Commande interne 'shopt' manquante dans 'dash' et inutile ici.
[progfou.git] / sysadmin / upgrade.sh
1 #!/bin/sh
2 # upgrade.sh - outil de mise à jour de serveur, avec support OpenVZ
3 # Copyright ©2010-2011 Agence universitaire de la Francophonie
4 # http://www.auf.org/
5 # Licence : GNU General Public License, version 3
6 # Auteur : Progfou <jean-christophe.andre@auf.org>
7 # Création : 2010-01-26
8 # Mise à jour : 2011-03-06
9 export LANG=
10 CONFDIRS="/etc"
11 IPT="iptables"
12 IP6T="ip6tables"
13 IF="`route -n | awk '/^0.0.0.0/{print $(NF);exit}'`"
14 $IPT -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
15 $IP6T -I OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
16 aptitude update
17 aptitude safe-upgrade
18 aptitude clean
19 $IP6T -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
20 $IPT -D OUTPUT -o "$IF" -m owner --uid-owner 0 -p tcp --dport 80 -j ACCEPT
21 if test -x /usr/sbin/vzctl
22 then
23 $IPT -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
24 $IP6T -I FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
25 for id in `vzlist -H -o ctid`
26 do
27 #vzctl exec $id rm -v -f /var/lib/apt/lists/partial/*
28 vzctl exec $id aptitude update
29 vzctl exec $id aptitude safe-upgrade </dev/tty >/dev/tty
30 vzctl exec $id aptitude clean
31 done
32 $IP6T -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
33 $IPT -D FORWARD -o "$IF" -p tcp --dport 80 -j ACCEPT
34 CONFDIRS="$CONFDIRS "/vz/private/*/etc
35 fi
36 find $CONFDIRS -name "*.dpkg*" -o -name "*.ucf*"