#include <library.h>
#include <utils/debug.h>
+#define EXIT_NO_UPDATES 80
+
typedef enum sec_update_state_t sec_update_state_t;
enum sec_update_state_t {
/**
* Process a package file and store updates in the database
*/
-static void process_packages(char *filename, char *product, bool security)
+static int process_packages(char *filename, char *product, bool security)
{
char *uri, line[BUF_LEN], *pos, *package = NULL, *version = NULL;
sec_update_state_t state;
stats.release = time(NULL);
/* opening package file */
- DBG1(DBG_IMV, "loading \"%s\"", filename);
file = fopen(filename, "r");
if (!file)
{
DBG1(DBG_IMV, "processed \"%s\": %d packages, %d new versions, "
"%d updated versions", filename, stats.packages,
stats.new_versions, stats.updated_versions);
+
+ return (stats.new_versions + stats.updated_versions) ?
+ EXIT_SUCCESS : EXIT_NO_UPDATES;
}
-static void do_args(int argc, char *argv[])
+static int do_args(int argc, char *argv[])
{
char *filename = NULL, *product = NULL;
bool security = FALSE;
if (filename && product)
{
- process_packages(filename, product, security);
+ return process_packages(filename, product, security);
}
else
{
{
exit(SS_RC_INITIALIZATION_FAILED);
}
- do_args(argc, argv);
-
- exit(EXIT_SUCCESS);
+ exit(do_args(argc, argv));
}
#!/bin/sh
DIR="/etc/pts"
+DISTS_DIR="$DIR/dists"
DATE=`date +%Y%m%d-%H%M`
-UBUNTU="http://security.ubuntu.com/ubuntu/dists"
+UBUNTU="http://security.ubuntu.com/ubuntu"
UBUNTU_VERSIONS="xenial"
UBUNTU_DIRS="main multiverse restricted universe"
UBUNTU_ARCH="binary-amd64"
-DEBIAN="http://security.debian.org/dists"
-DEBIAN_VERSIONS="jessie"
+DEBIAN="http://security.debian.org"
+DEBIAN_VERSIONS="jessie wheezy"
DEBIAN_DIRS="main contrib non-free"
DEBIAN_ARCH="binary-amd64"
+RASPIAN="http://archive.raspberrypi.org/debian"
+RASPIAN_VERSIONS="jessie wheezy"
+RASPIAN_DIRS="main"
+RASPIAN_ARCH="binary-armhf"
CMD=/usr/sbin/sec-updater
-CMD_LOG="$DIR/$DATE-sec-update.log"
+CMD_LOG="$DIR/logs/$DATE-sec-update.log"
+DEL_LOG=1
mkdir -p $DIR/dists
cd $DIR/dists
mkdir -p $v-security/$a $v-updates/$a
for d in $UBUNTU_DIRS
do
- wget $UBUNTU/$v-security/$d/$a/Packages.xz -O $v-security/$a/Packages-$d.xz
+ wget -nv $UBUNTU/dists/$v-security/$d/$a/Packages.xz -O $v-security/$a/Packages-$d.xz
unxz -f $v-security/$a/Packages-$d.xz
- wget $UBUNTU/$v-updates/$d/$a/Packages.xz -O $v-updates/$a/Packages-$d.xz
+ wget -nv $UBUNTU/dists/$v-updates/$d/$a/Packages.xz -O $v-updates/$a/Packages-$d.xz
unxz -f $v-updates/$a/Packages-$d.xz
- done
+ done
done
done
mkdir -p $v-updates/$a
for d in $DEBIAN_DIRS
do
- wget $DEBIAN/$v/updates/$d/$a/Packages.bz2 -O $v-updates/$a/Packages-$d.bz2
+ wget -nv $DEBIAN/dists/$v/updates/$d/$a/Packages.bz2 -O $v-updates/$a/Packages-$d.bz2
bunzip2 -f $v-updates/$a/Packages-$d.bz2
- done
+ done
+ done
+done
+
+# Download Raspian distribution information
+
+for v in $RASPIAN_VERSIONS
+do
+ for a in $RASPIAN_ARCH
+ do
+ mkdir -p $v-raspian/$a
+ for d in $RASPIAN_DIRS
+ do
+ wget -nv $RASPIAN/dists/$v/$d/$a/Packages.gz -O $v-raspian/$a/Packages-$d.gz
+ gunzip -f $v-raspian/$a/Packages-$d.gz
+ done
done
done
do
echo "security: $f"
$CMD --product "Ubuntu 16.04 x86_64" --file $f --security >> $CMD_LOG 2>&1
+ if [ $? -eq 0 ]
+ then
+ DEL_LOG=0
+ echo $DEL_LOG
+ fi
done
-echo
+
for f in xenial-updates/binary-amd64/*
do
- echo "updates: $f"
+ echo "updates: $f"
$CMD --product "Ubuntu 16.04 x86_64" --file $f >> $CMD_LOG 2>&1
+ if [ $? -eq 0 ]
+ then
+ DEL_LOG=0
+ echo $DEL_LOG
+ fi
done
-echo
+
for f in jessie-updates/binary-amd64/*
do
echo "security: $f"
$CMD --product "Debian 8.0 x86_64" --file $f --security >> $CMD_LOG 2>&1
+ if [ $? -eq 0 ]
+ then
+ DEL_LOG=0
+ echo $DEL_LOG
+ fi
done
+
+for f in wheezy-updates/binary-amd64/*
+do
+ echo "security: $f"
+ $CMD --product "Debian 7.0 x86_64" --file $f --security >> $CMD_LOG 2>&1
+ if [ $? -eq 0 ]
+ then
+ DEL_LOG=0
+ echo $DEL_LOG
+ fi
+done
+
+for f in jessie-raspian/binary-armhf/*
+do
+ echo "security: $f"
+ $CMD --product "Debian 8.0 armv7l" --file $f --security >> $CMD_LOG 2>&1
+ if [ $? -eq 0 ]
+ then
+ DEL_LOG=0
+ echo $DEL_LOG
+ fi
+done
+
+for f in wheezy-raspian/binary-armhf/*
+do
+ echo "security: $f"
+ $CMD --product "Debian 7.11 armv7l" --file $f --security >> $CMD_LOG 2>&1
+ if [ $? -eq 0 ]
+ then
+ DEL_LOG=0
+ echo $DEL_LOG
+ fi
+done
+
+# Delete log file if no security updates were found
+
+if [ $DEL_LOG -eq 1 ]
+then
+ rm $CMD_LOG
+ echo "no security updates found"
+fi
projects / thirdparty / strongswan.git / commitdiff
