jobs/fixupcheck.sh

   1 #!/bin/bash
   2 #
   3 # THIS SCRIPT IS BEING RUN UNDER ROOT!!!
   4 #
   5 # [repo.or.cz] You will need to manually update this file if you modify
   6 # it in the repository.
   7
   8 # We want to make sure the push-access projects have the right directories
   9 # in the right groups.
  10
  11 ## For maximum security separation, the fixup script is configured separately
  12 ## and does not reuse Girocco::Config settings.
  13
  14 ## Girocco::Config::reporoot
  15 reporoot="/srv/git"
  16 ## Girocco::Config::chroot
  17 chroot="/home/repo/j"
  18 ## Girocco::Config::mirror_user
  19 mirror_user="repo"
  20 ## Directory with this script and fixup.sh; WARNING: COPY THEM OVER to ~root!
  21 ## Otherwise, the owner of these scripts can execute anything as root.
  22 fixup_dir="/root/repomgr"
  23
  24 # Make sure we don't run twice.
  25 if [ -s /tmp/fixuplock ] && kill -0 $(cat /tmp/fixuplock); then
  26         echo "Already running (stuck?) with pid $(cat /tmp/fixuplock)" >&2
  27         exit 1
  28 fi
  29 echo $$ >/tmp/fixuplock
  30
  31 cd "$reporoot"
  32 cat "$chroot/etc/group" | cut -d : -f 1,3 |
  33         while IFS=: read proj id; do
  34                 [ "$id" -ge 65536 ] || continue
  35                 "$fixup_dir"/fixup.sh "$proj" "$chroot/etc/group" "$mirror_user"
  36         done
  37
  38 rm /tmp/fixuplock