Help with rotating files

Cacializ · November 7, 2019, 1:40pm

Hello:
I have a script that gets the ACLs of the /home directory and its contents with getfacl and writes them to a file. The script is run by a cron job and I don't want it to rewrite or append to an already existing file. The point of backing permissions up is because I may need to restore them. But I don't want to store every single created file either.

The files don't need to have a specific naming convention. In fact, I took advantage of this: I decided to name the files after the date they were created:

#!/bin/sh
readonly file="$(date +'%Y-%m-%d')"
getfacl -pR /home > "/var/acl_backups/$file"

This has the advantage that the most recent files are alphabetically greater than older ones, so I thought of putting them in the positional parameters and delete the one I didn't want to preserve. For example, if I wanted to have a maximum of 7 files in the /var/acl_backups directory:

#!/bin/sh
LC_COLLATE=C set -- [[:digit:]][[:digit:]][[:digit:]][[:digit:]]-[[:digit:]][[:digit:]]-[[:digit:]][[:digit:]]
if [ $# -ge 7 ]
then
    rm -- "$7"
fi

readonly file="$(date +'%Y-%m-%d')"
getfacl -pR /home > "/var/acl_backups/$file"

Changing the locale of LC_COLLATE may be unnecessary, but I decided to change it just to be sure it sorts numbers from 0 to 9.

My question is: is this a reliable way to rotate files? I thought of using logrotate was well, but as far as I know, it would mean that every file would have the same name except for a number at the end. If I ever need to restore them with setfacl having the date in their names is very convenient.

Thanks in advance.

RudiC · November 7, 2019, 3:01pm

Your approach might work; its ramifications aren't fully clear to me. rm ing $7 does not necessarily target the correct, intended file; with 8 files it will delete yesterday's file as they are set in an increasing order.

Why not use find with one of its -newer tests?

Cacializ · November 8, 2019, 1:28pm

Yes, if there were 8 files it would leave the oldest file intact. That's why the script makes the check before backing the ACLs up. In practice the script will use a directory where nothing else will be stored, and the first time the script is run there will be no backups. That's why I know beforehand that there won't be more than 7 files.

-newer and -cnewer compare the modification time, -anewer compares access time. -newerXY can compare the birth time, but not all systems support it. The Linux kernel introduced crtime in version 4.11, and some distros I use have an older release. Namely Debian Jessie.

What's the advantage of using find and the -newer operands rather than having a file naming convention to tell their creation time?