apache-sync-logs: Work around strangeness with nocelic and magnus users

[clinton/scripts.git] / apache-sync-logs

diff --git a/apache-sync-logs b/apache-sync-logs
index 64dae8a..f56b08a 100755 (executable)
--- a/apache-sync-logs
+++ b/apache-sync-logs
@@ -14,11 +14,14 @@ VERBOSE=false
 LOCAL_LOG_DIR=/var/log/apache2
 KEYTAB_DIR=/etc/keytabs/user.daemon
 AFS_USER_DIR=/afs/hcoop.net/user
 LOCAL_LOG_DIR=/var/log/apache2
 KEYTAB_DIR=/etc/keytabs/user.daemon
 AFS_USER_DIR=/afs/hcoop.net/user

+ERROR=no

 
 for A in $(find $LOCAL_LOG_DIR/user -mindepth 3 -maxdepth 3 -print); do
     USER=`basename $A`
     PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER
 
 for A in $(find $LOCAL_LOG_DIR/user -mindepth 3 -maxdepth 3 -print); do
     USER=`basename $A`
     PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER

-    LOG_DEST=$AFS_USER_DIR/$PATHBITS/logs/apache/
+    LOG_SRC=$A/apache/log
+    LOG_DEST=$AFS_USER_DIR/$PATHBITS/.logs/apache/
+    TMP_DEST=$LOG_SRC.tmp

 
     if [ "$VERBOSE" = "true" ]; then
         echo
 
     if [ "$VERBOSE" = "true" ]; then
         echo


@@ -29,13 +32,29 @@ for A in $(find $LOCAL_LOG_DIR/user -mindepth 3 -maxdepth 3 -print); do
 
     if [ ! -d "$LOG_DEST" ]; then
         echo "Error: $LOG_DEST does not exist, please make it"
 
     if [ ! -d "$LOG_DEST" ]; then
         echo "Error: $LOG_DEST does not exist, please make it"

-        exit 1
+        ERROR=yes

     else
     else

+        rm -fr $TMP_DEST
+        cp -r $LOG_SRC $TMP_DEST
+        chmod -R u=rwX,go=X $TMP_DEST
+        # There is an issue here.  With nocelic and magnus, doing su
+        # $USER will cause rsync to not be able to read $LOG_DEST,
+        # even if it is first chown'ed to $USER.  So we have to just
+        # be root, and not change ownership or group when copying the
+        # files.  This makes group be root on AFS, but that shouldn't
+        # matter for anything important.  Perhaps some PAM issue is
+        # related to this, since even read/write to local filesystem
+        # is screwed up.

         k5start -qtU -f $KEYTAB_DIR/$USER \
         k5start -qtU -f $KEYTAB_DIR/$USER \

-            -- su $USER -c "rsync -a $A/apache/log/ $LOG_DEST/ ;
-            chown -R $USER $LOG_DEST ;
-            chmod -R u+rw $LOG_DEST"
+            -- rsync -a --no-o --no-g $TMP_DEST/ $LOG_DEST/
+        rm -fr $TMP_DEST

         [ "$VERBOSE" = "true" ] && echo "  done."
         [ "$VERBOSE" = "true" ] && echo "  done."

-        exit 0

     fi
 done
     fi
 done

+
+if [ "$ERROR" = "yes" ]; then
+    exit 1
+else
+    exit 0
+fi
+