rbocchinfuso/retentionlock.sh Secret

## retentionlock.sh
#!/bin/bash -f
# version 2.0 - Copyright (C) 2015, fusionstorm, Inc - Jan, 2016
# Rich Bocchinfuso <mailto:rbocchinfuso@fusionstorm.com>
#
# DataDomain Retention Lock Script
#
# Create dummy data to test script with following command:  "touch {a..z}.bak"
# Check that atime was properly set with the following commands:  "ls -al --time=atime" or "stat [filename]"
#
#
# This script performs Data Domain retention lock on a specified Data Domain mount point
#
# IMPORTANT NOTE: THIS SCRIPT IS PROVIDED WITHOUT WARRANTY OR SUPPORT. FEEDBACK IS
# WELCOME, HOWEVER, IT SHOULD BE CLEARLY UNDERSTOOD THAT USE OF THIS SCRIPT
# SHOULD ONLY BE MADE AFTER AN EXPERIENCED SYS ADMIN CLEARLY UNDERSTANDS ALL STEPS IN THIS
# SCRIPT AND HAS MADE NECESSARY MODIFICATIONS AND PERFORMED SUFFICIENT TESTING TO BE
# ASSURED OF ITS PROPER OPERATION IN THEIR PARTICULAR ENVIRONMENT.
#
#
#### EDIT VARIABLES BELOW AS NECESSARY
#
retentionlock=yes # yes, says change the atime to lock the file, used to globally enable | disable retention lock
#
#### END OF VARIABLES
#
### CHANGING VARIABLES BELOW THIS LINE WILL ALTER BEHAVIOR OF THIS SCRIPT
#
intcheck="^[0-9]+$"

cprintf() {
  local code="\033["
  case "$1" in
    error  |  e) color="${code}01;31m";;
    debug  |  d) color="${code}01;33m";;
    info   |  i) color="${code}01;36m";;
    *) local text="$1"
  esac
  [ -z "$text" ] && local text="$color$2${code}0m"
  printf "$text"
}

### usage
usage () {
cprintf info "
-------------------------------------------------------------------------------
Data Domain Retention Lock Script
Sets retention lock (atime) recursively on all files in a directory tree
-------------------------------------------------------------------------------

usage:
    $(basename "$0") [-h] [-r n] [-p directory] [-c y] [-v directory] [-d y]

where:
    [ -h | --help ]  -->  show help text
    [ -r | --retentiondays n ] -->  retention lock time in days
    [ -p | --path directory ] -->  data domain target directory
    [ -c | --check y ] --> check command string
    [ -v | --viewatime rootpath ]  --> display files atime recursively form given root path
    [ -d | --debug y ] --> run in debug mode

example:
    $(basename "$0") -r 30 -p /mnt/datadomain/daily

"
exit 0
}

viewatime() {
cprintf info "\n-------------------------------------------------------------------------------\n"
cprintf info "Recusively displaying atime for all files starting at ${rootdir}\n"
cprintf info "-------------------------------------------------------------------------------\n"
find ${rootdir} -type f -follow -print | xargs ls -alh --time=atime
exit 0
}


if [ -z $1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] ; then
usage
fi

opts=`getopt -o r:p:c:d:v: --long retentiondays:,path:,check:,debug:,viewatime: -- "$@"`
eval set -- "${opts}"
while true
do
    case "$1" in
        -r|--retentiondays)
            retentiondays="$2"
            if ! [[ ${retentiondays} =~ ${intcheck} ]] ; then
                cprintf error "\nerror: retention not an integer number\n\n" >&2
                exit 1
            fi
            shift 2
         ;;
        -p|--path)
            ddpath="$2"
            if [ ! -d "${ddpath}" ]; then
                cprintf error "\nerror: path does not exist\n\n" >&2
                exit 1
            fi
            shift 2
        ;;
        -c|--check)
            check="$2"
            shift 2
        ;;
        -d|--debug)
            debug="$2"
            shift 2
        ;;
        -v|--viewatime)
            rootdir="$2"
            if [ ! -d "${rootdir}" ]; then
                cprintf error "\nerror: path does not exist\n\n" >&2
                exit 1
            fi
            shift 2
        ;;
        --)
            shift
            break
        ;;
         *)
            cprintf error "Internal error!" >&2
            exit 1
    esac
done


if [ "${debug}" = "y" ] || [ "${debug}" = "Y" ] ; then
    set -x
fi

if [ "${check}" = "y" ] || [ "${check}" = "Y" ] ; then
    cprintf info "\n### Command String Validation ###\n"
    printf "| %-20s | %-15s | %-40s\n" Command RetentionDays Path
    printf "| %-20s | %-15s | %-40s\n" $(basename "$0") ${retentiondays} ${ddpath}
    cprintf info "### Command String Validation ###\n\n"
    exit 0
fi

if [ ! -z "${rootdir}" ] ; then
    viewatime
fi

# "touch -atime <date> <file>" -- to give file a lock date
if [ ${retentionlock} = "yes" ] ; then
    retainuntil=`date '+%C%y%m%d%H%M' -d "$end_date+${retentiondays} days"`
    cprintf info "\n-------------------------------------------------------------------------------\n"
    cprintf info "Locking file(s) until ${retainuntil}\n"
    cprintf info "-------------------------------------------------------------------------------\n"
    find ${ddpath} -name "*" -mtime -2 -print -exec touch -at ${retainuntil} \{\} \;
    exit 0
else
    cprintf info "Retention lock globally disabled.  Check that RETENTIONLOCK variable is set to \"yes\""
    exit 0
fi

# Script complete
	#!/bin/bash -f
	# version 2.0 - Copyright (C) 2015, fusionstorm, Inc - Jan, 2016
	# Rich Bocchinfuso <mailto:rbocchinfuso@fusionstorm.com>
	#
	# DataDomain Retention Lock Script
	#
	# Create dummy data to test script with following command: "touch {a..z}.bak"
	# Check that atime was properly set with the following commands: "ls -al --time=atime" or "stat [filename]"
	#
	#
	# This script performs Data Domain retention lock on a specified Data Domain mount point
	#
	# IMPORTANT NOTE: THIS SCRIPT IS PROVIDED WITHOUT WARRANTY OR SUPPORT. FEEDBACK IS
	# WELCOME, HOWEVER, IT SHOULD BE CLEARLY UNDERSTOOD THAT USE OF THIS SCRIPT
	# SHOULD ONLY BE MADE AFTER AN EXPERIENCED SYS ADMIN CLEARLY UNDERSTANDS ALL STEPS IN THIS
	# SCRIPT AND HAS MADE NECESSARY MODIFICATIONS AND PERFORMED SUFFICIENT TESTING TO BE
	# ASSURED OF ITS PROPER OPERATION IN THEIR PARTICULAR ENVIRONMENT.
	#
	#
	#### EDIT VARIABLES BELOW AS NECESSARY
	#
	retentionlock=yes # yes, says change the atime to lock the file, used to globally enable \| disable retention lock
	#
	#### END OF VARIABLES
	#
	### CHANGING VARIABLES BELOW THIS LINE WILL ALTER BEHAVIOR OF THIS SCRIPT
	#
	intcheck="^[0-9]+$"

	cprintf() {
	local code="\033["
	case "$1" in
	error \| e) color="${code}01;31m";;
	debug \| d) color="${code}01;33m";;
	info \| i) color="${code}01;36m";;
	*) local text="$1"
	esac
	[ -z "$text" ] && local text="$color$2${code}0m"
	printf "$text"
	}

	### usage
	usage () {
	cprintf info "
	-------------------------------------------------------------------------------
	Data Domain Retention Lock Script
	Sets retention lock (atime) recursively on all files in a directory tree
	-------------------------------------------------------------------------------

	usage:
	$(basename "$0") [-h] [-r n] [-p directory] [-c y] [-v directory] [-d y]

	where:
	[ -h \| --help ] --> show help text
	[ -r \| --retentiondays n ] --> retention lock time in days
	[ -p \| --path directory ] --> data domain target directory
	[ -c \| --check y ] --> check command string
	[ -v \| --viewatime rootpath ] --> display files atime recursively form given root path
	[ -d \| --debug y ] --> run in debug mode

	example:
	$(basename "$0") -r 30 -p /mnt/datadomain/daily

	"
	exit 0
	}

	viewatime() {
	cprintf info "\n-------------------------------------------------------------------------------\n"
	cprintf info "Recusively displaying atime for all files starting at ${rootdir}\n"
	cprintf info "-------------------------------------------------------------------------------\n"
	find ${rootdir} -type f -follow -print \| xargs ls -alh --time=atime
	exit 0
	}


	if [ -z $1 ] \|\| [ "$1" = "-h" ] \|\| [ "$1" = "--help" ] ; then
	usage
	fi

	opts=`getopt -o r:p:c:d:v: --long retentiondays:,path:,check:,debug:,viewatime: -- "$@"`
	eval set -- "${opts}"
	while true
	do
	case "$1" in
	-r\|--retentiondays)
	retentiondays="$2"
	if ! [[ ${retentiondays} =~ ${intcheck} ]] ; then
	cprintf error "\nerror: retention not an integer number\n\n" >&2
	exit 1
	fi
	shift 2
	;;
	-p\|--path)
	ddpath="$2"
	if [ ! -d "${ddpath}" ]; then
	cprintf error "\nerror: path does not exist\n\n" >&2
	exit 1
	fi
	shift 2
	;;
	-c\|--check)
	check="$2"
	shift 2
	;;
	-d\|--debug)
	debug="$2"
	shift 2
	;;
	-v\|--viewatime)
	rootdir="$2"
	if [ ! -d "${rootdir}" ]; then
	cprintf error "\nerror: path does not exist\n\n" >&2
	exit 1
	fi
	shift 2
	;;
	--)
	shift
	break
	;;
	*)
	cprintf error "Internal error!" >&2
	exit 1
	esac
	done


	if [ "${debug}" = "y" ] \|\| [ "${debug}" = "Y" ] ; then
	set -x
	fi

	if [ "${check}" = "y" ] \|\| [ "${check}" = "Y" ] ; then
	cprintf info "\n### Command String Validation ###\n"
	printf "\| %-20s \| %-15s \| %-40s\n" Command RetentionDays Path
	printf "\| %-20s \| %-15s \| %-40s\n" $(basename "$0") ${retentiondays} ${ddpath}
	cprintf info "### Command String Validation ###\n\n"
	exit 0
	fi

	if [ ! -z "${rootdir}" ] ; then
	viewatime
	fi

	# "touch -atime <date> <file>" -- to give file a lock date
	if [ ${retentionlock} = "yes" ] ; then
	retainuntil=`date '+%C%y%m%d%H%M' -d "$end_date+${retentiondays} days"`
	cprintf info "\n-------------------------------------------------------------------------------\n"
	cprintf info "Locking file(s) until ${retainuntil}\n"
	cprintf info "-------------------------------------------------------------------------------\n"
	find ${ddpath} -name "*" -mtime -2 -print -exec touch -at ${retainuntil} \{\} \;
	exit 0
	else
	cprintf info "Retention lock globally disabled. Check that RETENTIONLOCK variable is set to \"yes\""
	exit 0
	fi

	# Script complete