#!/bin/sh #------------------------------------------------------------------------------ # /var/install/bin/subversion-tools-userdb - rebuild user database # # Creation : 2018-07-11 daniel # Last Update: 2023-08-26 20:04:41 # # Copyright (c) 2024 the eisfair team, team(at)eisfair(dot)org # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #------------------------------------------------------------------------------ . /var/install/include/eislib . /etc/config.d/subversion . /var/install/include/passwdlib PATH='/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin' # --------------------------------------------------------------------------- # echo honoring quietmode option # --------------------------------------------------------------------------- local_echo() { if ! ${quietmode:-false} then mecho "${@}" fi } # --------------------------------------------------------------------------- # check for quietmode option # --------------------------------------------------------------------------- quietmode=false while [ ${#} -gt 0 ] do case ${1} in --quiet) quietmode=true shift ;; esac done # ---------------------------------------------------------------------------- # set platform settings # ---------------------------------------------------------------------------- wwwuser="wwwrun" wwwgroup="nogroup" svngroup="svn" local_echo " * Updating user database ..." # remove all old user files rm -f /var/lib/subversion/passwd* rm -f /var/lib/subversion/htpasswd* rm -f /var/lib/subversion/userdb* # write new user password files idx=1 while [ "${idx}" -le "${SVN_REPOS_N}" ] do eval acl_enum='${SVN_REPOS_'${idx}'_ACL}' eval auth_realm='${SVN_REPOS_'${idx}'_NAME}' # prepare svnserve userdb echo "[users]" > "/var/lib/subversion/userdb${idx}" # prepare userdb for WebDAV rm -f /var/lib/subversion/htpasswd$idx createflag='true' # process acl enumeration of current repo for acl in $acl_enum do idxacl=0 iidx=1 while [ "${iidx}" -le "${SVN_ACL_N}" ] && [ "${idxacl}" = "0" ] do eval aclname='${SVN_ACL_'${iidx}'_NAME}' if [ "$(echo ${aclname} | tr [a-z] [A-Z])" = "$(echo ${acl} | tr [a-z] [A-Z])" ] then idxacl=${iidx} fi iidx=$((${iidx} + 1)) done if [ "${idxacl}" -ge "1" ] then eval numusers='${SVN_ACL_'${idxacl}'_USER_N}' # create userdb for svnserve idxuser=1 while [ "${idxuser}" -le "${numusers}" ] do eval user_flag='${SVN_ACL_'${idxacl}'_USER_'${idxuser}'_ACTIVE}' if [ "${user_flag}" = "yes" ] then eval user_name='${SVN_ACL_'${idxacl}'_USER_'${idxuser}'_NAME}' eval user_pass='${SVN_ACL_'${idxacl}'_USER_'${idxuser}'_PASSWD}' echo "${user_name}=${user_pass}" fi idxuser=$((${idxuser} + 1)) done >> "/var/lib/subversion/userdb${idx}" # create userdb for WebDAV idxuser=1 while [ "${idxuser}" -le "${numusers}" ] do eval user_flag='${SVN_ACL_'${idxacl}'_USER_'${idxuser}'_ACTIVE}' if [ "${user_flag}" = "yes" ] then eval user_name='${SVN_ACL_'${idxacl}'_USER_'${idxuser}'_NAME}' eval user_pass='${SVN_ACL_'${idxacl}'_USER_'${idxuser}'_PASSWD}' if [ "${user_name}" != "" -a "${user_pass}" != "" ] then if [ "${SVN_WEBDAV_AUTH_METHOD}" = "digest" ] then # digest authentication get_digest_entry \ -u "${user_name}" \ -p "${user_pass}" \ -r "${auth_realm}" else # basic authentication get_basic_entry \ -u "${user_name}" \ -p "${user_pass}" fi if [ "${createflag}" = "true" ] then echo "${_passwd_entry}" > /var/lib/subversion/htpasswd${idx} createflag='false' else echo "${_passwd_entry}" >> /var/lib/subversion/htpasswd${idx} fi fi fi idxuser=$((${idxuser} + 1)) done else mecho -warn " ACL \"${acl}\" unknown! Please check your config!" fi done # set file permissions touch /var/lib/subversion/htpasswd${idx} chown ${wwwuser}:root /var/lib/subversion/htpasswd${idx} chmod 0600 /var/lib/subversion/htpasswd${idx} idx=$((${idx} + 1)) done # write directory access files idx=1 while [ "${idx}" -le "${SVN_REPOS_N}" ] do eval dir_perm='${SVN_REPOS_'${idx}'_DIR_PERMISSIONS}' eval num_perm='${SVN_REPOS_'${idx}'_DIR_PERM_N}' if [ "${dir_perm}" = "yes" ] then { echo "# *************************************************" echo "# subversion directory permission table" echo "# created $(date)" echo "# *************************************************" echo "" echo "[groups]" idx2=1 while [ "${idx2}" -le "${SVN_ACL_N}" ] do eval aclname='${SVN_ACL_'${idx2}'_NAME}' eval aclnum='${SVN_ACL_'${idx2}'_USER_N}' userlist="${aclname} =" separate="no" idx3=1 while [ "${idx3}" -le "${aclnum}" ] do eval active='${SVN_ACL_'${idx2}'_USER_'${idx3}'_ACTIVE}' eval user='${SVN_ACL_'${idx2}'_USER_'${idx3}'_NAME}' if [ "${active}" = "yes" ] then if [ "${separate}" = "yes" ] then userlist="${userlist}," fi userlist="${userlist} ${user}" separate="yes" fi idx3=$((${idx3} + 1)) done echo "${userlist}" idx2=$((${idx2} + 1)) done echo "" idx2=1 while [ "${idx2}" -le "${num_perm}" ] do eval dir_path='${SVN_REPOS_'${idx}'_DIR_'${idx2}'_PATH}' eval dir_perm='${SVN_REPOS_'${idx}'_DIR_'${idx2}'_PERM}' echo "[${dir_path}]" for perm in ${dir_perm} do echo "${perm}" done echo "" idx2=$((${idx2} + 1)) done } > /var/lib/subversion/permissions${idx} # set file permissions chown ${wwwuser}:root /var/lib/subversion/permissions${idx} chmod 0600 /var/lib/subversion/permissions${idx} else rm -f /var/lib/subversion/permissions${idx} fi idx=$((${idx} + 1)) done # show result. We assume success without better knowing... local_echo --ok exit 0