bundlewrap/bundles/apt/files/upgrade-and-reboot

61 lines
1.7 KiB
Text
Raw Normal View History

#!/bin/bash
# With systemd, we can force logging to the journal. This is better than
# spamming the world with cron mails. You can then view these logs using
# "journalctl -rat upgrade-and-reboot".
if which logger >/dev/null 2>&1
then
# Dump stdout to logger, which will then put everything into the
# journal.
exec 1> >(logger -t upgrade-and-reboot -p user.info)
# Make stdout and stderr the same. We don't care about the
# distinction anyway.
exec 2>&1
fi
2020-11-21 09:30:05 +00:00
statusfile="/var/tmp/unattended_upgrades.status"
# Workaround, because /var/tmp is usually 1777
[[ "$UID" == 0 ]] && chown root:root "$statusfile"
logins=$(ps h -C sshd -o euser | awk '$1 != "root" && $1 != "sshd" && $1 != "sshmon"')
if [[ -n "$logins" ]]
then
echo "Will abort now, there are active SSH logins: $logins"
echo "abort_ssh" > "$statusfile"
exit 1
fi
softlockdir=/var/lib/bundlewrap/soft-${node.name}
mkdir -p "$softlockdir"
printf '{"comment": "UPDATE", "date": %s, "expiry": %s, "id": "UNATTENDED", "items": ["*"], "user": "root@localhost"}\n' \
$(date +%s) \
$(date -d 'now + 30 mins' +%s) \
>"$softlockdir"/UNATTENDED
trap 'rm -f "$softlockdir"/UNATTENDED' EXIT
(
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get -y -q -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef dist-upgrade
)
ret=$?
echo "apt-get dist-upgrade exited $ret"
echo "$ret" > "$statusfile"
if (( $ret != 0 ))
then
exit 1
fi
DEBIAN_FRONTEND=noninteractive apt-get -y -q autoclean
DEBIAN_FRONTEND=noninteractive apt-get -y -q autoremove
if [[ -f /var/run/reboot-required ]]
then
% if 'mail' in data:
date | mail -s "SYSREBOOTNOW ${node.name}" ${data['mail']}
% endif
systemctl reboot
fi