From 1e817ad43e97ce74916dc344c8d4102193f6d97b Mon Sep 17 00:00:00 2001
From: Lukas Oyen <oyen@univention.de>
Date: Wed, 31 May 2017 15:05:57 +0200
Subject: [PATCH 1/5] Bug #38554: u-lib: introduce UCR
 backup/clean/{max_age,min_backups}

---
 ...ython-univention-lib.univention-config-registry-variables | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/base/univention-lib/debian/python-univention-lib.univention-config-registry-variables b/base/univention-lib/debian/python-univention-lib.univention-config-registry-variables
index b12ab98..14ac072 100644
--- a/base/univention-lib/debian/python-univention-lib.univention-config-registry-variables
+++ b/base/univention-lib/debian/python-univention-lib.univention-config-registry-variables
@@ -10,3 +10,15 @@ Mehrfache Einträge müssen durch einen Doppelpunkt getrennt werden. Ist die Var
 Description[en]=The automatic move of file shares - configurable through the variable listener/shares/rename - is only allowed for the filesystems defined here. Multiple entries need to be separated by a colon. If the variable isn't set 'ext2/ext3:ext2:ext3:ext4:xfs:btrfs' applies.
 Type=str
 Categories=service-misc
+
+[backup/clean/max_age]
+Description[en]=Automatic deletion of backup-files in /var/univention-backup/, of files older than backup/clean/max_age. If unset, no files are deleted. If less than backup/clean/min_backups backup-files exist, no files are deleted.
+Description[de]=Automatisches Löschen von Backup-Dateien in /var/univention-backup, die älter als backup/clean/max_age sind. Wenn diese Variable nicht gesetzt ist, werden keine Dateien gelöscht. Wenn weniger als backup/clean/min_backups Backup-Dateien existieren, werden keine Dateien gelöscht.
+Type=int
+Categories=service-misc
+
+[backup/clean/min_backups]
+Description[en]=Automatic deletion of backup-files in /var/univention-backup/: if backup/clean/max_age is set and less than backup/clean/min_backups backup-files exist, no files are deleted. Defaults to 10.
+Description[de]=Automatisches Löschen von Backup-Dateien in /var/univention-backup: wenn backup/clean/max_age gesetzt ist und weniger als backup/clean/min_backups Backup-Dateien existieren, werden keine Dateien gelöscht. Standardwert ist 10.
+Type=int
+Categories=service-misc
\ No newline at end of file
-- 
2.7.4


From 5af4ee0793a53bfb940db1a8c1b250eab0eeff15 Mon Sep 17 00:00:00 2001
From: Lukas Oyen <oyen@univention.de>
Date: Wed, 31 May 2017 15:45:14 +0200
Subject: [PATCH 2/5] Bug #38554: u-lib: add backup.sh: clean_old_backups

---
 base/univention-lib/shell/backup.sh | 54 +++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 base/univention-lib/shell/backup.sh

diff --git a/base/univention-lib/shell/backup.sh b/base/univention-lib/shell/backup.sh
new file mode 100644
index 0000000..ec5fb66
--- /dev/null
+++ b/base/univention-lib/shell/backup.sh
@@ -0,0 +1,54 @@
+# Univention Common Shell Library
+#
+# Copyright 2017 Univention GmbH
+#
+# http://www.univention.de/
+#
+# All rights reserved.
+#
+# The source code of this program is made available
+# under the terms of the GNU Affero General Public License version 3
+# (GNU AGPL V3) as published by the Free Software Foundation.
+#
+# Binary versions of this program provided by Univention to you as
+# well as other copyrighted, protected or trademarked materials like
+# Logos, graphics, fonts, specific documentations and configurations,
+# cryptographic keys etc. are subject to a license agreement between
+# you and Univention and not subject to the GNU AGPL V3.
+#
+# In the case you use this program under the terms of the GNU AGPL V3,
+# the program is provided in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public
+# License with the Debian GNU/Linux or Univention distribution in file
+# /usr/share/common-licenses/AGPL-3; if not, see
+# <http://www.gnu.org/licenses/>.
+
+# Clean old backups in /var/univention-backup/ that are older than
+# backup/clean/max_age, if more than backup/clean/min_backups files exist.
+# 1. parameter: a pattern to match files to delete via `find .. -regex ..`
+# 2. parameter: override backup/clean/max_age (optional)
+#
+# Example to cleanup LDAP-backups:
+# clean_old_backups 'ldap-backup_*.\(log\|ldif\)'
+clean_old_backups () {
+	local arg_pattern="$1"
+	local arg_max_age="$2"
+	[ -z "$arg_pattern" ] && return 1
+	eval "$(univention-config-registry shell backup/clean/.*)"
+
+	local backup_dir="/var/univention-backup"
+	local pattern="$backup_dir/$arg_pattern"
+	local max_age="${arg_max_age:-$backup_clean_max_age}"
+
+	if [ -n "$max_age" ]; then
+		echo find "$backup_dir" -type f -mtime "+$max_age" -regex "$pattern"
+		local count=$(find "$backup_dir" -type f -mtime "+$max_age" -regex "$pattern" | wc -l)
+		if [ "$count" -ge "${backup_clean_min_backups:-10}" ]; then
+				find "$backup_dir" -type f -mtime +"$backup_clean_max_age" -regex "$pattern" -delete
+		fi
+	fi
+}
-- 
2.7.4


