Well, after some more refining I think I finally have a script I ain’t never gonna touch again (unless something breaks, which can happen quick as we all know).
The script now uses a sysconfig file for the common settings (like sender, receipents, categories to scan for), so it may be deployed en mass.
/etc/sysconfig/zypper-update-report
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
## Type: string ## Default: root ## Config: "" # # Sender address for the update report FROM="Yourupdatemonkey " ## Type: string ## Default: root ## Config: "" # # Receiver address for the update report #RECEIPENTS="tehsysadmin@barfoo.org" ## Type: string ## Default: "securty recommended optional" ## Config: "" # # List of groups, to include in the report CLASSES="security recommended optional" |
/usr/local/sbin/zypper-update-report
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
#!/bin/bash # Checks the output of `zypper pch` for security/recommended/optional updates # and prepares a detailed report to be mailed to the administrators [ -f /etc/sysconfig/update-report ] || exit 1 source /etc/sysconfig/update-report # Temporary files TMPDIR="$( mktemp -d /tmp/update-report.XXXXXX )" ZYPP_LIST="$TMPDIR/zypper-list" ZYPP_DETAILS="$TMPDIR/zypper-details" ZYPP_REPORT="$TMPDIR/zypper-report" zypper pch 2>/dev/null > $ZYPP_LIST # Figure out how much updates are still pending PENDING="$( cat $ZYPP_LIST | grep "| Needed" | wc -l )" if [ $PENDING -eq 0 ] ; then exit 0 fi echo > $ZYPP_REPORT echo " Pending updates for $( domainname -f ) on $( date )" >> $ZYPP_REPORT for severity in $CLASSES; do PACKAGES="$( cat $ZYPP_LIST | egrep "${severity}(.*)| Needed" | cut -d| -f2 | sed "s,^ ,," | sort -u )" [ -n "$PACKAGES" ] && echo [ -n "$PACKAGES" ] && echo " Category: $severity" for package in $PACKAGES; do zypper patch-info $package 2>/dev/null > $ZYPP_DETAILS echo "" echo " * Patch: $package" echo " Needs reboot: $( cat $ZYPP_DETAILS | grep "Reboot Required:" | sed -e "s,Reboot Required: ,," )" echo " Affected packages: " for atom in $( cat $ZYPP_DETAILS | grep "^atom:" | cut -d -f2 | sort ); do # Let's check whether or not the package listed in atom is installed ... # If installed, echo the atom, otherwise don't as we don't need to update # the package. RPM_STATUS=$( rpm -qi $atom ) if [ "$RPM_STATUS" != "package $atom is not installed" ] ; then echo " - $atom " fi done done done >> $ZYPP_REPORT if [ -n "$RECEIPENTS" ] ; then cat $ZYPP_REPORT | mail -r "$FROM" -s "[$( date +%F )] Update report for $( domainname -f )" $RECEIPENTS fi trap "rm -rf "$TMPDIR" >/dev/null 2>&1" ERR EXIT # vim: set tw=80 ts=2 sw=2 et softtabstop=2 |
I edited your code to send html email and the update info
#!/bin/bash
[ -f /etc/sysconfig/zypper-update-report ] || exit 1
source /etc/sysconfig/zypper-update-report
# Temporary files
ZYPP_LIST=”$( mktemp /tmp/zypper-list.XXXXXX )”
ZYPP_DETAILS=”$( mktemp /tmp/zypper-details.XXXXXX )”
TMP=”$( mktemp /tmp/zypper-report.XXXXXX )”
zypper pch 2>/dev/null > $ZYPP_LIST
# Figure out how much updates are still pending PENDING=”$( cat $ZYPP_LIST | grep “| Needed” | wc -l )”
if [ $PENDING -eq 0 ] ; then
exit 0
fi
echo “TO: $RECEIPENTS” > $TMP
echo “From: $FROM” >> $TMP
echo “Subject: [$( date +%F )] Update report for $(domainname -f) ” >> $TMP
echo ‘MIME-Version: 1.0’ >> $TMP echo ‘Content-type:text/html;charset=iso-8859-1’ >> $TMP
echo ” >> $TMP echo ” Pending updates for $( domainname -f ) on $( date )” >> $TMP
echo ” >> $TMP echo ‘Package’ >> $TMP
echo ‘Needs Reboot’ >> $TMP
echo ‘Update Info’ >> $TMP
echo ‘Atom’ >> $TMP
echo ‘‘ >> $TMP
for severity in $CLASSES; do
PACKAGES=”$( cat $ZYPP_LIST | egrep “${severity}(.*)| Needed” |
cut -d| -f2 | sed “s,^ ,,” | sort -u )”
[ -n “$PACKAGES” ] && echo
[ -n “$PACKAGES” ] && echo ” Category: $severity”
echo ‘‘
for package in $PACKAGES; do
zypper patch-info $package 2>/dev/null > $ZYPP_DETAILS
echo ”
echo “”
echo ” $package”
echo ”
echo ” $( cat $ZYPP_DETAILS |
grep “Reboot Required:” | sed -e “s,Reboot Required: ,,” )”
echo “”
echo ‘
’
for atom in $( cat $ZYPP_DETAILS | grep “^atom:” | cut -d -f2 |
sort ); do
# Let’s check whether or not the package listed in atom is
# installed. If so, echo the atom, otherwise skip it
RPM_STATUS=$( rpm -qi $atom )
if [ “$RPM_STATUS” != “package $atom is not installed” ] ; then
echo ” – $atom”
fi
done
done
echo ”
done >> $TMP
echo ” >> $TMP
if [ -n “$RECEIPENTS” ] ; then
cat $TMP |
sendmail $RECEIPENTS
fi
trap ‘rm -f “$TMP” “$ZYPP_LIST” “$ZYPP_DETAILS” >/dev/null 2>&1’ 0 trap “exit 2” 1 2 3 15
# vim: set tw=80 ts=2 sw=2 et softtabstop=2
I had some bug in the other code. This is the one fixed.
# Figure out how much updates are still pending
PENDING=”$( cat $ZYPP_LIST | grep “| Needed” | wc -l )”
if [ $PENDING -eq 0 ] ; then
exit 0
fi
echo “TO: $RECEIPENTS” > $TMP
echo “From: $FROM” >> $TMP
echo “Subject: [$( date +%F )] Update report for $(domainname -f) ” >> $TMP
echo ‘MIME-Version: 1.0’ >> $TMP
echo ‘Content-type:text/html;charset=iso-8859-1’ >> $TMP
echo ” >> $TMP
echo ” Pending updates for $( domainname -f ) on $( date )” >> $TMP
echo ” >> $TMP
echo ‘Package’ >> $TMP
echo ‘Needs Reboot’ >> $TMP
echo ‘Update Info’ >> $TMP
echo ‘Atom’ >> $TMP
echo ” >> $TMP
for severity in $CLASSES; do
echo ‘‘
PACKAGES=”$( cat $ZYPP_LIST | egrep “${severity}(.*)| Needed” |
cut -d| -f2 | sed “s,^ ,,” | sort -u )”
[ -n “$PACKAGES” ] && echo
[ -n “$PACKAGES” ] && echo ” Category: $severity”
echo ‘‘
for package in $PACKAGES; do
zypper patch-info $package 2>/dev/null > $ZYPP_DETAILS
echo ”
echo “”
echo ” $package”
echo ”
echo ” $( cat $ZYPP_DETAILS |
grep “Reboot Required:” | sed -e “s,Reboot Required: ,,” )”
echo “”
echo ‘
’
for atom in $( cat $ZYPP_DETAILS | grep “^atom:” | cut -d -f2 |
sort ); do
# Let’s check whether or not the package listed in atom is
# installed. If so, echo the atom, otherwise skip it
RPM_STATUS=$( rpm -qi $atom )
if [ “$RPM_STATUS” != “package $atom is not installed” ] ; then
echo ” – $atom”
fi
done
done
echo ”
done >> $TMP
echo ” >> $TMP
if [ -n “$RECEIPENTS” ] ; then
cat $TMP |
sendmail $RECEIPENTS
fi
trap ‘rm -f “$TMP” “$ZYPP_LIST” “$ZYPP_DETAILS” >/dev/null 2>&1’ 0
trap “exit 2” 1 2 3 15
# vim: set tw=80 ts=2 sw=2 et softtabstop=2