-#! /bin/sh
+#!/bin/bash
#
-# Executed daily via cron, out of katie's crontab.
+# Executed daily via cron, out of dak's crontab.
set -e
-export SCRIPTVARS=/org/security.debian.org/katie/vars-security
+set -o pipefail
+export SCRIPTVARS=/srv/security-master.debian.org/dak/config/debian-security/vars
. $SCRIPTVARS
+LOCKFILE="$lockdir/unchecked.lock"
+
################################################################################
# Fix overrides
-rsync -ql ftp-master::indices/override\* $overridedir
+rsync --delete -r --include=override\* --exclude=\* --password-file /srv/security-master.debian.org/s3kr1t/rsync-password -ql security-master@ftp-master::indices/ $overridedir
cd $overridedir
-find . -name override\*.gz -type f -maxdepth 1 -mindepth 1 | xargs gunzip -f
-find . -type l -maxdepth 1 -mindepth 1 | xargs rm
-
-rm -fr non-US
-mkdir non-US
-cd non-US
-rsync -ql non-us::indices/override\* .
-find . -name override\*.gz -type f -maxdepth 1 -mindepth 1 | xargs gunzip
-find . -type l -maxdepth 1 -mindepth 1 | xargs rm
-for i in *; do
- if [ -f ../$i ]; then
- cat $i >> ../$i;
- fi;
+for file in override*.gz; do
+ zcat -- "$file" > "${file%.gz}"
done
-cd ..
-rm -fr non-US
+find . -maxdepth 1 -mindepth 1 -type l -delete
-for suite in $suites; do
+for suite in oldstable stable testing; do
case $suite in
- oldstable) override_suite=woody;;
- stable) override_suite=sarge;;
- testing) override_suite=etch;;
- *) echo "Unknown suite type ($suite)"; exit 1;;
+ oldstable) override_suite=wheezy ;;
+ stable) override_suite=jessie ;;
+ testing) override_suite=stretch ;;
+ *) echo "Unknown suite type ($suite)"; exit 1;;
esac
for component in $components; do
- for override_type in $override_types; do
- case $override_type in
- deb) type="" ;;
- dsc) type=".src" ;;
- udeb) type=".debian-installer" ;;
- esac
- # XXX RUN AFUCKINGAWAY
- if [ "$override_type" = "udeb" ]; then
- if [ ! "$component" = "main" ]; then
- continue;
- fi
- if [ "$suite" = "unstable" ]; then
- $masterdir/natalie -q -S -t $override_type -s $suite -c updates/$component < override.$override_suite.$component$type
- fi
- else
- $masterdir/natalie -q -S -t $override_type -s $suite -c updates/$component < override.$override_suite.$component$type
- fi
- case $suite in
- oldstable)
- if [ ! "$override_type" = "udeb" ]; then
- $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sarge.$component$type
+ for override_type in $override_types; do
+ case $override_type in
+ deb) type="" ;;
+ dsc) type=".src" ;;
+ udeb) type=".debian-installer" ;;
+ esac
+
+ if [ "$override_type" = "udeb" ]; then
+ if [ ! "$component" = "main" ]; then
+ continue
fi
- $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sid.$component$type
- ;;
- stable)
- $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sid.$component$type
- ;;
- testing)
- $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sid.$component$type
- ;;
- *) echo "Unknown suite type ($suite)"; exit 1;;
- esac
- done
- done
-done
+ fi
-# Generate .all3 overides for the buildd support
-for dist in woody sarge etch; do
- rm -f override.$dist.all3
- components="main contrib non-free";
- if [ -f override.$dist.main.debian-installer ]; then
- components="$components main.debian-installer";
- fi
- for component in $components; do
- cat override.$dist.$component >> override.$dist.all3;
- done;
+ OFILE="override.$override_suite.$component$type.gz"
+ if [ -r "$OFILE" ]; then
+ zcat "$OFILE" | dak control-overrides -q -a -t $override_type -s $suite -c updates/$component
+ fi
+ done
+ done
done
################################################################################
-# Freshen Packages-Arch-Specific
+cd $configdir
+dak import-keyring -L /srv/keyring.debian.org/keyrings/debian-keyring.gpg
-wget -qN http://buildd.debian.org/quinn-diff/Packages-arch-specific -O $base/buildd/Packages-arch-specific
+cleanup() {
+ rm -f "$LOCKFILE"
+}
-################################################################################
+if ! lockfile -r100 "$LOCKFILE"; then
+ echo "Could not lock $LOCKFILE." >&2
+ exit 1
+fi
+trap cleanup EXIT
-cd $masterdir
-shania
-rhona
-apt-ftparchive -q clean apt.conf-security
-apt-ftparchive -q clean apt.conf.buildd-security
+dak clean-queues -i ${unchecked}
+dak clean-queues -i $disembargo
+dak clean-suites
+
+cleanup
+trap - EXIT
symlinks -d -r $ftpdir
-pg_dump obscurity > /org/security.debian.org/katie-backup/dump_$(date +%Y.%m.%d-%H:%M:%S)
+pg_file="${base}/dak-backup/dump_$(date +%Y.%m.%d-%H:%M:%S)"
+pg_dump obscurity > "${pg_file}"
+nice xz -9 "${pg_file}"
-# Vacuum the database
-set +e
-echo "VACUUM; VACUUM ANALYZE;" | psql obscurity 2>&1 | egrep -v "^NOTICE: Skipping \"pg_.*only table or database owner can VACUUM it$|^VACUUM$"
-set -e
+find "${base}/dak-backup" -mtime +30 \! -name '.nobackup' -delete
################################################################################