From ba0ba0d5829626ea72835d319426ec20b46605ca Mon Sep 17 00:00:00 2001
From: Lukas Oyen <oyen@univention.de>
Date: Wed, 31 May 2017 15:50:21 +0200
Subject: [PATCH 3/5] Bug #38554: u-ldap: call clean_old_backups in
 u-ldap-backup

---
 management/univention-ldap/univention-ldap-backup | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/management/univention-ldap/univention-ldap-backup b/management/univention-ldap/univention-ldap-backup
index f1793bf..7815a00 100755
--- a/management/univention-ldap/univention-ldap-backup
+++ b/management/univention-ldap/univention-ldap-backup
@@ -30,6 +30,7 @@
 # /usr/share/common-licenses/AGPL-3; if not, see
 # <http://www.gnu.org/licenses/>.
 
+. /usr/share/univention-lib/backup.sh
 eval "$(univention-config-registry shell server/role)"
 
 if [ "$server_role" = "domaincontroller_master" -o "$server_role" = "domaincontroller_backup" ]; then
@@ -48,4 +49,6 @@ if [ "$server_role" = "domaincontroller_master" -o "$server_role" = "domaincontr
 		echo "LDAP could not be dumped!" >&2
 		exit 1
 	fi
+
+	clean_old_backups 'ldap-backup_.*\.\(log\|ldif\)\(\.gz\)?'
 fi
-- 
2.7.4


From d31524dfdb2cf6ce2986f3f17ec4b0280d3aeb06 Mon Sep 17 00:00:00 2001
From: Lukas Oyen <oyen@univention.de>
Date: Wed, 31 May 2017 15:53:41 +0200
Subject: [PATCH 4/5] Bug #38554: u-base-files: call clean_old_backups in
 ucr-backup

---
 base/univention-base-files/scripts/univention-config-registry-backup | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/base/univention-base-files/scripts/univention-config-registry-backup b/base/univention-base-files/scripts/univention-config-registry-backup
index 80e17f5..3dc74f9 100755
--- a/base/univention-base-files/scripts/univention-config-registry-backup
+++ b/base/univention-base-files/scripts/univention-config-registry-backup
@@ -30,6 +30,8 @@
 # /usr/share/common-licenses/AGPL-3; if not, see
 # <http://www.gnu.org/licenses/>.
 
+. /usr/share/univention-lib/backup.sh
+
 cd /etc/univention
 TARGET="/var/univention-backup/ucr-backup_$(date +%Y%m%d).tgz"
 touch "$TARGET"
@@ -37,4 +39,5 @@ chmod 600 "$TARGET"
 chown root:root "$TARGET"
 tar cfz "$TARGET" ./base*.conf
 
+clean_old_backups 'ucr-backup_.*\.tgz'
 exit 0
-- 
2.7.4


From 40986bae5567b394dec307c2cee4c586389c0393 Mon Sep 17 00:00:00 2001
From: Lukas Oyen <oyen@univention.de>
Date: Wed, 31 May 2017 16:15:28 +0200
Subject: [PATCH 5/5] Bug #38554: u-samba4: call clean_old_backups in
 u-s4-backup

If --days is specified for `univention-samba4-backup`, it is passed on to
`clean_old_backups` and overrides the UCR variable backup/clean/max_age.
---
 services/univention-samba4/sbin/univention-samba4-backup | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/services/univention-samba4/sbin/univention-samba4-backup b/services/univention-samba4/sbin/univention-samba4-backup
index c5052df..daa4cde 100755
--- a/services/univention-samba4/sbin/univention-samba4-backup
+++ b/services/univention-samba4/sbin/univention-samba4-backup
@@ -56,6 +56,8 @@
 #    - Fix retention period bug when deleting old backups ($DAYS variable
 #      could be set, but was ignored).
 
+. /usr/share/univention-lib/backup.sh
+
 display_help() {
 	cat <<-EOL
 		univention-samba4-backup: backups the samba provision directory
@@ -73,7 +75,7 @@ display_help() {
 
 FROMWHERE=/var/lib/samba
 WHERE=/var/univention-backup/samba
-DAYS=365
+DAYS=""
 DIRS="private sysvol"
 WHEN="$(date +%Y-%m-%d)"
 
@@ -169,5 +171,4 @@ for d in $DIRS; do
 	fi
 done
 
-find $WHERE -name "samba4_*bz2" -mtime +$DAYS -exec rm  {} \;
-find $WHERE -name "sysvol\.*bz2" -mtime +$DAYS -exec rm  {} \;
+clean_old_backups 'samba/\(samba4_\|sysvol\).*.bz2' "$DAYS"
-- 
2.7.4