From b6c71b5d2bb4e001e82b126b1b5366d1bab01b8a Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Thu, 17 Jan 2019 11:36:21 +0100 Subject: [PATCH 1/3] rebasing --- suse.de-online-update | 212 +++++++++++++++++++++++++++++------------- 1 file changed, 145 insertions(+), 67 deletions(-) diff --git a/suse.de-online-update b/suse.de-online-update index d17e9cc..85910ff 100644 --- a/suse.de-online-update +++ b/suse.de-online-update @@ -1,9 +1,39 @@ #!/bin/bash +# # General update script for (open)SUSE hosts +# +# Copyright (C) 2008-2010, Novell, Inc. +# Copyright (C) 2011-2014, SUSE Linux Products GmbH +# Copyright (C) 2015- SUSE Linux GmbH # Author: Lars Vogdt -# BSD4 License # -# $Id$ +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# * Neither the name of the Novell nor the names of its contributors may be +# used to endorse or promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. # PATH=/bin:/usr/bin:/sbin:/usr/sbin @@ -22,85 +52,133 @@ LOGDIR=$(dirname "$LOGFILE") LOGNAME='suse-online-update' HOST=$(hostname -s) FQHOSTNAME=$(hostname -f) +RUN_CLEANUP='yes' +CLEANUP_USER='' + +function cleanup(){ + find /tmp -maxdepth 1 -name "zypp-online-update1-*" -size 0 -type f -user root -delete 2>/dev/null + find /var/tmp/ -maxdepth 1 -type d -name "TmpDir.*" $CLEAN_USR -exec rm -rf {} \; 2>/dev/null + find /var/tmp/ -maxdepth 1 -type d -name "zypp.*" $CLEAN_USR -exec rm -rf {} \; 2>/dev/null +} function cleanup_and_exit(){ - test -n "$TMPFILE" -a -f "$TMPFILE" && rm "$TMPFILE" - test -n "$LOG" -a -f "$LOG" && rm "$LOG" - find /tmp -maxdepth 1 -name "zypp-online-update1-*" -size 0 -type f -user root -delete 2>/dev/null - find /var/tmp/ -maxdepth 1 -type d -name "TmpDir.*" -user nagios -exec rm -rf {} \; 2>/dev/null - find /var/tmp/ -maxdepth 1 -type d -name "zypp.*" -user nagios -exec rm -rf {} \; 2>/dev/null - exit $1 + test -n "$TMPFILE" -a -f "$TMPFILE" && rm "$TMPFILE" + test -n "$LOG" -a -f "$LOG" && rm "$LOG" + case "$RUN_CLEANUP" in + [yY]*) cleanup + ;; + esac + exit $1 } trap cleanup_and_exit 0 1 2 3 7 13 15 function LOG(){ - local MESSAGE="$1" - local LOG_DATE=$(date "+%b %d %H:%M:%S") - if [ -z "$LOGFILE" ]; then - echo "ERROR: LOGFILE is not defined" | $MAILX -s "[$LOGNAME] error on $FQHOSTNAME" $EMAIL - cleanup_and_exit 1 - fi - if [ ! -d "$LOGDIR" ]; then - mkdir -p "$LOGDIR" || exit 1 - echo "$LOG_DATE $HOST $LOGNAME[$$]: function LOG created $LOGDIR" > "$LOGFILE" - fi - echo "$LOG_DATE $HOST $LOGNAME[$$]: $MESSAGE" >> $LOGFILE - if [ "$DEBUG" = "yes" ]; then - echo "DEBUG: $MESSAGE" - fi + local MESSAGE="$1" + local LOG_DATE=$(date "+%b %d %H:%M:%S") + echo "$LOG_DATE $HOST $LOGNAME[$$]: $MESSAGE" >> $LOGFILE + if [ "$DEBUG" = "yes" ]; then + echo "DEBUG: $MESSAGE" + fi +} + +function usage(){ + echo "Usage: $0 [OPTION]" + echo + echo " -e : send error messages to this Email address (default: $EMAIL)" + echo " -f : use as configuration file (default: $DISTCONFIG)" + echo " -l : use as log file (default: $LOGFILE)" + echo " -c : run cleanup (default: $RUN_CLEANUP)" + echo " -p : run the permission scripts (like 'chkstat') after update (default: $FIX_PERMISSIONS)" + echo " -h : print this help" + echo } +while getopts 'e:f:l:cph' OPT; do + case "$OPT" in + e) EMAIL="$OPTARG" + ;; + f) DISTCONFIG="$OPTARG" + ;; + l) LOGFILE="$OPTARG" + ;; + c) RUN_CLEANUP='yes' + ;; + p) FIX_PERMISSIONS='yes' + ;; + h) usage; exit 0; + ;; + esac +done +shift $(( OPTIND - 1 )) # source our config if [ -f "$DISTCONFIG" ]; then - . "$DISTCONFIG" + . "$DISTCONFIG" +else + echo "$DISTCONFIG not found - using defaults" >&2 + if [ -w "$LOGFILE" ]; then LOG "$DISTCONFIG not found - using defaults"; fi +fi +if [ -z "$LOGFILE" ]; then + echo "ERROR: LOGFILE is not defined" | $MAILX -s "[$LOGNAME] error on $FQHOSTNAME" $EMAIL + cleanup_and_exit 1 +fi +if [ ! -d "$LOGDIR" ]; then + mkdir -p "$LOGDIR" || exit 1 + touch "$LOGFILE" || { echo "Could not create $LOGFILE"; cleanup_and_exit 1; } + echo "$LOG_DATE $HOST $LOGNAME[$$]: function LOG created $LOGDIR" > "$LOGFILE" +fi +if [ ! -w "$LOGFILE" ]; then + echo "Could not write to $LOGFILE - please fix" >&2 + cleanup_and_exit 1 +fi +if [ -n "$CLEANUP_USER" ]; then + CLEAN_USR='' else - echo "$DISTCONFIG not found - using defaults" >&2 - LOG "$DISTCONFIG not found - using defaults" + CLEAN_USR="-user $CLEANUP_USER" fi case "$START_UPDATE" in - [yY]*) - TMPFILE=$(mktemp /tmp/zypp-online-update1-XXXXXX) - LOG=$(mktemp /tmp/zypp-online-update2-XXXXXX) - LOG "Starting online-update" - if [ -x /usr/bin/zypper ]; then # SLES10 SP2 - zypper --non-interactive --terse up --no-confirm -t patch --skip-interactive 2>"$TMPFILE" 1>/dev/null - grep -v ^Restoring "$TMPFILE" | grep -v ^Loading | grep -v ^Parsing | grep -v ^Summary: | grep -v ^Nothing > "$LOG" - elif [ -x /usr/bin/online_update ]; then # old SLES9 host - # looks like SLES 9 has no option to skip interactive patches - # so normally, we run only a check and don't install anything. - # If you like to change this, remove the "--dry-run" option. - online_update --check --dry-run >&2 >"$TMPFILE" - grep -v "^No updates" "$TMPFILE" > "$LOG" - else - LOG "Binary for installing updates not found" - echo "Binary for installing updates not found" >&2 - cleanup_and_exit 1 - fi - if [ -s "$LOG" ]; then - cat "$LOG" >> "$LOGFILE" - case "$FIX_PERMISSIONS" in - [yY]*) - if [ -x /usr/bin/chkstat ]; then - LOG "Running /usr/bin/chkstat --system --set" - /usr/bin/chkstat --system --set >/dev/null - elif [ -x /sbin/SuSEconfig ]; then - LOG "Running /sbin/SuSEconfig --module permissions" - /sbin/SuSEconfig --module permissions >/dev/null - else - LOG "Could not check/set permissions - binary not found" - echo "Could not check/set permissions - binary not found" >&2 - cleanup_and_exit 1 - fi - esac - else - LOG "Finished - no updates" - fi - cleanup_and_exit 0 - ;; - *) - cleanup_and_exit 0 - ;; + [yY]*) + TMPFILE=$(mktemp /tmp/zypp-online-update1-XXXXXX) + LOG=$(mktemp /tmp/zypp-online-update2-XXXXXX) + LOG "Starting online-update" + if [ -x /usr/bin/zypper ]; then # SLES10 SP2 + zypper --non-interactive --terse up --no-confirm -t patch --skip-interactive 2>"$TMPFILE" 1>/dev/null + grep -v ^Restoring "$TMPFILE" | grep -v ^Loading | grep -v ^Parsing | grep -v ^Summary: | grep -v ^Nothing > "$LOG" + elif [ -x /usr/bin/online_update ]; then # old SLES9 host + # looks like SLES 9 has no option to skip interactive patches + # so normally, we run only a check and don't install anything. + # If you like to change this, remove the "--dry-run" option. + online_update --check --dry-run >&2 >"$TMPFILE" + grep -v "^No updates" "$TMPFILE" > "$LOG" + else + LOG "Binary for installing updates not found" + echo "Binary for installing updates not found" >&2 + cleanup_and_exit 1 + fi + if [ -s "$LOG" ]; then + cat "$LOG" >> "$LOGFILE" + case "$FIX_PERMISSIONS" in + [yY]*) + if [ -x /usr/bin/chkstat ]; then + LOG "Running /usr/bin/chkstat --system --set" + /usr/bin/chkstat --system --set >/dev/null 2>>"$LOG" + elif [ -x /sbin/SuSEconfig ]; then + LOG "Running /sbin/SuSEconfig --module permissions" + /sbin/SuSEconfig --module permissions >/dev/null 2>>"$LOG" + else + LOG "Could not check/set permissions - binary not found" + echo "Could not check/set permissions - binary not found" >&2 + cleanup_and_exit 1 + fi + esac + else + LOG "Finished - no updates" + fi + cleanup_and_exit 0 + ;; + *) + cleanup_and_exit 0 + ;; esac cleanup_and_exit 0 From 3c482958d234def3c230e7d38c57a9bc9ac99595 Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Thu, 17 Jan 2019 11:36:50 +0100 Subject: [PATCH 2/3] - initial man page --- suse-online-update.man8 | 61 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 suse-online-update.man8 diff --git a/suse-online-update.man8 b/suse-online-update.man8 new file mode 100644 index 0000000..dc6c927 --- /dev/null +++ b/suse-online-update.man8 @@ -0,0 +1,61 @@ +.