[转]Bash script for keeping Debian & Ubuntu systems up to date.
Hello,
This script will do a bunch of things - it's main purpose is to help keep apt based systems up to date. Check out the top part of ths script for a more in depth explanation.
Run this script periodically via cron.
NOTE: This script has been tested on Debian (Sarge) and Ubuntu (5.10), your mileage may vary on other systems using apt.
#!/bin/sh
# Script Name: maint.sh
# Author Name: Keith Bawden
# Date: Wed May 17 15:40:32 JST 2006
# Description: This script will:
# Clean up the local apt repository of retrieved packages (apt-get clean)
# Resync the package index (apt-get update)
# If called with AUTOUPDATE set to yes then updates will be downloaded and applied with no feed back (not recommended)
# If called without AUTOUPDATE then packages are downloaded and an email is sent informing which packages are to be updated.
# And more ;-)
# NOTE: Perl is needed for this script to work.
#
# Make user configuration changes in this section
#
export REPLYTO=bawdo2001@example.com
MAILTO="bawdo2001@example.com"
AUTOUPDATE="no"
LOGFILE="/var/log/server_maint.log"
THISSERVER=`hostname --fqdn`
#
# End of user configuration section
#
DASHES="---------------------------------------------------------------------------------"
DASHES2="================================================================================="
# Check if the script is being run as root exit if it is not.
if [ "$UID" -ne "0" ]
then
echo "[ERROR] This script must be run as root"
exit 1
fi
function startlogging {
echo $DASHES2 >> $LOGFILE
echo "$0 started running at `date`" >> $LOGFILE
echo $DASHES2 >> $LOGFILE
}
function stoplogging {
echo "`date` [MESSAGE] $0 finished runnning" >> $LOGFILE
echo $DASHES >> $LOGFILE
}function check_return {
if [ "$?" -ne "0" ]
then
echo "`date` [ERROR] $1 failed to run" >> $LOGFILE
send_error_email $1
stoplogging
exit 1
fi
echo "`date` [SUCCESS] $1 ran without error" >> $LOGFILE
}
function send_error_email {
mail -s "[$THISSERVER] There was an error whilst running $0" $MAILTO <<EOF
Hello,
Whilst running the update script ($0) on $THISSERVER there was a problem.
[ERROR] "$1" failed to run
The server has the following network interfaces configured ${SERVERADDS[@]}.
Please log in via ssh (e.g. ssh root@${IPADDR[0]}) and check the log file:
vim $LOGFILE
Regards.
EOF
}
# IP Address stuff
declare -a IPADDR
declare -a NICINTERFACE
declare -a SERVERADDS
index=0
for i in $( ifconfig | grep 'inet addr' | awk '{print $2}'| sed 's#addr:##g' );
do
IPADDR[$index]=$i
let "index += 1"
done
index=0
for i in $( ifconfig | grep 'eth' | awk '{print $1}' );
do
SERVERADDS[$index]="$i ${IPADDR[$index]}"
let "index += 1"
done
# End IP Address stuff
startlogging
apt-get clean > /dev/null
check_return "apt-get clean"
apt-get update > /dev/null
check_return "apt-get update"
if [[ "$AUTOUPDATE" == "yes" ]]
then
apt-get -yqq upgrade > /dev/null
check_return "apt-get -yq upgrade"
else
PACKAGES_TO_BE_UPGRADED=`apt-get -Vs upgrade | perl -ne 'print if /upgraded:/ .. /upgraded,/'`
apt-get -yqd upgrade > /dev/null
check_return "apt-get -yqd upgrade"
fi
if [[ -z $PACKAGES_TO_BE_UPGRADED ]]
then
echo "`date` [MESSAGE] No packages need updating." >> $LOGFILE
else
mail -s "[$THISSERVER] server may need some updates applied" $MAILTO <<EOF
Hello,
Packages have been downloaded onto $THISSERVER.
$PACKAGES_TO_BE_UPGRADED
The server has the following network interfaces configured ${SERVERADDS[@]}.
To update the server log in via ssh (e.g. ssh root@${IPADDR[0]}) and run the following command:
apt-get upgrade
See the logfile for more info: vim $LOGFILE
Regards.
EOF
echo "`date` [MESSAGE] Packages need updating email sent to $MAILTO" >> $LOGFILE
fi
stoplogging
exit 0
An email detailing required updates looks like this:
Subject:[server.example.com] server may need some updates applied
Hello,
Packages have been downloaded onto server.example.com.
The following packages will be upgraded:
exim4 (4.50-8 => 4.50-8sarge2)
exim4-base (4.50-8 => 4.50-8sarge2)
exim4-config (4.50-8 => 4.50-8sarge2)
exim4-daemon-light (4.50-8 => 4.50-8sarge2)
libc6 (2.3.2.ds1-22 => 2.3.2.ds1-22sarge3)
libc6-dev (2.3.2.ds1-22 => 2.3.2.ds1-22sarge3)
libsasl2 (2.1.19-1.5 => 2.1.19-1.5sarge1)
locales (2.3.2.ds1-22 => 2.3.2.ds1-22sarge3)
mutt (1.5.9-2 => 1.5.9-2sarge1)
perl (5.8.4-8sarge3 => 5.8.4-8sarge4)
perl-base (5.8.4-8sarge3 => 5.8.4-8sarge4)
perl-modules (5.8.4-8sarge3 => 5.8.4-8sarge4)
tar (1.14-2.1 => 1.14-2.2)
13 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
The server has the following network interfaces configured eth0 192.168.10.1 eth1 192.168.1.220.
To update the server log in via ssh (e.g. ssh root@192.168.10.1) and run the following command:
apt-get upgrade
See the logfile for more info: vim /var/log/server_maint.log
Regards.
Here is a sample of the log output:
=================================================================================
./maint.sh started running at Wed May 17 15:13:40 JST 2006
=================================================================================
Wed May 17 15:13:40 JST 2006 [SUCCESS] apt-get clean ran without error
Wed May 17 15:13:40 JST 2006 [SUCCESS] apt-get update ran without error
Wed May 17 15:13:41 JST 2006 [SUCCESS] apt-get -yqd upgrade ran without error
Wed May 17 15:13:41 JST 2006 [MESSAGE] No packages need updating.
Wed May 17 15:13:41 JST 2006 [MESSAGE] ./maint.sh finished runnning
---------------------------------------------------------------------------------
Please posts any fixes/suggestions here. In particular how to rewrite this without needing perl :-)
