| 1 | #!/bin/sh |
|---|
| 2 | # $Id: acl.sh 3956 2010-01-05 20:56:56Z zacheiss $ |
|---|
| 3 | if [ -d /var/athena ] && [ -w /var/athena ]; then |
|---|
| 4 | exec >/var/athena/moira_update.log 2>&1 |
|---|
| 5 | else |
|---|
| 6 | exec >/tmp/moira_update.log 2>&1 |
|---|
| 7 | fi |
|---|
| 8 | |
|---|
| 9 | # The following exit codes are defined and MUST BE CONSISTENT with the |
|---|
| 10 | # error codes the library uses: |
|---|
| 11 | MR_NOCRED=47836470 |
|---|
| 12 | MR_MISSINGFILE=47836473 |
|---|
| 13 | MR_MKCRED=47836474 |
|---|
| 14 | MR_TARERR=47836476 |
|---|
| 15 | |
|---|
| 16 | status=0 |
|---|
| 17 | |
|---|
| 18 | PATH=/bin:/usr/bin |
|---|
| 19 | TARFILE=/var/tmp/acl.out |
|---|
| 20 | SRCDIR=/var/tmp/acltmp |
|---|
| 21 | |
|---|
| 22 | # Alert if the tar file does not exist |
|---|
| 23 | test -r $TARFILE || exit $MR_MISSINGFILE |
|---|
| 24 | |
|---|
| 25 | # Make a temporary directory to unpack the tar file into |
|---|
| 26 | rm -rf $SRCDIR |
|---|
| 27 | mkdir $SRCDIR || exit $MR_MKCRED |
|---|
| 28 | cd $SRCDIR || exit $MR_MKCRED |
|---|
| 29 | tar xpf $TARFILE || exit $MR_TARERR |
|---|
| 30 | |
|---|
| 31 | # Copy over each file which is new or has changed |
|---|
| 32 | for file in `find . -type f -print | sed -e 's/^\.//'`; do |
|---|
| 33 | if [ $file = /etc/passwd -o $file = /etc/passwd.local ]; then |
|---|
| 34 | # Make sure that there is a head file, or that the generated |
|---|
| 35 | # file contains an entry for root. |
|---|
| 36 | if [ ! -f $file.head ]; then |
|---|
| 37 | if egrep -s ^root: .$file; then |
|---|
| 38 | : |
|---|
| 39 | else |
|---|
| 40 | status=$MR_MISSINGFILE |
|---|
| 41 | break |
|---|
| 42 | fi |
|---|
| 43 | fi |
|---|
| 44 | elif [ $file = /etc/group -o $file = /etc/group.local ]; then |
|---|
| 45 | # Make sure that there is a head file, or that the generated |
|---|
| 46 | # file contains a group with gid 0. |
|---|
| 47 | if [ ! -f $file.head ]; then |
|---|
| 48 | if awk -F: '$3 == "0" { exit 1; }' $file; then |
|---|
| 49 | status=$MR_MISSINGFILE |
|---|
| 50 | break |
|---|
| 51 | fi |
|---|
| 52 | fi |
|---|
| 53 | fi |
|---|
| 54 | |
|---|
| 55 | if [ -f $file.head ]; then |
|---|
| 56 | head=$file.head |
|---|
| 57 | else |
|---|
| 58 | head= |
|---|
| 59 | fi |
|---|
| 60 | if [ -f $file.tail ]; then |
|---|
| 61 | tail=$file.tail |
|---|
| 62 | else |
|---|
| 63 | tail= |
|---|
| 64 | fi |
|---|
| 65 | |
|---|
| 66 | # Note that "$file" is a full pathname, and so ".$file" means |
|---|
| 67 | # the copy of file in the directory hierarchy rooted at ".", |
|---|
| 68 | # not "$file with a . prepended to its basename". |
|---|
| 69 | |
|---|
| 70 | # Create a tmp file with the correct owner and mode |
|---|
| 71 | if [ -f $file ]; then |
|---|
| 72 | cp -p $file $file.$$ |
|---|
| 73 | else |
|---|
| 74 | cp -p .$file $file.$$ |
|---|
| 75 | fi |
|---|
| 76 | |
|---|
| 77 | # Now dump the correct data into the tmp file without changing its |
|---|
| 78 | # owner and mode |
|---|
| 79 | cat $head .$file $tail > $file.$$ |
|---|
| 80 | |
|---|
| 81 | if cmp -s $file.$$ $file; then |
|---|
| 82 | rm -f $file.$$ |
|---|
| 83 | else |
|---|
| 84 | mv $file.$$ $file |
|---|
| 85 | fi |
|---|
| 86 | done |
|---|
| 87 | |
|---|
| 88 | # Test if a site-specific post dcm script exists, and run it if it does |
|---|
| 89 | if [ -x /etc/athena/postacldcm ]; then |
|---|
| 90 | /etc/athena/postacldcm >/dev/null 2>&1 |
|---|
| 91 | if [ $? != 0 ]; then |
|---|
| 92 | exit $MR_NOCRED |
|---|
| 93 | fi |
|---|
| 94 | elif [ -x /usr/local/sbin/postacldcm ]; then |
|---|
| 95 | /usr/local/sbin/postacldcm >/dev/null 2>&1 |
|---|
| 96 | if [ $? != 0 ]; then |
|---|
| 97 | exit $MR_NOCRED |
|---|
| 98 | fi |
|---|
| 99 | fi |
|---|
| 100 | |
|---|
| 101 | # cleanup |
|---|
| 102 | cd / |
|---|
| 103 | rm -rf $SRCDIR |
|---|
| 104 | test -f $TARFILE && rm -f $TARFILE |
|---|
| 105 | test -f $0 && rm -f $0 |
|---|
| 106 | |
|---|
| 107 | exit $status |
|---|
