diff options
Diffstat (limited to 'src/sec-updater/sec-updater.sh')
| -rwxr-xr-x | src/sec-updater/sec-updater.sh | 168 |
1 files changed, 168 insertions, 0 deletions
diff --git a/src/sec-updater/sec-updater.sh b/src/sec-updater/sec-updater.sh new file mode 100755 index 000000000..ca7b89841 --- /dev/null +++ b/src/sec-updater/sec-updater.sh @@ -0,0 +1,168 @@ +#!/bin/sh + +DIR="/etc/pts" +DISTS_DIR="$DIR/dists" +DATE=`date +%Y%m%d-%H%M` +UBUNTU="http://security.ubuntu.com/ubuntu" +UBUNTU_VERSIONS="xenial" +UBUNTU_DIRS="main multiverse restricted universe" +UBUNTU_ARCH="binary-amd64" +DEBIAN="http://security.debian.org" +DEBIAN_VERSIONS="jessie wheezy" +DEBIAN_DIRS="main contrib non-free" +DEBIAN_ARCH="binary-amd64 binary-armhf" +RASPIAN="http://archive.raspberrypi.org/debian" +RASPIAN_VERSIONS="jessie wheezy" +RASPIAN_DIRS="main" +RASPIAN_ARCH="binary-armhf" +CMD=/usr/sbin/sec-updater +CMD_LOG="$DIR/logs/$DATE-sec-update.log" +DEL_LOG=1 + +mkdir -p $DIR/dists +cd $DIR/dists + +# Download Ubuntu distribution information + +for v in $UBUNTU_VERSIONS +do + for a in $UBUNTU_ARCH + do + mkdir -p $v-security/$a $v-updates/$a + for d in $UBUNTU_DIRS + do + wget -nv $UBUNTU/dists/$v-security/$d/$a/Packages.xz -O $v-security/$a/Packages-$d.xz + unxz -f $v-security/$a/Packages-$d.xz + wget -nv $UBUNTU/dists/$v-updates/$d/$a/Packages.xz -O $v-updates/$a/Packages-$d.xz + unxz -f $v-updates/$a/Packages-$d.xz + done + done +done + +# Download Debian distribution information + +for v in $DEBIAN_VERSIONS +do + for a in $DEBIAN_ARCH + do + mkdir -p $v-updates/$a + for d in $DEBIAN_DIRS + do + wget -nv $DEBIAN/dists/$v/updates/$d/$a/Packages.bz2 -O $v-updates/$a/Packages-$d.bz2 + bunzip2 -f $v-updates/$a/Packages-$d.bz2 + done + done +done + +# Download Raspian distribution information + +for v in $RASPIAN_VERSIONS +do + for a in $RASPIAN_ARCH + do + mkdir -p $v-raspian/$a + for d in $RASPIAN_DIRS + do + wget -nv $RASPIAN/dists/$v/$d/$a/Packages.gz -O $v-raspian/$a/Packages-$d.gz + gunzip -f $v-raspian/$a/Packages-$d.gz + done + done +done + +# Run sec-updater in distribution information + +for f in xenial-security/binary-amd64/* +do + echo "security: $f" + $CMD --os "Ubuntu 16.04" --arch "x86_64" --file $f --security \ + --uri $UBUNTU >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in xenial-updates/binary-amd64/* +do + echo "updates: $f" + $CMD --os "Ubuntu 16.04" --arch "x86_64" --file $f \ + --uri $UBUNTU >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in jessie-updates/binary-amd64/* +do + echo "security: $f" + $CMD --os "Debian 8.0" --arch "x86_64" --file $f --security \ + --uri $DEBIAN >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in wheezy-updates/binary-amd64/* +do + echo "security: $f" + $CMD --os "Debian 7.0" --arch "x86_64" --file $f --security \ + --uri $DEBIAN >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in jessie-updates/binary-armhf/* +do + echo "security: $f" + $CMD --os "Debian 8.0" --arch "armhf" --file $f --security \ + --uri $DEBIAN >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in wheezy-updates/binary-armhf/* +do + echo "security: $f" + $CMD --os "Debian 7.0" --arch "armhf" --file $f --security \ + --uri $DEBIAN >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in jessie-raspian/binary-armhf/* +do + echo "security: $f" + $CMD --os "Debian 8.0" --arch "armv7l" --file $f --security \ + --uri $RASPIAN >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +for f in wheezy-raspian/binary-armhf/* +do + echo "security: $f" + $CMD --os "Debian 7.11" --arch "armv7l" --file $f --security \ + --uri $RASPIAN >> $CMD_LOG 2>&1 + if [ $? -eq 0 ] + then + DEL_LOG=0 + fi +done + +# Delete log file if no security updates were found + +if [ $DEL_LOG -eq 1 ] +then + rm $CMD_LOG + echo "no security updates found" +fi |