[progfou.git] / sysadmin / upgrade.sh

#!/bin/sh
# upgrade.sh - outil de mise à jour de serveur, avec support OpenVZ
# Copyright ©2010  Agence universitaire de la Francophonie
#                  http://www.auf.org/
# Licence : GNU General Public License, version 3
# Auteur : Progfou <jean-christophe.andre@auf.org>
# Création : 2010-01-26
# Mise à jour : 2010-01-26
export LANG=
CONFDIRS="/etc"
IPT="iptables"
IP6T="ip6tables"
IF="`route -n | awk '/^0.0.0.0/{print $(NF);exit}'`"
$IPT -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
$IP6T -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
aptitude update
aptitude safe-upgrade
aptitude clean
$IP6T -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
$IPT -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
if test -x /usr/sbin/vzctl
then
  $IPT -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
  $IP6T -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
  shopt -s nullglob
  for id in `vzlist -H -o ctid`
  do
    #vzctl exec $id rm -v -f /var/lib/apt/lists/partial/*
    vzctl exec $id aptitude update
    vzctl exec $id aptitude safe-upgrade </dev/tty >/dev/tty
    vzctl exec $id aptitude clean
  done
  $IP6T -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
  $IPT -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
  CONFDIRS="$CONFDIRS "/vz/private/*/etc
fi
find $CONFDIRS -name "*.dpkg*" -o -name "*.ucf*"
Commit	Line	Data
	1	#!/bin/sh
	2	# upgrade.sh - outil de mise à jour de serveur, avec support OpenVZ
	3	# Copyright ©2010 Agence universitaire de la Francophonie
	4	# http://www.auf.org/
	5	# Licence : GNU General Public License, version 3
	6	# Auteur : Progfou <jean-christophe.andre@auf.org>
	7	# Création : 2010-01-26
	8	# Mise à jour : 2010-01-26
	9	export LANG=
	10	CONFDIRS="/etc"
	11	IPT="iptables"
	12	IP6T="ip6tables"
	13	IF="`route -n \| awk '/^0.0.0.0/{print $(NF);exit}'`"
	14	$IPT -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
	15	$IP6T -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
	16	aptitude update
	17	aptitude safe-upgrade
	18	aptitude clean
	19	$IP6T -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
	20	$IPT -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
	21	if test -x /usr/sbin/vzctl
	22	then
	23	$IPT -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
	24	$IP6T -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
	25	shopt -s nullglob
	26	for id in `vzlist -H -o ctid`
	27	do
	28	#vzctl exec $id rm -v -f /var/lib/apt/lists/partial/*
	29	vzctl exec $id aptitude update
	30	vzctl exec $id aptitude safe-upgrade </dev/tty >/dev/tty
	31	vzctl exec $id aptitude clean
	32	done
	33	$IP6T -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
	34	$IPT -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
	35	CONFDIRS="$CONFDIRS "/vz/private/*/etc
	36	fi
	37	find $CONFDIRS -name ".dpkg" -o -name ".ucf"