From 4d0dc703ef2e62cd16ea84f27456f6f50f74baa3 Mon Sep 17 00:00:00 2001
From: Ian Kelling <ian@iankelling.org>
Date: Thu, 24 Oct 2019 11:31:45 -0400
Subject: [PATCH] various fixes

---
 .gitconfig                         |  6 +-
 brc2                               | 23 ++++---
 distro-end                         |  9 ++-
 filesystem/etc/cron.d/ian          | 11 ++--
 filesystem/usr/local/bin/myupgrade | 16 +++--
 mail-setup                         | 10 +--
 offlineimap-sync                   |  2 +-
 system-status                      | 97 +++++++++++++++---------------
 8 files changed, 96 insertions(+), 78 deletions(-)

diff --git a/.gitconfig b/.gitconfig
index 35556d6..839cb5f 100644
--- a/.gitconfig
+++ b/.gitconfig
@@ -26,8 +26,10 @@ helper = cache
 [diff]
 ignoreSubmodules = dirty
 tool = meld
-# gitinspector complained, but then i noticed git not detecting a rename with this.
-#renamelimit = 5000
+# on git pull of coreboot:
+# warning: inexact rename detection was skipped due to too many files.
+# warning: you may want to set your diff.renameLimit variable to at least 3694 and retry the command.
+renameLimit = 50000
 renames = copy
 
 [gitreview]
diff --git a/brc2 b/brc2
index 2bfb677..75ed2bc 100644
--- a/brc2
+++ b/brc2
@@ -377,11 +377,15 @@ fdroid_pkgs=(
 fdup() {
   local -A installed updated
   local p
-  fdroidcl update
+  # tried putting this in go buildscript cronjob,
+  # but it failed with undefined: os.UserCacheDir. I expect its due to
+  # an environment variable missing, but its easier just to stick it here.
+  m go get -u mvdan.cc/fdroidcl || return 1
+  m fdroidcl update
   if fdroidcl search -u | grep ^org.fdroid.fdroid; then
     fdroidcl install org.fdroid.fdroid
     sleep 5
-    fdroidcl update
+    m fdroidcl update
   fi
   for p in $(fdroidcl search -i| grep -o "^\S\+"); do
     installed[$p]=true
@@ -391,14 +395,14 @@ fdup() {
   done
   for p in ${fdroid_pkgs[@]}; do
     if ! ${installed[$p]:-false}; then
-      fdroidcl install $p
+      m fdroidcl install $p
       # sleeps are just me being paranoid since replicant has a history of crashing when certain apps are installed
       sleep 5
     fi
   done
   for p in ${!installed[@]}; do
     if ! ${updated[$p]:-true}; then
-      fdroidcl install $p
+      m fdroidcl install $p
       sleep 5
     fi
   done
@@ -956,17 +960,12 @@ sl() {
   fi
 }
 sss() { # ssh solo
-  ssh -oControlMaster=no -oControlPath=/ "$@"
+  sl -oControlMaster=no -oControlPath=/ "$@"
 }
 # kill off old shared socket then ssh
 ssk() {
-  local -a opts=()
-  while [[ $1 == -* ]]; do
-    opts+=("$1")
-    shift
-  done
-  m pkill -f "^ssh: /tmp/ssh_mux_${USER}_${1#*@}_22_"
-  m ssh "${opts[@]}" "$@"
+  m ssh -O exit "$@"
+  m sl "$@"
 }
 # plain limited ssh
 ssh() {
diff --git a/distro-end b/distro-end
index 3178522..87a54e3 100755
--- a/distro-end
+++ b/distro-end
@@ -393,8 +393,13 @@ s rm -f /etc/cron.d/unattended-upgrade-reboot /usr/local/bin/zelous-unattended-r
 sd /etc/cron.d/myupgrade <<'EOF'
 # Setup reboots when running outdated stuff, unattended upgrades happen
 # at 6 am + rand(60 min).
-20 7 * * * root /usr/local/bin/myupgrade | /usr/local/bin/log-once -1 myupgrade
-0 * * * * root /usr/local/bin/mycheckrestart | /usr/local/bin/log-once -1 mycheckrestart
+
+# default is /bin/sh
+SHELL=/bin/bash
+# default is /usr/bin:/bin
+PATH=/usr/bin:/bin:/usr/local/bin
+20 7 * * * iank myupgrade |& log-once -1 myupgrade
+0  * * * * root mycheckrestart |& log-once -1 mycheckrestart
 EOF
 ##### end automatic upgrades ####
 