\" Contact lars@linux-schulserver.de +.TH "suse-online-update" "8" "2019-01-17" "Lars Vogdt" "suse-online-update" +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.ss \n[.ss] 0 +.nh +.ad l +.de URL +\\$2 \(laURL: \\$1 \(ra\\$3 +.. +.if \n[.g] .mso www.tmac +.LINKSTYLE blue R +.SH "NAME" +suse-online-update \- SUSE online update script +.SH "SYNOPSIS" +.sp +\fBsuse-online-update\fP [\fIoptions\fP] +.SH DESCRIPTION +This is a simple wrapper script around zypper or other system-management +software for installing updates automatically which doesn't require any +interaction. +.SH OPTIONS +You can find the options for this script in /etc/sysconfig/suse-online-update +.RE +.SS "Command line options:" +.sp +\fB\-e\fP\ your@mail +.RS 4 +send error messages to this Email address (default: root@localhost) +.RE +.sp +\fB\-f\fP /path/to/file +.RS 4 +use as configuration file (default: /etc/sysconfig/suse-online-update) +.RE +.sp +\fB\-l\fP /path/to/file +.RS 4 +use as log file (default: /var/log/systemupdate.log) +.RE +.sp +\fB\-c\fP +.RS 4 +run cleanup (default: yes) +.RE +.sp +\fB\-p\fP +.RS 4 +run the permission scripts (like 'chkstat') after update (default: yes) +.RE +.SH BUGS +No known bugs so far, please report any issue here: +.sp +.URL "https://github.com/lrupp/suse-online-update/issues" "" "" +.SH "HOMEPAGE" +.sp +.URL "https://github.com/lrupp/suse-online-update" "" "" +.SH AUTHOR +Lars Vogdt +.SH SEE ALSO +zypper(8), mail(1) From 6dedad90573a7cca65f7d7e870535f7d0e918728 Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Thu, 17 Jan 2019 11:37:52 +0100 Subject: [PATCH 3/3] - initial service and timer files --- suse-online-update.service | 7 +++++++ suse-online-update.sysconfig | 30 +++++++++++++++++++++++++++--- suse-online-update.timer | 10 ++++++++++ 3 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 suse-online-update.service create mode 100644 suse-online-update.timer diff --git a/suse-online-update.service b/suse-online-update.service new file mode 100644 index 0000000..51645dc --- /dev/null +++ b/suse-online-update.service @@ -0,0 +1,7 @@ +[Unit] +Description=Install non-interactive updates +ConditionACPower=true + +[Service] +Type=oneshot +ExecStart=/usr/sbin/suse-online-update diff --git a/suse-online-update.sysconfig b/suse-online-update.sysconfig index 565dad6..8d6e6e1 100644 --- a/suse-online-update.sysconfig +++ b/suse-online-update.sysconfig @@ -5,21 +5,21 @@ # # Start automatic online update script. # -START_UPDATE="yes" +START_UPDATE='yes' ## Type: string ## Default: root@localhost # # Email address to send errors. # -EMAIL="root@localhost" +EMAIL='root@localhost' ## Type: string ## Default: /var/log/systemupdate # # Logfile # -LOGFILE="/var/log/systemupdate.log" +LOGFILE='/var/log/systemupdate.log' ## Type: yesno ## Default: yes @@ -29,3 +29,27 @@ LOGFILE="/var/log/systemupdate.log" # (uses chkstat on newer or SuSEconfig on older systems) # FIX_PERMISSIONS='yes' + +## Type: yesno +## Default: yes +# +# Cleanup some left overs from former (zypper) runs in /tmp and /var/tmp. +# +# Especially the following directories: +# - /tmp/zypp-online-update1-* +# - /var/tmp/TmpDir.* +# - /var/tmp/zypp.* +# +RUN_CLEANUP='yes' + +## Type: string +## Default: nagios +# +# As the mentioned directories in /var/tmp/ normally belong to the user that +# executed zypper, the files can belong to any known user. +# To avoid cleaning too much, you can limit this to a specific user, so only +# the directories belonging to this user will be deleted. If you are sure that +# the script should delete all directories with the names given for the RUN_CLEANUP +# variable, use leave this value empty. +# +CLEANUP_USER='nagios' diff --git a/suse-online-update.timer b/suse-online-update.timer new file mode 100644 index 0000000..4e646bb --- /dev/null +++ b/suse-online-update.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Daily non-interactive online update + +[Timer] +OnCalendar=daily +AccuracySec=24h +Persistent=true + +[Install] +WantedBy=timers.target