really fix the insecure temp file creation
[matthijs/upstream/backupninja.git] / handlers / maildir
1 ###############################################################
2 #
3 #  This handler slowly creates a backup of each user's maildir
4 #  to a remote server. It is designed to be run with low overhead
5 #  in terms of cpu and bandwidth so it runs pretty slow.
6 #
7 #  if destdir is /backup/maildir/, then it will contain the files
8 #    daily.1
9 #    daily.2
10 #    daily.3
11 #    weekly.1
12 #    weekly.2
13 #    monthly.1
14 #  if keepdaily is 3, keepweekly is 2, and keepmonthly is 1. 
15
16 ##############################################################
17
18 getconf rotate yes
19 getconf remove yes
20
21 getconf loadlimit 5
22 getconf speedlimit 0
23 getconf keepdaily 5
24 getconf keepweekly 3
25 getconf keepmonthly 1
26
27 getconf srcdir /var/maildir
28 getconf destdir
29 getconf desthost
30 getconf destport 22
31 getconf destuser
32
33 failedcount=0
34
35 # strip trailing /
36 destdir=${destdir%/}
37 srcdir=${srcdir%/}
38
39 # used for testing
40 #getconf letter
41 #getconf testuser elijah
42 getconf backup yes
43 #letters=e
44 letters="a b c d e f g h i j k l m n o p q r s t u v w x y z"
45
46 [ -d $srcdir ] || fatal "source directory $srcdir doesn't exist"
47
48 [ ! $test ] || testflags="--dry-run -v"
49 rsyncflags="$testflags -e 'ssh -p $destport' -r -v --ignore-existing --delete --size-only --bwlimit=$speedlimit"
50 excludes="--exclude '.Trash/\*' --exclude '.Mistakes/\*' --exclude '.Spam/\*'"
51
52 # see if we can login
53 debug "ssh -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
54 if [ ! $test ]; then
55         result=`ssh -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1' 2>&1`
56         if [ "$result" != "1" ]; then
57                 fatal "Can't connect to $desthost as $destuser."
58         fi
59 fi
60
61 ##################################################################
62 ### FUNCTIONS
63
64 function do_user() {
65         local user=$1
66         local destdir=$2
67         local letter=${user:0:1}
68         local dir="$srcdir/$letter/$user"
69         [ -d $dir ] || fatal "maildir $dir not found".
70
71 #       while true; do
72 #               load=`uptime | sed 's/^.*load average: \\([^,]*\\).*$/\\1/'`
73 #               over=`expr $load \> $loadlimit`
74 #               if [ $over == 1 ]; then
75 #                       info "load $load, sleeping..."
76 #                       sleep 600
77 #               else
78 #                       break
79 #               fi
80 #       done
81         
82         cmd="$RSYNC $rsyncflags $excludes $dir $destuser@$desthost:$destdir/$letter"
83         ret=`rsync -e "ssh -p $destport" -r \
84 --links --ignore-existing --delete --size-only --bwlimit=$speedlimit \
85 --exclude '.Trash/*' --exclude '.Mistakes/*' --exclude '.Spam/*' \
86 $dir $destuser@$desthost:$destdir/$letter \
87 2>&1`
88         ret=$?
89         # ignore 0 (success) and 24 (file vanished before it could be copied)
90         if [ $ret != 0 -a $ret != 24 ]; then
91                 warning "rsync $user failed"
92                 warning "  returned: $ret"
93                 let "failedcount = failedcount + 1"
94                 if [ $failedcount -gt 100 ]; then
95                         fatal "100 rsync errors -- something is not working right. bailing out."
96                 fi
97         fi
98 }
99
100 # remove any maildirs from backup which might have been deleted
101 # and add new ones which have just been created.
