| 1 | #!/bin/sh -e |
| 2 | |
| 3 | case $1 in |
| 4 | adduser) |
| 5 | USERNAME=$2 |
| 6 | PASSWORD=$3 |
| 7 | |
| 8 | kinit -k -t /etc/keytabs/root.admin.keytab root/admin |
| 9 | aklog |
| 10 | |
| 11 | if ! vos examine db.$USERNAME >/dev/null 2>/dev/null; then |
| 12 | vos create -server afs -partition a -name db.$USERNAME -maxquota 5000 |
| 13 | fs mkmount -dir /afs/.hcoop.net/common/.databases/$USERNAME -vol db.$USERNAME -rw |
| 14 | fs setacl -dir /afs/hcoop.net/common/databases/$USERNAME -acl databases l |
| 15 | fs setacl -dir /afs/hcoop.net/common/databases/$USERNAME -acl system:backup rl |
| 16 | fi |
| 17 | |
| 18 | sudo -H mysql -e "CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';" |
| 19 | ;; |
| 20 | passwd) |
| 21 | USERNAME=$2 |
| 22 | PASSWORD=$3 |
| 23 | |
| 24 | sudo -H mysql -e "SET PASSWORD FOR '$USERNAME'@'localhost' = PASSWORD('$PASSWORD');" |
| 25 | ;; |
| 26 | createdb) |
| 27 | USERNAME=$2 |
| 28 | DBNAME_BASE=$3 |
| 29 | DBNAME="${USERNAME}_${DBNAME_BASE}" |
| 30 | DIR=/afs/hcoop.net/common/databases/$USERNAME/mysql |
| 31 | |
| 32 | kinit -k -t /etc/keytabs/root.admin.keytab root/admin |
| 33 | aklog |
| 34 | |
| 35 | mkdir -p $DIR |
| 36 | fs setacl -dir $DIR -acl mysql rlid |
| 37 | fs setacl -dir $DIR -acl databases none |
| 38 | fs setacl -dir $DIR -acl system:backup rl |
| 39 | mkdir $DIR/$DBNAME |
| 40 | chown mysql:mysql $DIR/$DBNAME |
| 41 | chmod 770 $DIR/$DBNAME |
| 42 | ln -sf $DIR/$DBNAME /var/lib/mysql/$DBNAME |
| 43 | fs setacl -dir $DIR/$DBNAME/ -acl mysql all |
| 44 | |
| 45 | sudo -H mysql -e "GRANT CREATE,SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE VIEW,SHOW VIEW,GRANT OPTION ON TABLE * TO '$USERNAME'@'localhost';" $DBNAME |
| 46 | sudo -H mysql -e "FLUSH PRIVILEGES;" |
| 47 | ;; |
| 48 | *) |
| 49 | echo "Usage: domtool-mysql [adduser <user> <password> | passwd <user> <password> | createdb <user> <table>]" |
| 50 | ;; |
| 51 | esac |