loncom/build/CHECKRPMS - view

File: [LON-CAPA] / loncom / build / CHECKRPMS
Revision 1.8: download - view: text, annotated - select for diffs
Thu Jun 28 13:30:06 2007 UTC (16 years, 11 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_5_1, version_2_5_0, version_2_4_X, version_2_4_99_0, version_2_4_2, HEAD

Include CentOS and Scientific Linux as supported distros.

1: #!/usr/bin/perl -w 2: # 3: # The LearningOnline Network with CAPA 4: # Checks status of RPM packages on system. 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: 29: =pod 30: 31: =head1 NAME 32: 33: B<CHECKRPMS> - automated status report about RPMs on a system. 34: 35: =head1 DESCRIPTION 36: 37: This file automates the process of checking for available updates 38: to LON-CAPA systems. distprobe is used to determine the Linux distribution. 39: 40: The utility which is used to complete the check depends on the distro: 41: 42: fedora, rhel 5/5+, centos, scientific - yum 43: suse 9.X and sles9 - you 44: suse 10.X and sles10 - rug 45: rhel 4 - up2date 46: others - check-rpms 47: 48: Created by amalgamating previous distribution-specific CHECKRPMS.dist files (where dist was one of: fedora, rhel, suse, sles10, default). 49: 50: Must be run as root or www. 51: 52: =cut 53: 54: use strict; 55: use lib '/home/httpd/lib/perl/'; 56: use LONCAPA::Configuration; 57: 58: my $tmpfile = '/tmp/CHECKRPMS.'.$$; 59: my $perlvar= LONCAPA::Configuration::read_conf('loncapa.conf'); 60: 61: # Determine who we email 62: my $emailto = "$perlvar->{'lonAdmEMail'}"; 63: my $subj = $perlvar->{'lonHostID'}; 64: 65: # Get Linux distro 66: open(PIPE, "$perlvar->{'lonDaemons'}/distprobe |"); 67: my $distro = <PIPE>; 68: close(PIPE); 69: 70: undef($perlvar); 71: 72: my $hostname = `hostname`; 73: chomp($hostname); 74: open(TMPFILE,">$tmpfile"); 75: print TMPFILE localtime(time).' '.$hostname."\n"; 76: close(TMPFILE); 77: 78: my ($cmd,$send,$addsubj); 79: if ($distro =~ /^fedora\d+$/) { 80: $cmd = 'yum update'; 81: &prepare_msg($tmpfile,$cmd); 82: ($send,$addsubj) = &check_with_yum($tmpfile); 83: } elsif ($distro =~ /^(suse|sles)9\.?\d?$/) { 84: $cmd = 'you'; 85: &prepare_msg($tmpfile,$cmd); 86: ($send,$addsubj) = &check_with_you($tmpfile); 87: } elsif ($distro =~ /^(suse|sles)10\.?\d?$/) { 88: $cmd = 'rug up'; 89: &prepare_msg($tmpfile,$cmd); 90: ($send,$addsubj) = &check_with_rug($tmpfile); 91: } elsif ($distro =~ /^rhes(\d+)$/) { 92: my $version = $1; 93: if ($version == 4) { 94: $cmd ='up2date -u --nox'; 95: &prepare_msg($tmpfile,$cmd); 96: ($send,$addsubj) = &check_with_up2date($tmpfile); 97: } elsif ($version > 4) { 98: $cmd = 'yum update'; 99: &prepare_msg($tmpfile,$cmd); 100: ($send,$addsubj) = &check_with_yum($tmpfile); 101: } 102: } elsif ($distro =~ /^centos\d+$/) { 103: $cmd = 'yum update'; 104: &prepare_msg($tmpfile,$cmd); 105: ($send,$addsubj) = &check_with_yum($tmpfile); 106: } elsif ($distro =~ /^scientific\d+\.\d$/) { 107: $cmd = 'yum update'; 108: &prepare_msg($tmpfile,$cmd); 109: ($send,$addsubj) = &check_with_yum($tmpfile); 110: } else { 111: $cmd = '/usr/local/bin/check-rpms --update'; 112: ($send,$addsubj) = &check_with_checkrpms($tmpfile); 113: } 114: if ($send) { 115: $subj .