]>
Commit | Line | Data |
---|---|---|
6ff63c15 | 1 | #!/usr/athena/bin/perl |
6231b320 | 2 | # Usage: afs_create locker type cell path quota user group |
3 | ||
4 | require "/moira/bin/afs_utils.pl"; | |
5 | ||
c09dcc8c | 6 | $protodir="/moira/dotfiles"; |
6231b320 | 7 | $quota=1; |
8 | ||
6231b320 | 9 | %proc = |
10 | ("ATHENA.MIT.EDU", 'athena_proc' ); | |
11 | ||
12 | umask(0); | |
13 | ||
14 | die "Usage: $0 locker type cell path user group\n" if (@ARGV != 6); | |
15 | ($locker,$type,$cell,$path,$user,$group) = @ARGV; | |
16 | ||
17 | # Lookup volume type | |
18 | ($c = $cell) =~ s/\./_/g; | |
34ff2f02 | 19 | $vname = &afs_vname($locker, $type, $cell); |
20 | die "Cannot create $type volumes in $cell\n" unless $vname; | |
6231b320 | 21 | |
22 | # Find free space | |
23 | ($asrv,$apart) = &afs_find($cell,$type,$quota); | |
24 | die "Unable to find space to create $vname in $cell\n" unless ($asrv&&$apart); | |
25 | ||
26 | # Create volume | |
27 | system("$vos create $asrv $apart $vname -cell $cell >/dev/null") && | |
28 | &fatal("Unable to create $vname in $cell"); | |
29 | push(@clean, "$vos remove $asrv $apart $vname -cell $cell >/dev/null"); | |
30 | ||
31 | # Create mountpoint and set quota | |
32 | $path =~ s:^/afs/([^.]):/afs/.\1:; | |
870213d6 | 33 | system("$fs checkv >/dev/null; $fs mkm $path $vname"); |
6231b320 | 34 | &fatal("Unable to create $path") if ($?); |
35 | push(@clean, "$fs rmm $path"); | |
36 | ||
6ff63c15 | 37 | # Obtain user/group information (uid >= 0, gid <= 0) |
6231b320 | 38 | $uid = $gid = 0; |
39 | open(PTS, "$pts ex $user -cell $cell|"); | |
40 | chop($_ = <PTS>); | |
41 | close(PTS); | |
42 | ($uid,$uid,$uid,$uid) = split(/[:,] /, $_) unless ($?); | |
43 | ||
44 | open(PTS, "$pts ex system:$group -cell $cell|"); | |
45 | chop($_ = <PTS>); | |
46 | close(PTS); | |
47 | ($gid,$gid,$gid,$gid) = split(/[:,] /, $_) unless ($?); | |
6231b320 | 48 | |
49 | # Dispatch to the cell-specific creation routines | |
50 | eval "&$proc{$cell}"; | |
51 | &fatal($@) if ($@); | |
52 | ||
53 | # Set the filesystem quota | |
54 | system("$fs sq $path $quota"); | |
55 | &fatal("Unable to set the quota on $path") if ($?); | |
56 | ||
57 | # Release the parent volume | |
58 | ($p = $path) =~ s:/[^/]+$::; | |
59 | open(FS, "$fs lv $p|") || &fatal("Can't get information about $p"); | |
60 | chop($_ = <FS>); | |
61 | close(FS); | |
62 | &fatal("Can't get information about $p") if ($?); | |
63 | @tmp = (split(/ /,$_)); | |
64 | system("$vos release $tmp[$#tmp] -cell $cell >/dev/null") && | |
65 | &fatal("Can't release $tmp[$#tmp] in cell $cell"); | |
66 | ||
67 | &afs_quota_adj($cell,$asrv,$apart,$quota); | |
68 | exit(0); | |
69 | ||
70 | sub fatal | |
71 | { | |
72 | local($cmd); | |
73 | $_ = join(' ',@_); | |
74 | s/\n$//; | |
75 | ||
76 | while (@clean) { | |
77 | $cmd = pop(@clean); | |
78 | warn "$locker: Cleanup failed: $cmd\n" if (system("$cmd")); | |
79 | } | |
80 | die "$locker: $_\n"; | |
81 | } | |
82 | ||
83 | # Cell specific procedures | |
84 | sub athena_proc | |
85 | { | |
86 | # Default acls: | |
87 | # | |
88 | # ACTIVITY <user> all <group> all system:anyuser rl | |
89 | # APROJ <user> all <group> all system:anyuser rl | |
90 | # AREF <user> all <group> rl | |
91 | # CONTRIB <user> all system:anyuser rl | |
