apache-sync-logs: Work around strangeness with nocelic and magnus users
[clinton/scripts.git] / apache-sync-logs
... / ...
CommitLineData
1#!/bin/bash
2
3# invoke this as root on mire
4
5exec 2>&1
6
7# drop any tokens; use only users' cgi tokens
8kdestroy > /dev/null 2>&1
9unlog
10
11#VERBOSE=true
12VERBOSE=false
13
14LOCAL_LOG_DIR=/var/log/apache2
15KEYTAB_DIR=/etc/keytabs/user.daemon
16AFS_USER_DIR=/afs/hcoop.net/user
17ERROR=no
18
19for A in $(find $LOCAL_LOG_DIR/user -mindepth 3 -maxdepth 3 -print); do
20 USER=`basename $A`
21 PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER
22 LOG_SRC=$A/apache/log
23 LOG_DEST=$AFS_USER_DIR/$PATHBITS/.logs/apache/
24 TMP_DEST=$LOG_SRC.tmp
25
26 if [ "$VERBOSE" = "true" ]; then
27 echo
28 echo "=============================================================================="
29 echo "syncing logs for $USER from $A"
30 echo " to $LOG_DEST ..."
31 fi
32
33 if [ ! -d "$LOG_DEST" ]; then
34 echo "Error: $LOG_DEST does not exist, please make it"
35 ERROR=yes
36 else
37 rm -fr $TMP_DEST
38 cp -r $LOG_SRC $TMP_DEST
39 chmod -R u=rwX,go=X $TMP_DEST
40 # There is an issue here. With nocelic and magnus, doing su
41 # $USER will cause rsync to not be able to read $LOG_DEST,
42 # even if it is first chown'ed to $USER. So we have to just
43 # be root, and not change ownership or group when copying the
44 # files. This makes group be root on AFS, but that shouldn't
45 # matter for anything important. Perhaps some PAM issue is
46 # related to this, since even read/write to local filesystem
47 # is screwed up.
48 k5start -qtU -f $KEYTAB_DIR/$USER \
49 -- rsync -a --no-o --no-g $TMP_DEST/ $LOG_DEST/
50 rm -fr $TMP_DEST
51 [ "$VERBOSE" = "true" ] && echo " done."
52 fi
53done
54
55if [ "$ERROR" = "yes" ]; then
56 exit 1
57else
58 exit 0
59fi
60