2013-03-16 17:54:00 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
2019-07-20 08:27:26 +00:00
|
|
|
quote_args() {
|
|
|
|
local quoted_args=""
|
|
|
|
|
|
|
|
for arg in "${@}"; do
|
|
|
|
quoted_args="${quoted_args} \"${arg}\""
|
|
|
|
done
|
|
|
|
|
|
|
|
echo "${quoted_args}"
|
|
|
|
}
|
|
|
|
|
|
|
|
find_regex_in_args() {
|
|
|
|
local regex="${1}"
|
|
|
|
shift 1
|
|
|
|
|
|
|
|
for arg in "${@}"; do
|
|
|
|
if echo "${arg}" | grep -q -e "${regex}"; then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
2016-02-11 01:38:59 +00:00
|
|
|
UPDATEVM=`qubes-prefs --force-root updatevm`
|
2013-03-16 17:54:00 +00:00
|
|
|
UPDATES_STAT_FILE=/var/lib/qubes/updates/dom0-updates-available
|
|
|
|
|
|
|
|
if [ -z "$UPDATEVM" ]; then
|
|
|
|
echo "UpdateVM not set, exiting"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ "$1" = "--help" ]; then
|
|
|
|
echo "This tool is used to download packages for dom0. Without package list"
|
|
|
|
echo "it checks for updates for installed packages"
|
|
|
|
echo ""
|
|
|
|
echo "Usage: $0 [--clean] [--check-only] [--gui] [<pkg list>]"
|
2018-08-18 05:11:50 +00:00
|
|
|
echo " --clean clean dnf cache before doing anything"
|
2013-03-16 17:54:00 +00:00
|
|
|
echo " --check-only only check for updates (no install)"
|
|
|
|
echo " --gui use gpk-update-viewer for update selection"
|
2018-08-18 05:11:50 +00:00
|
|
|
echo " --action=... use specific dnf action, instead of automatic install/update"
|
2013-03-16 17:54:00 +00:00
|
|
|
echo " <pkg list> download (and install if run by root) new packages"
|
|
|
|
echo " in dom0 instead of updating"
|
|
|
|
exit
|
|
|
|
fi
|
|
|
|
|
2019-07-20 08:27:26 +00:00
|
|
|
PKGS=()
|
|
|
|
YUM_OPTS=()
|
2013-03-16 17:54:00 +00:00
|
|
|
GUI=
|
|
|
|
CHECK_ONLY=
|
2019-07-20 08:27:26 +00:00
|
|
|
ALL_OPTS=( "${@}" )
|
2015-03-25 23:58:10 +00:00
|
|
|
YUM_ACTION=
|
2013-03-16 17:54:00 +00:00
|
|
|
QVMRUN_OPTS=
|
2014-05-11 22:30:48 +00:00
|
|
|
CLEAN=
|
2017-11-30 13:52:13 +00:00
|
|
|
TEMPLATE=
|
|
|
|
TEMPLATE_BACKUP=
|
2018-08-18 05:11:50 +00:00
|
|
|
# Filter out some dnf options and collect packages list
|
2013-03-16 17:54:00 +00:00
|
|
|
while [ $# -gt 0 ]; do
|
|
|
|
case "$1" in
|
|
|
|
--enablerepo=*|\
|
2014-05-11 22:30:48 +00:00
|
|
|
--disablerepo=*)
|
|
|
|
;;
|
2013-03-16 17:54:00 +00:00
|
|
|
--clean)
|
2014-05-11 22:30:48 +00:00
|
|
|
CLEAN=1
|
2013-03-16 17:54:00 +00:00
|
|
|
;;
|
|
|
|
--gui)
|
|
|
|
GUI=1
|
|
|
|
;;
|
|
|
|
--check-only)
|
|
|
|
CHECK_ONLY=1
|
|
|
|
;;
|
2015-03-25 23:58:10 +00:00
|
|
|
--action=*)
|
|
|
|
YUM_ACTION=${1#--action=}
|
|
|
|
;;
|
2013-03-16 17:54:00 +00:00
|
|
|
-*)
|
2019-07-20 08:27:26 +00:00
|
|
|
YUM_OPTS+=( "${1}" )
|
2013-03-16 17:54:00 +00:00
|
|
|
;;
|
|
|
|
*)
|
2019-07-20 08:27:26 +00:00
|
|
|
PKGS+=( "${1}" )
|
2015-03-25 23:58:10 +00:00
|
|
|
if [ -z "$YUM_ACTION" ]; then
|
|
|
|
YUM_ACTION=install
|
|
|
|
fi
|
2013-03-16 17:54:00 +00:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
shift
|
|
|
|
done
|
|
|
|
|
2017-03-13 03:15:45 +00:00
|
|
|
# Prevent implicit update of template - this would override user changes -
|
|
|
|
# but do allow explicit template upgrade, downgrade, reinstall
|
2017-03-15 14:10:36 +00:00
|
|
|
if [ "$YUM_ACTION" == "reinstall" ] || [ "$YUM_ACTION" == "upgrade" ] || [ "$YUM_ACTION" == "upgrade-to" ] \
|
2019-07-20 08:27:26 +00:00
|
|
|
|| [ "$YUM_ACTION" == "downgrade" ] && find_regex_in_args '^qubes-template-' "${PKGS[@]}"; then
|
|
|
|
TEMPLATE_EXCLUDE_OPTS=()
|
2017-03-13 03:15:45 +00:00
|
|
|
echo "WARNING: Replacing a template will erase all files in template's /home and /rw !"
|
2016-06-24 00:24:52 +00:00
|
|
|
|
2019-07-20 08:27:26 +00:00
|
|
|
# At least one package name matches the regex '^qubes-template-',
|
|
|
|
# so if there is only one package name in the array, then the
|
|
|
|
# code can safely assume that the array includes only a template
|
|
|
|
# package name.
|
|
|
|
if [[ ${#PKGS[@]} -eq 1 ]]; then
|
|
|
|
ONEPKG="$(echo "${PKGS[0]}" | sed -r 's/-[0-9]+(\.[0-9-]+)+(\.noarch)*$//')" # Remove version suffix
|
2017-03-15 14:10:36 +00:00
|
|
|
TEMPLATE=${ONEPKG#qubes-template-} # Remove prefix
|
2017-11-30 13:52:13 +00:00
|
|
|
|
2016-06-21 19:15:34 +00:00
|
|
|
if qvm-shutdown --wait $TEMPLATE ; then
|
|
|
|
echo "Template VM halted"
|
|
|
|
fi
|
2017-11-30 13:52:13 +00:00
|
|
|
|
|
|
|
# Try to avoid unrecoverable failures when operating on the template of
|
|
|
|
# the UpdateVM by making a backup first.
|
|
|
|
UPDATEVM_TEMPLATE=$(qvm-prefs -- "$UPDATEVM" template 2>/dev/null)
|
|
|
|
if [ X"$UPDATEVM_TEMPLATE" = X"$TEMPLATE" ]; then
|
|
|
|
TEMPLATE_BACKUP="${TEMPLATE}-backup-$(date +%Y%m%d)-$(mktemp -u XXXX)"
|
2019-02-18 04:05:24 +00:00
|
|
|
TEMPLATE_BACKUP=${TEMPLATE_BACKUP:0:31}
|
2017-11-30 13:52:13 +00:00
|
|
|
echo "Attempting to operate on template of UpdateVM... backing up $TEMPLATE to $TEMPLATE_BACKUP"
|
|
|
|
if ! qvm-clone -- "$TEMPLATE" "$TEMPLATE_BACKUP"; then
|
|
|
|
echo "ERROR: Unable to make backup of UpdateVM template!" >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
2016-06-20 17:36:30 +00:00
|
|
|
fi
|
2016-06-18 07:02:46 +00:00
|
|
|
else
|
2017-03-15 14:10:36 +00:00
|
|
|
echo "ERROR: Specify only one package to reinstall template"
|
2016-06-18 07:02:46 +00:00
|
|
|
exit 1
|
|
|
|
fi
|
2018-10-30 02:36:15 +00:00
|
|
|
elif [ "$YUM_ACTION" == "search" ] || [ "$YUM_ACTION" == "info" ]; then # No need to shutdown for search/info
|
2019-07-20 08:27:26 +00:00
|
|
|
TEMPLATE_EXCLUDE_OPTS=()
|
2016-06-16 11:59:28 +00:00
|
|
|
else
|
2019-07-20 08:27:26 +00:00
|
|
|
TEMPLATE_EXCLUDE_OPTS=( "--exclude=$(rpm -qa --qf '%{NAME},' qubes-template-\*|head -c -1)" )
|
2016-06-12 16:05:28 +00:00
|
|
|
fi
|
2019-07-20 08:27:26 +00:00
|
|
|
|
|
|
|
YUM_OPTS=( "${TEMPLATE_EXCLUDE_OPTS[@]}" "${YUM_OPTS[@]}" )
|
|
|
|
ALL_OPTS=( "${TEMPLATE_EXCLUDE_OPTS[@]}" "${ALL_OPTS[@]}" )
|
2016-06-12 16:05:28 +00:00
|
|
|
|
2013-03-16 17:54:00 +00:00
|
|
|
ID=$(id -ur)
|
|
|
|
if [ $ID != 0 -a -z "$GUI" -a -z "$CHECK_ONLY" ] ; then
|
|
|
|
echo "This script should be run as root (when used in console mode), use sudo." >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2019-07-20 08:27:26 +00:00
|
|
|
if [ "$GUI" == "1" -a ${#PKGS[@]} -ne 0 ]; then
|
2013-03-16 17:54:00 +00:00
|
|
|
echo "ERROR: GUI mode can be used only for updates" >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2014-06-29 19:59:42 +00:00
|
|
|
if [ "$GUI" == "1" ]; then
|
2018-01-12 03:54:07 +00:00
|
|
|
apps="xterm konsole yumex apper gpk-update-viewer"
|
2014-06-29 19:59:42 +00:00
|
|
|
|
|
|
|
if [ -n "$KDE_FULL_SESSION" ]; then
|
2018-01-12 03:54:07 +00:00
|
|
|
apps="konsole xterm apper yumex gpk-update-viewer"
|
2014-06-29 19:59:42 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
guiapp=
|
|
|
|
for app in $apps; do
|
|
|
|
if type $app &>/dev/null; then
|
|
|
|
guiapp=$app
|
2014-06-30 14:16:08 +00:00
|
|
|
case $guiapp in
|
2015-12-13 01:08:05 +00:00
|
|
|
apper) guiapp="apper --updates --nofork" ;;
|
2018-01-12 03:54:07 +00:00
|
|
|
xterm) guiapp="xterm -e sudo dnf update" ;;
|
|
|
|
konsole) guiapp="konsole --hold -e sudo dnf update" ;;
|
2014-06-30 14:16:08 +00:00
|
|
|
*) guiapp=$app ;;
|
|
|
|
esac
|
2014-06-29 19:59:42 +00:00
|
|
|
break;
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
if [ -z "$guiapp" ]; then
|
2018-08-18 05:11:50 +00:00
|
|
|
message1="You don't have any supported dnf frontend installed."
|
2014-06-29 19:59:42 +00:00
|
|
|
message2="Install (using qubes-dom0-update) one of: $apps"
|
|
|
|
|
|
|
|
if [ "$KDE_FULL_SESSION" ]; then
|
|
|
|
kdialog --sorry "$message1<br/>$message2"
|
|
|
|
else
|
|
|
|
zenity --error --text "$message1\n$message2"
|
|
|
|
fi
|
|
|
|
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2013-03-16 17:54:00 +00:00
|
|
|
if [ "$GUI" != "1" ]; then
|
|
|
|
QVMRUN_OPTS=--nogui
|
|
|
|
fi
|
|
|
|
|
2018-02-12 05:48:52 +00:00
|
|
|
# Do not start VM automatically when running from cron (only checking for updates)
|
2017-11-30 13:46:28 +00:00
|
|
|
if [ "$CHECK_ONLY" == "1" ] && ! qvm-check -q --running $UPDATEVM > /dev/null 2>&1; then
|
2013-03-16 17:54:00 +00:00
|
|
|
echo "ERROR: UpdateVM not running, not starting it in non-interactive mode" >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2014-05-11 22:30:48 +00:00
|
|
|
if [ -n "$CLEAN" ]; then
|
|
|
|
rm -f /var/lib/qubes/updates/rpm/*
|
2016-02-26 12:20:16 +00:00
|
|
|
rm -f /var/lib/qubes/updates/repodata/*
|
2014-05-11 22:30:48 +00:00
|
|
|
fi
|
2015-05-13 00:34:51 +00:00
|
|
|
rm -f /var/lib/qubes/updates/errors
|
2014-05-11 22:30:48 +00:00
|
|
|
|
2014-10-28 04:28:13 +00:00
|
|
|
echo "Using $UPDATEVM as UpdateVM to download updates for Dom0; this may take some time..." >&2
|
2013-03-16 17:54:00 +00:00
|
|
|
|
2017-11-30 13:48:13 +00:00
|
|
|
# qvm-run by default auto-starts the VM if not running
|
2018-02-25 11:17:48 +00:00
|
|
|
qvm-run --nogui -q -u root $UPDATEVM 'mkdir -m 775 -p /var/lib/qubes/dom0-updates/' || exit 1
|
|
|
|
qvm-run --nogui -q -u root $UPDATEVM 'chown user:user /var/lib/qubes/dom0-updates/' || exit 1
|
2017-05-20 01:46:33 +00:00
|
|
|
qvm-run --nogui -q $UPDATEVM 'rm -rf /var/lib/qubes/dom0-updates/etc' || exit 1
|
2019-04-02 15:57:07 +00:00
|
|
|
tar c /var/lib/rpm /etc/yum.repos.d /etc/yum.conf /etc/dnf/dnf.conf 2>/dev/null | \
|
2018-12-08 11:03:33 +00:00
|
|
|
qvm-run --nogui -q --pass-io "$UPDATEVM" 'LC_MESSAGES=C tar x -C /var/lib/qubes/dom0-updates 2>&1 | grep -v -E "s in the future"'
|
2013-03-16 17:54:00 +00:00
|
|
|
|
2020-01-15 14:16:41 +00:00
|
|
|
qvm-run $QVMRUN_OPTS --pass-io $UPDATEVM "script --quiet --return --command '/usr/lib/qubes/qubes-download-dom0-updates.sh --doit --nogui $(quote_args "${ALL_OPTS[@]}")' /dev/null" < /dev/null
|
2013-03-16 17:54:00 +00:00
|
|
|
RETCODE=$?
|
|
|
|
if [ "$CHECK_ONLY" == "1" ]; then
|
|
|
|
exit $RETCODE
|
|
|
|
elif [ "$RETCODE" -ne 0 ]; then
|
|
|
|
exit $RETCODE
|
|
|
|
fi
|
|
|
|
# Wait for download completed
|
|
|
|
while pidof -x qubes-receive-updates >/dev/null; do sleep 0.5; done
|
|
|
|
|
|
|
|
if [ -r /var/lib/qubes/updates/errors ]; then
|
|
|
|
echo "*** ERROR while receiving updates:" >&2
|
|
|
|
cat /var/lib/qubes/updates/errors >&2
|
2018-08-18 05:11:50 +00:00
|
|
|
echo "--> if you want to use packages that were downloaded correctly, use dnf directly now" >&2
|
2013-03-16 17:54:00 +00:00
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2015-03-25 23:58:10 +00:00
|
|
|
if [ -z "$YUM_ACTION" ]; then
|
|
|
|
YUM_ACTION=upgrade
|
|
|
|
fi
|
|
|
|
|
2019-07-20 08:27:26 +00:00
|
|
|
if [ ${#PKGS[@]} -gt 0 ]; then
|
2017-11-30 13:52:13 +00:00
|
|
|
if [ -n "$TEMPLATE" ]; then
|
|
|
|
TEMPLATE_NETVM=$(qvm-prefs --force-root $TEMPLATE netvm)
|
2016-06-18 16:00:00 +00:00
|
|
|
fi
|
|
|
|
|
2019-07-20 08:27:26 +00:00
|
|
|
dnf "${YUM_OPTS[@]}" $YUM_ACTION "${PKGS[@]}" ; RETCODE=$?
|
2016-06-18 16:00:00 +00:00
|
|
|
|
2017-11-30 13:52:13 +00:00
|
|
|
if [ -n "$TEMPLATE_BACKUP" -a "$RETCODE" -eq 0 ]; then
|
|
|
|
# Remove backup, if we made one. Better to do this only on success and
|
|
|
|
# potentially leave extra backups around than do it on an exit trap and
|
|
|
|
# clean up more reliably but potentially brick a system.
|
2019-10-21 01:47:39 +00:00
|
|
|
qvm-remove -f -- "$TEMPLATE_BACKUP"
|
2017-11-30 13:52:13 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -n "$TEMPLATE" -a -n "$TEMPLATE_NETVM" -a x"$TEMPLATE_NETVM" != xNone ]; then
|
|
|
|
if ! qvm-prefs --force-root -s $TEMPLATE netvm $TEMPLATE_NETVM; then
|
|
|
|
echo "ERROR: NetVM setting could not be restored!" >&2
|
2016-06-21 19:15:34 +00:00
|
|
|
exit 1
|
2016-06-18 16:00:00 +00:00
|
|
|
fi
|
|
|
|
fi
|
2013-03-16 17:54:00 +00:00
|
|
|
elif [ -f /var/lib/qubes/updates/repodata/repomd.xml ]; then
|
|
|
|
# Above file exists only when at least one package was downloaded
|
|
|
|
if [ "$GUI" == "1" ]; then
|
2018-01-08 00:40:18 +00:00
|
|
|
# refresh packagekit metadata, GUI utilities use it
|
|
|
|
pkcon refresh force
|
2014-06-29 19:59:42 +00:00
|
|
|
$guiapp
|
2013-03-16 17:54:00 +00:00
|
|
|
else
|
2017-05-20 01:46:33 +00:00
|
|
|
dnf check-update
|
2018-08-18 05:11:50 +00:00
|
|
|
if [ $? -eq 100 ]; then # Run dnf with options
|
2019-07-20 08:27:26 +00:00
|
|
|
dnf "${YUM_OPTS[@]}" $YUM_ACTION
|
2013-03-16 17:54:00 +00:00
|
|
|
fi
|
|
|
|
fi
|
2018-11-02 00:58:27 +00:00
|
|
|
dnf -q check-update && qvm-features dom0 updates-available ''
|
2013-03-16 17:54:00 +00:00
|
|
|
else
|
2018-11-02 00:58:27 +00:00
|
|
|
qvm-features dom0 updates-available ''
|
2018-02-12 05:48:52 +00:00
|
|
|
echo "No updates available" >&2
|
2018-04-21 00:58:30 +00:00
|
|
|
if [ "$GUI" == "1" ]; then
|
2018-09-27 19:05:28 +00:00
|
|
|
zenity --info --title='Dom0 updates' --text='No updates available'
|
2018-04-21 00:58:30 +00:00
|
|
|
fi
|
2013-03-16 17:54:00 +00:00
|
|
|
fi
|