|
version 1.5, 2002/09/05 18:09:54
|
version 1.19, 2004/09/01 16:28:26
|
|
Line 1
|
Line 1
|
| #!/usr/bin/perl |
#!/usr/bin/perl -w |
| |
# |
| |
# The LearningOnline Network with CAPA |
| |
# |
| |
# $Id$ |
| |
# |
| |
# Copyright Michigan State University Board of Trustees |
| |
# |
| |
# This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
| |
# |
| |
# LON-CAPA is free software; you can redistribute it and/or modify |
| |
# it under the terms of the GNU General Public License as published by |
| |
# the Free Software Foundation; either version 2 of the License, or |
| |
# (at your option) any later version. |
| |
# |
| |
# LON-CAPA is distributed in the hope that it will be useful, |
| |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
| |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| |
# GNU General Public License for more details. |
| |
# |
| |
# You should have received a copy of the GNU General Public License |
| |
# along with LON-CAPA; if not, write to the Free Software |
| |
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| |
# |
| |
# /home/httpd/html/adm/gpl.txt |
| |
# |
| |
# http://www.lon-capa.org/ |
| |
# |
| |
# (Navigate problems for statistical reports |
| |
# |
| |
|
| =pod |
=pod |
| |
|
| =head1 NAME |
=head1 NAME |
| |
|
| B<CHECKRPMS> - automated status report about RPMs on a system |
B<CHECKRPMS> - automated status report about RPMs on a system. |
| |
|
| =head1 SYNOPSIS |
|
| |
|
| ./CHECKRPMS |
|
| |
|
| or |
|
| |
|
| perl CHECKRPMS |
|
| |
|
| =head1 DESCRIPTION |
=head1 DESCRIPTION |
| |
|
| This file automates the usage of Martin Siegert's "check-rpms" |
Runs Martin Seigert's checkrpms script. See |
| script. It runs through a list of possible mirror sites |
http://www.sfu.ca/acs/security/linux/check-rpms.html for more information. |
| until it finds one with a reasonably good FTP connection. |
|
| |
|
| =head2 Future directions |
|
| |
|
| Eventually, this script may have a simple argument format |
|
| that allows the user to VIEW, DOWNLOAD, or AUTOUPDATE their |
|
| computer. Or, this script may evolve into an interactive |
|
| series of steps: For example, there may be questions like this: |
|
| |
|
| =over 4 |
|
| |
|
| =item * |
|
| |
|
| Do you want to (D)ownload or (A)utoupdate the RPMs |
|
| in the list above? |
|
| |
|
| =item * |
Must be run as root or www. |
| |
|
| Specify a download location for the RPMs |
|
| (default=/tmp/update_my_rpms/)? |
|
| |
|
| =back |
|
| |
|
| Note that there are no current plans to automate a software upgrade of the |
|
| kernel. This step should be performed by a qualified system administrator. |
|
| |
|
| =head1 AUTHOR |
|
| |
|
| Scott Harrison, sharrison@users.sourceforge.net, 2002 |
|
| |
|
| =cut |
=cut |
| |
|
| # =================================================== READ IN COMMAND ARGUMENTS |
use strict; |
| # ---------------------------------------------------- Process download option. |
use lib '/home/httpd/lib/perl/'; |
| my $download=shift(@ARGV); |
use LONCAPA::Configuration; |
| if ($download eq '--download') |
# |
| { |
# Determine who we email |
| if ($< != 0) # Download mode requires 'root'. |
my %perlvar=%{LONCAPA::Configuration::read_conf('loncapa.conf')}; |
| { |
my $emailto = "$perlvar{'lonAdmEMail'}"; |
| print('**** ERROR **** Download mode needs to be run as root'."\n"); |
my $subj=$perlvar{'lonHostID'}.' rpm status'; |
| exit(1); # Exit with error status. |
|
| } |
my $checkrpms = '/usr/local/bin/check-rpms'; |
| `rm -Rf /tmp/loncapa_rpm_updates`; |
# |
| $download='-v -dl -d /tmp/loncapa_rpm_updates'; # Part of check-rpms args. |
# Check that checkrpms is installed and is the proper version... |
| } |
my $mailmsg = ''; |
| else |
if (! -e $checkrpms) { |
| { |
$mailmsg = <<END; |
| $download=''; |
|
| } |
Unable to locate check-rpms on your system. Please go to |
