X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-generate;h=0f6b5ae312347401cde43599df64b0a501dd9cdd;hb=7bf89f53db269af8d0c2f956482adc9b488659b9;hp=b3297195e5d13b72ae2eac5063d0ee14308931b1;hpb=966a64834daa780fc48b2d24ac4c59bb8cf0beb4;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-generate b/ud-generate
index b329719..0f6b5ae 100755
--- a/ud-generate
+++ b/ud-generate
@@ -912,7 +912,7 @@ def HostToIP(Host, mapped=True):
    return IPAdresses
 
 # Generate the ssh known hosts file
-def GenSSHKnown(host_attrs, File, mode=None):
+def GenSSHKnown(host_attrs, File, mode=None, lockfilename=None):
    F = None
    try:
       OldMask = os.umask(0022)
@@ -952,7 +952,9 @@ def GenSSHKnown(host_attrs, File, mode=None):
                hosts = HostToIP(x)
                if 'sshdistAuthKeysHost' in x[1]:
                   hosts += x[1]['sshdistAuthKeysHost']
-               Line = 'command="rsync --server --sender -pr . /var/cache/userdir-ldap/hosts/%s",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="%s" %s' % (Host, ",".join(hosts), I)
+               clientcommand='rsync --server --sender -pr . /var/cache/userdir-ldap/hosts/%s'%(Host)
+               clientcommand="flock -s %s -c '%s'"%(lockfilename, clientcommand)
+               Line = 'command="%s",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="%s" %s' % (clientcommand, ",".join(hosts), I)
             else:
                Line = "%s %s" %(",".join(HostNames + HostToIP(x, False)), I)
             Line = Sanitize(Line) + "\n"
@@ -1098,7 +1100,7 @@ def generate_all(global_dir, ldap_conn):
    GenCDB(accounts, global_dir + "mail-forward.cdb", 'emailForward')
    GenCDB(accounts, global_dir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction')
    GenPrivate(accounts, global_dir + "debian-private")
-   GenSSHKnown(host_attrs, global_dir+"authorized_keys", 'authorized_keys')
+   GenSSHKnown(host_attrs, global_dir+"authorized_keys", 'authorized_keys', global_dir+'ud-generate.lock')
    GenMailBool(accounts, global_dir + "mail-greylist", "mailGreylisting")
    GenMailBool(accounts, global_dir + "mail-callout", "mailCallout")
    GenMailList(accounts, global_dir + "mail-rbl", "mailRBL")
@@ -1249,15 +1251,26 @@ def getLastLDAPChangeTime(l):
 
    return last
 
+def getLastKeyringChangeTime():
+   krmod = 0
+   for k in Keyrings:
+      mt = os.path.getmtime(k)
+      if mt > krmod:
+         krmod = mt
+
+   return krmod
+
 def getLastBuildTime(gdir):
-   cache_last_mod = 0
+   cache_last_ldap_mod = 0
+   cache_last_unix_mod = 0
 
    try:
       fd = open(os.path.join(gdir, "last_update.trace"), "r")
       cache_last_mod=fd.read().split()
       try:
-         cache_last_mod = cache_last_mod[0]
-      except IndexError:
+         cache_last_ldap_mod = cache_last_mod[0]
+         cache_last_unix_mod = int(cache_last_mod[1])
+      except IndexError, ValueError:
          pass
       fd.close()
    except IOError, e:
@@ -1266,8 +1279,7 @@ def getLastBuildTime(gdir):
       else:
          raise e
 
-   return cache_last_mod
-
+   return (cache_last_ldap_mod, cache_last_unix_mod)
 
 def ud_generate():
    parser = optparse.OptionParser()
@@ -1281,40 +1293,39 @@ def ud_generate():
       parser.print_help()
       sys.exit(1)
 
-
-   l = make_ldap_conn()
-
    if options.generatedir is not None:
       generate_dir = os.environ['UD_GENERATEDIR']
    elif 'UD_GENERATEDIR' in os.environ:
       generate_dir = os.environ['UD_GENERATEDIR']
+   else:
+      generate_dir = GenerateDir
+
+
+   lockf = os.path.join(generate_dir, 'ud-generate.lock')
+   lock = get_lock( lockf )
+   if lock is None:
+      sys.stderr.write("Could not acquire lock %s.\n"%(lockf))
+      sys.exit(1)
 
+   l = make_ldap_conn()
+
+   time_started = int(time.time())
    ldap_last_mod = getLastLDAPChangeTime(l)
-   cache_last_mod = getLastBuildTime(generate_dir)
-   need_update = ldap_last_mod > cache_last_mod
+   unix_last_mod = getLastKeyringChangeTime()
+   cache_last_ldap_mod, cache_last_unix_mod = getLastBuildTime(generate_dir)
+
+   need_update = (ldap_last_mod > cache_last_ldap_mod) or (unix_last_mod > cache_last_unix_mod)
 
    if not options.force and not need_update:
       fd = open(os.path.join(generate_dir, "last_update.trace"), "w")
-      fd.write("%s\n%s\n" % (ldap_last_mod, int(time.time())))
+      fd.write("%s\n%s\n" % (ldap_last_mod, time_started))
       fd.close()
       sys.exit(0)
 
-   lock = None
-   try:
-      lockf = os.path.join(generate_dir, 'ud-generate.lock')
-      lock = get_lock( lockf )
-      if lock is None:
-         sys.stderr.write("Could not acquire lock %s.\n"%(lockf))
-         sys.exit(1)
-
-      tracefd = open(os.path.join(generate_dir, "last_update.trace"), "w")
-      generate_all(generate_dir, l)
-      tracefd.write("%s\n%s\n" % (ldap_last_mod, int(time.time())))
-      tracefd.close()
-
-   finally:
-      if lock is not None:
-         lock.close()
+   tracefd = open(os.path.join(generate_dir, "last_update.trace"), "w")
+   generate_all(generate_dir, l)
+   tracefd.write("%s\n%s\n" % (ldap_last_mod, time_started))
+   tracefd.close()
 
 
 if __name__ == "__main__":