Annotation of loncom/build/CHECKRPMS, revision 1.6
1.1 raeburn 1: #!/usr/bin/perl -w
2: #
3: # The LearningOnline Network with CAPA
4: # Checks status of RPM packages on system.
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: =pod
30:
31: =head1 NAME
32:
33: B<CHECKRPMS> - automated status report about RPMs on a system.
34:
35: =head1 DESCRIPTION
36:
37: This file automates the process of checking for available updates
38: to LON-CAPA systems. distprobe is used to determine the Linux distribution.
39:
40: The utility which is used to complete the check depends on the distro:
41:
42: fedora - yum
43: suse 9.X and sles9 - you
44: suse 10.X and sles10 - rug
45: rhel 4 - up2date
46: others - check-rpms
47:
48: Created by amalgamating previous distribution-specific CHECKRPMS.dist files (where dist was one of: fedora, rhel, suse, sles10, default).
49:
50: Must be run as root or www.
51:
52: =cut
53:
54: use strict;
55: use lib '/home/httpd/lib/perl/';
56: use LONCAPA::Configuration;
57:
58: my $tmpfile = '/tmp/CHECKRPMS.'.$$;
59: my $perlvar= LONCAPA::Configuration::read_conf('loncapa.conf');
60:
61: # Determine who we email
62: my $emailto = "$perlvar->{'lonAdmEMail'}";
63: my $subj = $perlvar->{'lonHostID'};
64:
65: # Get Linux distro
66: open(PIPE, "$perlvar->{'lonDaemons'}/distprobe |");
67: my $distro = <PIPE>;
68: close(PIPE);
69:
70: undef($perlvar);
71:
72: my $hostname = `hostname`;
73: chomp($hostname);
74: open(TMPFILE,">$tmpfile");
75: print TMPFILE localtime(time).' '.$hostname."\n";
76: close(TMPFILE);
77:
78: my ($cmd,$send,$addsubj);
79: if ($distro =~ /^fedora\d+$/) {
80: $cmd = 'yum update';
81: &prepare_msg($tmpfile,$cmd);
82: ($send,$addsubj) = &check_with_yum($tmpfile);
1.6 ! albertel 83: } elsif ($distro =~ /^(suse|sles)9\.?\d?$/) {
1.1 raeburn 84: $cmd = 'you';
85: &prepare_msg($tmpfile,$cmd);
86: ($send,$addsubj) = &check_with_you($tmpfile);
87: } elsif ($distro =~ /^(suse|sles)10\.?\d?$/) {
88: $cmd = 'rug up';
89: &prepare_msg($tmpfile,$cmd);
90: ($send,$addsubj) = &check_with_rug($tmpfile);
91: } elsif ($distro =~ /^rhes4$/) {
92: $cmd ='up2date -u --nox';
93: &prepare_msg($tmpfile,$cmd);
94: ($send,$addsubj) = &check_with_up2date($tmpfile);
95: } else {
96: $cmd = '/usr/local/bin/check-rpms --update';
97: ($send,$addsubj) = &check_with_checkrpms($tmpfile);
98: }
99: if ($send) {
100: $subj .= $addsubj;
101: system(qq{mail -s '$subj' $emailto < $tmpfile});
102: }
103:
104: sub prepare_msg {
105: my ($tmpfile,$cmd) = @_;
106: #
107: # Put some nice text in $tmpfile
108: open(TMPFILE,">>$tmpfile");
109: print TMPFILE <<ENDHEADER;
110: Your system needs to be updated. Please execute (as root)
111:
112: $cmd
113:
114: to bring it up to date.
115:
1.5 raeburn 116: This is very important for the security of your server. The packages which need to be updated are listed below.
1.1 raeburn 117:
118: ENDHEADER
119: close(TMPFILE);
120: return;
121: }
122:
123: sub check_with_you {
124: my ($tmpfile) =@_;
125: my $you = '/usr/bin/online_update';
126: my $sendflag = 0;
127: my $append_to_subj;
128:
1.5 raeburn 129: if (open (PIPE, "$you -k -len 2>&1 |")) {
1.1 raeburn 130: my $output=<PIPE>;
131: close(PIPE);
132: chomp $output;
133: unless ($output eq 'No updates available.') {
1.5 raeburn 134: if (open (PIPE, "$you -s -d -len |grep ^INSTALL |")) {
135: my @updates = <PIPE>;
136: close(PIPE);
137: my $allpackages;
138: foreach my $line (@updates) {
139: my $package = substr($line,rindex($line,'/')+1);
140: if ($package ne '') {
141: $allpackages .= $package;
142: }
143: }
144: if ($allpackages ne '') {
145: open(TMPFILE,">>$tmpfile");
146: print TMPFILE $allpackages;
147: close(TMPFILE);
148: $sendflag = 1;
149: $append_to_subj = ' RPMS to upgrade';
150: }
151: } else {
152: $sendflag = 1;
153: $append_to_subj = ' Error running RPM update script';
154: }
1.1 raeburn 155: }
156: } else {
157: $sendflag = 1;
158: $append_to_subj = ' Error running RPM update script';
159: }
160: return ($sendflag,$append_to_subj);
161: }
162:
163: sub check_with_yum {
164: my ($tmpfile) = @_;
165: my $yum = '/usr/bin/yum';
166: my $sendflag = 0;
167: my $append_to_subj;
168:
169: #
170: # Execute yum command
171: my $command = $yum.' check-update '.'>>'.$tmpfile;
172: system($command);
173:
174: my $returnvalue = $?>>8;
175:
176: #
177: # Determine status of yum run
178: if (100 == $returnvalue) {
179: $sendflag = 1;
180: $append_to_subj = ' RPMS to upgrade';
181: } elsif (0 != $returnvalue) {
182: $sendflag = 1;
183: $append_to_subj = ' Error running RPM update script';
184: } else {
185: # yum returned 0, so everything is up to date.
186: }
187: return ($sendflag,$append_to_subj);
188: }
189:
190: sub check_with_up2date {
191: my ($tmpfile) = @_;
192: my $up2date = '/usr/bin/up2date-nox';
193: my $sendflag = 0;
194: my $append_to_subj;
195: #
196: # Execute online_update command to check for updates
197: my $up2date_error = 1;
198: if (open (PIPE, "$up2date -l 2>&1 |")) {
199: my @result=<PIPE>;
200: close(PIPE);
1.4 raeburn 201: my $output;
202: foreach my $line (@result) {
203: if ($line =~ /^The following Packages were marked to be skipped by your configuration:/) {
204: last;
205: } else {
206: $output .= $line;
207: }
208: }
1.1 raeburn 209: if (@result > 0) {
210: if ($output =~ /Fetching Obsoletes list/) {
211: $up2date_error = 0;
212: if ($output =~ /Name\s+Version\s+Rel\s+[\n\r\f]+\-+[\n\r\f]+(.+)/s) {
213: my $packagelist = $1;
1.4 raeburn 214: if ($packagelist ne '' && $packagelist !~ /^[\s\n\r\f]+$/) {
1.1 raeburn 215: open(TMPFILE,">>$tmpfile");
216: print TMPFILE $packagelist;
217: close(TMPFILE);
218: $append_to_subj = ' RPMS to upgrade';
219: $sendflag = 1;
220: }
221: }
222: }
223: }
224: }
225: if ($up2date_error) {
226: $append_to_subj = ' Error running RPM update script';
227: $sendflag = 1;
228: }
229: return ($sendflag,$append_to_subj);
230: }
231:
232: sub check_with_rug {
233: my ($tmpfile) = @_;
234: my $rug = '/usr/bin/rug';
235: my $sendflag = 0;
236: my $append_to_subj;
237: #
238: # Execute rug command to check for updates
239: if (open (PIPE, "$rug up -N 2>&1 |")) {
240: my @output=<PIPE>;
241: close(PIPE);
242: chomp(@output);
243: my @clean_output;
244: foreach my $line (@output) {
1.3 raeburn 245: if ($line =~ /^Waking\sup\sZMD\.\.\./) {
1.1 raeburn 246: next;
1.2 raeburn 247: } elsif ($line eq 'Done') {
248: next;
249: } elsif ($line eq '') {
250: next;
251: } elsif ($line eq 'The following packages will be installed:') {
252: next;
253: } elsif ($line eq 'Resolving Dependencies...') {
254: next;
255: } elsif ($line eq 'Transaction...') {
256: last;
257: } elsif ($line eq 'No updates are available.') {
1.1 raeburn 258: last;
1.5 raeburn 259: } elsif ($line eq 'Downloading Packages...') {
260: last;
1.1 raeburn 261: } else {
262: push(@clean_output,$line);
263: }
264: }
265: if (@clean_output > 0) {
266: open(TMPFILE,">>$tmpfile");
267: print TMPFILE join("\n",@clean_output);
268: close(TMPFILE);
269: $append_to_subj= ' RPMS to upgrade';
270: $sendflag = 1;
271: }
272: } else {
273: $append_to_subj = ' Error running RPM update check';
274: $sendflag = 1;
275: }
276: return ($sendflag,$append_to_subj);
277: }
278:
279: sub check_with_checkrpms {
280: my ($tmpfile,$perlvar) = @_;
281: my $checkrpms = '/usr/local/bin/check-rpms';
282: my $sendflag = 0;
283: my $append_to_subj;
284:
285: # Run Martin Seigert's checkrpms script. See
286: # See http://www.sfu.ca/acs/security/linux/check-rpms.html
287: # for more information.
288:
289: #
290: # Check that checkrpms is installed and is the proper version...
291: if (! -e $checkrpms) {
292: open(TMPFILE,">>$tmpfile");
293: print TMPFILE <<END;
294:
295: Unable to locate check-rpms on your system. Please go to
296: http://www.sfu.ca/acs/security/linux/check-rpms.html, download and
297: install check-rpms on this system.
298:
299: END
300: $append_to_subj = ' Error running RPM update check';
301: $sendflag = 1;
302: } else {
303: #
304: # Run check-rpms and capture its output
305: if (open (PIPE, "$checkrpms 2>&1 |")) {
306: my $output=<PIPE>;
307: close(PIPE);
308: if ($output ne '') {
309: $output = <<"END";
310:
311: checkrpms checked the status of the packages on your system and
312: produced the following output:
313: -------------------------------------------------------
314: $output
315: -------------------------------------------------------
316: If there are rpms which need to be installed, please log into
317: $perlvar->{'lonHostID'} and run the following command
318:
319: $checkrpms --update
320:
321: If there are kernel packages to be installed, use
322:
323: $checkrpms --update --install-kernel
324:
325: Keeping your system up to date is very important.
326: Ensuring you are using up to date software is a prerequisite for a
327: secure system.
328:
329: END
330: open(TMPFILE,">>$tmpfile");
331: print TMPFILE $output;
332: close(TMPFILE);
333: $append_to_subj = ' RPMS to upgrade';
334: $sendflag = 1;
335: }
336: }
337: }
338: return ($sendflag,$append_to_subj);
339: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to CHECKRPMS CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / build