[python-TSD.git] / bin / tsd-projectdir-setup

#!/bin/sh
#
# Fix permissions on a freshly created project directory.  Assume the
# path is /tsd/pXX, and all project members are member of the file
# group pXX-member.  This setup assume all project members have umask
# 00X (as in 002 or 005).

set -e

if [ ! "$1" ] ; then
   cat <<EOF
Usage: $0 <path-to-project-dir> [<path-to-project-dir> ...]
EOF
   exit 1
fi

infomsg() {
    if [ -t 0 ] ; then
	echo "info:" "$@"
    fi
}
logmsg() {
    if [ -t 0 ] ; then
	echo "info:" "$@"
    else
	logger -t tsd-projectdir-setup info: "$@"
    fi
}
errormsg() {
    if [ -t 0 ] ; then
	echo "error:" "$@"
    else
	logger -t tsd-projectdir-setup error: "$@"
    fi
}

groupexist() {
    if getent group $1 > /dev/null ; then
	true
    else
	false
    fi
}

setup_projectdir() {
    pdir="$1"
    pnum=$(echo $pdir|cut -d/ -f3)
    group=$pnum-member-group
    agroup=$pnum-admin-group
    egroup=$pnum-export-group
    igroup=$pnum-import-group
    vgroup=$pnum-vidyo-group
    cd "$pdir"
    mkdir -p "home"
    mkdir -p "fx/export"
    mkdir -p "fx/import"
    mkdir -p "data/durable"
    mkdir -p "data/no-backup"
    chown root:$group . home fx data
    chmod 750 . home fx data
    chmod 2770 fx/export fx/import data/durable data/no-backup
    if ! groupexist $group || ! groupexist $egroup || ! groupexist $igroup ; then
	errormsg "unable to find needed groups, can not to set up $pdir"
	return 1
    fi
    infomsg "updating file permissions for $pdir"
    chown root:$group data/durable data/no-backup
    chown root:$egroup fx/export
    chown root:$igroup fx/import

    if getent netgroup $pnum-hpc-user-group > /dev/null 2>&1 ; then
	chmod 2770 data/colossus
	chown root:$group data/colossus
    elif [ -d data/colossus ] ; then
	errormsg "project $pnum have data/colossus but lack $pnum-hpc-user-group"
    fi

    if getent netgroup $pnum-fx-alt-group > /dev/null 2>&1 ; then
        if ! [ -d "fx/export_alt" -a -d "fx/import_alt" ] ; then
            mkdir -p "fx/export_alt"
            mkdir -p "fx/import_alt"
            logmsg "created import_alt and export_alt directories for project $pnum"
        fi

	chown root:$egroup fx/export_alt
	chmod 2770         fx/export_alt
	chown root:$igroup fx/import_alt
	chmod 2770         fx/import_alt
    fi

    if getent group $vgroup > /dev/null 2>&1 ; then
        if [ ! -d "${pdir}/fx/import_alt/vidyo" ]; then
            mkdir -pm 2770     fx/import_alt/vidyo
            chown root:$vgroup fx/import_alt/vidyo
            logmsg "created vidyo directory for project $pnum"
        fi
    fi

    if true ; then
	for u in $(getent group $group | cut -d: -f4- | tr , " "); do
	    home=home/$u
	    if [ ! -d $home ] ; then
		infomsg "trying to create home directory for $u"
		if groupexist $u-group \
		    && mkdir $home.new \
		    && chown $u $home.new \
		    && chmod 700 $home.new \
		    && chgrp -f $u-group $home.new \
		    ; then
		    mv $home.new $home
		    pwd="$(pwd)"
		    logmsg "created home for $u in $pwd/$home"
		else
		    errormsg "creating home directory for user $u failed"
		    if [ -d $home.new ] ; then
			rmdir $home.new
		    fi
		fi
	    fi
	done
    fi
    return 0
}

setup_project_sharedir() {
    pdir="$1"
    pnum=$(echo $pdir|cut -d/ -f3|sed 's/^\(p[0-9]*\).*/\1/')
    group=$pnum-member-group
    cd $pdir
    mkdir -p data/durable
    mkdir -p data/no-backup

    chown root:$group . data
    chmod 755 . data
    chmod 2775 data/durable data/no-backup
    if ! groupexist $group ; then
	errormsg "unable to find needed group $group, can not to set up $pdir as sharedir"
	return 1
    fi
    infomsg "updating project share file permissions for $pdir"
    chown root:$group data/durable data/no-backup
}

