check_running_kernel_mixed_arch
· 7.7 KiB · Text
Raw
#!/bin/bash
# Check if the running kernel has the same version string as the on-disk
# kernel image.
# Copyright 2008,2009,2011,2012,2013,2014 Peter Palfrader
# Copyright 2009 Stephen Gran
# Copyright 2010,2012,2013 Uli Martens
# Copyright 2011 Alexander Reichle-Schmehl
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
OK=0;
WARNING=1;
CRITICAL=2;
UNKNOWN=3;
get_offset() {
local file needle
file="$1"
needle="$2"
pos="$3"
perl -e '
undef $/;
$i = index(<>, "'"$needle"'", '"$pos"');
if ($i < 0) {
exit 1;
};
print $i,"\n"' < "$file"
}
get_avail() {
# This is wrong, but leaves room for when we have to care for machines running
# myfirstunix-image-0.1-dsa-arm
local prefix="$1"; shift
local kervers=$(uname -r)
local metavers=''
# DSA uses kernel versions of the form 2.6.29.3-dsa-dl380-oldxeon, where
# Debian uses versions of the form 2.6.29-2-amd64
if [ "${kervers#3}" != "$kervers" ]; then
metavers=$(echo $kervers | sed -r -e 's/^3\.[0-9].[0-9]+-[A-Za-z0-9\.]+-(.*)/\1/')
elif [ "${kervers//dsa}" != "$kervers" ]; then
metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+([\.0-9]+?)-(.*)/2.\1-\3/')
else
metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+-[A-Za-z0-9\.]+-(.*)/2.\1-\2/')
fi
# Attempt to track back to a metapackage failed. bail
if [ "$metavers" = "$kervers" ]; then
return 2
fi
# We're just going to give up if we can't find a matching metapackage
# I tried being strict once, and it just caused a lot of headaches. We'll see how
# being lax does for us
local output=$(apt-cache policy ${prefix}-image-${metavers} 2>/dev/null)
local metaavailvers=$(echo "$output" | grep '^ Candidate:' | awk '{print $2}')
local metainstavers=$(echo "$output" | grep '^ Installed:' | awk '{print $2}')
if [ -z "$metaavailvers" ] || [ "$metaavailvers" = '(none)' ]; then
return 2
fi
if [ -z "$metainstavers" ] || [ "$metainstavers" = '(none)' ]; then
return 2
fi
if [ "$metaavailvers" != "$metainstavers" ] ; then
echo "${prefix}-image-${metavers} $metaavailvers available but $metainstavers installed"
return 1
fi
local imagename=0
# --no-all-versions show shows only the candidate
for vers in $(apt-cache --no-all-versions show ${prefix}-image-${metavers} | sed -n 's/^Depends: //p' | tr ',' '\n' | tr -d ' ' | grep ${prefix}-image | awk '{print $1}' | sort -u); do
if dpkg --compare-versions "1.$vers" gt "1.$imagename"; then
imagename=$vers
fi
done
if [ -z "$imagename" ] || [ "$imagename" = 0 ]; then
return 2
fi
if [ "$imagename" != "${prefix}-image-${kervers}" ]; then
if dpkg --compare-versions 1."$imagename" lt 1."${prefix}-image-${kervers}"; then
return 2
fi
echo "$imagename" != "${prefix}-image-${kervers}"
return 1
fi
local availvrs=$(apt-cache policy ${imagename} 2>/dev/null | grep '^ Candidate' | awk '{print $2}')
local kernelversion=$(apt-cache policy ${prefix}-image-${kervers} 2>/dev/null | grep '^ Installed:' | awk '{print $2}')
if [ "$availvrs" = "$kernelversion" ]; then
return 0
fi
echo "$kernelversion != $availvrs"
return 1
}
cat_vmlinux() {
local image header filter hdroff
image="$1"
header="$2"
filter="$3"
hdroff="$4"
nextoff=0
while : ; do
off=`get_offset "$image" $header $nextoff`
local ret="$?"