102
103 function do_remove() {
104         local tmp1=/tmp/maildirtmpfile$$
105         local tmp2=/tmp/maildirtmpfile$$
106         
107         for i in a b c d e f g h i j k l m n o p q r s t u v w x y z; do
108                 ls -1 "$srcdir/$i" | sort > $tmp1
109                 ssh -p $destport $desthost ls -1 '$destdir/maildir/$i' | sort > $tmp2
110                 for deluser in `join -v 2 $tmp1 $tmp2`; do
111                         cmd="ssh -p $destport $desthost rm -vr '$destdir/maildir/$i/$deluser/'"
112                         debug $cmd
113                 done
114         done
115         rm $tmp1
116         rm $tmp2        
117 }
118
119 function do_rotate() {
120         backuproot=$destdir
121
122 (
123         debug Connecting to $desthost
124         ssh -T -o PasswordAuthentication=no $desthost -l $destuser <<EOF
125 ##### BEGIN REMOTE SCRIPT #####
126         seconds_daily=86400
127         seconds_weekly=604800
128         seconds_monthly=2628000
129         keepdaily=$keepdaily
130         keepweekly=$keepweekly
131         keepmonthly=$keepmonthly
132         now=\`date +%s\`
133
134         for rottype in daily weekly monthly; do
135                 seconds=\$((seconds_\${rottype}))
136
137                 dir="$backuproot/\$rottype"
138                 if [ ! -d \$dir.1 ]; then
139                         echo "Info: \$dir.1 does not exist. This backup is missing, so we are skipping the rotation."
140                         continue 1
141                 elif [ ! -f \$dir.1/created ]; then
142                         echo "Warning: \$dir.1/created does not exist. This backup may be only partially completed. Skipping rotation."
143                         continue 1
144                 fi
145                 
146                 # Rotate the current list of backups, if we can.
147                 oldest=\`find $backuproot -type d -maxdepth 1 -name \$rottype'.*' | sed 's/^.*\.//' | sort -n | tail -1\`
148                 echo "Debug: oldest \$oldest"
149                 [ "\$oldest" == "" ] && oldest=0
150                 for (( i=\$oldest; i > 0; i-- )); do
151                         if [ -d \$dir.\$i ]; then
152                                 if [ -f \$dir.\$i/created ]; then
153                                         created=\`tail -1 \$dir.\$i/created\`
154                                 else
155                                         created=0
156                                 fi
157                                 cutoff_time=\$(( now - (seconds*(i-1)) ))
158                                 if [ ! \$created -gt \$cutoff_time ]; then
159                                         next=\$(( i + 1 ))
160                                         if [ ! -d \$dir.\$next ]; then
161                                                 echo "Debug: mv \$dir.\$i \$dir.\$next"
162                                                 mv \$dir.\$i \$dir.\$next
163                                                 date +%c%n%s > \$dir.\$next/rotated
164                                         else
165                                                 echo "Info: skipping rotation of \$dir.\$i because \$dir.\$next already exists."
166                                         fi
167                                 else
168                                         echo "Info: skipping rotation of \$dir.\$i because it was created" \$(( (now-created)/86400)) "days ago ("\$(( (now-cutoff_time)/86400))" needed)."
169                                 fi
170                         fi
171                 done
172         done
173
174         max=\$((keepdaily+1))
175         if [ \( \$keepweekly -gt 0 -a -d $backuproot/daily.\$max \) -a ! -d $backuproot/weekly.1 ]; then
176                 echo mv $backuproot/daily.\$max $backuproot/weekly.1
177                 mv $backuproot/daily.\$max $backuproot/weekly.1
178                 date +%c%n%s > $backuproot/weekly.1/rotated
179         fi
180
181         max=\$((keepweekly+1))
182         if [ \( \$keepmonthly -gt 0 -a -d $backuproot/weekly.\$max \) -a ! -d $backuproot/monthly.1 ]; then
183                 echo mv $backuproot/weekly.\$max $backuproot/monthly.1
184                 mv $backuproot/weekly.\$max $backuproot/monthly.1
185                 date +%c%n%s > $backuproot/monthly.1/rotated
186         fi
187
188         for rottype in daily weekly monthly; do
189                 max=\$((keep\${rottype}+1))
190                 dir="$backuproot/\$rottype"
191                 oldest=\`find $backuproot -type d -maxdepth 1 -name \$rottype'.*' | sed 's/^.*\.//' | sort -n | tail -1\`
192                 [ "\$oldest" == "" ] && oldest=0 
193                 # if we've rotated the last backup off the stack, remove it.
