apache-sync-logs: Skip people who do not have keytabs
[clinton/scripts.git] / apache-sync-logs
index 7c1f81e..fdc2919 100755 (executable)
@@ -11,41 +11,56 @@ unlog
 #VERBOSE=true
 VERBOSE=false
 
-LOCAL_LOG_DIR=/var/log/apache2
+LOCAL_LOG_DIR=/var/log/apache2/user
 KEYTAB_DIR=/etc/keytabs/user.daemon
 AFS_USER_DIR=/afs/hcoop.net/user
 ERROR=no
 
-for A in $(find $LOCAL_LOG_DIR/user -mindepth 3 -maxdepth 3 -print); do
+# Sanify permissions so that we can safely create tmp directories and
+# run rsync.
+chmod -R u=rwX,g=rX,o=X $LOCAL_LOG_DIR
+
+# Iterate through logs for each user
+for A in $(find $LOCAL_LOG_DIR -mindepth 3 -maxdepth 3 -print); do
     USER=`basename $A`
     PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER
     LOG_SRC=$A/apache/log
-    LOG_DEST=$AFS_USER_DIR/$PATHBITS/logs/apache/
+    LOG_DEST=$AFS_USER_DIR/$PATHBITS/.logs/apache/
     TMP_DEST=$LOG_SRC.tmp
 
-    if [ "$VERBOSE" = "true" ]; then
+    # Skip deleted or empty log directories
+    if test ! -d "$LOG_SRC" || ! ls "$LOG_SRC"/*/*/*.log >/dev/null 2>&1; then
+        continue
+    fi
+
+    # Skip people who do not have keytabs
+    if test ! -f "$KEYTAB_DIR/$USER"; then
+        continue
+    fi
+
+    if test "$VERBOSE" = "true"; then
         echo
         echo "=============================================================================="
         echo "syncing logs for $USER from $A"
         echo "  to $LOG_DEST ..."
     fi
 
-    if [ ! -d "$LOG_DEST" ]; then
+    if test ! -d "$LOG_DEST"; then
         echo "Error: $LOG_DEST does not exist, please make it"
         ERROR=yes
     else
         rm -fr $TMP_DEST
-        cp -a $LOG_SRC $TMP_DEST
-        chown -R $USER $TMP_DEST
+        cp -r $LOG_SRC $TMP_DEST
+        chown -R $USER:nogroup $TMP_DEST
         chmod -R u=rwX,go=X $TMP_DEST
         k5start -qtU -f $KEYTAB_DIR/$USER \
             -- su $USER -c "rsync -a $TMP_DEST/ $LOG_DEST/"
         rm -fr $TMP_DEST
-        [ "$VERBOSE" = "true" ] && echo "  done."
+        test "$VERBOSE" = "true" && echo "  done."
     fi
 done
 
-if [ "$ERROR" = "yes" ]; then
+if test "$ERROR" = "yes"; then
     exit 1
 else
     exit 0