if [ "$ret" != 0 ]; then
# not found, exit
return 1
fi
(if [ "$off" != 0 ]; then
dd ibs="$((off+hdroff))" skip=1 count=0
fi &&
dd bs=512k) < "$image" 2>/dev/null | $filter 2>/dev/null
nextoff=$((off + 1))
done
return 0
}
get_image_linux() {
local image
image="$1"
# gzip compressed image
cat_vmlinux "$image" "\x1f\x8b\x08\x00" "zcat" 0
cat_vmlinux "$image" "\x1f\x8b\x08\x08" "zcat" 0
# lzma compressed image
cat_vmlinux "$image" "\x00\x00\x00\x02\xff" "xzcat" -1
cat_vmlinux "$image" "\x00\x00\x00\x04\xff" "xzcat" -1
# xz compressed image
cat_vmlinux "$image" "\xfd\x37\x7a\x58\x5a " "xzcat" 0
echo "ERROR: Unable to extract kernel image." 2>&1
exit 1
}
freebsd_check_running_version() {
local imagefile="$1"; shift
local r="$(uname -r)"
local v="$(uname -v| sed -e 's/^#[0-9]*/&:/' -e 's/\+/\\+/g')"
local q='@\(#\)FreeBSD '"$r $v"
if zcat "$imagefile" | $STRINGS | egrep -q "$q"; then
echo "OK"
else
echo "not OK"
fi
}
STRINGS="";
if [ -x "$(which strings)" ]; then
STRINGS="$(which strings)"
elif [ -x "$(which busybox)" -a "$( echo foobar | $(which busybox) strings 2>/dev/null)" = "foobar" ]; then
STRINGS="$(which busybox) strings"
fi
searched=""
for on_disk in \
"/boot/vmlinuz-`uname -r`"\
"/boot/vmlinux-`uname -r`"\
"/boot/kfreebsd-`uname -r`.gz"; do
if [ -e "$on_disk" ]; then
if [ -z "$STRINGS" ]; then
echo "UNKNOWN: 'strings' command missing, perhaps install binutils or busybox?"
exit $UNKNOWN
fi
if [ "${on_disk/vmlinu}" != "$on_disk" ]; then
on_disk_version="`get_image_linux "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`"
if [ -x /usr/bin/lsb_release ] ; then
vendor=$(lsb_release -i -s)
if [ -n "$vendor" ] && [ "xDebian" != "x$vendor" ] ; then
on_disk_version=$( echo $on_disk_version|sed -e "s/ ($vendor [[:alnum:]\.-]\+ [[:alnum:]\.]\+)//")
fi
fi
[ -z "$on_disk_version" ] || break
on_disk_version="`cat "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`"
[ -z "$on_disk_version" ] || break
echo "UNKNOWN: Failed to get a version string from image $on_disk"
exit $UNKNOWN
else
on_disk_version="$(zcat $on_disk | $STRINGS | grep Debian | head -n 1 | sed -e 's/Debian [[:alnum:]]\+ (\(.*\))/\1/')"
fi
fi
searched="$searched $on_disk"
done
if ! [ -e "$on_disk" ]; then
echo "WARNING: Did not find a kernel image (checked$searched) - I have no idea which kernel I am running"
exit $WARNING
fi
if [ "$(uname -s)" = "Linux" ]; then
on_disk_version="$(echo $on_disk_version | sed 's/#.*//')"
running_version="`cat /proc/version | sed 's/#.*//'`"
if [ -z "$running_version" ] ; then
echo "UNKNOWN: Failed to get a version string from running system"
exit $UNKNOWN
fi
if [ "$running_version" != "$on_disk_version" ]; then
echo "WARNING: Running kernel does not match on-disk kernel image: [$running_version != $on_disk_version]"
exit $WARNING
fi
ret="$(get_avail linux)"
if [ $? = 1 ]; then
echo "WARNING: Kernel needs upgrade [$ret]"
exit $WARNING
fi
else
image_current=$(freebsd_check_running_version $on_disk)
running_version="`uname -s` `uname -r` `uname -v`"
if [ "$image_current" != "OK" ]; then
approx_time="$(date -d "@`stat -c '%Y' "$on_disk"`" +"%Y-%m-%d %H:%M:%S")"
echo "WARNING: Currently running kernel ($running_version) does not match on disk image (~ $approx_time)"
exit $WARNING;
fi
ret="$(get_avail linux)"
if [ $? = 1 ]; then
echo "WARNING: Kernel needs upgrade [$ret]"
exit $WARNING
fi
fi
