Commit 2b164945 authored by Giuseppe Lo Presti's avatar Giuseppe Lo Presti
Browse files

migration: improved logic to block CASTOR, by Namespace permissions rather than Stager B/W lists

parent c66332db
...@@ -19,9 +19,9 @@ ...@@ -19,9 +19,9 @@
# * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# * # *
# * command line tool to start preparing the export of a given VO to CTA, # * command line tool to start preparing the export of a given VO to CTA,
# * the CAStOR successor. The tool firstly stores away CASTOR's B/W lists and # * the CASTOR successor. The tool blocks namespace access to the given
# * removes them to lock the instance, and then issues an import of all # * CASTOR top-level paths and then issues an import of all directories
# * CASTOR directories below a given set of top-level paths. # * below the given paths.
# #
# * @author Castor Dev team, castor-dev@cern.ch # * @author Castor Dev team, castor-dev@cern.ch
# *****************************************************************************/ # *****************************************************************************/
...@@ -30,10 +30,10 @@ ...@@ -30,10 +30,10 @@
set -e set -e
print_usage() { print_usage() {
echo Starts the export to CTA. B/W lists are stored and removed from CASTOR. echo Starts the export to CTA and blocks access to CASTOR.
echo Usage: $0 --dryrun\|--doit dir1 dir2 ... echo Usage: $0 --dryrun\|--doit dir1 dir2 ...
echo ' --dryrun is dry-run mode for CASTOR. With --doit, the CASTOR directories mode bits are reset to 000.'
echo ' dir1 dir2 ... list of CASTOR top-level directories without prefix, e.g. /user' echo ' dir1 dir2 ... list of CASTOR top-level directories without prefix, e.g. /user'
echo ' first option enables or disables dry-run mode'
exit 1 exit 1
} }
...@@ -53,20 +53,20 @@ if [[ "$@" == "" ]]; then ...@@ -53,20 +53,20 @@ if [[ "$@" == "" ]]; then
print_usage print_usage
fi fi
# if NOT dry-run
if [[ "$doit" == "1" ]]; then
# backup relevant metadata from the stager mkdir -p ~/ctaexport
mkdir -p ~/ctaexport
cd ~/ctaexport
[[ ! -x stager_listprivileges_output ]] && \
stager_listprivileges > stager_listprivileges_output && \
# pause the stager altogether (this destroys the B&W lists!)
stager_removeprivilege -U:
fi
# execute the DB extraction and EOS metadata import for the given top-level dirs
for tld in $@; do for tld in $@; do
# if NOT dry-run, block access in the namespace to the given top-level dir
if [[ "$doit" == "1" ]]; then
tldnoslash=`echo ${tld} | sed "s|\/|_|g"`
nsls -ld /castor/cern.ch/$tld > ~/ctaexport/nsls${tldnoslash}
nsgetacl /castor/cern.ch/$tld > ~/ctaexport/nsgetacl${tldnoslash}
nschmod 000 /castor/cern.ch/$tld
echo `date +%Y-%m-%dT%H:%M:%S`' Stored ACLs and blocked access to' $tld
fi
# execute the DB extraction and EOS metadata import for the top-level dir
echo `date +%Y-%m-%dT%H:%M:%S`' Importing CASTOR tree below' $tld echo `date +%Y-%m-%dT%H:%M:%S`' Importing CASTOR tree below' $tld
eos-import-dirs $tld eos-import-dirs $tld
done done
...@@ -78,4 +78,3 @@ echo `date +%Y-%m-%dT%H:%M:%S`' CASTOR directories import completed successfull ...@@ -78,4 +78,3 @@ echo `date +%Y-%m-%dT%H:%M:%S`' CASTOR directories import completed successfull
# deletediskcopy $h:/srv/castor/$f/ # deletediskcopy $h:/srv/castor/$f/
# done # done
#done #done
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment