3 # Copyright (c) 2009, 2010, 2012 Peter Palfrader
5 # Permission is hereby granted, free of charge, to any person obtaining
6 # a copy of this software and associated documentation files (the
7 # "Software"), to deal in the Software without restriction, including
8 # without limitation the rights to use, copy, modify, merge, publish,
9 # distribute, sublicense, and/or sell copies of the Software, and to
10 # permit persons to whom the Software is furnished to do so, subject to
11 # the following conditions:
13 # The above copyright notice and this permission notice shall be
14 # included in all copies or substantial portions of the Software.
16 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20 # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27 . /etc/staticsync.conf
28 if ! [ -n "$base" ]; then
29 echo >&2 "base not configured!"
34 MYLOGNAME="`basename "$0"`[$$]"
35 COMPONENTLIST=/etc/static-components.conf
38 echo "local Usage: $0 <host>"
39 echo "via ssh orig command:"
40 echo " mirror <component> <serial>"
42 echo " static-master-update-component <component>"
46 if [ "$#" -lt 1 ]; then
53 logger -p daemon.info -t "$MYLOGNAME" "$1"
57 logger -s -p daemon.warn -t "$MYLOGNAME" "$1"
62 local remote_host="$1"; shift
64 local component="$1"; shift
66 local serial="$1"; shift
68 masterhost="$(awk -v component="$component" '!/^ *(#|$)/ && $2 == component {print $1; exit}' "$COMPONENTLIST")"
69 if [ -z "$masterhost" ]; then
70 croak "Did not find master for component $component."
71 elif [ "$masterhost" != "$remote_host" ]; then
72 croak "$remote_host is not master for $component."
74 info "Host $remote_host triggered a mirror run for $component, serial $serial"
75 exec /usr/local/bin/static-mirror-run "$BASEDIR/mirrors/$component" "$remote_host:$component/-new-" "$serial"
76 echo >&2 "Exec failed"
81 do_rsync_on_master() {
82 local remote_host="$1"; shift
85 allowed_rsyncs+=("--server --sender -vlHtrze.iLsf --safe-links .") # wheezy
86 allowed_rsyncs+=("--server --sender -vlHtrze.iLsfx --safe-links .") # jessie
87 allowed_rsyncs+=("--server --sender -vlHtrze.iLsfxC --safe-links .") # stretch
89 for cmd_idx in ${!allowed_rsyncs[*]}; do
90 args="${allowed_rsyncs[$cmd_idx]}"
91 for component in $(awk -v this_host="$(hostname -f)" '!/^ *(#|$)/ && $1 == this_host {print $2}' $COMPONENTLIST); do
92 if [ "$*" = "$args $component/-new-/" ] || [ "$*" = "$args ./$component/-new-/" ] ; then
93 local path="$BASEDIR/master/$component-current-push"
94 info "serving $remote_host with $path"
95 exec rsync $args "$path/."
97 elif [ "$*" = "$args $component/-live-/" ] || [ "$*" = "$args ./$component/-live-/" ] ; then
98 local path="$BASEDIR/master/$component-current-live"
99 info "host $remote_host wants $path, acquiring lock"
101 if ! flock -s -w 0 200; then
102 echo >&2 "Cannot acquire shared lock on $path - this should mean an update is already underway anyway."
105 exec rsync $args "$path/."
112 do_rsync_on_source() {
113 local remote_host="$1"
119 if [ -e "$COMPONENTLIST" ]; then
120 for path in $(awk -v host="$(hostname -f)" '!/^ *(#|$)/ && $3 == host {print $4}' $COMPONENTLIST); do
121 allowed_rsyncs+=("--server --sender -lHtrze.iLsf --safe-links . $path/.") # wheezy
122 allowed_rsyncs+=("--server --sender -lHtrze.iLsfx --safe-links . $path/.") # jessie
123 allowed_rsyncs+=("--server --sender -lHtrze.iLsfxC --safe-links . $path/.") # stretch
126 for cmd_idx in ${!allowed_rsyncs[*]}; do
127 allowed="${allowed_rsyncs[$cmd_idx]}"
128 if [ "$*" = "$allowed" ]; then
129 info "Running for host $remote_host: rsync $*"
137 do_rsync_on_master "$@"
138 do_rsync_on_source "$@"
140 info "NOT allowed for $remote_host: rsync $*"
141 echo >&2 "This rsync command ($@) not allowed."
145 do_update_component() {
146 local remote_host="$1"; shift
153 awk -v this_host="$(hostname -f)" -v component="$component" -v host="$remote_host" '
154 !/^ *(#|$)/ && $1 == this_host && $2 == component {
161 if (host == extra[i]) {
162 printf "%s:%s\n", $3, $4
169 if [ -n "$hit" ]; then
170 exec static-master-update-component "$component"
171 echo >&2 "Exec failed"
174 info "Not whitelisted: $remote_host update $component"
175 echo >&2 "Not whitelisted: $remote_host update $component"
181 if [ "${1:-}" = "-h" ] || [ "${1:-}" = "--help" ]; then
191 # check/parse remote command line
192 if [ -z "${SSH_ORIGINAL_COMMAND:-}" ] ; then
193 croak "Did not find SSH_ORIGINAL_COMMAND"
195 set "dummy" ${SSH_ORIGINAL_COMMAND}
198 info "host $remote_host called with $*"
205 # on a static mirror, update a component from its master
207 do_mirror "$remote_host" "$@"
209 # on a static source, allow fetching from the master,
210 # on a master, allow fetching from a component's mirrors
212 do_rsync "$remote_host" "$@"
214 # on a master, initiate an update of a component
215 static-master-update-component)
216 do_update_component "$remote_host" "$@"
219 croak "Invalid operation '$action'"