE" 2>&1 - ERR="$?" -fi +# Make sure the command to do the work is runnable. +[[ ! -x "$COMMAND" ]] && { + printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2 + exit 1 +} + +# Do the mirroring work. +"$COMMAND" "$@" >"$LOGSDIR/$LOGFILE" 2>&1 +ERR="$?" # Tell the sysadmin what went on. if (( "$ERR" == 0 )); then