194                 for (( i=\$oldest; i >= \$max; i-- )); do
195                         if [ -d \$dir.\$i ]; then
196                                 if [ -d $backuproot/rotate.tmp ]; then
197                                         echo "Info: removing $backuproot/rotate.tmp"
198                                         rm -rf $backuproot/rotate.tmp
199                                 fi
200                                 echo "Info: moving \$dir.\$i to $backuproot/rotate.tmp"
201                                 mv \$dir.\$i $backuproot/rotate.tmp
202                         fi
203                 done
204         done
205 ####### END REMOTE SCRIPT #######
206 EOF
207 ) | (while read a; do passthru $a; done)
208
209 }
210
211
212 function setup_remote_dirs() {
213         local backuptype=$1
214         local dir="$destdir/$backuptype"
215
216 (
217         ssh -T -o PasswordAuthentication=no $desthost -l $destuser <<EOF
218                 if [ ! -d $destdir ]; then
219                         echo "Fatal: Destination directory $destdir does not exist on host $desthost."
220                         exit 1
221                 elif [ -d $dir.1 ]; then
222                         if [ -f $dir.1/created ]; then
223                                 echo "Warning: $dir.1 already exists. Overwriting contents."
224                         else
225                                 echo "Warning: we seem to be resuming a partially written $dir.1"
226                         fi
227                 else
228                         if [ -d $destdir/rotate.tmp ]; then
229                                 mv $destdir/rotate.tmp $dir.1
230                                 if [ \$? == 1 ]; then
231                                         echo "Fatal: could mv $destdir/rotate.tmp $dir.1 on host $desthost"
232                                         exit 1
233                                 fi
234                         else
235                                 mkdir $dir.1
236                                 if [ \$? == 1 ]; then
237                                         echo "Fatal: could not create directory $dir.1 on host $desthost"
238                                         exit 1
239                                 fi
240                                 for i in a b c d e f g h i j k l m n o p q r s t u v w y x z; do
241                                         mkdir $dir.1/\$i
242                                 done
243                         fi
244                         if [ -d $destdir/$backuptype.2 ]; then
245                                 echo "Info: updating hard links to $dir.1. This may take a while."
246                                 cp -alf $destdir/$backuptype.2/. $dir.1
247                                 #if [ \$? == 1 ]; then
248                                 #       echo "Fatal: could not create hard links to $dir.1 on host $desthost"
249                                 #       exit 1
250                                 #fi
251                         fi
252                 fi
253                 [ -f $dir.1/created ] && rm $dir.1/created
254                 [ -f $dir.1/rotated ] && rm $dir.1/rotated
255                 exit 0
256 EOF
257 ) | (while read a; do passthru $a; done)
258
259         if [ $? == 1 ]; then exit; fi
260 }
261
262 ###
263 ##################################################################
264
265 ### ROTATE BACKUPS ###
266
267 if [ "$rotate" == "yes" ]; then
268         do_rotate
269 fi
270
271 ### REMOVE OLD MAILDIRS ###
272
273 if [ "$remove" == "yes" ]; then
274         debug remove
275 fi
276
277 ### MAKE BACKUPS ###
278
279 if [ "$backup" == "yes" ]; then
280         if [ $keepdaily -gt 0 ]; then btype=daily
281         elif [ $keepweekly -gt 0 ]; then btype=weekly
282         elif [ $keepmonthly -gt 0 ]; then btype=monthly
283         else fatal "keeping no backups"; fi
284
285         setup_remote_dirs $btype
286         
287         for i in $letters; do
288                 [ -d "$srcdir/$i" ] || fatal "directory $srcdir/$i not found."
289                 cd "$srcdir/$i"
290                 debug $i
291                 for user in `ls -1`; do
292                         if [ "$testuser" != "" -a "$testuser" != "$user" ]; then continue; fi
293                         do_user $user $destdir/$btype.1
294                 done
295         done
296
297         ssh -o PasswordAuthentication=no $desthost -l $destuser "date +%c%n%s > $destdir/$btype.1/created"
298 fi