diff --git a/filesystem/etc/cron.d/ian b/filesystem/etc/cron.d/ian
index 53fbf3f..76ebe3b 100644
--- a/filesystem/etc/cron.d/ian
+++ b/filesystem/etc/cron.d/ian
@@ -1,8 +1,9 @@
 SHELL=/bin/bash
-*/10 * * * *   iank /a/exe/rootsshsync 2>&1 | /usr/local/bin/log-once -15 rootsshsync
+PATH=/usr/bin:/bin:/usr/local/bin:/a/exe
+*/10 * * * *   iank rootsshsync |& log-once -15 rootsshsync
 # this goes into bash prompt, does in cron for more efficient shell
-* * * * *   iank /a/exe/system-status 2>&1 | /usr/local/bin/log-once system-status
-2 * * * *   iank /a/exe/check-remote-mailqs 2>&1 | /usr/local/bin/log-once check-remote-mailqs
-# If theres any logged errors we didnt handle in 5 days, maybe we accidentally missed them,
+* * * * *   iank system-status |& log-once system-status
+2 * * * *   iank check-remote-mailqs |& log-once check-remote-mailqs
+# If theres any logged errors we didnt handle in 3 days, maybe we accidentally missed them,
 # so report if we did
-4 9 * * 5   root find /var/local/cron-errors /home/iank/cron-errors -type f -mtime +5
+4 9 * * 5   root find /var/local/cron-errors /home/iank/cron-errors -type f -mtime +3
diff --git a/filesystem/usr/local/bin/myupgrade b/filesystem/usr/local/bin/myupgrade
index 1b39e7f..e762246 100755
--- a/filesystem/usr/local/bin/myupgrade
+++ b/filesystem/usr/local/bin/myupgrade
@@ -4,8 +4,16 @@
 
 if [ -z "$BASH_VERSION" ]; then echo "error: shell is not bash" >&2; exit 1; fi
 
-set -eE -o pipefail
-trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+source /usr/local/lib/err
+pre="${0##*/}:"
+m() { printf "$pre %s\n"  "$*"; "$@"; }
+e() { printf "$pre %s\n"  "$*"; }
+err() { echo "[$(date +'%Y-%m-%d %H:%M:%S%z')]: $pre: $*" >&2; }
+
+if [[ $EUID == 0 ]]; then
+  err "run as nonroot"
+  exit 1
+fi
 
 hn=$(hostname -f)
 source /a/bin/bash_unpublished/source-state
@@ -22,7 +30,7 @@ l /a/bin/buildscripts/rust
 l /a/bin/buildscripts/misc
 l go get -u mvdan.cc/fdroidcl
 
-cmd="$s /usr/sbin/checkrestart -p"
+cmd="sudo /usr/sbin/checkrestart -p"
 if [[ $($cmd | sed '/^Found 0 processes using old versions of upgraded files$/d' | wc -l) != 0 ]]; then
   $cmd -v | pee cat "wall -n"
 fi
@@ -35,7 +43,7 @@ if [[ -s /var/log/checkrestart.log ]]; then
   for x in {30..1}; do
     if ! fuser /var/lib/dpkg/lock &> /dev/null; then
       echo "pid $PID. unattended upgrade, rebooting now" | pee cat "wall -n"
-      /sbin/reboot
+      sudo /sbin/reboot
       exit 0
     fi
     echo "pid $PID. unattended upgrade reboot waiting 10 seconds for dpkg lock" | wall -n
diff --git a/mail-setup b/mail-setup
index f262302..ee8482d 100755
--- a/mail-setup
+++ b/mail-setup
@@ -896,7 +896,8 @@ fi
 
 # * mail monitoring / testing
 if [[ $HOSTNAME == "$MAIL_HOST" ]]; then
-  f=/usr/local/bin/send-test-forward
+  fname=send-test-forward
+  f=/usr/local/bin/$fname
   cat >$f <<'EOFOUTER'
 #!/bin/bash
 /usr/sbin/exim -t <<EOF
@@ -911,10 +912,11 @@ EOFOUTER
 
   cat >/etc/cron.d/mailtest <<EOF
 SHELL=/bin/bash
+PATH=/usr/bin:/bin:/usr/local/bin
 # running as user just because no need to run as root
-*/10 * * * *   $u $f 2>&1 | /usr/local/bin/log-once send-test-forward
-*/10 * * * *   $u /usr/local/bin/mailtest-check 2>&1 | /usr/local/bin/log-once -1 mailtest-check
-*/10 * * * *   root chmod -R g+rw /m/md/bounces 2>&1 | /usr/local/bin/log-once -1 bounces-chmod
+*/10 * * * *   $u $fname |& log-once send-test-forward
+*/10 * * * *   $u mailtest-check |& log-once -1 mailtest-check
+*/10 * * * *   root chmod -R g+rw /m/md/bounces |& log-once -1 bounces-chmod
 EOF
   m cp /a/bin/distro-setup/filesystem/usr/local/bin/mailtest-check /usr/local/bin
 else
diff --git a/offlineimap-sync b/offlineimap-sync
index 1c07702..ad779a2 100755
--- a/offlineimap-sync
+++ b/offlineimap-sync
@@ -3,7 +3,7 @@
 set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 # mail-route can get messed up a bit randomly, I don't know why.
-#/b/ds/mail-route up | /b/log-quiet/log-once -1 mail-route
+#/b/ds/mail-route up |& /b/log-quiet/log-once -1 mail-route
 
 for f in $(awk '$1 == "localfolders" {print $NF}' ~/.offlineimaprc); do
   mkdir -p $f
diff --git a/system-status b/system-status
index b3c22e4..12621cc 100755
--- a/system-status
+++ b/system-status
@@ -64,64 +64,65 @@ write-status() {
     end=true
   fi
 