= $addsubj; 116: system(qq{mail -s '$subj' $emailto < $tmpfile}); 117: } 118: 119: sub prepare_msg { 120: my ($tmpfile,$cmd) = @_; 121: # 122: # Put some nice text in $tmpfile 123: open(TMPFILE,">>$tmpfile"); 124: print TMPFILE <<ENDHEADER; 125: Your system needs to be updated. Please execute (as root) 126: 127: $cmd 128: 129: to bring it up to date. 130: 131: This is very important for the security of your server. The packages which need to be updated are listed below. 132: 133: ENDHEADER 134: close(TMPFILE); 135: return; 136: } 137: 138: sub check_with_you { 139: my ($tmpfile) =@_; 140: my $you = '/usr/bin/online_update'; 141: my $sendflag = 0; 142: my $append_to_subj; 143: 144: if (open (PIPE, "$you -k -len 2>&1 |")) { 145: my $output=<PIPE>; 146: close(PIPE); 147: chomp $output; 148: unless ($output eq 'No updates available.') { 149: if (open (PIPE, "$you -s -d -len |grep ^INSTALL |")) { 150: my @updates = <PIPE>; 151: close(PIPE); 152: my $allpackages; 153: foreach my $line (@updates) { 154: my $package = substr($line,rindex($line,'/')+1); 155: if ($package ne '') { 156: $allpackages .= $package; 157: } 158: } 159: if ($allpackages ne '') { 160: open(TMPFILE,">>$tmpfile"); 161: print TMPFILE $allpackages; 162: close(TMPFILE); 163: $sendflag = 1; 164: $append_to_subj = ' RPMS to upgrade'; 165: } 166: } else { 167: $sendflag = 1; 168: $append_to_subj = ' Error running RPM update script'; 169: } 170: } 171: } else { 172: $sendflag = 1; 173: $append_to_subj = ' Error running RPM update script'; 174: } 175: return ($sendflag,$append_to_subj); 176: } 177: 178: sub check_with_yum { 179: my ($tmpfile) = @_; 180: my $yum = '/usr/bin/yum'; 181: my $sendflag = 0; 182: my $append_to_subj; 183: 184: # 185: # Execute yum command 186: my $command = $yum.' check-update '.'>>'.$tmpfile; 187: system($command); 188: 189: my $returnvalue = $?>>8; 190: 191: # 192: # Determine status of yum run 193: if (100 == $returnvalue) { 194: $sendflag = 1; 195: $append_to_subj = ' RPMS to upgrade'; 196: } elsif (0 != $returnvalue) { 197: $sendflag = 1; 198: $append_to_subj = ' Error running RPM update script'; 199: } else { 200: # yum returned 0, so everything is up to date. 201: } 202: return ($sendflag,$append_to_subj); 203: } 204: 205: sub check_with_up2date { 206: my ($tmpfile) = @_; 207: my $up2date = '/usr/bin/up2date-nox'; 208: my $sendflag = 0; 209: my $append_to_subj; 210: # 211: # Execute online_update command to check for updates 212: my $up2date_error = 1; 213: if (open (PIPE, "$up2date -l 2>&1 |")) { 214: my @result=<PIPE>; 215: close(PIPE); 216: my $output; 217: foreach my $line (@result) { 218: if ($line =~ /^The following Packages were marked to be skipped by your configuration:/) { 219: last; 220: } else { 221: $output .= $line; 222: } 223: } 224: if (@result > 0) { 225: if ($output =~ /Fetching Obsoletes list/) { 226: $up2date_error = 0; 227: if ($output =~ /Name\s+Version\s+Rel\s+[\n\r\f]+\-+[\n\r\f]+(.+)/s) { 228: my $packagelist = $1; 229: if ($packagelist ne '' && $packagelist !~ /^[\s\n\r\f]+$/) { 230: open(TMPFILE,">>$tmpfile"); 231: print TMPFILE $packagelist; 232: close(TMPFILE); 233: $append_to_subj = ' RPMS to upgrade'; 234: $sendflag = 1; 235: } 236: } 237: } 238: } 239: } 240: if ($up2date_error) { 241: $append_to_subj = ' Error running RPM update script'; 242: $sendflag = 1; 243: } 244: return ($sendflag,$append_to_subj); 245: } 246: 247: sub check_with_rug { 248: my ($tmpfile) = @_; 249: my $rug = '/usr/bin/rug'; 250: my $sendflag = 0; 251: my $append_to_subj; 252: # 253: # Execute rug command to check for updates 254: if (open (PIPE, "$rug up -N 2>&1 |")) { 255: my @output=<PIPE>; 256: close(PIPE); 257: chomp(@output); 258: my @clean_output; 259: foreach my $line (@output) { 260: if ($line =~ /^Waking\sup\sZMD\.\.\./) { 261: next; 262: } elsif ($line eq 'Done') { 263: next; 264: } elsif ($line eq '') { 265: next; 266: } elsif ($line eq 'The following packages will be installed:') { 267: next; 268: } elsif ($line eq 'Resolving Dependencies...') { 269: next; 270: } elsif ($line eq 'Transaction...') { 271: last; 272: } elsif ($line eq 'No updates are available.') { 273: last; 274: } elsif ($line eq 'Downloading Packages...') { 275: last; 276: } else { 277: push(@clean_output,$line); 278: } 279: } 280: if (@clean_output > 0) { 281: open(TMPFILE,">>$tmpfile"); 282: print TMPFILE join("\n",@clean_output); 283: close(TMPFILE); 284: $append_to_subj= ' RPMS to upgrade'; 285: $sendflag = 1; 286: } 287: } else { 288: $append_to_subj = ' Error running RPM update check'; 289: $sendflag = 1; 290: } 291: return ($sendflag,$append_to_subj); 292: } 293: 294: sub check_with_checkrpms { 295: my ($tmpfile,$perlvar) = @_; 296: my $checkrpms = '/usr/local/bin/check-rpms'; 297: my $sendflag = 0; 298: my $append_to_subj; 299: 300: # Run Martin Seigert's checkrpms script. See 301: # See http://www.sfu.ca/acs/security/linux/check-rpms.html 302: # for more information. 303: 304: # 305: # Check that checkrpms is installed and is the proper version... 306: if (! -e $checkrpms) { 307: open(TMPFILE,">>$tmpfile"); 308: print TMPFILE <<END; 309: 310: Unable to locate check-rpms on your system. Please go to 311: http://www.sfu.ca/acs/security/linux/check-rpms.html, download and 312: install check-rpms on this system. 313: 314: END 315: $append_to_subj = ' Error running RPM update check'; 316: $sendflag = 1; 317: } else { 318: # 319: # Run check-rpms and capture its output 320: if (open (PIPE, "$checkrpms 2>&1 |")) { 321: my $output=<PIPE>; 322: close(PIPE); 323: if ($output ne '') { 324: $output = <<"END"; 325: 326: checkrpms checked the status of the packages on your system and 327: produced the following output: 328: ------------------------------------------------------- 329: $output 330: ------------------------------------------------------- 331: If there are rpms which need to be installed, please log into 332: $perlvar->{'lonHostID'} and run the following command 333: 334: $checkrpms --update 335: 336: If there are kernel packages to be installed, use 337: 338: $checkrpms --update --install-kernel 339: 340: Keeping your system up to date is very important. 341: Ensuring you are using up to date software is a prerequisite for a 342: secure system. 343: 344: END 345: open(TMPFILE,">>$tmpfile"); 346: print TMPFILE $output; 347: close(TMPFILE); 348: $append_to_subj = ' RPMS to upgrade'; 349: $sendflag = 1; 350: } 351: } 352: } 353: return ($sendflag,$append_to_subj); 354: }