X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=config%2Fdebian-security%2Fcron.daily;h=3105dd69bd5014354e623a92057321f8d7a5a576;hb=695759e80feca4d6b2c27143a076d5e2ddf90339;hp=32a459567c411906c92a6136ddb8a5dbbb7b94db;hpb=59fd5aa2a8be3b76dbc968429c457f096adfa472;p=dak.git diff --git a/config/debian-security/cron.daily b/config/debian-security/cron.daily old mode 100644 new mode 100755 index 32a45956..3105dd69 --- a/config/debian-security/cron.daily +++ b/config/debian-security/cron.daily @@ -1,112 +1,101 @@ -#! /bin/sh +#!/bin/bash # -# Executed daily via cron, out of katie's crontab. +# Executed daily via cron, out of dak's crontab. set -e -export SCRIPTVARS=/org/security.debian.org/katie/vars-security +set -o pipefail +export SCRIPTVARS=/srv/security-master.debian.org/dak/config/debian-security/vars . $SCRIPTVARS +LOCKFILE="$lockdir/unchecked.lock" + ################################################################################ # Fix overrides -rsync -ql ftp-master::indices/override\* $overridedir +rsync --delete -r --include=override\* --exclude=\* --password-file /srv/security-master.debian.org/s3kr1t/rsync-password -ql security-master@ftp-master::indices/ $overridedir cd $overridedir -find . -name override\*.gz -type f -maxdepth 1 -mindepth 1 | xargs gunzip -f -find . -type l -maxdepth 1 -mindepth 1 | xargs rm - -rm -fr non-US -mkdir non-US -cd non-US -rsync -ql non-us::indices/override\* . -find . -name override\*.gz -type f -maxdepth 1 -mindepth 1 | xargs gunzip -find . -type l -maxdepth 1 -mindepth 1 | xargs rm -for i in *; do - if [ -f ../$i ]; then - cat $i >> ../$i; - fi; +for file in override*.gz; do + zcat $file > $(basename $file .gz) done -cd .. -rm -fr non-US +find . -maxdepth 1 -mindepth 1 -type l | xargs --no-run-if-empty rm -for suite in $suites; do +for suite in stable testing; do case $suite in - oldstable) override_suite=woody;; - stable) override_suite=sarge;; - testing) override_suite=etch;; - *) echo "Unknown suite type ($suite)"; exit 1;; + oldstable) override_suite=squeeze;; + stable) override_suite=wheezy;; + testing) override_suite=jessie;; + *) echo "Unknown suite type ($suite)"; exit 1;; esac for component in $components; do - for override_type in $override_types; do - case $override_type in - deb) type="" ;; - dsc) type=".src" ;; - udeb) type=".debian-installer" ;; - esac - # XXX RUN AFUCKINGAWAY - if [ "$override_type" = "udeb" ]; then - if [ ! "$component" = "main" ]; then - continue; - fi - if [ "$suite" = "unstable" ]; then - $masterdir/natalie -q -S -t $override_type -s $suite -c updates/$component < override.$override_suite.$component$type - fi - else - $masterdir/natalie -q -S -t $override_type -s $suite -c updates/$component < override.$override_suite.$component$type - fi - case $suite in - oldstable) - if [ ! "$override_type" = "udeb" ]; then - $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sarge.$component$type + for override_type in $override_types; do + case $override_type in + deb) type="" ;; + dsc) type=".src" ;; + udeb) type=".debian-installer" ;; + esac + + if [ "$override_type" = "udeb" ]; then + if [ ! "$component" = "main" ]; then + continue fi - $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sid.$component$type - ;; - stable) - $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sid.$component$type - ;; - testing) - $masterdir/natalie -q -a -t $override_type -s $suite -c updates/$component < override.sid.$component$type - ;; - *) echo "Unknown suite type ($suite)"; exit 1;; - esac - done + fi + + OFILE="override.$override_suite.$component$type.gz" + if [ -r "$OFILE" ]; then + zcat "$OFILE" | dak control-overrides -q -a -t $override_type -s $suite -c updates/$component + fi + done done done # Generate .all3 overides for the buildd support -for dist in woody sarge etch; do +for dist in squeeze wheezy jessie; do rm -f override.$dist.all3 components="main contrib non-free"; - if [ -f override.$dist.main.debian-installer ]; then - components="$components main.debian-installer"; + if [ -f override.$dist.main.debian-installer.gz ]; then + components="$components main.debian-installer" fi for component in $components; do - cat override.$dist.$component >> override.$dist.all3; - done; + zcat override.$dist.$component.gz >> override.$dist.all3 + if [ -e "override.$dist.$component.src.gz" ]; then + zcat override.$dist.$component.src.gz >> override.$dist.all3.src + fi + done done ################################################################################ -# Freshen Packages-Arch-Specific +cd $configdir +dak import-keyring -L /srv/keyring.debian.org/keyrings/debian-keyring.gpg -wget -qN http://buildd.debian.org/quinn-diff/Packages-arch-specific -O $base/buildd/Packages-arch-specific +cleanup() { + rm -f "$LOCKFILE" +} -################################################################################ +if ! lockfile -r100 "$LOCKFILE"; then + echo "Could not lock $LOCKFILE." >&2 + exit 1 +fi +trap cleanup EXIT -cd $masterdir -shania -rhona -apt-ftparchive -q clean apt.conf-security -apt-ftparchive -q clean apt.conf.buildd-security +dak clean-queues -i ${unchecked} +dak clean-queues -i $disembargo +dak clean-suites + +cleanup +trap - EXIT symlinks -d -r $ftpdir -pg_dump obscurity > /org/security.debian.org/katie-backup/dump_$(date +%Y.%m.%d-%H:%M:%S) +pg_dump obscurity > /org/security-master.debian.org/dak-backup/dump_$(date +%Y.%m.%d-%H:%M:%S) +find -maxdepth 1 -mindepth 1 -type f -name 'dump_*' \! -name '*.bz2' \! -name '*.gz' -mmin +720 | +while read dumpname; do + bzip2 -9fv "$dumpname" +done -# Vacuum the database -set +e -echo "VACUUM; VACUUM ANALYZE;" | psql obscurity 2>&1 | egrep -v "^NOTICE: Skipping \"pg_.*only table or database owner can VACUUM it$|^VACUUM$" -set -e +#apt-ftparchive -q clean apt.conf +#apt-ftparchive -q clean apt.conf.buildd ################################################################################