-#!/bin/bash
-#
-# Git maintenance script, run by cron.
-
-# Update symlinks to user git repo locations.
-find /afs/hcoop.net/user -mindepth 3 -maxdepth 3 -noleaf -exec \
- sh -c "test -e {}/.hcoop-git && \
- ln -s {}/.hcoop-git/ /var/cache/git/\$(basename {}) 2>/dev/null" \;
-
-# Update cache of front page.
-cache=/var/local/lib/gitweb/indexcache.html
-wget -q -O $cache.tmp 'http://git.hcoop.net/?nocache=y'
-if test -s $cache.tmp; then
- chmod a+r $cache.tmp
- mv $cache.tmp $cache
-else
- rm -f $cache.tmp
-fi
+#!/bin/bash
+#
+# Git maintenance script, run by cron.
+
+# Update symlinks to user git repo locations.
+find /afs/hcoop.net/user -mindepth 3 -maxdepth 3 -noleaf -exec \
+ sh -c "test -e {}/.hcoop-git && { \
+ rm -f /var/cache/git/\$(basename {}); \
+ ln -sf {}/.hcoop-git /var/cache/git/\$(basename {}); }" \; \
+ > /dev/null 2>&1
+
+# Remove symlinks for users that have wrong permissions
+IFS=$'\n'
+for user in $(ls -1 /var/cache/git); do
+ if ! test -e $(readlink /var/cache/git/$user); then
+ rm -f /var/cache/git/$user
+ continue
+ fi
+ gitpath=$(readlink /var/cache/git/$user)
+ find -L $gitpath -noleaf -type d \
+ -regex '.*/\(refs\|objects\|hooks\)\(/.*\|$\)' -prune -o -exec \
+ sh -c "! { fs la {} | \
+ egrep '^ +system:anyuser .*r' > /dev/null; } && \
+ rm -f /var/cache/git/$user 2>/dev/null" \; \
+ > /dev/null 2>&1
+done
+
+# Update cache of front page.
+# unused for a long while...
+# cache=/var/local/lib/gitweb/indexcache.html
+# wget -q --timeout 30 -O $cache.tmp 'http://git.hcoop.net/?nocache=y'
+# if test -s $cache.tmp; then
+# chmod a+r $cache.tmp
+# mv $cache.tmp $cache
+# else
+# rm -f $cache.tmp
+# fi