+  # these conditions are so we dont have an overly verbose prompt
   if $begin && $end; then
     chars+=("DISTRO!")
   elif $begin; then
     chars+=("DISTRO-BEGIN!")
   elif $end; then
     chars+=("DISTRO-END!")
-  fi
-
-  f=~/.local/conflink
-  for _ in 1; do
-    if [[ -e $f ]]; then
-      now=$(date +%s)
-      fsec=$(stat -c%Y $f)
-      # the / 60 makes it 0-59 seconds less strict, +1 makes sure we
-      # dont have any false positives.
-      fmin=$(( (fsec - now ) / 60 + 1 ))
-      fminplus=$(( fmin + 60*24 ))
-      # Filesystem files get copied, so find any newer than the last run.
-      # The rest are hueristics:
-      # Given the last time we added a file in git, is that newer than the last conflink run.
-      # Given new files not added to git, were they modified more recently than the last conflink? but,
-      # push their modification time back by a day so we can develop them before needing to add them to git.
-
-      all_dirs=({/a/bin/ds,/p/c}{/filesystem,/machine_specific/$HOSTNAME/filesystem})
-      # This part is copied from conflink
-      for x in /p/c/machine_specific/*.hosts /a/bin/ds/machine_specific/*.hosts; do
-        if grep -qxF $HOSTNAME $x; then all_dirs+=( ${x%.hosts} ); fi
-      done
-
-      # just because i forget a lot, -mmin -NUM means files modified <= NUM minutes ago
-      if (( $(date -d "$(git log --diff-filter=ACR --format=%aD -1)" +%s) > fsec )) || \
-           [[ $(find ${all_dirs[@]} -mmin $fmin -type f -print -quit 2>/dev/null) ]]; then
-        v conflink newer git or newer filesystem files
-        chars+=("CONFLINK!")
-        break
-      fi
-
-      for d in /a/bin/distro-setup /p/c; do
-        cd $d
-        if [[ ! -e .git ]]; then
-          # some hosts i dont push all of /p/c
-          continue
-        fi
-        untracked=$(git ls-files -o --exclude-standard)
-        if [[ $untracked && $(find $untracked -mmin $fminplus -type f -print -quit) ]]; then
-          v conflink: untracked in $d
+  else
+    f=~/.local/conflink
+    for _ in 1; do
+      if [[ -e $f ]]; then
+        now=$(date +%s)
+        fsec=$(stat -c%Y $f)
+        # the / 60 makes it 0-59 seconds less strict, +1 makes sure we
+        # dont have any false positives.
+        fmin=$(( (fsec - now ) / 60 + 1 ))
+        fminplus=$(( fmin + 60*24 ))
+        # Filesystem files get copied, so find any newer than the last run.
+        # The rest are hueristics:
+        # Given the last time we added a file in git, is that newer than the last conflink run.
+        # Given new files not added to git, were they modified more recently than the last conflink? but,
+        # push their modification time back by a day so we can develop them before needing to add them to git.
+
+        all_dirs=({/a/bin/ds,/p/c}{/filesystem,/machine_specific/$HOSTNAME/filesystem})
+        # This part is copied from conflink
+        for x in /p/c/machine_specific/*.hosts /a/bin/ds/machine_specific/*.hosts; do
+          if grep -qxF $HOSTNAME $x; then all_dirs+=( ${x%.hosts} ); fi
+        done
+
+        # just because i forget a lot, -mmin -NUM means files modified <= NUM minutes ago
+        if (( $(date -d "$(git log --diff-filter=ACR --format=%aD -1)" +%s) > fsec )) || \
+             [[ $(find ${all_dirs[@]} -mmin $fmin -type f -print -quit 2>/dev/null) ]]; then
+          v conflink newer git or newer filesystem files
           chars+=("CONFLINK!")
           break
         fi
-      done
 
-    fi
-    if [[ ! -e $f || $(<$f) != 0 ]]; then
-      v conflink: last run not found or failed
-      chars+=("CONFLINK!")
-      break
-    fi
-  done
+        for d in /a/bin/distro-setup /p/c; do
+          cd $d
+          if [[ ! -e .git ]]; then
+            # some hosts i dont push all of /p/c
+            continue
+          fi
+          untracked=$(git ls-files -o --exclude-standard)
+          if [[ $untracked && $(find $untracked -mmin $fminplus -type f -print -quit) ]]; then
+            v conflink: untracked in $d
+            chars+=("CONFLINK!")
+            break
+          fi
+        done
+
+      fi
+      if [[ ! -e $f || $(<$f) != 0 ]]; then
+        v conflink: last run not found or failed
+        chars+=("CONFLINK!")
+        break
+      fi
+    done
+  fi
 
 
   ## Clean the paniclog, but only up to 4 times per day, or else we
-- 
2.30.2