# Split disk volumes can not have files on the top level.  Move flag
# files to subdirectory data/durable/projectinfo/ because of this.
flagpresent() {
    pdir="$1"
    flag="$2"
    if [ -e "$pdir/$flag" ]\
	|| [ -e "$pdir/data/durable/projectinfo/$flag" ] ; then
	return 0
    fi
    return 1
}

while [ "$1" ] ; do
    pdir="$1"
    shift
    if [ -d "$pdir" ] ; then
	if [ -d "$pdir/data/durable" ] ; then
	    if flagpresent "$pdir" "migration-override" ; then
		errormsg "$pdir/migration-override exist, ignoring project disk"
	    elif flagpresent "$pdir" "project-share" ; then
		setup_project_sharedir "$pdir" || true
	    else
		setup_projectdir "$pdir" || true
	    fi
	else
	    errormsg "missing data/durable in $pdir, skipping partition"
	fi
    else
	errormsg "unable to find directory $pdir"
    fi
done
Commit	Line	Data
7f1d9fe9 PR	1	#!/bin/sh
	2	#
	3	# Fix permissions on a freshly created project directory. Assume the
	4	# path is /tsd/pXX, and all project members are member of the file
	5	# group pXX-member. This setup assume all project members have umask
	6	# 00X (as in 002 or 005).
	7
	8	set -e
	9
	10	if [ ! "$1" ] ; then
	11	cat <<EOF
	12	Usage: $0 <path-to-project-dir> [<path-to-project-dir> ...]
	13	EOF
	14	exit 1
	15	fi
	16
5f2921c2 PR	17	infomsg() {
	18	if [ -t 0 ] ; then
	19	echo "info:" "$@"
	20	fi
	21	}
4a6120a9 PR	22	logmsg() {
	23	if [ -t 0 ] ; then
	24	echo "info:" "$@"
	25	else
	26	logger -t tsd-projectdir-setup info: "$@"
	27	fi
	28	}
5f2921c2 PR	29	errormsg() {
	30	if [ -t 0 ] ; then
	31	echo "error:" "$@"
	32	else
	33	logger -t tsd-projectdir-setup error: "$@"
	34	fi
	35	}
	36
	37	groupexist() {
	38	if getent group $1 > /dev/null ; then
	39	true
	40	else
5f2921c2 PR	41	false
	42	fi
	43	}
	44
7f1d9fe9 PR	45	setup_projectdir() {
	46	pdir="$1"
	47	pnum=$(echo $pdir\|cut -d/ -f3)
	48	group=$pnum-member-group
	49	agroup=$pnum-admin-group
	50	egroup=$pnum-export-group
b39d54b7	51	igroup=$pnum-import-group
1c25782c	52	vgroup=$pnum-vidyo-group
7f1d9fe9 PR	53	cd "$pdir"
	54	mkdir -p "home"
	55	mkdir -p "fx/export"
	56	mkdir -p "fx/import"
	57	mkdir -p "data/durable"
	58	mkdir -p "data/no-backup"
e0d1c094 DES	59	chown root:$group . home fx data
e0d1c094 DES	60	chmod 750 . home fx data
19e745b8 PR	61	chmod 2770 fx/export fx/import data/durable data/no-backup
19e745b8 PR	62	if ! groupexist $group \|\| ! groupexist $egroup \|\| ! groupexist $igroup ; then
38ad4ce8	63	errormsg "unable to find needed groups, can not to set up $pdir"
19e745b8 PR	64	return 1
	65	fi
	66	infomsg "updating file permissions for $pdir"
b39d54b7	67	chown root:$group data/durable data/no-backup
7f1d9fe9	68	chown root:$egroup fx/export
b39d54b7	69	chown root:$igroup fx/import
37e32faa PR	70
37e32faa PR	71	if getent netgroup $pnum-hpc-user-group > /dev/null 2>&1 ; then
a9bf00f6 PR	72	chmod 2770 data/colossus
a9bf00f6 PR	73	chown root:$group data/colossus
37e32faa PR	74	elif [ -d data/colossus ] ; then
	75	errormsg "project $pnum have data/colossus but lack $pnum-hpc-user-group"
	76	fi
	77
8dbe5a68	78	if getent netgroup $pnum-fx-alt-group > /dev/null 2>&1 ; then
73550969 VK	79	if ! [ -d "fx/export_alt" -a -d "fx/import_alt" ] ; then
	80	mkdir -p "fx/export_alt"
	81	mkdir -p "fx/import_alt"
	82	logmsg "created import_alt and export_alt directories for project $pnum"
	83	fi
	84
8dbe5a68 PR	85	chown root:$egroup fx/export_alt
	86	chmod 2770 fx/export_alt
	87	chown root:$igroup fx/import_alt
	88	chmod 2770 fx/import_alt
a9bf00f6	89	fi
b39d54b7	90
1c25782c VK	91	if getent group $vgroup > /dev/null 2>&1 ; then
	92	if [ ! -d "${pdir}/fx/import_alt/vidyo" ]; then
	93	mkdir -pm 2770 fx/import_alt/vidyo
	94	chown root:$vgroup fx/import_alt/vidyo
73550969	95	logmsg "created vidyo directory for project $pnum"
1c25782c VK	96	fi
	97	fi
	98
5f2921c2	99	if true ; then
b39d54b7	100	for u in $(getent group $group \| cut -d: -f4- \| tr , " "); do
95ed9618 PR	101	home=home/$u
95ed9618 PR	102	if [ ! -d $home ] ; then
5f2921c2 PR	103	infomsg "trying to create home directory for $u"
	104	if groupexist $u-group \
	105	&& mkdir $home.new \
	106	&& chown $u $home.new \
671d1eb8	107	&& chmod 700 $home.new \
5f2921c2 PR	108	&& chgrp -f $u-group $home.new \
	109	; then
	110	mv $home.new $home
4a6120a9 PR	111	pwd="$(pwd)"
4a6120a9 PR	112	logmsg "created home for $u in $pwd/$home"
5f2921c2	113	else
38ad4ce8	114	errormsg "creating home directory for user $u failed"
5f2921c2 PR	115	if [ -d $home.new ] ; then
	116	rmdir $home.new
	117	fi
	118	fi
95ed9618	119	fi
b39d54b7 PR	120	done
b39d54b7 PR	121	fi
7f1d9fe9 PR	122	return 0
	123	}
	124
95b67337 PR	125	setup_project_sharedir() {
95b67337 PR	126	pdir="$1"
70b78977	127	pnum=$(echo $pdir\|cut -d/ -f3\|sed 's/^\(p[0-9]\)./\1/')
95b67337 PR	128	group=$pnum-member-group
	129	cd $pdir
	130	mkdir -p data/durable
	131	mkdir -p data/no-backup
	132
	133	chown root:$group . data
	134	chmod 755 . data
	135	chmod 2775 data/durable data/no-backup
	136	if ! groupexist $group ; then
38ad4ce8	137	errormsg "unable to find needed group $group, can not to set up $pdir as sharedir"
95b67337 PR	138	return 1
	139	fi
	140	infomsg "updating project share file permissions for $pdir"
	141	chown root:$group data/durable data/no-backup
	142	}
	143
5e0a7155 PR	144	# Split disk volumes can not have files on the top level. Move flag
5e0a7155 PR	145	# files to subdirectory data/durable/projectinfo/ because of this.
f29adccb PR	146	flagpresent() {
	147	pdir="$1"
	148	flag="$2"
	149	if [ -e "$pdir/$flag" ]\
	150	\|\| [ -e "$pdir/data/durable/projectinfo/$flag" ] ; then
	151	return 0
	152	fi
	153	return 1
	154	}
	155
7f1d9fe9 PR	156	while [ "$1" ] ; do
	157	pdir="$1"
	158	shift
b39d54b7	159	if [ -d "$pdir" ] ; then
f29adccb PR	160	if [ -d "$pdir/data/durable" ] ; then
	161	if flagpresent "$pdir" "migration-override" ; then
	162	errormsg "$pdir/migration-override exist, ignoring project disk"
	163	elif flagpresent "$pdir" "project-share" ; then
	164	setup_project_sharedir "$pdir" \|\| true
	165	else
	166	setup_projectdir "$pdir" \|\| true
	167	fi
42501836	168	else
37e32faa	169	errormsg "missing data/durable in $pdir, skipping partition"
42501836	170	fi
b39d54b7	171	else
5f2921c2	172	errormsg "unable to find directory $pdir"
b39d54b7	173	fi
7f1d9fe9	174	done