92 | # COURSE <user> all <group> all system:facdev all system:authuser rl | |
93 | # HOMEDIR <user> all | |
94 | # PROJECT <user> all <group> all | |
95 | # REF <user> all system:anyuser rl | |
96 | # SW <user> all system:swmaint all system:authuser rl | |
97 | # SYSTEM system:administrators all system:anyuser rl | |
9edc1a1d | 98 | # UROP <user> all <group> all system:facdev all system:authuser rl |
6231b320 | 99 | # |
100 | # Notes: | |
101 | # 1. All directories also have "system:expunge ld". | |
102 | ||
103 | @acl=("system:expunge ld"); | |
9edc1a1d | 104 | push(@acl,"system:facdev all") if ($type =~ /^(COURSE|UROP)/); |
6231b320 | 105 | push(@acl,"system:swmaint all") if ($type =~ /^(SW)/); |
106 | push(@acl,"system:administrators all") if ($type =~ /^(SYSTEM)/); | |
107 | push(@acl,"$user all") | |
9edc1a1d | 108 | if ($uid != 0 && $type =~ /^(ACTIVITY|APROJ|AREF|CONTRIB|COURSE|HOMEDIR|PROJECT|REF|SW|UROP)/); |
6231b320 | 109 | push(@acl,"system:$group all") |
9edc1a1d | 110 | if ($gid != 0 && $type =~ /^(ACTIVITY|APROJ|COURSE|PROJECT|UROP)/); |
6ff63c15 | 111 | push(@acl,"system:$group rl") if ($gid != 0 && $type =~ /^(AREF)/); |
6231b320 | 112 | push(@acl,"system:authuser rl") |
9edc1a1d | 113 | if ($type =~ /^(COURSE|SW|UROP)/); |
6231b320 | 114 | push(@acl,"system:anyuser rl") |
115 | if ($type =~ /^(ACTIVITY|APROJ|CONTRIB|REF|SYSTEM)/); | |
116 | ||
117 | if ($type !~ /^(AREF|SYSTEM)/) { | |
118 | system("$fs mkm $path/OldFiles $vname.backup"); | |
119 | warn "$locker: Unable to create OldFiles mountpoint\n" if ($?); | |
120 | } | |
121 | ||
6ff63c15 | 122 | if ($type =~ /ACTIVITY|APROJ|PROJECT/) { |
123 | chown($gid,0,$path) || | |
124 | die "Unable to set volume ownership\n"; | |
125 | } elsif ($type =~ /HOMEDIR|UROP/) { | |
126 | chown($uid,0,$path) || | |
127 | die "Unable to set volume ownership\n"; | |
128 | } | |
129 | ||
6231b320 | 130 | if ($type eq "HOMEDIR") { |
131 | die "Unable to get uid for user\n" unless ($uid); | |
132 | ||
133 | mkdir("$path/Public",0755) && chown($uid,0,"$path/Public") && | |
134 | mkdir("$path/Private",0700) && mkdir("$path/Mail", 0700) && | |
135 | chown($uid,0,"$path/Public","$path/Private","$path/Mail") || | |
136 | die "Unable to create subdirectories\n"; | |
137 | system("$fs sa $path/Public @acl system:anyuser rl -clear") && | |
138 | die "Unable to set acl on Public directory"; | |
139 | system("$fs sa -dir $path/Private $path/Mail -acl @acl -clear") && | |
140 | die "Unable to set acl on Private and/or Mail directories\n"; | |
141 | ||
142 | opendir(DIR,$protodir) || die "Unable to open prototype directory\n"; | |
143 | @files=readdir(DIR); | |
144 | closedir(DIR); | |
145 | ||
146 | for $i (@files) { | |
147 | next if ($i eq "." || $i eq ".."); | |
148 | next unless -f "$protodir/$i"; | |
149 | open(IN,"<$protodir/$i") || die "Unable to open $protodir/$i\n"; | |
150 | open(OUT,">$path/$i") || die "Unable to create $i\n"; | |
151 | while ($_=<IN>) { print OUT $_; }; | |
152 | close(OUT); | |
153 | close(IN); | |
154 | chown($uid,0,"$path/$i"); | |
155 | } | |
6ff63c15 | 156 | system("$fs sa $path @acl system:anyuser l -clear") && |
157 | die "Unable to set acl on top-level directory\n"; | |
6231b320 | 158 | return; |
159 | } | |
160 | ||
161 | system("$fs sa $path @acl -clear") && | |
162 | die "Unable to set acl of $path\n"; | |
163 | } |