Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 984dc6f
Add the capability to track package changes in chroots and jails
Matthew Seaman committed 11 years ago
commit 984dc6f10e85078c63338b639b01300bd0848199
parent 16d75e8
1 file changed +76 -11
modified scripts/periodic/490.status-pkg-changes.in
@@ -8,6 +8,81 @@ if [ -r /etc/defaults/periodic.conf ]; then
	source_periodic_confs

fi
+ 
list_pkgs() {
+ 
    local pkgargs="$1"
+ 
    local bak_file="$2"
+ 
    local rc
+
+ 
    bak=/var/backups
+
+ 
    [ -r $bak/$bak_file ] && mv -f $bak/$bak_file $bak/${bak_file}2
+ 
    ${pkgcmd} ${pkgargs} info > $bak/$bak_file
+ 
    rc=$?
+
+ 
    cmp -sz $bak/$bak_file $bak/${bak_file}2
+ 
    if [ $? -eq 1 ]; then
+ 
	diff -U 0 $bak/${bak_file}2 $bak/${bak_file} | \
+ 
	    grep '^[-+][^-+]' | sort -k 1.2
+ 
    fi
+
+ 
    return $rc
+ 
}
+
+ 
list_pkgs_all() {
+ 
    local rc
+ 
    local jails
+ 
    local bak_file
+ 
    local rc=0
+
+ 
    : ${daily_status_pkg_changes_chroots=$pkg_chroots}
+ 
    : ${daily_status_pkg_changes_jails=$pkg_jails}
+
+ 
    # We always show pkg changes for the base system, but only print a
+ 
    # banner line if we're also going to show pkg changes for any
+ 
    # chroots or jails.
+
+ 
    if [ -n "${daily_status_pkg_changes_chroots}" -o \
+ 
	 -n "${daily_status_pkg_changes_jails}" ];
+ 
    then
+ 
	echo "Host system:"
+ 
    fi
+
+ 
    list_pkgs '' pkg.bak
+ 
    [ $? -ne 0 ] && rc=1
+
+ 
    for c in $daily_status_pkg_changes_chroots ; do
+ 
	echo
+ 
	echo "chroot: $c"
+ 
	bak_file="pkg.chroot-$(echo $c | tr -C a-zA-Z0-9.- _).bak"
+
+ 
	list_pkgs "-c $c" $bak_file
+ 
	[ $? -ne 0 ] && rc=1
+ 
    done
+
+ 
    case $daily_status_pkg_changes_jails in
+ 
	\*)
+ 
	    jails=$(jls -q -h name | sed -e 1d)
+ 
	    ;;
+ 
	'')
+ 
	    jails=
+ 
	    ;;
+ 
	*)
+ 
	    jails=$daily_status_pkg_changes_jails
+ 
	    ;;
+ 
    esac
+
+ 
    for j in $jails ; do
+ 
	echo
+ 
	echo "jail: $j"
+ 
	bak_file="pkg.jail-$(echo $j | tr -C a-zA-Z0-9.- _).bak"
+
+ 
	list_pkgs "-j $j" $bak_file
+ 
	[ $? -ne 0 ] && rc=1
+ 
    done
+
+ 
    return $rc
+ 
}
+ 


# On 9.x or lower, 490.status-pkg-changes exists in the base system,

# but using the old pkg_tools commands.  Unfortunately it uses the

# same configuration variables, so allow the setting of
@@ -34,17 +109,7 @@ case "$daily_status_pkg_changes_enable" in
		echo 'status-pkg-changes is enabled but pkg is not used'

		rc=2

	else
- 
		bak=/var/backups
- 
		rc=0
-
- 
		[ -r $bak/pkg.bak ] && mv -f $bak/pkg.bak $bak/pkg.bak2
- 
		${pkgcmd} info > $bak/pkg.bak
-
- 
		cmp -sz $bak/pkg.bak $bak/pkg.bak2
- 
		if [ $? -eq 1 ]; then
- 
			diff -U 0 $bak/pkg.bak2 $bak/pkg.bak | \
- 
			grep '^[-+][^-+]' | sort -k 1.2
- 
		fi
+ 
	    list_pkgs_all

	fi

	;;

	*)