X-Git-Url: http://git.hcoop.net/clinton/scripts.git/blobdiff_plain/40cee8c114572e5f1172933cf2cbbfc299b9400f..df1962e3235a88e86e76feac74e8d58b93d7608f:/apache-sync-logs

diff --git a/apache-sync-logs b/apache-sync-logs
index f56b08a..3f83088 100755
--- a/apache-sync-logs
+++ b/apache-sync-logs
@@ -11,48 +11,66 @@ unlog
 #VERBOSE=true
 VERBOSE=false
 
-LOCAL_LOG_DIR=/var/log/apache2
+LOCAL_LOG_DIR=/var/log/apache2/user
 KEYTAB_DIR=/etc/keytabs/user.daemon
 AFS_USER_DIR=/afs/hcoop.net/user
 ERROR=no
 
-for A in $(find $LOCAL_LOG_DIR/user -mindepth 3 -maxdepth 3 -print); do
+# Sanify permissions so that we can safely create tmp directories and
+# run rsync.
+chmod -R u=rwX,g=rX,o=X $LOCAL_LOG_DIR
+
+# Iterate through logs for each user
+for A in $(find $LOCAL_LOG_DIR -mindepth 3 -maxdepth 3 -print); do
     USER=`basename $A`
     PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER
+    USER_HOME=$AFS_USER_DIR/$PATHBITS
     LOG_SRC=$A/apache/log
-    LOG_DEST=$AFS_USER_DIR/$PATHBITS/.logs/apache/
+    LOG_DEST=$USER_HOME/.logs/apache/
     TMP_DEST=$LOG_SRC.tmp
 
-    if [ "$VERBOSE" = "true" ]; then
+    # Skip deleted or empty log directories
+    if test ! -d "$LOG_SRC" || ! ls "$LOG_SRC"/*/*/*.log >/dev/null 2>&1; then
+        continue
+    fi
+
+    # Skip people who have unreadable log subdirectories
+    if test -d "$USER_HOME/.logs" && \
+        ! ls "$USER_HOME/.logs" >/dev/null 2>&1; then
+        continue
+    fi
+
+    # Skip people who do not have keytabs
+    if test ! -f "$KEYTAB_DIR/$USER"; then
+        continue
+    fi
+
+    if test "$VERBOSE" = "true"; then
         echo
         echo "=============================================================================="
         echo "syncing logs for $USER from $A"
         echo "  to $LOG_DEST ..."
     fi
 
-    if [ ! -d "$LOG_DEST" ]; then
-        echo "Error: $LOG_DEST does not exist, please make it"
-        ERROR=yes
+    if test ! -d "$LOG_DEST"; then
+#        echo "Error: $LOG_DEST does not exist, please make it"
+#        ERROR=yes
+# We will assume that people know what they are doing when they
+# delete their ~/.logs/apache directory ....
+        continue
     else
         rm -fr $TMP_DEST
         cp -r $LOG_SRC $TMP_DEST
+        chown -R $USER:nogroup $TMP_DEST
         chmod -R u=rwX,go=X $TMP_DEST
-        # There is an issue here.  With nocelic and magnus, doing su
-        # $USER will cause rsync to not be able to read $LOG_DEST,
-        # even if it is first chown'ed to $USER.  So we have to just
-        # be root, and not change ownership or group when copying the
-        # files.  This makes group be root on AFS, but that shouldn't
-        # matter for anything important.  Perhaps some PAM issue is
-        # related to this, since even read/write to local filesystem
-        # is screwed up.
         k5start -qtU -f $KEYTAB_DIR/$USER \
-            -- rsync -a --no-o --no-g $TMP_DEST/ $LOG_DEST/
+            -- sudo -u $USER rsync -a $TMP_DEST/ $LOG_DEST/
         rm -fr $TMP_DEST
-        [ "$VERBOSE" = "true" ] && echo "  done."
+        test "$VERBOSE" = "true" && echo "  done."
     fi
 done
 
-if [ "$ERROR" = "yes" ]; then
+if test "$ERROR" = "yes"; then
     exit 1
 else
     exit 0