Follow symlinx for LXC containers

Reviewed-on: #15

CHANGELOG.md

@@ -15,6 +15,52 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
 
 ### Security
 
+## [23.10.1] - 2023-10-09
+
+### Fixed
+
+* Use a special variable name since USER is always defined from the environment
+
+## [23.10] - 2023-10-09
+
+### Added
+
+* Force a user name with `-u,--user` option (default is still `logname(1)`).
+* More people credited
+
+### Deprecated
+
+* `--autosysadmin` is replaced by `--user autosysadmin`
+
+
+
+## [22.07] - 2022-07-05
+
+### Added
+
+* Add `--autosysadmin` flag
+* Commit change in /etc of lxc containers
+
+### Changed
+
+### Deprecated
+
+### Removed
+
+### Fixed
+
+### Security
+
+## [22.01] - 2022-01-25
+
+### Added
+
+* version/host/user headers in sent email
+
+### Changed
+
+New version pattern
+
 ## [0.6.4] - 2021-06-17
 
 ### Added

contrib/git-hook-post-checkout

@@ -0,0 +1,3 @@
+#!/bin/sh
+# Git pre-checkout hook restoring permissions and ownerships.
+mtree -u < .mtree

contrib/git-hook-pre-commit

@@ -0,0 +1,26 @@
+#!/bin/sh
+# Git pre-commit hook storing permissions and ownerships.
+
+mtreeignore=$(mktemp --suffix mtree)
+
+mtree_exclude() {
+    echo .git
+    # Get ignored files from git https://stackoverflow.com/a/467053
+    find . -not -path './.git/*' | git check-ignore --stdin
+}
+
+# In case .mtree doens't exists yet, we still want it in the specification
+# to be generated.
+if [ -f .mtree ]; then
+   touch .mtree
+fi
+
+mtree_exclude > "$mtreeignore"
+trap 'rm --force "$mtreeignore"' EXIT
+
+mtree -x -c \
+    -p . \
+    -k uname,gname,mode \
+    -X "$mtreeignore" > .mtree
+
+git add .mtree

evomaintenance.sh

@@ -1,21 +1,16 @@
 #!/bin/sh
 
-# EvoMaintenance script
-# Dependencies (all OS): git postgresql-client
-# Dependencies (Debian): sudo
-
-# Copyright 2007-2021 Evolix <info@evolix.fr>, Gregory Colpart <reg@evolix.fr>,
-#                     Jérémy Lecour <jlecour@evolix.fr> and others.
-
-VERSION="0.6.4"
+VERSION="23.10.1"
 
 show_version() {
     cat <<END
 evomaintenance version ${VERSION}
 
-Copyright 2007-2021 Evolix <info@evolix.fr>,
+Copyright 2007-2023 Evolix <info@evolix.fr>,
                     Gregory Colpart <reg@evolix.fr>,
-                    Jérémy Lecour <jlecour@evolix.fr>
+                    Jérémy Lecour <jlecour@evolix.fr>,
+                    Brice Waegeneire <bwaegeneire@evolix.fr>,
+                    Mathieu Trossevin <mtrossevin@evolix.fr>
                     and others.
 
 evomaintenance comes with ABSOLUTELY NO WARRANTY.  This is free software,
@@ -47,10 +42,11 @@ Options
      --no-evocheck           disable evocheck execution
      --auto                  use "auto" mode
      --no-auto               use "manual" mode (default)
+ -u, --user=USER             force USER value (default: logname(1))
  -v, --verbose               increase verbosity
  -n, --dry-run               actions are not executed
      --help                  print this message and exit
-     --version               print version and exit
+ -V, --version               print version and exit
 END
 }
 
@@ -97,13 +93,22 @@ get_who() {
 }
 
 get_begin_date() {
-    printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
+    # XXX A begin date isn't applicable when used in autosysadmin, so we
+    # use the same date as the end date.
+    if is_autosysadmin; then
+	    get_end_date
+    else
+	    printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
+    fi
 }
 
 get_ip() {
     ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
-    [ -z "${ip}" ] && ip="unknown (no tty)"
-    [ "${ip}" = ":0" ] && ip="localhost"
+    if is_autosysadmin || [ "${ip}" = ":0" ]; then
+	    ip="localhost"
+    elif [ -z "${ip}" ]; then
+	    ip="unknown (no tty)"
+    fi
 
     echo "${ip}"
 }
@@ -116,6 +121,14 @@ get_now() {
     date +"%Y-%m-%dT%H:%M:%S%z"
 }
 
+get_user() {
+    if [ -n "${FORCE_USER}" ]; then
+	    echo "${FORCE_USER}"
+    else
+	    logname
+    fi
+}
+
 get_complete_hostname() {
     REAL_HOSTNAME=$(get_fqdn)
     if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
@@ -174,6 +187,10 @@ print_session_data() {
     printf "Message   : %s\n" "${MESSAGE}"
 }
 
+is_autosysadmin() {
+    test "${USER}" = "autosysadmin"
+}
+
 is_repository_readonly() {
     if [ "$(get_system)" = "OpenBSD" ]; then
         partition=$(stat -f '%Sd' $1)
@@ -303,6 +320,9 @@ From: ${FULLFROM}
 Content-Type: text/plain; charset=UTF-8
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
+X-Evomaintenance-Version: ${VERSION}
+X-Evomaintenance-Host: ${HOSTNAME_TEXT}
+X-Evomaintenance-User: ${USER}
 To: ${EVOMAINTMAIL}
 Subject: [evomaintenance] Intervention sur ${HOSTNAME_TEXT} (${USER})
 
@@ -379,6 +399,7 @@ AUTO=${AUTO:-"0"}
 EVOCHECK=${EVOCHECK:-"0"}
 GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
 API_ENDPOINT=${API_ENDPOINT:-""}
+FORCE_USER=${FORCE_USER:-""}
 
 # initialize variables
 MESSAGE=""
@@ -456,6 +477,31 @@ while :; do
             # use "auto" mode
             AUTO=1
             ;;
+        --autosysadmin)
+            # Deprecated, backward compatibility
+            # author change as autosysadmin
+            printf 'WARNING: "--autosysadmin" is deprecated, use "--user autosysadmin".\n' >&2
+            FORCE_USER="autosysadmin"
+            ;;
+        -u|--user)
+            # user options, with value speparated by space
+            if [ -n "$2" ]; then
+                FORCE_USER=$2
+                shift
+            else
+                printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
+                exit 1
+            fi
+            ;;
+        --user=?*)
+            # message options, with value speparated by =
+            FORCE_USER=${1#*=}
+            ;;
+        --user=)
+            # message options, without value
+            printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
+            exit 1
+            ;;
         -n|--dry-run)
             # disable actual commands
             DRY_RUN=1
@@ -494,7 +540,7 @@ HOSTNAME_TEXT=$(get_complete_hostname)
 IP=$(get_ip)
 BEGIN_DATE=$(get_begin_date)
 END_DATE=$(get_end_date)
-USER=$(logname)
+USER=$(get_user)
 
 PATH=${PATH}:/usr/sbin
 
@@ -533,6 +579,11 @@ EVOCHECK_BIN="/usr/share/scripts/evocheck.sh"
 
 GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
 
+# Add /etc directories from lxc containers if they are git directories
+if [ -d /var/lib/lxc ]; then
+    GIT_REPOSITORIES="${GIT_REPOSITORIES} $(find -L /var/lib/lxc/ -maxdepth 3 -name 'etc' | tr '\n' ' ' | sed 's/[[:space:]]\+$//')"
+fi
+
 # initialize variable
 GIT_STATUSES=""
 # git statuses