Annotation of loncom/build/CHECKRPMS, revision 1.8
1.1 raeburn 1: #!/usr/bin/perl -w
2: #
3: # The LearningOnline Network with CAPA
4: # Checks status of RPM packages on system.
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: =pod
30:
31: =head1 NAME
32:
33: B<CHECKRPMS> - automated status report about RPMs on a system.
34:
35: =head1 DESCRIPTION
36:
37: This file automates the process of checking for available updates
38: to LON-CAPA systems. distprobe is used to determine the Linux distribution.
39:
40: The utility which is used to complete the check depends on the distro:
41:
1.8 ! raeburn 42: fedora, rhel 5/5+, centos, scientific - yum
1.1 raeburn 43: suse 9.X and sles9 - you
44: suse 10.X and sles10 - rug
45: rhel 4 - up2date
46: others - check-rpms
47:
48: Created by amalgamating previous distribution-specific CHECKRPMS.dist files (where dist was one of: fedora, rhel, suse, sles10, default).
49:
50: Must be run as root or www.
51:
52: =cut
53:
54: use strict;
55: use lib '/home/httpd/lib/perl/';
56: use LONCAPA::Configuration;
57:
58: my $tmpfile = '/tmp/CHECKRPMS.'.$$;
59: my $perlvar= LONCAPA::Configuration::read_conf('loncapa.conf');
60:
61: # Determine who we email
62: my $emailto = "$perlvar->{'lonAdmEMail'}";
63: my $subj = $perlvar->{'lonHostID'};
64:
65: # Get Linux distro
66: open(PIPE, "$perlvar->{'lonDaemons'}/distprobe |");
67: my $distro = <PIPE>;
68: close(PIPE);
69:
70: undef($perlvar);
71:
72: my $hostname = `hostname`;
73: chomp($hostname);
74: open(TMPFILE,">$tmpfile");
75: print TMPFILE localtime(time).' '.$hostname."\n";
76: close(TMPFILE);
77:
78: my ($cmd,$send,$addsubj);
79: if ($distro =~ /^fedora\d+$/) {
80: $cmd = 'yum update';
81: &prepare_msg($tmpfile,$cmd);
82: ($send,$addsubj) = &check_with_yum($tmpfile);
1.6 albertel 83: } elsif ($distro =~ /^(suse|sles)9\.?\d?$/) {
1.1 raeburn 84: $cmd = 'you';
85: &prepare_msg($tmpfile,$cmd);
86: ($send,$addsubj) = &check_with_you($tmpfile);
87: } elsif ($distro =~ /^(suse|sles)10\.?\d?$/) {
88: $cmd = 'rug up';
89: &prepare_msg($tmpfile,$cmd);
90: ($send,$addsubj) = &check_with_rug($tmpfile);
1.7 raeburn 91: } elsif ($distro =~ /^rhes(\d+)$/) {
92: my $version = $1;
93: if ($version == 4) {
94: $cmd ='up2date -u --nox';
95: &prepare_msg($tmpfile,$cmd);
96: ($send,$addsubj) = &check_with_up2date($tmpfile);
97: } elsif ($version > 4) {
98: $cmd = 'yum update';
99: &prepare_msg($tmpfile,$cmd);
100: ($send,$addsubj) = &check_with_yum($tmpfile);
101: }
1.8 ! raeburn 102: } elsif ($distro =~ /^centos\d+$/) {
! 103: $cmd = 'yum update';
! 104: &prepare_msg($tmpfile,$cmd);
! 105: ($send,$addsubj) = &check_with_yum($tmpfile);
! 106: } elsif ($distro =~ /^scientific\d+\.\d$/) {
! 107: $cmd = 'yum update';
! 108: &prepare_msg($tmpfile,$cmd);
! 109: ($send,$addsubj) = &check_with_yum($tmpfile);
1.1 raeburn 110: } else {
111: $cmd = '/usr/local/bin/check-rpms --update';
112: ($send,$addsubj) = &check_with_checkrpms($tmpfile);
113: }
114: if ($send) {
115: $subj .= $addsubj;
116: system(qq{mail -s '$subj' $emailto < $tmpfile});
117: }
118:
119: sub prepare_msg {
120: my ($tmpfile,$cmd) = @_;
121: #
122: # Put some nice text in $tmpfile
123: open(TMPFILE,">>$tmpfile");
124: print TMPFILE <<ENDHEADER;
125: Your system needs to be updated. Please execute (as root)
126:
127: $cmd
128:
129: to bring it up to date.
130:
1.5 raeburn 131: This is very important for the security of your server. The packages which need to be updated are listed below.
1.1 raeburn 132:
133: ENDHEADER
134: close(TMPFILE);
135: return;
136: }
137:
138: sub check_with_you {
139: my ($tmpfile) =@_;
140: my $you = '/usr/bin/online_update';
141: my $sendflag = 0;
142: my $append_to_subj;
143:
1.5 raeburn 144: if (open (PIPE, "$you -k -len 2>&1 |")) {
1.1 raeburn 145: my $output=<PIPE>;
146: close(PIPE);
147: chomp $output;
148: unless ($output eq 'No updates available.') {
1.5 raeburn 149: if (open (PIPE, "$you -s -d -len |grep ^INSTALL |")) {
150: my @updates = <PIPE>;
151: close(PIPE);
152: my $allpackages;
153: foreach my $line (@updates) {
154: my $package = substr($line,rindex($line,'/')+1);
155: if ($package ne '') {
156: $allpackages .= $package;
157: }
158: }
159: if ($allpackages ne '') {
160: open(TMPFILE,">>$tmpfile");
161: print TMPFILE $allpackages;
162: close(TMPFILE);
163: $sendflag = 1;
164: $append_to_subj = ' RPMS to upgrade';
165: }
166: } else {
167: $sendflag = 1;
168: $append_to_subj = ' Error running RPM update script';
169: }
1.1 raeburn 170: }
171: } else {
172: $sendflag = 1;
173: $append_to_subj = ' Error running RPM update script';
174: }
175: return ($sendflag,$append_to_subj);
176: }
177:
178: sub check_with_yum {
179: my ($tmpfile) = @_;
180: my $yum = '/usr/bin/yum';
181: my $sendflag = 0;
182: my $append_to_subj;
183:
184: #
185: # Execute yum command
186: my $command = $yum.' check-update '.'>>'.$tmpfile;
187: system($command);
188:
189: my $returnvalue = $?>>8;
190:
191: #
192: # Determine status of yum run
193: if (100 == $returnvalue) {
194: $sendflag = 1;
195: $append_to_subj = ' RPMS to upgrade';
196: } elsif (0 != $returnvalue) {
197: $sendflag = 1;
198: $append_to_subj = ' Error running RPM update script';
199: } else {
200: # yum returned 0, so everything is up to date.
201: }
202: return ($sendflag,$append_to_subj);
203: }
204:
205: sub check_with_up2date {
206: my ($tmpfile) = @_;
207: my $up2date = '/usr/bin/up2date-nox';
208: my $sendflag = 0;
209: my $append_to_subj;
210: #
211: # Execute online_update command to check for updates
212: my $up2date_error = 1;
213: if (open (PIPE, "$up2date -l 2>&1 |")) {
214: my @result=<PIPE>;
215: close(PIPE);
1.4 raeburn 216: my $output;
217: foreach my $line (@result) {
218: if ($line =~ /^The following Packages were marked to be skipped by your configuration:/) {
219: last;
220: } else {
221: $output .= $line;
222: }
223: }
1.1 raeburn 224: if (@result > 0) {
225: if ($output =~ /Fetching Obsoletes list/) {
226: $up2date_error = 0;
227: if ($output =~ /Name\s+Version\s+Rel\s+[\n\r\f]+\-+[\n\r\f]+(.+)/s) {
228: my $packagelist = $1;
1.4 raeburn 229: if ($packagelist ne '' && $packagelist !~ /^[\s\n\r\f]+$/) {
1.1 raeburn 230: open(TMPFILE,">>$tmpfile");
231: print TMPFILE $packagelist;
232: close(TMPFILE);
233: $append_to_subj = ' RPMS to upgrade';
234: $sendflag = 1;
235: }
236: }
237: }
238: }
239: }
240: if ($up2date_error) {
241: $append_to_subj = ' Error running RPM update script';
242: $sendflag = 1;
243: }
244: return ($sendflag,$append_to_subj);
245: }
246:
247: sub check_with_rug {
248: my ($tmpfile) = @_;
249: my $rug = '/usr/bin/rug';
250: my $sendflag = 0;
251: my $append_to_subj;
252: #
253: # Execute rug command to check for updates
254: if (open (PIPE, "$rug up -N 2>&1 |")) {
255: my @output=<PIPE>;
256: close(PIPE);
257: chomp(@output);
258: my @clean_output;
259: foreach my $line (@output) {
1.3 raeburn 260: if ($line =~ /^Waking\sup\sZMD\.\.\./) {
1.1 raeburn 261: next;
1.2 raeburn 262: } elsif ($line eq 'Done') {
263: next;
264: } elsif ($line eq '') {
265: next;
266: } elsif ($line eq 'The following packages will be installed:') {
267: next;
268: } elsif ($line eq 'Resolving Dependencies...') {
269: next;
270: } elsif ($line eq 'Transaction...') {
271: last;
272: } elsif ($line eq 'No updates are available.') {
1.1 raeburn 273: last;
1.5 raeburn 274: } elsif ($line eq 'Downloading Packages...') {
275: last;
1.1 raeburn 276: } else {
277: push(@clean_output,$line);
278: }
279: }
280: if (@clean_output > 0) {
281: open(TMPFILE,">>$tmpfile");
282: print TMPFILE join("\n",@clean_output);
283: close(TMPFILE);
284: $append_to_subj= ' RPMS to upgrade';
285: $sendflag = 1;
286: }
287: } else {
288: $append_to_subj = ' Error running RPM update check';
289: $sendflag = 1;
290: }
291: return ($sendflag,$append_to_subj);
292: }
293:
294: sub check_with_checkrpms {
295: my ($tmpfile,$perlvar) = @_;
296: my $checkrpms = '/usr/local/bin/check-rpms';
297: my $sendflag = 0;
298: my $append_to_subj;
299:
300: # Run Martin Seigert's checkrpms script. See
301: # See http://www.sfu.ca/acs/security/linux/check-rpms.html
302: # for more information.
303:
304: #
305: # Check that checkrpms is installed and is the proper version...
306: if (! -e $checkrpms) {
307: open(TMPFILE,">>$tmpfile");
308: print TMPFILE <<END;
309:
310: Unable to locate check-rpms on your system. Please go to
311: http://www.sfu.ca/acs/security/linux/check-rpms.html, download and
312: install check-rpms on this system.
313:
314: END
315: $append_to_subj = ' Error running RPM update check';
316: $sendflag = 1;
317: } else {
318: #
319: # Run check-rpms and capture its output
320: if (open (PIPE, "$checkrpms 2>&1 |")) {
321: my $output=<PIPE>;
322: close(PIPE);
323: if ($output ne '') {
324: $output = <<"END";
325:
326: checkrpms checked the status of the packages on your system and
327: produced the following output:
328: -------------------------------------------------------
329: $output
330: -------------------------------------------------------
331: If there are rpms which need to be installed, please log into
332: $perlvar->{'lonHostID'} and run the following command
333:
334: $checkrpms --update
335:
336: If there are kernel packages to be installed, use
337:
338: $checkrpms --update --install-kernel
339:
340: Keeping your system up to date is very important.
341: Ensuring you are using up to date software is a prerequisite for a
342: secure system.
343:
344: END
345: open(TMPFILE,">>$tmpfile");
346: print TMPFILE $output;
347: close(TMPFILE);
348: $append_to_subj = ' RPMS to upgrade';
349: $sendflag = 1;
350: }
351: }
352: }
353: return ($sendflag,$append_to_subj);
354: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to CHECKRPMS CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / build