From d4ede014e6f4df2f3ea798e610df8d1dbfbf2843 Mon Sep 17 00:00:00 2001 From: Joerg Jaspert Date: Sat, 26 Mar 2011 11:35:23 +0100 Subject: [PATCH] enable the buildd keyring stuff Signed-off-by: Joerg Jaspert --- config/backports/cron.hourly | 16 +++++++++++ config/debian-security/cron.hourly | 43 ++++++++++++++++++++++++++++++ config/debian/cron.hourly | 19 +++++++++++++ scripts/debian/buildd-add-keys | 3 +++ 4 files changed, 81 insertions(+) create mode 100755 config/debian-security/cron.hourly diff --git a/config/backports/cron.hourly b/config/backports/cron.hourly index 24b8f90f..fcab3b35 100755 --- a/config/backports/cron.hourly +++ b/config/backports/cron.hourly @@ -25,3 +25,19 @@ dak show-new > /dev/null $base/dak/tools/removals.pl $configdir/removalsrss.rc > $webdir/removals.rss #$scriptsdir/generate-di + +# do the buildd key updates +BUILDDFUN=$(mktemp -p "${TMPDIR}" BUILDDFUN.XXXXXX) +exec >> "${BUILDDFUN}" 2>&1 +#${scriptsdir}/buildd-remove-keys +#${scriptsdir}/buildd-add-keys +#${scriptsdir}/buildd-prepare-dir +for keyring in $(dak admin k list-binary); do + dak import-keyring --generate-users "%s" ${keyring} +done +exec >>/dev/null 2>&1 + +DATE=$(date -Is) +cat "${BUILDDFUN}" | mail -a "X-Debian: DAK" -e -s "[$(hostname -s)] Buildd key changes ${DATE}" buildd-keys@ftp-master.debian.org -- -F "Debian FTP Masters" -f ftpmaster@ftp-master.debian.org + +rm -f "${BUILDDFUN}" diff --git a/config/debian-security/cron.hourly b/config/debian-security/cron.hourly new file mode 100755 index 00000000..355cc50a --- /dev/null +++ b/config/debian-security/cron.hourly @@ -0,0 +1,43 @@ +#! /bin/bash +# +# Executed hourly via cron, out of dak's crontab. + +set -e +set -u + +export SCRIPTVARS=/srv/security-master.debian.org/dak/config/debian-security/vars +. $SCRIPTVARS + +# dak import-users-from-passwd +# dak queue-report -n > $webdir/new.html +# dak queue-report -8 -d new,byhand,proposedupdates,oldproposedupdates -r $webdir/stat +# dak show-deferred -r $webdir/stat > ${webdir}/deferred.html +# dak graph -n new,byhand,proposedupdates,oldproposedupdates,deferred -r $webdir/stat -i $webdir/stat -x $scriptsdir/rrd-release-freeze-dates +# dak show-new > /dev/null + +# cd $webdir +# cat removals-20*.txt > removals-full.txt +# cat removals.txt >> removals-full.txt +# cat removals-20*.822 > removals-full.822 +# cat removals.822 >> removals-full.822 + +#$base/dak/tools/queue_rss.py -q $queuedir/new -o $webdir/rss/ -d $base/misc -l $base/log/ +#$base/dak/tools/removals.pl $configdir/removalsrss.rc > $webdir/removals.rss + +#$scriptsdir/generate-di + +# do the buildd key updates +BUILDDFUN=$(mktemp -p "${TMPDIR}" BUILDDFUN.XXXXXX) +exec >> "${BUILDDFUN}" 2>&1 +#${scriptsdir}/buildd-remove-keys +#${scriptsdir}/buildd-add-keys +#${scriptsdir}/buildd-prepare-dir +for keyring in $(dak admin k list-binary); do + dak import-keyring --generate-users "%s" ${keyring} +done +exec >>/dev/null 2>&1 + +DATE=$(date -Is) +cat "${BUILDDFUN}" | mail -a "X-Debian: DAK" -e -s "[$(hostname -s)] Buildd key changes ${DATE}" buildd-keys@ftp-master.debian.org -- -F "Debian FTP Masters" -f ftpmaster@ftp-master.debian.org + +rm -f "${BUILDDFUN}" diff --git a/config/debian/cron.hourly b/config/debian/cron.hourly index c20f4d1d..aef24c09 100755 --- a/config/debian/cron.hourly +++ b/config/debian/cron.hourly @@ -30,7 +30,26 @@ cat removals.822 >> removals-full.822 $base/dak/tools/queue_rss.py -q $queuedir/new -o $webdir/rss/ -d $base/misc -l $base/log/ $base/dak/tools/removals.pl $configdir/removalsrss.rc > $webdir/rss/removals.rss + # Tell ries to sync its tree ssh -o Batchmode=yes -o ConnectTimeout=30 -o SetupTimeout=30 -2 -i ${base}/s3kr1t/pushddmirror dak@ries.debian.org sync $scriptsdir/generate-di + + +# do the buildd key updates +BUILDDFUN=$(mktemp -p "${TMPDIR}" BUILDDFUN.XXXXXX) +exec >> "${BUILDDFUN}" 2>&1 +${scriptsdir}/buildd-remove-keys +${scriptsdir}/buildd-add-keys +${scriptsdir}/buildd-prepare-dir + +for keyring in $(dak admin k list-binary); do + dak import-keyring --generate-users "%s" ${keyring} +done +exec >>/dev/null 2>&1 + +DATE=$(date -Is) +cat "${BUILDDFUN}" | mail -a "X-Debian: DAK" -e -s "[$(hostname -s)] Buildd key changes ${DATE}" buildd-keys@ftp-master.debian.org -- -F "Debian FTP Masters" -f ftpmaster@ftp-master.debian.org + +rm -f "${BUILDDFUN}" diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys index d96fa758..1283838f 100755 --- a/scripts/debian/buildd-add-keys +++ b/scripts/debian/buildd-add-keys @@ -74,6 +74,9 @@ fi trap cleanup ERR EXIT TERM HUP INT QUIT +# Tell prepare-dir that there is an update and it can run +touch "${STAMPFILE}" + # Whenever something goes wrong, its put in there. mkdir -p "${ERRORS}" -- 2.39.2