NoPaste

secupdates

von RobertDebiannutzer

SNIPPET_TEXT:
  1. #!/bin/bash
  2.  
  3. #This program is free software: you can redistribute it and/or modify
  4. #it under the terms of the GNU General Public License as published by
  5. #the Free Software Foundation, either version 3 of the License, or
  6. #(at your option) any later version.
  7. #This program is distributed in the hope that it will be useful,
  8. #but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  10. #GNU General Public License for more details.
  11. #You should have received a copy of the GNU General Public License
  12. #along with this program. If not, see <https://www.gnu.org/licenses/>.
  13.  
  14. baseurl='https://www.debian.org'
  15.  
  16. # "seclines" are the lines from https://www.debian.org/security (or
  17. # security.debian.org), which contains the "Recent Advisories"# the seclines
  18. # are in the form: [date] [DSA-number] [package name] "security update"
  19.  
  20. # Check if wget of curl exists and is executable - then get the HTML document,
  21. # print it to stdout and save it in Variable "seclines".
  22. # Of course, wget and curl have to be silent/quiet.
  23. if [[ -x /usr/bin/wget ]]; then
  24.   download_cmd () { /usr/bin/wget -qO- "$@"; }
  25.   seclines="$(download_cmd $baseurl/security/)"
  26.   [[ -z "$seclines" ]] && exit
  27. elif [[ -x /usr/bin/curl ]]; then
  28.   download_cmd () { /usr/bin/curl -s "$@"; }
  29.   seclines="$(download_cmd $baseurl/security/)"
  30.   [[ -z "$seclines" ]] && exit
  31. else
  32.   printf '%s\n' "Unable to find /usr/bin/wget or /usr/bin/curl. One of them is needed to download the document from $baseurl/security/"
  33.   exit
  34. fi
  35.  
  36. # a list of all packages currently installed with their version
  37. installeddebs="$(dpkg-query -W -f='${binary:Package} ${Version}\n')"
  38. # a list of all packages currently installed with their source package
  39. dpkgsrclist="$(dpkg-query -W -f='${source:Package} ${binary:Package}\n')"
  40.  
  41. get_srcpackage () {
  42.   cut -d' ' -f5 <<< "$line"
  43. }
  44.  
  45. # generate the DSA-URLs by grabbing the DSA-XXXX from the security information
  46. # lines and ...
  47. urlline_tmp () {
  48.   sed -n 's/.*\(DSA-[^ ]*\).*/\1/;s/DSA/dsa/p' <<< "$line"
  49. }
  50. # ... appending it to https://www.debian.org/security/
  51. urllines_cmd () {
  52.   urlline_raw="$baseurl/security/$(date '+%Y')/$(urlline_tmp)"
  53.   urlline="$(printf '%b\n' "\033[01;34m    $urlline_raw\033[00m")"
  54. }
  55.  
  56. # check if binarie packages (= debnames) from the sourcepackage are installed
  57. check_source () {
  58.   unset error
  59.   if ! grep -q "^$srcpackage\ " <<< "$dpkgsrclist"; then
  60.     error=y
  61.   fi
  62. }
  63.  
  64. # get a list of the installed debnames of the sourcepackage
  65. parse_source () {
  66.   sed -n "/^$srcpackage\ / {s/[^ ]*\ //p}"
  67. }
  68.  
  69. # get new version of the source package
  70. parse_urlline () {
  71.   grep -o '[^ ]*deb9u[0-9]*'
  72. }
  73.  
  74. # get the version for each debname
  75. extract_version () {
  76.   sed -n "/^$debname\ / {s/[^ ]*\ //p}" <<< "$installeddebs"
  77. }
  78.  
  79. # get the versions of the installed binary packages (debnames) of a source package
  80. checkupdate_cmd () {
  81.   unset installedversions
  82.   # the name of the source package, for example "firefox-esr"
  83.   # the names of the deblist that are built from this source package, for
  84.   # example "firefox-esr-dev" or "firefox-esr"
  85.   check_source
  86.   if [[ $error != y ]]; then
  87.     deblist="$(parse_source <<< "$dpkgsrclist")"
  88.     # the new version of the packages from this source package
  89.     newversion_tmp=$(download_cmd "$urlline_raw" | parse_urlline)
  90.     [[ -z $newversion_tmp ]] && stable=n
  91.     newversion=${newversion_tmp/*:/}
  92.     while read debname; do
  93.       version_tmp=$(extract_version)
  94.       installedversions+=(${version_tmp/*:/})
  95.     done <<< "$deblist"
  96.   fi
  97. }
  98.  
  99. search_cmd () {
  100.    printf '%s\n' "${installedversions[@]}" | grep "$1" "$2"
  101. }
  102.  
  103. sed_color () {
  104.   sed_color_var=$(printf '%b\n' "\033[01;3$1m$srcpackage \033[00msecurity update  \033[00;3$1m$2\033[00m")
  105.   sed "s/$srcpackage security update/$sed_color_var/" <<< "$line"
  106. }
  107.  
  108. colorise_cmd () {
  109.   if [[ $stable == n ]]; then
  110.     sed_color 2 "No update for stable distribution."
  111.   elif [[ -z "${installedversions[@]}" ]]; then
  112.     if [[ $error == y ]]; then
  113.       sed_color 3 "No debs of this package installed."
  114.     else
  115.       sed "s/$/$(printf '%b\n' "  \033[01;31mAn error occured.\033[00m")/" <<< "$line"
  116.     fi
  117.   elif search_cmd -q "bpo"; then
  118.     if search_cmd -qv "bpo"; then
  119.       installedversions=($(printf '%s\n' "${installedversions[@]}" | sed "s/.*bpo.*//;/^$/d"))
  120.       if search_cmd -qx "$newversion"; then
  121.         if search_cmd -qxv "$newversion"; then
  122.           sed_color 1 "There are backports and partial upgraded packages."
  123.         else
  124.           sed_color 2 "There are backports and upgraded packages."
  125.         fi
  126.       else
  127.         sed_color 1 "There are backports and not upgraded packages."
  128.       fi
  129.     else
  130.       sed_color 2 "There are only backports of this package packages."
  131.     fi
  132.   elif search_cmd -qx "$newversion"; then
  133.     if search_cmd -qxv "$newversion"; then
  134.       sed_color 1 "(partial upgraded)"
  135.     else
  136.       sed "s/$srcpackage/$(printf '%b\n' "\033[01;32m$srcpackage\033[00m")/" <<< "$line"
  137.     fi
  138.   else
  139.     sed "s/$srcpackage/$(printf '%b\n' "\033[01;31m$srcpackage\033[00m")/" <<< "$line"
  140.   fi
  141. }
  142.  
  143. old_update () {
  144.   sed_color 1 "Update deprecated."
  145. }
  146.  
  147. parse_seclines () {
  148.   sed -n '/security\ update<br>$/ {s/<[^>]*>//gp}' <<< "$seclines"
  149. }
  150. output="$(parse_seclines | while read line; do
  151. srcpackage="$(get_srcpackage)"
  152. export srcpackage
  153. if ! grep -qx "$srcpackage" <<< "$(printf '%s\n' "${database[@]}")"; then
  154.         urllines_cmd && checkupdate_cmd
  155.         colorise_cmd && printf '%s\n\n' "$urlline"
  156. else
  157.         urllines_cmd && old_update  
  158.         printf '%s\n\n' "$urlline"
  159. fi
  160. database+=($srcpackage)
  161. unset stable
  162.                             done)"
  163. # Check for pager less, than for pager more. If both are unavailable, print to stdout.
  164. if [[ -x /usr/bin/less ]]; then
  165.   less -R <<< "$output"
  166. elif [[ -x /bin/more ]]; then
  167.   more <<< "$output"
  168. else
  169.   printf '%s\n' "$output"
  170. fi

Quellcode

Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN