fixed bug in the cluster node automatic update system that caused the apt security updates to be ignored by the mechanism that checks if an update is required.
this misfunction was picked up by xymon/apt, which comainted that the Last apt update was too old
This regression was introduced in commit [29ce88975f], which replaced the unattended upgrade mechanism with the cluster cron based autoupdate mechanism (but only for alambix clustern, for some reason)
The bug in the cluster cron based autoupdate system was caused by the fact that the code forgot to update the package list before calling apt list --upgradable. As a result, the package list was never updated on alambix, and therefore scurity updates were never seen. This problem was not present on physix, which does still have the unattended upgrade mechansim along with the cluster cron based autoupdate system.
fixes [https://bugzilla.ipr.univ-rennes.fr/show_bug.cgi?id=3810]
This commit is contained in:
parent
4148c2f5d1
commit
3f371e27c1
|
|
@ -137,54 +137,51 @@ SGE Master (${sge_master_uri}:${sge_master_port}) is not reachable from this hos
|
|||
|
||||
}
|
||||
# }}}
|
||||
is_apt_upgrade_absent() { # {{{
|
||||
|
||||
APT_PACKAGE_LIST_IS_UP_TO_DATE='false'
|
||||
ensure_apt_package_list_is_up_to_date()
|
||||
{
|
||||
if [ "$APT_PACKAGE_LIST_IS_UP_TO_DATE" = 'false' ]
|
||||
then
|
||||
apt update &> /dev/null
|
||||
APT_PACKAGE_LIST_IS_UP_TO_DATE='true'
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
get_num_outdated_packages()
|
||||
{
|
||||
# ensure that the package list is up to date, because "apt list --upgradable" doesn't automatically do it
|
||||
ensure_apt_package_list_is_up_to_date
|
||||
|
||||
## Count the number of upgradable packages and substract 1 for the header
|
||||
local_apt_upgrade_number="$(apt list --upgradable 2>/dev/null \
|
||||
local num_outdated_packages="$(apt list --upgradable 2>/dev/null \
|
||||
| wc -l \
|
||||
| awk '{print $1-1}')"
|
||||
|
||||
case "${local_apt_upgrade_number}" in
|
||||
0 ) ## No available upgrade
|
||||
return_apt_upgrade_absent="0"
|
||||
;;
|
||||
* ) ## Upgrade seems available
|
||||
return_apt_upgrade_absent="1"
|
||||
;;
|
||||
esac
|
||||
|
||||
## Simple debug message to valid current variable
|
||||
debug_message "is_apt_upgrade_absent − \
|
||||
APT upgrade available for this system: ${RED}${local_apt_upgrade_number:=/dev/null}${COLOR_DEBUG}."
|
||||
|
||||
return "${return_apt_upgrade_absent}"
|
||||
|
||||
echo "${num_outdated_packages}"
|
||||
}
|
||||
# }}}
|
||||
is_apt_upgrade_present() { # {{{
|
||||
|
||||
## Count the number of upgradable packages and substract 1 for the header
|
||||
local_apt_upgrade_number="$(apt list --upgradable 2>/dev/null \
|
||||
| wc -l \
|
||||
| awk '{print $1-1}')"
|
||||
some_packages_are_outdated()
|
||||
{
|
||||
local num_outdated_packages=''
|
||||
num_outdated_packages=$(get_num_outdated_packages)
|
||||
debug_message "some_packages_are_outdated − \
|
||||
number of outdated packages on this system: ${RED}${num_outdated_packages:=/dev/null}${COLOR_DEBUG}."
|
||||
|
||||
case "${local_apt_upgrade_number}" in
|
||||
0 ) ## No available upgrade
|
||||
return_apt_upgrade_present="1"
|
||||
local return_code=''
|
||||
case "${num_outdated_packages}" in
|
||||
0 )
|
||||
return_code='1' # some_packages_are_outdated = false
|
||||
;;
|
||||
* ) ## Upgrade seems available
|
||||
return_apt_upgrade_present="0"
|
||||
* )
|
||||
return_code='0' # some_packages_are_outdated = true
|
||||
;;
|
||||
esac
|
||||
|
||||
## Simple debug message to valid current variable
|
||||
debug_message "is_apt_upgrade_present − \
|
||||
APT upgrade available for this system: ${RED}${local_apt_upgrade_number:=/dev/null}${COLOR_DEBUG}."
|
||||
|
||||
return "${return_apt_upgrade_present}"
|
||||
esac
|
||||
|
||||
return "${return_code}"
|
||||
}
|
||||
# }}}
|
||||
|
||||
is_file_present() { # {{{
|
||||
|
||||
local_file_present="${1}"
|
||||
|
|
@ -257,12 +254,15 @@ main() { # {{{
|
|||
## Define all vars
|
||||
define_vars
|
||||
|
||||
## If NO APT package upgrade is available {{{
|
||||
## If NO APT packages are out of date {{{
|
||||
### Ensure to remove any temp file related to APT upgrades
|
||||
### AND Exit
|
||||
is_apt_upgrade_absent \
|
||||
&& rm -f -- "${APT_TMP_FILE}" \
|
||||
if [ ! "$(some_packages_are_outdated)" ]
|
||||
then
|
||||
rm -f -- "${APT_TMP_FILE}" \
|
||||
&& exit 0
|
||||
fi
|
||||
|
||||
## }}}
|
||||
|
||||
## If APT temp file already exists {{{
|
||||
|
|
@ -276,7 +276,7 @@ main() { # {{{
|
|||
### Create APT temp file
|
||||
### AND Exit
|
||||
is_file_present "${sge_queue_flag_pattern}" \
|
||||
&& is_apt_upgrade_present \
|
||||
&& some_packages_are_outdated \
|
||||
&& touch "${APT_TMP_FILE}" && echo "APT upgrade is available." >> "${APT_TMP_FILE}" \
|
||||
&& exit 0
|
||||
## }}}
|
||||
|
|
@ -296,7 +296,7 @@ main() { # {{{
|
|||
### Create APT temp file
|
||||
### Disable SGE queue
|
||||
### AND Exit
|
||||
is_apt_upgrade_present \
|
||||
some_packages_are_outdated \
|
||||
&& touch "${APT_TMP_FILE}" && echo "APT upgrade is available." >> "${APT_TMP_FILE}" \
|
||||
&& sh "${sge_disable_host_queue_script}" \
|
||||
&& exit 0
|
||||
|
|
|
|||
Loading…
Reference in New Issue