| |
http://www.sfu.ca/acs/security/linux/check-rpms.html, download and |
| # =================================================== GENERAL INITIAL VARIABLES |
install check-rpms on this system. |
| # ---------------- The FTP servers (and their directory paths) to check against |
|
| my @serverpaths_to_try = |
|
| ( |
|
| 'mirror.pa.msu.edu/linux/redhat/linux/updates/', |
|
| 'rufus.w3.org/linux/redhat/linux/updates/', |
|
| 'distro.ibiblio.org/pub/linux/distributions/redhat/updates/', |
|
| 'limestone.uoregon.edu/redhat/updates/', |
|
| 'opnsrc.support.compaq.com/linux/redhat/updates.redhat.com/', |
|
| ); |
|
| |
|
| # --------------------------------------------------- Determine RedHat version. |
|
| my $RHversion = (split /\s/, `cat /etc/redhat-release`)[4]; # - 6.2 or 7.3 or ? |
|
| |
|
| # ------------------------------------------- Use check-rpms command this way. |
|
| my $checkcommand = 'check-rpms '.$download.' --rpmuser www -ftp'; |
|
| |
|
| my $FTPSERVER; # ------------------------- the server portion of the serverpath |
|
| my $FTPUPDATES; # ----------------------------- the actual update root location |
|
| my @rpms; # ---------------------------------- this will store the list of RPMs |
|
| my $goodoutput; # ------------------------------------ good stuff was returned! |
|
| my $reallygoodoutput; # ------------------------------- you are 100% up-to-date |
|
| |
|
| # ----------------------------------------- Find the check-rpms script location |
|
| if (-e './check-rpms') |
|
| { |
|
| $commandpre='perl ./'; # Use the check-rpms in the current directory. |
|
| } |
|
| elsif (-e 'loncom/build/check-rpms') |
|
| { |
|
| $commandpre='perl loncom/build/'; # Use check-rpms int he loncom/build dir. |
|
| } |
|
| else # Cannot find check-rpms, so abort. |
|
| { |
|
| die("**** ERROR **** CANNOT FIND THE check-rpms SCRIPT\n"); |
|
| } |
|
| |
|
| # Define the overall check-rpms invocation based on the path to the check-rpms |
|
| # command. |
|
| $checkcommand = $commandpre.$checkcommand; |
|
| |
|
| # ============== Go through all the servers until a decent connection is found. |
|
| # Notify user of current action. |
|
| print(<<END); |
|
| THIS SCRIPT IS NOW PROBING SEVERAL FTP SERVERS.... |
|
| PLEASE BE PATIENT, THIS MAY TAKE A FEW MINUTES. |
|
| END |
|
| |
|
| SERVERLOOP: foreach my $serverpath (@serverpaths_to_try) |
|
| { |
|
| $serverpath=~/^(.*?)\//; # Pattern match the ip name. |
|
| $FTPSERVER=$1; # Set to the ip name. |
|
| print "Trying $FTPSERVER...\n"; # Notify user of attempts with the ip name. |
|
| `ping -c 1 $FTPSERVER 2>/dev/null`; # Ping ftp server (are you out there?). |
|
| if ($?==0) # If the ftp server can be pinged. |
|
| { |
|
| print "$FTPSERVER found...\n"; # Tell user the ftp server is found. |
|
| `ncftpls ftp://$FTPSERVER`; # Try to access server with ftp protocol. |
|
| if ($?==0) # If the ftp server can be accessed with the ftp protocol. |
|
| { |
|
| $FTPUPDATES="$serverpath$RHversion/en/os"; # The full update path. |
|
| # Print the check-rpms command that will be executed. |
|
| print($checkcommand.' '.$FTPUPDATES."\n"); |
|
| if ($download) # Was CHECKRPMS run in download mode? |
|
| { |
|
| $|=1; # Try to send things immediately to stdout; err umm.... |
|
| # Tell the user about the /tmp/loncapa_rpm_updates directory. |
|
| print('**** NOTE ****'. |
|
| 'To check the status of the download, you can '. |
|
| 'periodically inspect the contents of the '. |
|
| '/tmp/loncapa_rpm_updates directory. '. |
|
| 'Please be patient; this download may take a while.'. |
|
| "\n"); |
|
| # Do the download. |
|
| print(`$checkcommand $FTPUPDATES 2>\&1`); |
|
| # Tell the user about what action they need to take with the |
|
| # downloaded RPMs. |
|
| print('You may now wish to visit the /tmp/loncapa_rpm_updates'. |
|
| ' directory and upgrade the RPMs. '."\n". |
|
| 'If this is a critical server (it is currently being'. |
|
| ' used for classes) and you do not know how to upgrade'. |
|
| ' RPMs, you should consult someone who has experience '. |
|
| 'with the "rpm" command.'."\n"); |
|
| exit(0); # Assume everything is okay and exit. |
|
| } |
|
| @rpms=`$checkcommand $FTPUPDATES 2>\&1`; # Read in list of RPMs. |
|
| # Create a text string that can be pattern matched. |
|
| my $rpmtext=join('',@rpms); |
|
| if ($rpmtext=~/You do not seem to have a/) # No www? |
|
| { |
|
| print "You do not have a 'www' user on your system.\n". |
|
| "Please add this user and try this command again.\n"; |
|
| exit(1); |
|
| } |
|
| if ($rpmtext=~/This account is currently not/) # ------------ uh-oh |
|
| { |
|
| print "...strange error, moving on ($FTPSERVER)\n"; |
|
| } |
|
| else # --------------------------------------- the output is "good" |
|
| { |
|
| $goodoutput=$rpmtext; |
|
| unless (@rpms) # If there are no RPMs to update. |
|
| { |
|
| $reallygoodoutput=<<END; |
|
| **** NOTE **** All RPMS on your system appear to be up to date. |
|
| END |
END |
| } |
|
| last SERVERLOOP; |
|
| } |
|
| } |
|
| print('...cannot establish an ftp session with '.$FTPSERVER."\n"); |
|
| } |
|
| else |
|
| { |
|
| print "...cannot find $FTPSERVER on the network\n"; |
|
| } |
|
| } |
|
| if (!$goodoutput) # If never received any useable output, assume "no server". |
|
| { |
|
| print "**** ERROR **** Cannot find a working ftp server.\n"; |
|
| exit(1); |
|
| } |
|
| elsif ($reallygoodoutput) # Everything is peachy keen and up-to-date already. |
|
| { |
|
| print $reallygoodoutput; |
|
| } |
|
| else # There are RPMs that need to be updated; show list to user. |
|
| { |
|
| my $rpmcount=scalar(@rpms); # Count up size of RPM list. |
|
| print(<<END); # Print out an advisory warning to user. |
|
| **** WARNING **** You need to update at least $rpmcount RPMS shown in |
|
| the list below. THIS IS IMPORTANT FOR SECURITY. |
|
| |
|
| END |
} |
| print $goodoutput; # Output the RPM list. |
|
| print(<<END); # Output instructions to user about taking action. |
# |
| |
# Run check-rpms and capture its output |
| |
$mailmsg = `$checkrpms`; |
| |
|
| |
# |
| |
# Email the user the output of checkrpms |
| |
if ($mailmsg ne '') { |
| |
$mailmsg =<<"END"; |
| |
checkrpms checked the status of the packages on your system and |
| |
produced the following output: |
| |
------------------------------------------------------- |
| |
$mailmsg |
| |
------------------------------------------------------- |
| |
If there are rpms which need to be installed, please log into |
| |
$perlvar{'lonHostID'} and run the following command |
| |
|
| |
$checkrpms --update |
| |
|
| |
If there are kernel packages to be installed, use |
| |
|
| |
$checkrpms --update --install-kernel |
| |
|
| |
Keeping your system up to date is very important. |
| |
Ensuring you are using up to date software is a prerequisite for a |
| |
secure system. |
| |
|
| Please visit ftp://$FTPUPDATES |
|
| and download the RPMS you need. |
|
| For instructions on working with (and upgrading) RPMS, please |
|
| visit http://www.rpm.org/max-rpm/. |
|
| To automatically download these RPMs to /tmp/loncapa_rpm_updates/, |
|
| run the CHECKRPMS command as "./CHECKRPMS --download" |
|
| END |
END |
| } |
my $mail_file = '/tmp/CHECKRPMS.'.$$; |
| |
open(MAILFILE,">$mail_file") || die("Unable to write to ".$mail_file); |
| |
print MAILFILE $mailmsg.$/; |
| |
close(MAILFILE); |
| |
my $mailcommand = "mail -s '$subj' $emailto <$mail_file"; |
| |
print STDERR $mailcommand; |
| |
system($mailcommand); |
| |
} |
| |
|
| |
exit; |
![[BACK]](/icons/back.gif){kind=icon}
Return to CHECKRPMS.default CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / build