-
Notifications
You must be signed in to change notification settings - Fork 0
/
rpm-verify.sh
executable file
·150 lines (126 loc) · 5.48 KB
/
rpm-verify.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
#!/bin/bash
# Partial script version of http://fedorasolved.org/Members/fenris02/post_upgrade_cleanup
# Mirrored on https://fedoraproject.org/wiki/User:Fenris02/Distribution_upgrades_and_cleaning_up_after_them
LANG=C
if [ "$(/usr/bin/whoami)" != "root" ]; then
echo "Must be run as root."
exit 1
fi
DS=$(/bin/date +%Y%m%d)
TMPDIR=$(/bin/mktemp -d "${TMPDIR:-/tmp}/${0##*/}-XXXXX.log")
[ -d "${TMPDIR}" ] || mkdir -p "${TMPDIR}"
if [ -f /etc/sysconfig/prelink ]; then
echo "Updating prelink info ..."
. /etc/sysconfig/prelink \
time /usr/sbin/prelink -av $PRELINK_OPTS >> /var/log/prelink/prelink.log 2>&1
fi
/sbin/ldconfig
# Remove temporary files
/bin/rm /var/lib/rpm/__db.00?
echo "rpm-Va: This may take 12mins or longer, please wait ... (Might be a good time for coffee)"
time /bin/rpm -Va > "${TMPDIR}/rpm-va2_${DS}.txt" 2>&1
# Filter out prelink messages, kmod files, and kernel-devel files:
/bin/egrep -v '^(prelink: /|S\..\.\.\.\.\.\. /|.{9} /lib/modules/.*/modules\.|.{9} /usr/src/kernels/)' \
"${TMPDIR}/rpm-va2_${DS}.txt" > "${TMPDIR}/RPM-VA2_${DS}.txt"
echo "Generating reports ..."
/bin/egrep -v '^.{9} c /' "${TMPDIR}/RPM-VA2_${DS}.txt" > "${TMPDIR}/URGENT-REVIEW_${DS}.txt"
/bin/egrep '^.{9} c /' "${TMPDIR}/RPM-VA2_${DS}.txt" > "${TMPDIR}/REVIEW-CONFIGS_${DS}.txt"
/bin/find /etc -name '*.rpm?*' > "${TMPDIR}/REVIEW-OBSOLETE-CONFIGS_${DS}.txt"
if [ ! -f /var/lib/yum/groups/installed ]; then
# "group mark convert" converts the automatic data you get without using groups
# as objects into groups as objects data. This makes it much easier to convert
# to groups as objects without having to reinstall.
if [ "0$(rpm -qf /etc/redhat-release --qf '%{version}\n')" -gt 18 ]; then
echo "F19 hack to help from upgrades"
/usr/bin/yum group mark convert
fi
fi
echo "Requesting extra reporting tools to be installed ..."
# yum -q install fpaste yum-utils rpmdevtools policycoreutils-python
/usr/bin/yum -q install \
/usr/bin/fpaste \
/usr/bin/package-cleanup /usr/bin/repoquery /usr/bin/show-installed /usr/sbin/yumdb \
/usr/bin/rpmdev-rmdevelrpms \
/usr/sbin/semanage \
#
if [ -x /usr/sbin/semanage ]; then
echo "Reporting SELinux policy ..."
TMPF=$(/bin/mktemp -u "/tmp/${0##*/}-XXXXX.txt")
/usr/sbin/semanage -o "$TMPF"
/bin/mv "$TMPF" "${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt"
fi
if [ -x /usr/bin/rpmdev-rmdevelrpms ]; then
echo "Reporting devel packages"
/usr/bin/rpmdev-rmdevelrpms -l > "${TMPDIR}/SHOW-DEVELRPMS_${DS}.txt"
fi
echo "Finding installed packages ..."
if [ -x /usr/bin/show-installed ]; then
/usr/bin/show-installed -f kickstart -e -o "${TMPDIR}/SHOW-INSTALLED2_${DS}.txt"
else
$(dirname "$0")/show-installed -f kickstart -e -o "${TMPDIR}/SHOW-INSTALLED2_${DS}.txt"
fi
/bin/sort -o "${TMPDIR}/SHOW-INSTALLED2_${DS}.txt" "${TMPDIR}/SHOW-INSTALLED2_${DS}.txt"
if [ -x /usr/sbin/yumdb ]; then
echo "Locating rpm packages that were installed without yum ..."
/usr/sbin/yumdb --noplugins unset from_repo > "${TMPDIR}/SHOW-EXTERNAL_${DS}.txt"
fi
echo "Reporting Problem RPMs"
if [ -x /usr/bin/package-cleanup ]; then
/usr/bin/package-cleanup -q --problems > "${TMPDIR}/PROBLEM-PACKAGES_${DS}.txt"
else
/bin/rpm -Va --nofiles --noscripts > "${TMPDIR}/PROBLEM-PACKAGES_${DS}.txt"
fi
if [ -x /usr/bin/package-cleanup ]; then
echo "Reporting Duplicate RPMs"
/usr/bin/package-cleanup -q --dupes > "${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt"
fi
if [ -x /usr/bin/package-cleanup ]; then
echo "Reporting Orphan RPMs"
/usr/bin/package-cleanup -q --orphans > "${TMPDIR}/ORPHANED-PACKAGES_${DS}.txt"
fi
if [ -x /usr/bin/repoquery ]; then
echo "Collect leaf RPMs"
/usr/bin/repoquery --installed --qf "%{nvra} - %{yumdb_info.reason}" \
$(/usr/bin/package-cleanup --leaves -q --all) \
|/bin/grep '\- dep' \
|while read -r n a a; do \
echo "remove $n"
done > "${TMPDIR}/SHOW-LEAVES_${DS}.txt"
fi
echo "Collect list of enabled repos"
/usr/bin/yum repolist > "${TMPDIR}/YUM-REPOLIST_${DS}.txt"
echo "Collecting distribution-synchronization differences"
echo n |\
/usr/bin/yum distro-sync |\
/bin/sed -e '1,/Dependencies Resolved/d;' > "${TMPDIR}/YUM-DISTROSYNC_${DS}.txt"
/bin/cat - <<EOT
==========
TMPDIR = ${TMPDIR}
==========
##### The following all break fpaste, so concatenate below instead:
#/usr/bin/fpaste ${TMPDIR}/[A-Z]*_${DS}.txt
## (excluding ${TMPDIR}/RPM-VA2_${DS}.txt to avoid duplicate info)
#/usr/bin/fpaste ${TMPDIR}/{REVIEW,SHOW,URGENT}*_${DS}.txt
==========
EOT
for fp in ${TMPDIR}/{YUM-REPOLIST,YUM-DISTROSYNC,URGENT-REVIEW,REVIEW-CONFIGS,PROBLEM-PACKAGES,DUPLICATE-PACKAGES,ORPHANED-PACKAGES,REVIEW-OBSOLETE-CONFIGS,SELINUX-CUSTOM-CONFIG,SHOW-DEVELRPMS,SHOW-EXTERNAL,SHOW-LEAVES,SHOW-INSTALLED2}*_${DS}.txt; do
if [ -s "$fp" ]; then
/bin/cat - >> "${TMPDIR}/fpaste-output_${DS}.txt" <<EOT
===============================================================================
===== $fp
===============================================================================
EOT
### Limit each output file to 1000 lines to prevent excessive flooding.
WCL="$(/usr/bin/wc -l "$fp" |/usr/bin/gawk '{print$1}')"
if [ "$WCL" -gt 1000 ]; then
echo "*** File $fp truncated to 1000 lines, was $WCL lines. ***"
echo "*** File $fp truncated to 1000 lines, was $WCL lines. ***" >> "${TMPDIR}/fpaste-output_${DS}.txt"
fi
/usr/bin/head -n1000 "$fp" >> "${TMPDIR}/fpaste-output_${DS}.txt"
fi
done
echo "fpaste ${TMPDIR}/fpaste-output_${DS}.txt"
if [ "x$1" != "xNOPOST" ]; then
/usr/bin/fpaste "${TMPDIR}/fpaste-output_${DS}.txt"
fi
#EOF