2 # Usage: afs_create locker type cell path quota user group
4 require "/moira/bin/afs_utils.pl";
6 $protodir="/moira/dotfiles";
9 %vtypes_ATHENA_MIT_EDU =
10 ("ACTIVITY", "activity",
24 ("ATHENA.MIT.EDU", 'athena_proc' );
28 die "Usage: $0 locker type cell path user group\n" if (@ARGV != 6);
29 ($locker,$type,$cell,$path,$user,$group) = @ARGV;
32 ($c = $cell) =~ s/\./_/g;
33 $vtype = eval "\$vtypes_$c{$type}";
34 die "Cannot create $type volumes in $cell\n" unless $vtype;
35 $vname = $vtype . "." . $locker;
36 $vname =~ s/[^-A-Za-z0-9_.]//g; # strip out illegal characters
39 ($asrv,$apart) = &afs_find($cell,$type,$quota);
40 die "Unable to find space to create $vname in $cell\n" unless ($asrv&&$apart);
43 system("$vos create $asrv $apart $vname -cell $cell >/dev/null") &&
44 &fatal("Unable to create $vname in $cell");
45 push(@clean, "$vos remove $asrv $apart $vname -cell $cell >/dev/null");
47 # Create mountpoint and set quota
48 $path =~ s:^/afs/([^.]):/afs/.\1:;
49 system("$fs checkv >/dev/null; $fs mkm $path $vname");
50 &fatal("Unable to create $path") if ($?);
51 push(@clean, "$fs rmm $path");
53 # Obtain user/group information (uid >= 0, gid <= 0)
55 open(PTS, "$pts ex $user -cell $cell|");
58 ($uid,$uid,$uid,$uid) = split(/[:,] /, $_) unless ($?);
60 open(PTS, "$pts ex system:$group -cell $cell|");
63 ($gid,$gid,$gid,$gid) = split(/[:,] /, $_) unless ($?);
65 # Dispatch to the cell-specific creation routines
69 # Set the filesystem quota
70 system("$fs sq $path $quota");
71 &fatal("Unable to set the quota on $path") if ($?);
73 # Release the parent volume
74 ($p = $path) =~ s:/[^/]+$::;
75 open(FS, "$fs lv $p|") || &fatal("Can't get information about $p");
78 &fatal("Can't get information about $p") if ($?);
79 @tmp = (split(/ /,$_));
80 system("$vos release $tmp[$#tmp] -cell $cell >/dev/null") &&
81 &fatal("Can't release $tmp[$#tmp] in cell $cell");
83 &afs_quota_adj($cell,$asrv,$apart,$quota);
94 warn "$locker: Cleanup failed: $cmd\n" if (system("$cmd"));
99 # Cell specific procedures
104 # ACTIVITY <user> all <group> all system:anyuser rl
105 # APROJ <user> all <group> all system:anyuser rl
106 # AREF <user> all <group> rl
107 # CONTRIB <user> all system:anyuser rl
108 # COURSE <user> all <group> all system:facdev all system:authuser rl
110 # PROJECT <user> all <group> all
111 # REF <user> all system:anyuser rl
112 # SW <user> all system:swmaint all system:authuser rl
113 # SYSTEM system:administrators all system:anyuser rl
114 # UROP <user> all <group> all system:facdev all system:authuser rl
117 # 1. All directories also have "system:expunge ld".
119 @acl=("system:expunge ld");
120 push(@acl,"system:facdev all") if ($type =~ /^(COURSE|UROP)/);
121 push(@acl,"system:swmaint all") if ($type =~ /^(SW)/);
122 push(@acl,"system:administrators all") if ($type =~ /^(SYSTEM)/);
123 push(@acl,"$user all")
124 if ($uid != 0 && $type =~ /^(ACTIVITY|APROJ|AREF|CONTRIB|COURSE|HOMEDIR|PROJECT|REF|SW|UROP)/);
125 push(@acl,"system:$group all")
126 if ($gid != 0 && $type =~ /^(ACTIVITY|APROJ|COURSE|PROJECT|UROP)/);
127 push(@acl,"system:$group rl") if ($gid != 0 && $type =~ /^(AREF)/);
128 push(@acl,"system:authuser rl")
129 if ($type =~ /^(COURSE|SW|UROP)/);
130 push(@acl,"system:anyuser rl")
131 if ($type =~ /^(ACTIVITY|APROJ|CONTRIB|REF|SYSTEM)/);
133 if ($type !~ /^(AREF|SYSTEM)/) {
134 system("$fs mkm $path/OldFiles $vname.backup");
135 warn "$locker: Unable to create OldFiles mountpoint\n" if ($?);
138 if ($type =~ /ACTIVITY|APROJ|PROJECT/) {
139 chown($gid,0,$path) ||
140 die "Unable to set volume ownership\n";
141 } elsif ($type =~ /HOMEDIR|UROP/) {
142 chown($uid,0,$path) ||
143 die "Unable to set volume ownership\n";
146 if ($type eq "HOMEDIR") {
147 die "Unable to get uid for user\n" unless ($uid);
149 mkdir("$path/Public",0755) && chown($uid,0,"$path/Public") &&
150 mkdir("$path/Private",0700) && mkdir("$path/Mail", 0700) &&
151 chown($uid,0,"$path/Public","$path/Private","$path/Mail") ||
152 die "Unable to create subdirectories\n";
153 system("$fs sa $path/Public @acl system:anyuser rl -clear") &&
154 die "Unable to set acl on Public directory";
155 system("$fs sa -dir $path/Private $path/Mail -acl @acl -clear") &&
156 die "Unable to set acl on Private and/or Mail directories\n";
158 opendir(DIR,$protodir) || die "Unable to open prototype directory\n";
163 next if ($i eq "." || $i eq "..");
164 next unless -f "$protodir/$i";
165 open(IN,"<$protodir/$i") || die "Unable to open $protodir/$i\n";
166 open(OUT,">$path/$i") || die "Unable to create $i\n";
167 while ($_=<IN>) { print OUT $_; };
170 chown($uid,0,"$path/$i");
172 system("$fs sa $path @acl system:anyuser l -clear") &&
173 die "Unable to set acl on top-level directory\n";
177 system("$fs sa $path @acl -clear") &&
178 die "Unable to set acl of $path\n";