#!/bin/bash # Wrapper around /opt/bin/sbosrcarch to keep a log of the session, and email it. # Configuration. COMMAND="/opt/bin/sbosrcarch" DEPOSITORY="/data/depository/sbosrcarch" SBOSRCARCH_USER='SLACKWAREUKINT\sbosrcarch' DEPOSITORY_GROUP='SLACKWAREUKINT\depository' LOGSDIR="/var/log/duplication/sbosrcarch/$(printf "%(%Y/%m)T")" LOGFILE="$(printf "%(%Y%m%d-%H%M%S)T")-$$" # Where from/to to send emails. Comment for no emailing. EMAIL_FROM="\"Server: ${HOSTNAME%%.*}\" " EMAIL_TO=("Systems' Administrator ") EMAIL_CC=("Urchlay ") # Functions notify() { [[ -n "$EMAIL_FROM" ]] && (( "${#EMAIL_TO[@]}" != 0 )) && { printf "%s: %s\\n%s: %s\\n%s:\\n%s\\n" "Exit code" "$ERR" "Logfile" "$LOGSDIR/$LOGFILE.xz" "Output" "$(cat "$LOGSDIR/$LOGFILE" | sed -re 's/^/ /g')" | mail -r "$EMAIL_FROM" -s "SboSrcArch $1" "$(for i in $(seq -s ' ' 0 $(( ${#EMAIL_CC[@]} -1 ))); do echo ${EMAIL_CC[$i]:+-c "${EMAIL_CC[$i]}"}; done)" "${EMAIL_TO[@]}" >/dev/null 2>&1 || { printf "%s: %s\\n" "${0##*/}" "mail command failed" >&2 return 1 } } return 0 } # Logs are only for root. umask 027 # Only run for the configured sbosrcarch user. [[ "$(whoami)" != "$SBOSRCARCH_USER" ]] && { printf "%s: %s\\n" "${0##*/}" "must be run by the '$SBOSRCARCH_USER' user" >&2 printf "%s: %s: %s\\n" "${0##*/}" "to run manually:" "su '$SBOSRCARCH_USER' $0 $@" >&2 exit 1 } # Make sure the logs directory exists. # shellcheck disable=SC2174 mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || { printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2 exit 1 } # Make sure the command to do the work is runnable. [[ ! -x "$COMMAND" ]] && { printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2 exit 1 } # Only allow one copy of the script to run at any time. # shellcheck disable=SC2154 if [[ "$FLOCK" != "$0" ]]; then # shellcheck disable=SC2093 exec env FLOCK="$0" flock -E 10 -e -n "$0" "$0" "$@" ERR="$?" if (( ERR == 10 )); then # File is locked, exit now. exit 0 elif (( ERR > 0 )); then printf "%s: %s\\n" "${0##*/}" "flock execution error" >&2 exit 1 fi fi # Drop the caches as sometimes old user/groups are cached. sudo /opt/sbin/drop-caches # Make sure there's no errant ownerships. printf "%s: %s\\n" "INFO" "Scanning sbosrcarch directory for correct ownerships/permissions" | tee "$LOGSDIR/$LOGFILE" WRONG="$(find "$DEPOSITORY/" \( \ \( -type b -o -type c -o -type p -o -type s \) -o \ \( -type l -a \! -perm 777 \) -o \ \( -type d -a \! -perm 755 -a \! -perm 2755 \) -o \ \( -type f -a \! -perm 644 -a \! -perm 755 \) -o \ \( \! -user "$SBOSRCARCH_USER" \) -o \ \( \! -group "$DEPOSITORY_GROUP" \) \ \) -a -printf "%u:%g\t%M\t%p\n")" if [[ -n "$WRONG" ]]; then printf "%s: %s\\n" "ERROR" "This run has been aborted!" | tee -a "$LOGSDIR/$LOGFILE" printf "%s: %s\\n" "WARNING" "The following paths have erronious ownerships/permissions:" | tee -a "$LOGSDIR/$LOGFILE" printf "%s\\n" "$WRONG" | sed -re 's/^/ /g' | tee -a "$LOGSDIR/$LOGFILE" ERR=-1 else printf "%s: %s\\n" "INFO" "No ownership/permission issues found" | tee -a "$LOGSDIR/$LOGFILE" # Do the sbosrcarch work. umask 022 printf "%s: %s: %s\\n" "INFO" "Beginning sbosrcarch run" "sg \"$DEPOSITORY_GROUP\" -c \"$COMMAND ${1:-update}\"" | tee -a "$LOGSDIR/$LOGFILE" TMP_OUTPUT="$(sg "$DEPOSITORY_GROUP" -c "$COMMAND ${1:-update} 2>&1")" ERR="$?" sg "$DEPOSITORY_GROUP" -c "$COMMAND status 2>&1" | tee -a "$LOGSDIR/$LOGFILE" printf "\\n%s\\n" "$TMP_OUTPUT" | tee -a "$LOGSDIR/$LOGFILE" (( ERR += $? )) fi # Tell the sysadmin what went on. if (( "$ERR" == 0 )); then # Send a report. notify "report" ERR="$?" else # sbosrcarch failed, tell the admin. notify "failure" || [[ -x /opt/bin/pushover-client ]] && /opt/bin/pushover-client "mirroring" -p -1 -s "SBoSrcArch failure" -m "Check log in email" ERR="1" fi # Compress the log to save some space. xz -9 "$LOGSDIR/$LOGFILE" 2>/dev/null || printf "%s: %s\\n" "${0##*/}" "failed to compress '$LOGSDIR/$LOGFILE'" >&2 exit "$ERR"