Annotation of loncom/build/CHECKRPMS, revision 1.10
1.1 raeburn 1: #!/usr/bin/perl -w
2: #
3: # The LearningOnline Network with CAPA
4: # Checks status of RPM packages on system.
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: =pod
30:
31: =head1 NAME
32:
33: B<CHECKRPMS> - automated status report about RPMs on a system.
34:
35: =head1 DESCRIPTION
36:
37: This file automates the process of checking for available updates
38: to LON-CAPA systems. distprobe is used to determine the Linux distribution.
39:
40: The utility which is used to complete the check depends on the distro:
41:
1.8 raeburn 42: fedora, rhel 5/5+, centos, scientific - yum
1.1 raeburn 43: suse 9.X and sles9 - you
1.9 raeburn 44: suse 10.2,10.3 - zypper
45: sles10,suse10.1 - rug
1.1 raeburn 46: rhel 4 - up2date
47: others - check-rpms
48:
49: Created by amalgamating previous distribution-specific CHECKRPMS.dist files (where dist was one of: fedora, rhel, suse, sles10, default).
50:
51: Must be run as root or www.
52:
53: =cut
54:
55: use strict;
56: use lib '/home/httpd/lib/perl/';
57: use LONCAPA::Configuration;
1.10 ! raeburn 58: use Apache::loncommon();
1.1 raeburn 59:
60: my $tmpfile = '/tmp/CHECKRPMS.'.$$;
61: my $perlvar= LONCAPA::Configuration::read_conf('loncapa.conf');
62:
63: # Determine who we email
1.10 ! raeburn 64: my $defdom = $perlvar->{'lonDefDomain'};
! 65: my $origmail = $perlvar->{'lonAdmEMail'};
! 66: my $emailto = &Apache::loncommon::build_recipient_list(undef,
! 67: 'packagesmail',$defdom,$origmail);
1.1 raeburn 68: my $subj = $perlvar->{'lonHostID'};
69:
70: # Get Linux distro
71: open(PIPE, "$perlvar->{'lonDaemons'}/distprobe |");
72: my $distro = <PIPE>;
73: close(PIPE);
74:
75: undef($perlvar);
76:
77: my $hostname = `hostname`;
78: chomp($hostname);
79: open(TMPFILE,">$tmpfile");
80: print TMPFILE localtime(time).' '.$hostname."\n";
81: close(TMPFILE);
82:
83: my ($cmd,$send,$addsubj);
84: if ($distro =~ /^fedora\d+$/) {
85: $cmd = 'yum update';
86: &prepare_msg($tmpfile,$cmd);
87: ($send,$addsubj) = &check_with_yum($tmpfile);
1.6 albertel 88: } elsif ($distro =~ /^(suse|sles)9\.?\d?$/) {
1.1 raeburn 89: $cmd = 'you';
90: &prepare_msg($tmpfile,$cmd);
91: ($send,$addsubj) = &check_with_you($tmpfile);
1.9 raeburn 92: } elsif ($distro =~ /^suse10\.(\d)$/) {
93: my $version =$1;
94: if ($version > 1) {
95: $cmd = 'zypper up';
96: &prepare_msg($tmpfile,$cmd);
97: ($send,$addsubj) = &check_with_zypper($tmpfile);
98: } else {
99: $cmd = 'rug up';
100: &prepare_msg($tmpfile,$cmd);
101: ($send,$addsubj) = &check_with_rug($tmpfile);
102: }
103: } elsif ($distro =~ /^sles10$/) {
1.1 raeburn 104: $cmd = 'rug up';
105: &prepare_msg($tmpfile,$cmd);
106: ($send,$addsubj) = &check_with_rug($tmpfile);
1.7 raeburn 107: } elsif ($distro =~ /^rhes(\d+)$/) {
108: my $version = $1;
109: if ($version == 4) {
110: $cmd ='up2date -u --nox';
111: &prepare_msg($tmpfile,$cmd);
112: ($send,$addsubj) = &check_with_up2date($tmpfile);
113: } elsif ($version > 4) {
114: $cmd = 'yum update';
115: &prepare_msg($tmpfile,$cmd);
116: ($send,$addsubj) = &check_with_yum($tmpfile);
117: }
1.8 raeburn 118: } elsif ($distro =~ /^centos\d+$/) {
119: $cmd = 'yum update';
120: &prepare_msg($tmpfile,$cmd);
121: ($send,$addsubj) = &check_with_yum($tmpfile);
122: } elsif ($distro =~ /^scientific\d+\.\d$/) {
123: $cmd = 'yum update';
124: &prepare_msg($tmpfile,$cmd);
125: ($send,$addsubj) = &check_with_yum($tmpfile);
1.1 raeburn 126: } else {
127: $cmd = '/usr/local/bin/check-rpms --update';
128: ($send,$addsubj) = &check_with_checkrpms($tmpfile);
129: }
130: if ($send) {
131: $subj .= $addsubj;
1.10 ! raeburn 132: system(qq{mail -s '$subj' "$emailto" < $tmpfile});
1.1 raeburn 133: }
134:
135: sub prepare_msg {
136: my ($tmpfile,$cmd) = @_;
137: #
138: # Put some nice text in $tmpfile
139: open(TMPFILE,">>$tmpfile");
140: print TMPFILE <<ENDHEADER;
141: Your system needs to be updated. Please execute (as root)
142:
143: $cmd
144:
145: to bring it up to date.
146:
1.5 raeburn 147: This is very important for the security of your server. The packages which need to be updated are listed below.
1.1 raeburn 148:
149: ENDHEADER
150: close(TMPFILE);
151: return;
152: }
153:
154: sub check_with_you {
155: my ($tmpfile) =@_;
156: my $you = '/usr/bin/online_update';
157: my $sendflag = 0;
158: my $append_to_subj;
159:
1.5 raeburn 160: if (open (PIPE, "$you -k -len 2>&1 |")) {
1.1 raeburn 161: my $output=<PIPE>;
162: close(PIPE);
163: chomp $output;
164: unless ($output eq 'No updates available.') {
1.5 raeburn 165: if (open (PIPE, "$you -s -d -len |grep ^INSTALL |")) {
166: my @updates = <PIPE>;
167: close(PIPE);
168: my $allpackages;
169: foreach my $line (@updates) {
170: my $package = substr($line,rindex($line,'/')+1);
171: if ($package ne '') {
172: $allpackages .= $package;
173: }
174: }
175: if ($allpackages ne '') {
176: open(TMPFILE,">>$tmpfile");
177: print TMPFILE $allpackages;
178: close(TMPFILE);
179: $sendflag = 1;
180: $append_to_subj = ' RPMS to upgrade';
181: }
182: } else {
183: $sendflag = 1;
184: $append_to_subj = ' Error running RPM update script';
185: }
1.1 raeburn 186: }
187: } else {
188: $sendflag = 1;
189: $append_to_subj = ' Error running RPM update script';
190: }
191: return ($sendflag,$append_to_subj);
192: }
193:
194: sub check_with_yum {
195: my ($tmpfile) = @_;
196: my $yum = '/usr/bin/yum';
197: my $sendflag = 0;
198: my $append_to_subj;
199:
200: #
201: # Execute yum command
202: my $command = $yum.' check-update '.'>>'.$tmpfile;
203: system($command);
204:
205: my $returnvalue = $?>>8;
206:
207: #
208: # Determine status of yum run
209: if (100 == $returnvalue) {
210: $sendflag = 1;
211: $append_to_subj = ' RPMS to upgrade';
212: } elsif (0 != $returnvalue) {
213: $sendflag = 1;
214: $append_to_subj = ' Error running RPM update script';
215: } else {
216: # yum returned 0, so everything is up to date.
217: }
218: return ($sendflag,$append_to_subj);
219: }
220:
221: sub check_with_up2date {
222: my ($tmpfile) = @_;
223: my $up2date = '/usr/bin/up2date-nox';
224: my $sendflag = 0;
225: my $append_to_subj;
226: #
227: # Execute online_update command to check for updates
228: my $up2date_error = 1;
229: if (open (PIPE, "$up2date -l 2>&1 |")) {
230: my @result=<PIPE>;
231: close(PIPE);
1.4 raeburn 232: my $output;
233: foreach my $line (@result) {
234: if ($line =~ /^The following Packages were marked to be skipped by your configuration:/) {
235: last;
236: } else {
237: $output .= $line;
238: }
239: }
1.1 raeburn 240: if (@result > 0) {
241: if ($output =~ /Fetching Obsoletes list/) {
242: $up2date_error = 0;
243: if ($output =~ /Name\s+Version\s+Rel\s+[\n\r\f]+\-+[\n\r\f]+(.+)/s) {
244: my $packagelist = $1;
1.4 raeburn 245: if ($packagelist ne '' && $packagelist !~ /^[\s\n\r\f]+$/) {
1.1 raeburn 246: open(TMPFILE,">>$tmpfile");
247: print TMPFILE $packagelist;
248: close(TMPFILE);
249: $append_to_subj = ' RPMS to upgrade';
250: $sendflag = 1;
251: }
252: }
253: }
254: }
255: }
256: if ($up2date_error) {
257: $append_to_subj = ' Error running RPM update script';
258: $sendflag = 1;
259: }
260: return ($sendflag,$append_to_subj);
261: }
262:
263: sub check_with_rug {
264: my ($tmpfile) = @_;
265: my $rug = '/usr/bin/rug';
266: my $sendflag = 0;
267: my $append_to_subj;
268: #
269: # Execute rug command to check for updates
270: if (open (PIPE, "$rug up -N 2>&1 |")) {
271: my @output=<PIPE>;
272: close(PIPE);
273: chomp(@output);
274: my @clean_output;
275: foreach my $line (@output) {
1.3 raeburn 276: if ($line =~ /^Waking\sup\sZMD\.\.\./) {
1.1 raeburn 277: next;
1.2 raeburn 278: } elsif ($line eq 'Done') {
279: next;
280: } elsif ($line eq '') {
281: next;
282: } elsif ($line eq 'The following packages will be installed:') {
283: next;
284: } elsif ($line eq 'Resolving Dependencies...') {
285: next;
286: } elsif ($line eq 'Transaction...') {
287: last;
288: } elsif ($line eq 'No updates are available.') {
1.1 raeburn 289: last;
1.5 raeburn 290: } elsif ($line eq 'Downloading Packages...') {
291: last;
1.1 raeburn 292: } else {
293: push(@clean_output,$line);
294: }
295: }
296: if (@clean_output > 0) {
297: open(TMPFILE,">>$tmpfile");
298: print TMPFILE join("\n",@clean_output);
299: close(TMPFILE);
300: $append_to_subj= ' RPMS to upgrade';
301: $sendflag = 1;
302: }
303: } else {
304: $append_to_subj = ' Error running RPM update check';
305: $sendflag = 1;
306: }
307: return ($sendflag,$append_to_subj);
308: }
309:
1.9 raeburn 310: sub check_with_zypper {
311: my ($tmpfile) = @_;
312: my $zypper = '/usr/bin/zypper';
313: my $sendflag = 0;
314: my $append_to_subj;
315: my $header;
316: #
317: # Execute zypper command to check for updates
318: if (open (PIPE, "$zypper lu 2>&1 |")) {
319: my @output=<PIPE>;
320: close(PIPE);
321: chomp(@output);
322: my @clean_output;
323: foreach my $line (@output) {
324: if ($line eq 'Restoring system sources...') {
325: next;
326: } elsif ($line =~ /^Parsing\smetadata\sfor\s/) {
327: next;
328: } elsif ($line eq 'Parsing RPM database...') {
329: next;
330: } elsif ($line =~ /^Catalog\s+\|\s+Name\s+\|\s+Version\s+\|\s+Category\s+\|\s+Status$/) {
331: $header = $line."\n";
332: next;
333: } elsif ($line =~ /^[-+]+$/) {
334: $header .= $line."\n";
335: next;
336: } elsif ($line eq 'WARNING: These are only the updates affecting the updater itself.') {
337: next;
338: } elsif ($line eq 'There are others available too.') {
339: next;
340: } else {
341: push(@clean_output,$line);
342: }
343: }
344: if (@clean_output > 0) {
345: open(TMPFILE,">>$tmpfile");
346: my $message = join("\n",@clean_output);
347: print TMPFILE $header.$message;
348: close(TMPFILE);
349: $append_to_subj= ' RPMS to upgrade';
350: $sendflag = 1;
351: }
352: } else {
353: $append_to_subj = ' Error running RPM update check';
354: $sendflag = 1;
355: }
356: return ($sendflag,$append_to_subj);
357: }
358:
1.1 raeburn 359: sub check_with_checkrpms {
360: my ($tmpfile,$perlvar) = @_;
361: my $checkrpms = '/usr/local/bin/check-rpms';
362: my $sendflag = 0;
363: my $append_to_subj;
364:
365: # Run Martin Seigert's checkrpms script. See
366: # See http://www.sfu.ca/acs/security/linux/check-rpms.html
367: # for more information.
368:
369: #
370: # Check that checkrpms is installed and is the proper version...
371: if (! -e $checkrpms) {
372: open(TMPFILE,">>$tmpfile");
373: print TMPFILE <<END;
374:
375: Unable to locate check-rpms on your system. Please go to
376: http://www.sfu.ca/acs/security/linux/check-rpms.html, download and
377: install check-rpms on this system.
378:
379: END
380: $append_to_subj = ' Error running RPM update check';
381: $sendflag = 1;
382: } else {
383: #
384: # Run check-rpms and capture its output
385: if (open (PIPE, "$checkrpms 2>&1 |")) {
386: my $output=<PIPE>;
387: close(PIPE);
388: if ($output ne '') {
389: $output = <<"END";
390:
391: checkrpms checked the status of the packages on your system and
392: produced the following output:
393: -------------------------------------------------------
394: $output
395: -------------------------------------------------------
396: If there are rpms which need to be installed, please log into
397: $perlvar->{'lonHostID'} and run the following command
398:
399: $checkrpms --update
400:
401: If there are kernel packages to be installed, use
402:
403: $checkrpms --update --install-kernel
404:
405: Keeping your system up to date is very important.
406: Ensuring you are using up to date software is a prerequisite for a
407: secure system.
408:
409: END
410: open(TMPFILE,">>$tmpfile");
411: print TMPFILE $output;
412: close(TMPFILE);
413: $append_to_subj = ' RPMS to upgrade';
414: $sendflag = 1;
415: }
416: }
417: }
418: return ($sendflag,$append_to_subj);
419: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to CHECKRPMS CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / build