]>
Commit | Line | Data |
---|---|---|
6ff63c15 | 1 | #!/usr/athena/bin/perl |
6231b320 | 2 | # Usage: afs_create locker type cell path quota user group |
3 | ||
4 | require "/moira/bin/afs_utils.pl"; | |
5 | ||
c09dcc8c | 6 | $protodir="/moira/dotfiles"; |
6231b320 | 7 | $quota=1; |
8 | ||
6231b320 | 9 | %proc = |
10 | ("ATHENA.MIT.EDU", 'athena_proc' ); | |
11 | ||
12 | umask(0); | |
13 | ||
14 | die "Usage: $0 locker type cell path user group\n" if (@ARGV != 6); | |
15 | ($locker,$type,$cell,$path,$user,$group) = @ARGV; | |
16 | ||
17 | # Lookup volume type | |
18 | ($c = $cell) =~ s/\./_/g; | |
754ef493 | 19 | $vtype = eval "\$vtypes_$c{$type}"; |
20 | die "Cannot create $type volumes in $cell\n" unless $vtype; | |
21 | $vname = $vtype . "." . $locker; | |
22 | $vname =~ s/[^-A-Za-z0-9_.]//g; # strip out illegal characters | |
6231b320 | 23 | |
97798f36 | 24 | # Find free space/Create volume |
c9e7ea4d | 25 | $tries = 0; $code = 1; |
26 | while ($tries<3 && $code) { | |
97798f36 | 27 | ($asrv,$apart) = &afs_find($cell,$type,$quota,@except); |
28 | die "Unable to find space to create $vname in $cell\n" unless ($asrv&&$apart); | |
29 | $code = system("$vos create $asrv $apart $vname -cell $cell >/dev/null"); | |
30 | push(@except, $asrv); | |
c9e7ea4d | 31 | $tries++; |
97798f36 | 32 | } |
33 | &fatal("Unable to create $vname in $cell") if ($code); # Too many create errors | |
6231b320 | 34 | push(@clean, "$vos remove $asrv $apart $vname -cell $cell >/dev/null"); |
35 | ||
36 | # Create mountpoint and set quota | |
37 | $path =~ s:^/afs/([^.]):/afs/.\1:; | |
870213d6 | 38 | system("$fs checkv >/dev/null; $fs mkm $path $vname"); |
6231b320 | 39 | &fatal("Unable to create $path") if ($?); |
40 | push(@clean, "$fs rmm $path"); | |
41 | ||
6ff63c15 | 42 | # Obtain user/group information (uid >= 0, gid <= 0) |
6231b320 | 43 | $uid = $gid = 0; |
44 | open(PTS, "$pts ex $user -cell $cell|"); | |
45 | chop($_ = <PTS>); | |
46 | close(PTS); | |
47 | ($uid,$uid,$uid,$uid) = split(/[:,] /, $_) unless ($?); | |
48 | ||
49 | open(PTS, "$pts ex system:$group -cell $cell|"); | |
50 | chop($_ = <PTS>); | |
51 | close(PTS); | |
52 | ($gid,$gid,$gid,$gid) = split(/[:,] /, $_) unless ($?); | |
6231b320 | 53 | |
54 | # Dispatch to the cell-specific creation routines | |
55 | eval "&$proc{$cell}"; | |
56 | &fatal($@) if ($@); | |
57 | ||
58 | # Set the filesystem quota | |
59 | system("$fs sq $path $quota"); | |
60 | &fatal("Unable to set the quota on $path") if ($?); | |
61 | ||
62 | # Release the parent volume | |
63 | ($p = $path) =~ s:/[^/]+$::; | |
64 | open(FS, "$fs lv $p|") || &fatal("Can't get information about $p"); | |
65 | chop($_ = <FS>); | |
66 | close(FS); | |
67 | &fatal("Can't get information about $p") if ($?); | |
68 | @tmp = (split(/ /,$_)); | |
9efb71b3 | 69 | if ($tmp[$#tmp] !~ /user\../) { |
70 | system("$vos release $tmp[$#tmp] -cell $cell >/dev/null") && | |
71 | &fatal("Can't release $tmp[$#tmp] in cell $cell"); | |
72 | } | |
6231b320 | 73 | |
9205b505 | 74 | # Update the quota records. |
75 | &afs_quota_adj($cell,$asrv,$apart,$quota,0); | |
6231b320 | 76 | exit(0); |
77 | ||
78 | sub fatal | |
79 | { | |
80 | local($cmd); | |
81 | $_ = join(' ',@_); | |
82 | s/\n$//; | |
83 | ||
84 | while (@clean) { | |
85 | $cmd = pop(@clean); | |
86 | warn "$locker: Cleanup failed: $cmd\n" if (system("$cmd")); | |
87 | } | |
88 | die "$locker: $_\n"; | |
89 | } | |
90 | ||
91 | # Cell specific procedures | |
92 | sub athena_proc | |
93 | { | |
94 | # Default acls: | |
95 | # | |
96 | # ACTIVITY <user> all <group> all system:anyuser rl | |
97 | # APROJ <user> all <group> all system:anyuser rl | |
98 | # AREF <user> all <group> rl | |
99 | # CONTRIB <user> all system:anyuser rl | |
100 | # COURSE <user> all <group> all system:facdev all system:authuser rl | |
101 | # HOMEDIR <user> all | |
a2a8b2f6 | 102 | # LEASE <user> all |
b22cf8b8 | 103 | # ORG <user> all <group> all system:cwisfac all |
6231b320 | 104 | # PROJECT <user> all <group> all |
105 | # REF <user> all system:anyuser rl | |
106 | # SW <user> all system:swmaint all system:authuser rl | |
107 | # SYSTEM system:administrators all system:anyuser rl | |
9edc1a1d | 108 | # UROP <user> all <group> all system:facdev all system:authuser rl |
6231b320 | 109 | # |
110 | # Notes: | |
111 | # 1. All directories also have "system:expunge ld". | |
112 | ||
113 | @acl=("system:expunge ld"); | |
9edc1a1d | 114 | push(@acl,"system:facdev all") if ($type =~ /^(COURSE|UROP)/); |
6231b320 | 115 | push(@acl,"system:swmaint all") if ($type =~ /^(SW)/); |
b22cf8b8 | 116 | push(@acl,"system:cwisfac all") if ($type =~ /^(ORG)/); |
6231b320 | 117 | push(@acl,"system:administrators all") if ($type =~ /^(SYSTEM)/); |
118 | push(@acl,"$user all") | |
b22cf8b8 | 119 | if ($uid != 0 && $type =~ /^(ACTIVITY|APROJ|AREF|CONTRIB|COURSE|HOMEDIR|LEASE|ORG|PROJECT|REF|SW|UROP)/); |
6231b320 | 120 | push(@acl,"system:$group all") |
b22cf8b8 | 121 | if ($gid != 0 && $type =~ /^(ACTIVITY|APROJ|COURSE|ORG|PROJECT|UROP)/); |
6ff63c15 | 122 | push(@acl,"system:$group rl") if ($gid != 0 && $type =~ /^(AREF)/); |
6231b320 | 123 | push(@acl,"system:authuser rl") |
9edc1a1d | 124 | if ($type =~ /^(COURSE|SW|UROP)/); |
6231b320 | 125 | push(@acl,"system:anyuser rl") |
126 | if ($type =~ /^(ACTIVITY|APROJ|CONTRIB|REF|SYSTEM)/); | |
127 | ||
1738dc4c | 128 | if ($type !~ /^(AREF|ORG|SYSTEM)/) { |
6231b320 | 129 | system("$fs mkm $path/OldFiles $vname.backup"); |
130 | warn "$locker: Unable to create OldFiles mountpoint\n" if ($?); | |
131 | } | |
132 | ||
6ff63c15 | 133 | if ($type =~ /ACTIVITY|APROJ|PROJECT/) { |
134 | chown($gid,0,$path) || | |
135 | die "Unable to set volume ownership\n"; | |
136 | } elsif ($type =~ /HOMEDIR|UROP/) { | |
137 | chown($uid,0,$path) || | |
138 | die "Unable to set volume ownership\n"; | |
139 | } | |
140 | ||
b22cf8b8 | 141 | if ($type eq "ORG") { |
142 | mkdir("$path/www",0755) || die "Unable to create subdirectories\n"; | |
1738dc4c | 143 | system("$fs sa $path/www @acl system:anyuser rl -clear") && |
b22cf8b8 | 144 | die "Unable to set acl on www directory\n"; |
145 | ||
146 | system("$fs sa $path @acl system:anyuser l -clear") && | |
147 | die "Unable to set acl on top-level directory\n"; | |
1738dc4c | 148 | return; |
b22cf8b8 | 149 | } |
150 | ||
6231b320 | 151 | if ($type eq "HOMEDIR") { |
152 | die "Unable to get uid for user\n" unless ($uid); | |
153 | ||
154 | mkdir("$path/Public",0755) && chown($uid,0,"$path/Public") && | |
155 | mkdir("$path/Private",0700) && mkdir("$path/Mail", 0700) && | |
156 | chown($uid,0,"$path/Public","$path/Private","$path/Mail") || | |
157 | die "Unable to create subdirectories\n"; | |
158 | system("$fs sa $path/Public @acl system:anyuser rl -clear") && | |
159 | die "Unable to set acl on Public directory"; | |
160 | system("$fs sa -dir $path/Private $path/Mail -acl @acl -clear") && | |
161 | die "Unable to set acl on Private and/or Mail directories\n"; | |
162 | ||
163 | opendir(DIR,$protodir) || die "Unable to open prototype directory\n"; | |
164 | @files=readdir(DIR); | |
165 | closedir(DIR); | |
166 | ||
167 | for $i (@files) { | |
168 | next if ($i eq "." || $i eq ".."); | |
169 | next unless -f "$protodir/$i"; | |
170 | open(IN,"<$protodir/$i") || die "Unable to open $protodir/$i\n"; | |
171 | open(OUT,">$path/$i") || die "Unable to create $i\n"; | |
172 | while ($_=<IN>) { print OUT $_; }; | |
173 | close(OUT); | |
174 | close(IN); | |
175 | chown($uid,0,"$path/$i"); | |
176 | } | |
6ff63c15 | 177 | system("$fs sa $path @acl system:anyuser l -clear") && |
178 | die "Unable to set acl on top-level directory\n"; | |
6231b320 | 179 | return; |
180 | } | |
181 | ||
182 | system("$fs sa $path @acl -clear") && | |
183 | die "Unable to set acl of $path\n"; | |
184 | } |