1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-15 23:50:44 +00:00
freebsd-ports/net/cvsup-mirror/files/update.sh

76 lines
1.8 KiB
Bash
Raw Normal View History

#! /bin/sh
if ! export PREFIX=$(expr $0 : "\(/.*\)/etc/cvsup/update\.sh\$"); then
echo "$0: Cannot determine the PREFIX" >&2
exit 1
fi
export PATH=/bin:/usr/bin:${PREFIX}/bin
lock=/var/spool/lock/cvsup.lock
log=/var/log/cvsup.log
# Rotate the log files
umask 22
test -f ${log}.7 && mv -f ${log}.7 ${log}.8
test -f ${log}.6 && mv -f ${log}.6 ${log}.7
test -f ${log}.5 && mv -f ${log}.5 ${log}.6
test -f ${log}.4 && mv -f ${log}.4 ${log}.5
test -f ${log}.3 && mv -f ${log}.3 ${log}.4
test -f ${log}.2 && mv -f ${log}.2 ${log}.3
test -f ${log}.1 && mv -f ${log}.1 ${log}.2
test -f ${log}.0 && mv -f ${log}.0 ${log}.1
test -f ${log} && mv -f ${log} ${log}.0
exec >${log} 2>&1
# Do the update
date "+CVSup update begins at %Y-%m-%d %T"
# The rest of this is executed while holding the lock file, to ensure that
# multiple instances won't collide with one another.
lockf -t 0 ${lock} /bin/sh << 'E*O*F'
base=${PREFIX}/etc/cvsup
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
rundir=/var/tmp
cd ${rundir} || exit
. ${base}/config.sh || exit
colldir=sup.client
startup=${PREFIX}/etc/rc.d
options="-1gL 1 -b ${base} -c ${colldir}"
umask 2
ok=yes
if [ ${host_crypto} = ${host} ]; then
echo "Updating from ${host}"
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
su -m ${cuser} -c \
"cvsup ${options} -h ${host} ${base}/supfile" || ok=no
else
if [ -d ${base}/prefixes/FreeBSD-crypto.cvs ]; then
echo "Updating from ${host_crypto}"
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
su -m ${cuser} -c \
"cvsup ${options} -h ${host_crypto} ${base}/supfile.crypto" || ok=no
fi
echo "Updating from ${host}"
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
su -m ${cuser} -c \
"cvsup ${options} -h ${host} ${base}/supfile.non-crypto" || ok=no
fi
if [ ${ok} = yes ]; then
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
if [ -f ${base}/.start_server ]; then
if [ -x ${startup}/cvsupd.sh ]; then
echo -n "Starting the server:"
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
/bin/sh ${startup}/cvsupd.sh start
echo "."
fi
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
rm -f ${base}/.start_server
fi
fi
E*O*F
date "+CVSup update ends at %Y-%m-%d %T"