-
Notifications
You must be signed in to change notification settings - Fork 22
/
yum
executable file
·163 lines (145 loc) · 5.92 KB
/
yum
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
#!/bin/bash
if [ -z $MK_VARDIR ]; then
echo "ERROR: Unable to load ENV variables"
exit 2
fi
BOOT_REQUIRED=no
UPDATES=0
SECURITY_UPDATES=0
CACHE_RESULT_CHECK=$MK_VARDIR/cache/yum_result.cache
CACHE_YUM_UPDATE=$MK_VARDIR/cache/yum_update.cache
CACHE_PREV_UPTIME=$MK_VARDIR/cache/yum_uptime.cache
LAST_UPDATE_TIMESTAMP=-1
# Check which major version we are running so we can run appropriate commands
MAJOR_VERSION=$(grep -oP '(?<=^VERSION_ID=").*(?=")' /etc/os-release | cut -d '.' -f 1)
# get current yum state - use cache directory contents as fingerprint
YUM_CURRENT="$(ls -lR /var/cache/{yum,dnf}/ 2>/dev/null)"
# check if cached listing of /var/cache/yum already exists - create empty one otherwise
if [ ! -e $CACHE_YUM_UPDATE ]
then
touch $CACHE_YUM_UPDATE
elif [ ! -f $CACHE_YUM_UPDATE ] || [ -L $CACHE_YUM_UPDATE ]
then
# something is wrong here...
echo "ERROR: invalid cache file"
exit 2
else
# get cached information
YUM_CACHED=$(cat "$CACHE_YUM_UPDATE")
fi
# check if cached check result already exists and is nothing but a file
if [ ! -e $CACHE_RESULT_CHECK ]
then
touch $CACHE_RESULT_CHECK
elif [ ! -f $CACHE_RESULT_CHECK ] || [ -L $CACHE_RESULT_CHECK ]
then
# something is wrong here...
echo "ERROR: invalid cache file"
exit 2
fi
# check if system has rebooted - if so, remove cached check file to avoid wrong "reboot required"-state
RUNNING_SECS=$(cat /proc/uptime | cut -d" " -f1 | cut -d"." -f1)
# check if cache file with previously seen uptime is existing - create one otherwise
if [ ! -e $CACHE_PREV_UPTIME ]
then
echo 0 > $CACHE_PREV_UPTIME
PREV_UPTIME=0
elif [ ! -f $CACHE_PREV_UPTIME ] || [ -L $CACHE_PREV_UPTIME ]
then
# something is wrong here...
echo "ERROR: invalid cache file"
exit 2
else
# get cached information
PREV_UPTIME=$(cat "$CACHE_PREV_UPTIME")
# save current uptime
echo $RUNNING_SECS > $CACHE_PREV_UPTIME
fi
# check if current uptime is lower than cached last seen uptime to detect reboot
if (( RUNNING_SECS < PREV_UPTIME ))
then
# remove pre-reboot cache which requires reboot
rm -f $CACHE_RESULT_CHECK
# create empty check cache
touch $CACHE_RESULT_CHECK
fi
echo "<<<yum>>>"
# compare current and cached yum information
# Update cached data if YUM fingerprint has changed OR machine has recently rebooted.
if [ "$YUM_CURRENT" != "$YUM_CACHED" ] || [ ! -s $CACHE_RESULT_CHECK ]
then
count=0
while [ -n "$(pgrep -f "python (/usr|)/bin/(yum|dnf)")" ]; do
if [ $count -eq 3 ]; then
echo "ERROR: Tried to run yum for 30 secs but another yum instance was running"
exit 2
else
((count++))
sleep 10
fi
done
LATEST_KERNEL=$(yum -q -C --noplugins --debuglevel 0 list installed | egrep "^(vz)?kernel(|-(uek|ml|lt))\." | grep "\." | tail -n1 | awk '{print $2};')
RUNNING_KERNEL=$(cat /proc/version | awk '{print $3}' | sed 's/.x86_64//g')
if [[ "$RUNNING_KERNEL" == "$LATEST_KERNEL"* ]]
then
BOOT_REQUIRED="no"
else
BOOT_REQUIRED="yes"
fi
UPDATES=$(waitmax 25 /usr/bin/yum -C --noplugins --quiet list updates | grep "\." | cut -d' ' -f1 | wc -l || echo "-1")
# check if --security is available
# Updated the timeout for the initial security list validation because it takes longer than 10 seconds on many machines
waitmax 25 /usr/bin/yum -C --noplugins --quiet --security list updates > /dev/null 2>&1
if [ $? -eq 0 ]
then
SECURITY_UPDATES=$(waitmax 25 /usr/bin/yum -C --noplugins --quiet --security list updates | grep "\." | cut -d' ' -f1 | wc -l || echo "-1")
else
# --security not supported with this yum version
# maybe the yum-plugin-security package is needed (RH 6)
SECURITY_UPDATES="-2"
fi
# Check last time of installed Updates from yum history
# Added "list all" to the history command as in situations where 20 or more RPM installs have been completed (non updates
# yum commands) have been run, the script will incorrectly report that the server has never updated
# Yum only lists 20 of the last actions when using only the "history" command.
# Switch command based on which Major version we are running
if [ "$MAJOR_VERSION" -ge 8 ]; then
LAST_UPDATE_TIMESTAMP=$(/usr/bin/yum -C --quiet --noplugins history list | awk '{if(NR>2)print}' | grep ' U \|Upgrade\|Update' | cut -d '|' -f3 | head -n 1 | date -f - +"%s" || echo "-1")
else
LAST_UPDATE_TIMESTAMP=$(/usr/bin/yum -C --quiet --noplugins history list all| awk '{if(NR>2)print}' | grep ' U \|Upgrade\|Update' | cut -d '|' -f3 | head -n 1 | date -f - +"%s" || echo "-1")
fi
# Add check in case this is a brand new built machine that has had
# up to date pacakges installed during build. In this case, neither
# command above will have yielded a value and LAST_UPDATE_TIMESTAMP
# will be empty
if [ "$LAST_UPDATE_TIMESTAMP" == "" ]; then LAST_UPDATE_TIMESTAMP=-1; fi
echo $BOOT_REQUIRED
echo $UPDATES
echo $SECURITY_UPDATES
echo $LAST_UPDATE_TIMESTAMP
# cache check yum
# check if cached check already exists and is nothing but a file
if [ -f $CACHE_YUM_UPDATE ] || [ ! -L $CACHE_YUM_UPDATE ]; then
echo "$YUM_CURRENT" > $CACHE_YUM_UPDATE
else
# something is wrong here...
echo "ERROR: invalid check cache file"
exit 2
fi
# cache check results
# check if cached check result already exists and is nothing but a file
if [ -f $CACHE_RESULT_CHECK ] || [ ! -L $CACHE_RESULT_CHECK ]
then
echo $BOOT_REQUIRED > $CACHE_RESULT_CHECK
echo $UPDATES >> $CACHE_RESULT_CHECK
echo $SECURITY_UPDATES >> $CACHE_RESULT_CHECK
echo $LAST_UPDATE_TIMESTAMP >> $CACHE_RESULT_CHECK
else
# something is wrong here...
echo "ERROR: invalid check result cache file"
exit 2
fi
else
# use cache file
cat $CACHE_RESULT_CHECK
fi