ftp.ac-grenoble.fr

home *** CD-ROM | disk | FTP | other *** search

/ ftp.ac-grenoble.fr / 2015.02.ftp.ac-grenoble.fr.tar / ftp.ac-grenoble.fr / pub / slis / updates_4.0_rsync / slis_update-4.0 < prev next >

Wrap

Text File | 2007-08-19 | 11KB | 328 lines

#!/bin/bash # This script is part of the SLIS Project initiated by the CARMI-Internet # (AcadΘmie de Grenoble - France 38). # Ce script fait partie du projet SLIS dΘmarrΘ par le CARMI-Internet # (AcadΘmie de Grenoble - France 38). # # SLIS : Serveur de communications Linux pour l'Internet Scolaire. # Copyright (C) 1998-2003 Bruno Bzeznik # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program (For example ./COPYING); # if not, write to the Free Software Foundation, Inc., 675 Mass Ave, # Cambridge, MA 02139, USA. # # Please send all comments and bug reports by electronic mail to: # Bruno Bzeznik <Bruno@ac-grenoble.fr> # or to <slis@ac-grenoble.fr> # # Envoyez vos suggestions et reports de bugs par e-mail α # Bruno Bzeznik <Bruno@ac-grenoble.fr> # ou α <slis@ac-grenoble.fr> # # Contact: Olivier.LeCam@crdp.ac-versailles.fr # # Comments: # This script is run by the crontab once a night for upgrading the SLIS # The SLIS admin can also run it at any moment it through the interface # NB: The kernel upgrade can be done overnight only (bettween 0-6) # # Updates: # olecam: Dec 13, 2005: script adapted to SLIS v4 # olecam: Jan 5, 2006: messages resulting of a failed apt-get are now logged to help debugging # olecam: Jan 6, 2006: check against freezed updates (lock) # olecam: Jan 6, 2006: get debconf less curious # olecam: Feb 7, 2007: improved exception processing in blacklist updates # # Various variables # LOCKFILE="/var/lock/slis/slis_update-4.0" LOGTAG="slis_update-4.0[$$]" SLIS_LIB="/usr/sbin/slis-sys.inc.bash" SCRIPT_STATUS_MSG="Script 'slis_update' version 4.0" SQUIDGUARD_DB_PATH="/var/lib/squidguard/db" SLIS_UPDATE_SQUIDGUARD="slis_update_squidguard" BLACKLISTS="academie adult agressif audio-video dangerous_material drogue forums \ gambling hacking mobile-phone phishing publicite radio redirector \ strict_redirector strong_redirector tricheur warez webmail" REBOOT_MANDOTORY=0 ERRCODE=0 # # Load the SLIS library # if [ -f $SLIS_LIB ] then . $SLIS_LIB else MSG="Error: $SLIS_LIB not found." /usr/bin/logger -t "$LOGTAG" "$MSG" /bin/echo "$MSG" /usr/bin/logger -t "$LOGTAG" "$SCRIPT_STATUS_MSG: failed." exit 1 fi # # Load the variables # load_config if [ "$SLIM_MAX_AGE" = "" ] then # This is the maximum number of seconds you think # a monitor must leave before suspecting it to be # freezed. SLIM_MAX_AGE=36000 fi if [ "$SLIM_RETRY_TIME" = "" ] then # This is the max number of time the script will try # to relock when already locked SLIM_RETRY_TIME=360 fi #/bin/echo "[$PATH]" |/usr/bin/logger -t "$LOGTAG" # # Locking # LOCK_OUTPUT=`/usr/bin/lockfile -1 -r 3 -l $SLIM_MAX_AGE -s 0 $LOCKFILE 2>&1`; LOCK_RC=$? # # If unable to lock (recent lock file found) # if [ "$LOCK_RC" != "0" ] then MSG="Error: Lock found: update already running!" /usr/bin/logger -t "$LOGTAG" "$MSG" /bin/echo "$MSG" /usr/bin/logger -t "$LOGTAG" "$SCRIPT_STATUS_MSG: failed." exit 1 fi # # If a very old lock file is found # if [ "`/bin/echo $LOCK_OUTPUT |/bin/grep -i "forcing lock"`" != "" ] then /usr/bin/logger -t "$LOGTAG" "Warning: forcing lock and killing possibly sleeping processes." # Perhaps some processes are freezed? /usr/bin/killall apt-get 2>/dev/null /bin/sleep 1 /usr/bin/killall dpkg-preconfigure 2>/dev/null /bin/sleep 1 # Try to lock another time while waiting for the previous one to finish /usr/bin/lockfile -5 -r $SLIM_RETRY_TIME $LOCKFILE ; LOCK_RC=$? if [ "$LOCK_RC" != "0" ] then MSG="Error: second try for locking failed" /usr/bin/logger -t "$LOGTAG" "$MSG!" /bin/echo "$LOGTAG" |/usr/bin/mail "$SLISMASTER" -s "Update: $MSG: $HOSTNAME" /bin/echo "$MSG" /usr/bin/logger -t "$LOGTAG" "$SCRIPT_STATUS_MSG: failed." exit 1 fi fi /usr/bin/logger -t "$LOGTAG" "$SCRIPT_STATUS_MSG: starting..." /usr/bin/logger -t "$LOGTAG" "=== PLEASE WAIT. DO NOT USE SLIS WHILE UPDATING ===" # # Make updates # /usr/bin/logger -t "$LOGTAG" "APT: Updating package index files from the dpkg sources..." APT_RESULT=`/usr/bin/apt-get -qq update 2>&1` if [ $? != 0 ] then /usr/bin/logger -t "$LOGTAG" "ERROR: apt-get update failed. See report below:" /bin/echo -n "$APT_RESULT" |/usr/bin/logger -t "$LOGTAG" ERRCODE=1 else # # APT upgrade # # Ensure that we only are asked "critical" questions export DEBIAN_PRIORITY=critical # export DEBIAN_FRONTEND=text export DEBIAN_FRONTEND=teletype # export DEBCONF_DEBUG=developer # To be even more nasty, use: # DEBIAN_FRONTEND=noninteractive # which should ask *no* question (at least not through debconf) # # Get the list of upgrade candidates # APT_RESULT=`apt-get -dsy upgrade 2>&1` # CANDIDATES=`echo -n "$APT_RESULT" |grep Inst |awk '{print $2}' |tr '\n' ' '` # # if [ "$CANDIDATES" == "" ] ; then # logger -t "$LOGTAG" "APT: Upgrading packages: none (system is up-to-date)" # else # logger -t "$LOGTAG" "APT: Upgrading packages: $CANDIDATES" # logger -t "$LOGTAG" "APT: Be patient, this can take time!..." # apt-get --force-yes -y -qq upgrade 2>&1 |logger -t "$LOGTAG" ## APT_RESULT=`apt-get -y -qq upgrade 2>&1` ## if [ $? != 0 ] ## then ## logger -t "$LOGTAG" "ERROR: apt-get upgrade failed. See report below:" ## echo -n "$APT_RESULT" |logger -t "$LOGTAG" ## else ## logger -t "$LOGTAG" "APT: Packages upgrading terminated." ## fi # fi # # # # # APT dist-upgrade (executed only when it's nighttime) # # # declare -i HOUR # HOUR=`date +%k` # if [ $HOUR -lt 6 ] # then # logger -t "$LOGTAG" "Well, it's nighttime, let's check for a kernel update..." # # # Get the list of dist-upgrade candidates # APT_RESULT=`apt-get -dsy dist-upgrade 2>&1` # CANDIDATES=`echo -n "$APT_RESULT" |grep Inst |awk '{print $2}' |tr '\n' ' '` # # if [ "$CANDIDATE" == "" ] ; then # logger -t "$LOGTAG" "APT: Upgrading kernel: none (kernel is up-to-date)" # else # logger -t "$LOGTAG" "APT: Upgrading kernel: $CANDIDATE" # APT_RESULT=`apt-get -y -qq dist-upgrade 2>&1` # if [ $? != 0 ] # then # logger -t "$LOGTAG" "ERROR: apt-get dist-upgrade failed. See report below:" # echo -n "$APT_RESULT" |logger -t "$LOGTAG" # else # logger -t "$LOGTAG" "APT: Kernel upgrading terminated." # logger -t "$LOGTAG" "KERNEL UPDATED. REBOOT PLANNED IN ONE MINUTE..." # /sbin/shutdown -r +1 # fi # fi # fi # # APT dist-upgrade. Install also kernel-image updates, but if any wait nighttime to reboot. # # Get the list of dist-upgrade candidates APT_RESULT=`/usr/bin/apt-get -dsy dist-upgrade 2>&1` CANDIDATES=`/bin/echo -n "$APT_RESULT" |/bin/grep Inst |/usr/bin/awk '{print $2}' |/usr/bin/tr '\n' ' '` if [ "$CANDIDATES" == "" ] ; then /usr/bin/logger -t "$LOGTAG" "APT: Upgrading packages: none (system is up-to-date)." else /usr/bin/logger -t "$LOGTAG" "APT: Upgrading packages: $CANDIDATES" /usr/bin/logger -t "$LOGTAG" "APT: Be patient, this may take a long time!..." /usr/bin/apt-get --force-yes -y -qq dist-upgrade 2>&1 |/usr/bin/logger -t "$LOGTAG" [ $? != 0 ] && ERRCODE=1 /usr/bin/logger -t "$LOGTAG" "APT: Packages upgrading terminated." if [ "$(/bin/echo "$CANDIDATES" |/bin/grep kernel-image)" != "" ] then # A kernel update has been installed - Reboot now if it's nighttime or # do it later. HOUR=`/bin/date +%k` if [ $HOUR -lt 6 ] then /usr/bin/logger -t "$LOGTAG" "Kernel updated: a reboot is mandotory after the SLIS update..." REBOOT_MANDOTORY=1 else /usr/bin/logger -t "$LOGTAG" "Kernel updated: the SLIS will reboot tonight..." /sbin/shutdown -r now |at 0100 fi fi if [ "$(/bin/echo "$CANDIDATES" |/bin/grep slis-update)" != "" ] then # slis-update has been upgraded - Reboot now if it's nighttime or # do it later. HOUR=`/bin/date +%k` if [ $HOUR -lt 6 ] then /usr/bin/logger -t "$LOGTAG" "slis-update upgraded: a reboot is mandotory after the SLIS update..." REBOOT_MANDOTORY=1 else /usr/bin/logger -t "$LOGTAG" "slis-update upgraded: the SLIS will reboot tonight..." /sbin/shutdown -r 01:00 & fi fi fi fi # # Update the squidGuard databases # HOUR=`/bin/date +%k` if [ -e $SQUIDGUARD_DB_PATH ] && [ $HOUR -lt 8 ] then /usr/bin/logger -t "$LOGTAG" "Downloading the URL blacklist databases update..." cd $SQUIDGUARD_DB_PATH for blacklist in $BLACKLISTS do USE_OLD=0 /bin/mv -f $blacklist.tar.gz $blacklist.tar.gz.backup /usr/bin/rsync --timeout=30 rsync://$RSYNC_HOST/$RSYNC_MODULE/$blacklist.tar.gz . >/dev/null 2>&1 if [ "$?" = "0" ] && [ -f $blacklist.tar.gz ] then /bin/tar xfz $blacklist.tar.gz RC=$? if [ "$RC" != "0" ] then /usr/bin/logger -t "$LOGTAG" "Error: '$blacklist' dabatase corrupted: keeping the old version." USE_OLD=1 fi else /usr/bin/logger -t "$LOGTAG" "Warning: '$blacklist' database update could not be transfered from the central update server: keeping the old version" USE_OLD=1 fi if [ "$USE_OLD" = "1" ] then rm -f $blacklist.tar.gz /bin/mv -f $blacklist.tar.gz.backup $blacklist.tar.gz if [ -f $blacklist.tar.gz ] then /bin/tar xfz $blacklist.tar.gz [ "$?" != "0" ] && echo "FATAL: the backuped '$blacklist' database is also corrupted. Skipping..." else echo "FATAL: '$blacklist' has no backup. Skipping..." fi else /bin/rm -f $blacklist.tar.gz.backup fi done /bin/rm -f *.backup /usr/bin/logger -t "$LOGTAG" "Compiling the URL blacklist databases (be patient!)..." $SLIS_BINDIR/$SLIS_UPDATE_SQUIDGUARD >/dev/null 2>&1 fi # # Ending script # if [ "$REBOOT_MANDATORY" = "1" ] then /sbin/shutdown -r +1 /usr/bin/logger -t "$LOGTAG" "$SCRIPT_STATUS_MSG: successed. Reboot planned in one minute." else /usr/bin/logger -t "$LOGTAG" "$SCRIPT_STATUS_MSG: successed" fi /bin/rm -f $LOCKFILE exit $ERRCODE