mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-15 23:50:44 +00:00
3176ec22e7
honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
76 lines
1.8 KiB
Bash
76 lines
1.8 KiB
Bash
#! /bin/sh
|
|
|
|
if ! export PREFIX=$(expr $0 : "\(/.*\)/etc/cvsup/update\.sh\$"); then
|
|
echo "$0: Cannot determine the PREFIX" >&2
|
|
exit 1
|
|
fi
|
|
|
|
export PATH=/bin:/usr/bin:${PREFIX}/bin
|
|
|
|
lock=/var/spool/lock/cvsup.lock
|
|
log=/var/log/cvsup.log
|
|
|
|
# Rotate the log files
|
|
|
|
umask 22
|
|
test -f ${log}.7 && mv -f ${log}.7 ${log}.8
|
|
test -f ${log}.6 && mv -f ${log}.6 ${log}.7
|
|
test -f ${log}.5 && mv -f ${log}.5 ${log}.6
|
|
test -f ${log}.4 && mv -f ${log}.4 ${log}.5
|
|
test -f ${log}.3 && mv -f ${log}.3 ${log}.4
|
|
test -f ${log}.2 && mv -f ${log}.2 ${log}.3
|
|
test -f ${log}.1 && mv -f ${log}.1 ${log}.2
|
|
test -f ${log}.0 && mv -f ${log}.0 ${log}.1
|
|
test -f ${log} && mv -f ${log} ${log}.0
|
|
exec >${log} 2>&1
|
|
|
|
# Do the update
|
|
|
|
date "+CVSup update begins at %Y/%m/%d %H:%M:%S"
|
|
|
|
# The rest of this is executed while holding the lock file, to ensure that
|
|
# multiple instances won't collide with one another.
|
|
|
|
lockf -t 0 ${lock} /bin/sh << 'E*O*F'
|
|
|
|
base=${PREFIX}/etc/cvsup
|
|
rundir=/var/tmp
|
|
cd ${rundir} || exit
|
|
. ${base}/config.sh || exit
|
|
|
|
colldir=sup.client
|
|
startup=${PREFIX}/etc/rc.d
|
|
options="-1gL 1 -b ${base} -c ${colldir}"
|
|
|
|
umask 2
|
|
ok=yes
|
|
if [ ${host_crypto} = ${host} ]; then
|
|
echo "Updating from ${host}"
|
|
su -m ${cuser} -c \
|
|
"cvsup ${options} -h ${host} ${base}/supfile" || ok=no
|
|
else
|
|
if [ -d prefixes/FreeBSD-crypto.cvs ]; then
|
|
echo "Updating from ${host_crypto}"
|
|
su -m ${cuser} -c \
|
|
"cvsup ${options} -h ${host_crypto} ${base}/supfile.crypto" || ok=no
|
|
fi
|
|
echo "Updating from ${host}"
|
|
su -m ${cuser} -c \
|
|
"cvsup ${options} -h ${host} ${base}/supfile.non-crypto" || ok=no
|
|
fi
|
|
|
|
if [ ${ok} = yes ]; then
|
|
if [ -f ${base}/.start_server ]; then
|
|
if [ -x ${startup}/cvsupd.sh ]; then
|
|
echo -n "Starting the server:"
|
|
/bin/sh ${startup}/cvsupd.sh start
|
|
echo "."
|
|
fi
|
|
rm -f ${base}/.start_server
|
|
fi
|
|
fi
|
|
|
|
E*O*F
|
|
|
|
date "+CVSup update ends at %Y/%m/%d %H:%M:%S"
|