Script de mise à jour de serveur Debian (et ses éventuels conteneurs OpenVZ).

diff --git a/sysadmin/upgrade.sh b/sysadmin/upgrade.sh
new file mode 100755 (executable)
index 0000000..ef1b446
--- /dev/null
+++ b/sysadmin/upgrade.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+# upgrade.sh - outil de mise à jour de serveur, avec support OpenVZ
+# Copyright ©2010  Agence universitaire de la Francophonie
+#                  http://www.auf.org/
+# Licence : GNU General Public License, version 3
+# Auteur : Progfou <jean-christophe.andre@auf.org>
+# Création : 2010-01-26
+# Mise à jour : 2010-01-26
+export LANG=
+CONFDIRS="/etc"
+IPT="iptables"
+IP6T="ip6tables"
+IF="`route -n | awk '/^0.0.0.0/{print $(NF);exit}'`"
+$IPT -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
+$IP6T -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
+aptitude update
+aptitude safe-upgrade
+aptitude clean
+$IP6T -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
+$IPT -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
+if test -x /usr/sbin/vzctl
+then
+  $IPT -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
+  $IP6T -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
+  shopt -s nullglob
+  for id in `vzlist -H -o ctid`
+  do
+    #vzctl exec $id rm -v -f /var/lib/apt/lists/partial/*
+    vzctl exec $id aptitude update
+    vzctl exec $id aptitude safe-upgrade </dev/tty >/dev/tty
+    vzctl exec $id aptitude clean
+  done
+  $IP6T -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
+  $IPT -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
+  CONFDIRS="$CONFDIRS "/vz/private/*/etc
+fi
+find $CONFDIRS -name "*.dpkg*" -o -name "*.ucf*"