echo "OK: Running kernel matches on disk image: [$running_version]"
exit $OK
| 1 | #!/bin/bash |
| 2 | |
| 3 | # Check if the running kernel has the same version string as the on-disk |
| 4 | # kernel image. |
| 5 | |
| 6 | # Copyright 2008,2009,2011,2012,2013,2014 Peter Palfrader |
| 7 | # Copyright 2009 Stephen Gran |
| 8 | # Copyright 2010,2012,2013 Uli Martens |
| 9 | # Copyright 2011 Alexander Reichle-Schmehl |
| 10 | # |
| 11 | # Permission is hereby granted, free of charge, to any person obtaining |
| 12 | # a copy of this software and associated documentation files (the |
| 13 | # "Software"), to deal in the Software without restriction, including |
| 14 | # without limitation the rights to use, copy, modify, merge, publish, |
| 15 | # distribute, sublicense, and/or sell copies of the Software, and to |
| 16 | # permit persons to whom the Software is furnished to do so, subject to |
| 17 | # the following conditions: |
| 18 | # |
| 19 | # The above copyright notice and this permission notice shall be |
| 20 | # included in all copies or substantial portions of the Software. |
| 21 | # |
| 22 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
| 23 | # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| 24 | # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND |
| 25 | # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE |
| 26 | # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION |
| 27 | # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
| 28 | # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| 29 | |
| 30 | OK=0; |
| 31 | WARNING=1; |
| 32 | CRITICAL=2; |
| 33 | UNKNOWN=3; |
| 34 | |
| 35 | get_offset() { |
| 36 | local file needle |
| 37 | |
| 38 | file="$1" |
| 39 | needle="$2" |
| 40 | pos="$3" |
| 41 | |
| 42 | perl -e ' |
| 43 | undef $/; |
| 44 | $i = index(<>, "'"$needle"'", '"$pos"'); |
| 45 | if ($i < 0) { |
| 46 | exit 1; |
| 47 | }; |
| 48 | print $i,"\n"' < "$file" |
| 49 | } |
| 50 | |
| 51 | get_avail() { |
| 52 | # This is wrong, but leaves room for when we have to care for machines running |
| 53 | # myfirstunix-image-0.1-dsa-arm |
| 54 | local prefix="$1"; shift |
| 55 | |
| 56 | local kervers=$(uname -r) |
| 57 | |
| 58 | local metavers='' |
| 59 | |
| 60 | # DSA uses kernel versions of the form 2.6.29.3-dsa-dl380-oldxeon, where |
| 61 | # Debian uses versions of the form 2.6.29-2-amd64 |
| 62 | if [ "${kervers#3}" != "$kervers" ]; then |
| 63 | metavers=$(echo $kervers | sed -r -e 's/^3\.[0-9].[0-9]+-[A-Za-z0-9\.]+-(.*)/\1/') |
| 64 | elif [ "${kervers//dsa}" != "$kervers" ]; then |
| 65 | metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+([\.0-9]+?)-(.*)/2.\1-\3/') |
| 66 | else |
| 67 | metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+-[A-Za-z0-9\.]+-(.*)/2.\1-\2/') |
| 68 | fi |
| 69 | |
| 70 | # Attempt to track back to a metapackage failed. bail |
| 71 | if [ "$metavers" = "$kervers" ]; then |
| 72 | return 2 |
| 73 | fi |
| 74 | |
| 75 | # We're just going to give up if we can't find a matching metapackage |
| 76 | # I tried being strict once, and it just caused a lot of headaches. We'll see how |
| 77 | # being lax does for us |
| 78 | |
| 79 | local output=$(apt-cache policy ${prefix}-image-${metavers} 2>/dev/null) |
| 80 | local metaavailvers=$(echo "$output" | grep '^ Candidate:' | awk '{print $2}') |
| 81 | local metainstavers=$(echo "$output" | grep '^ Installed:' | awk '{print $2}') |
| 82 | |
| 83 | if [ -z "$metaavailvers" ] || [ "$metaavailvers" = '(none)' ]; then |
| 84 | return 2 |
| 85 | fi |
| 86 | if [ -z "$metainstavers" ] || [ "$metainstavers" = '(none)' ]; then |
| 87 | return 2 |
| 88 | fi |
| 89 | |
| 90 | if [ "$metaavailvers" != "$metainstavers" ] ; then |
| 91 | echo "${prefix}-image-${metavers} $metaavailvers available but $metainstavers installed" |
| 92 | return 1 |
| 93 | fi |
| 94 | |
| 95 | local imagename=0 |
| 96 | # --no-all-versions show shows only the candidate |
| 97 | for vers in $(apt-cache --no-all-versions show ${prefix}-image-${metavers} | sed -n 's/^Depends: //p' | tr ',' '\n' | tr -d ' ' | grep ${prefix}-image | awk '{print $1}' | sort -u); do |
| 98 | if dpkg --compare-versions "1.$vers" gt "1.$imagename"; then |
| 99 | imagename=$vers |
| 100 | fi |
| 101 | done |
| 102 | |
| 103 | if [ -z "$imagename" ] || [ "$imagename" = 0 ]; then |
| 104 | return 2 |
| 105 | fi |
| 106 | |
| 107 | if [ "$imagename" != "${prefix}-image-${kervers}" ]; then |
| 108 | if dpkg --compare-versions 1."$imagename" lt 1."${prefix}-image-${kervers}"; then |
| 109 | return 2 |
| 110 | fi |
| 111 | echo "$imagename" != "${prefix}-image-${kervers}" |
| 112 | return 1 |
| 113 | fi |
| 114 | |
| 115 | local availvrs=$(apt-cache policy ${imagename} 2>/dev/null | grep '^ Candidate' | awk '{print $2}') |
| 116 | local kernelversion=$(apt-cache policy ${prefix}-image-${kervers} 2>/dev/null | grep '^ Installed:' | awk '{print $2}') |
| 117 | |
| 118 | if [ "$availvrs" = "$kernelversion" ]; then |
| 119 | return 0 |
| 120 | fi |
| 121 | |
| 122 | echo "$kernelversion != $availvrs" |
| 123 | return 1 |
| 124 | } |
| 125 | |
| 126 | cat_vmlinux() { |
| 127 | local image header filter hdroff |
| 128 | |
| 129 | image="$1" |
| 130 | header="$2" |
| 131 | filter="$3" |
| 132 | hdroff="$4" |
| 133 | nextoff=0 |
| 134 | |
| 135 | while : ; do |
| 136 | off=`get_offset "$image" $header $nextoff` |
| 137 | local ret="$?" |
| 138 | if [ "$ret" != 0 ]; then |
| 139 | # not found, exit |
| 140 | return 1 |
| 141 | fi |
| 142 | |
| 143 | (if [ "$off" != 0 ]; then |
| 144 | dd ibs="$((off+hdroff))" skip=1 count=0 |
| 145 | fi && |
| 146 | dd bs=512k) < "$image" 2>/dev/null | $filter 2>/dev/null |
| 147 | nextoff=$((off + 1)) |
| 148 | done |
| 149 | return 0 |
| 150 | } |
| 151 | |
| 152 | get_image_linux() { |
| 153 | local image |
| 154 | |
| 155 | image="$1" |
| 156 | |
| 157 | # gzip compressed image |
| 158 | cat_vmlinux "$image" "\x1f\x8b\x08\x00" "zcat" 0 |
| 159 | cat_vmlinux "$image" "\x1f\x8b\x08\x08" "zcat" 0 |
| 160 | # lzma compressed image |
| 161 | cat_vmlinux "$image" "\x00\x00\x00\x02\xff" "xzcat" -1 |
| 162 | cat_vmlinux "$image" "\x00\x00\x00\x04\xff" "xzcat" -1 |
| 163 | # xz compressed image |
| 164 | cat_vmlinux "$image" "\xfd\x37\x7a\x58\x5a " "xzcat" 0 |
| 165 | |
| 166 | echo "ERROR: Unable to extract kernel image." 2>&1 |
| 167 | exit 1 |
| 168 | } |
| 169 | |
| 170 | |
| 171 | freebsd_check_running_version() { |
| 172 | local imagefile="$1"; shift |
| 173 | |
| 174 | local r="$(uname -r)" |
| 175 | local v="$(uname -v| sed -e 's/^#[0-9]*/&:/' -e 's/\+/\\+/g')" |
| 176 | |
| 177 | local q='@\(#\)FreeBSD '"$r $v" |
| 178 | |
| 179 | if zcat "$imagefile" | $STRINGS | egrep -q "$q"; then |
| 180 | echo "OK" |
| 181 | else |
| 182 | echo "not OK" |
| 183 | fi |
| 184 | } |
| 185 | |
| 186 | STRINGS=""; |
| 187 | if [ -x "$(which strings)" ]; then |
| 188 | STRINGS="$(which strings)" |
| 189 | elif [ -x "$(which busybox)" -a "$( echo foobar | $(which busybox) strings 2>/dev/null)" = "foobar" ]; then |
| 190 | STRINGS="$(which busybox) strings" |
| 191 | fi |
| 192 | |
| 193 | searched="" |
| 194 | for on_disk in \ |
| 195 | "/boot/vmlinuz-`uname -r`"\ |
| 196 | "/boot/vmlinux-`uname -r`"\ |
| 197 | "/boot/kfreebsd-`uname -r`.gz"; do |
| 198 | |
| 199 | if [ -e "$on_disk" ]; then |
| 200 | if [ -z "$STRINGS" ]; then |
| 201 | echo "UNKNOWN: 'strings' command missing, perhaps install binutils or busybox?" |
| 202 | exit $UNKNOWN |
| 203 | fi |
| 204 | if [ "${on_disk/vmlinu}" != "$on_disk" ]; then |
| 205 | on_disk_version="`get_image_linux "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`" |
| 206 | if [ -x /usr/bin/lsb_release ] ; then |
| 207 | vendor=$(lsb_release -i -s) |
| 208 | if [ -n "$vendor" ] && [ "xDebian" != "x$vendor" ] ; then |
| 209 | on_disk_version=$( echo $on_disk_version|sed -e "s/ ($vendor [[:alnum:]\.-]\+ [[:alnum:]\.]\+)//") |
| 210 | fi |
| 211 | fi |
| 212 | [ -z "$on_disk_version" ] || break |
| 213 | on_disk_version="`cat "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`" |
| 214 | [ -z "$on_disk_version" ] || break |
| 215 | |
| 216 | echo "UNKNOWN: Failed to get a version string from image $on_disk" |
| 217 | exit $UNKNOWN |
| 218 | else |
| 219 | on_disk_version="$(zcat $on_disk | $STRINGS | grep Debian | head -n 1 | sed -e 's/Debian [[:alnum:]]\+ (\(.*\))/\1/')" |
| 220 | fi |
| 221 | fi |
| 222 | searched="$searched $on_disk" |
| 223 | done |
| 224 | |
| 225 | if ! [ -e "$on_disk" ]; then |
| 226 | echo "WARNING: Did not find a kernel image (checked$searched) - I have no idea which kernel I am running" |
| 227 | exit $WARNING |
| 228 | fi |
| 229 | |
| 230 | if [ "$(uname -s)" = "Linux" ]; then |
| 231 | on_disk_version="$(echo $on_disk_version | sed 's/#.*//')" |
| 232 | running_version="`cat /proc/version | sed 's/#.*//'`" |
| 233 | if [ -z "$running_version" ] ; then |
| 234 | echo "UNKNOWN: Failed to get a version string from running system" |
| 235 | exit $UNKNOWN |
| 236 | fi |
| 237 | |
| 238 | if [ "$running_version" != "$on_disk_version" ]; then |
| 239 | echo "WARNING: Running kernel does not match on-disk kernel image: [$running_version != $on_disk_version]" |
| 240 | exit $WARNING |
| 241 | fi |
| 242 | |
| 243 | ret="$(get_avail linux)" |
| 244 | if [ $? = 1 ]; then |
| 245 | echo "WARNING: Kernel needs upgrade [$ret]" |
| 246 | exit $WARNING |
| 247 | fi |
| 248 | else |
| 249 | image_current=$(freebsd_check_running_version $on_disk) |
| 250 | running_version="`uname -s` `uname -r` `uname -v`" |
| 251 | if [ "$image_current" != "OK" ]; then |
| 252 | approx_time="$(date -d "@`stat -c '%Y' "$on_disk"`" +"%Y-%m-%d %H:%M:%S")" |
| 253 | echo "WARNING: Currently running kernel ($running_version) does not match on disk image (~ $approx_time)" |
| 254 | exit $WARNING; |
| 255 | fi |
| 256 | |
| 257 | ret="$(get_avail linux)" |
| 258 | if [ $? = 1 ]; then |
| 259 | echo "WARNING: Kernel needs upgrade [$ret]" |
| 260 | exit $WARNING |
| 261 | fi |
| 262 | fi |
| 263 | |
| 264 | echo "OK: Running kernel matches on disk image: [$running_version]" |
| 265 | exit $OK |