Révisions pour gist:70c89069b6ab48c78809c897eb01a9fd

1

+

#!/bin/bash

2

+

3

+

# Check if the running kernel has the same version string as the on-disk

4

+

# kernel image.

5

+

6

+

7

+

8

+

9

+

10

+

#

11

+

# Permission is hereby granted, free of charge, to any person obtaining

12

+

# a copy of this software and associated documentation files (the

13

+

# "Software"), to deal in the Software without restriction, including

14

+

# without limitation the rights to use, copy, modify, merge, publish,

15

+

# distribute, sublicense, and/or sell copies of the Software, and to

16

+

# permit persons to whom the Software is furnished to do so, subject to

17

+

# the following conditions:

18

+

#

19

+

# The above copyright notice and this permission notice shall be

20

+

# included in all copies or substantial portions of the Software.

21

+

#

22

+

# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

23

+

# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

24

+

# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

25

+

# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE

26

+

# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION

27

+

# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION

28

+

# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

29

+

30

+

OK=0;

31

+

WARNING=1;

32

+

CRITICAL=2;

33

+

UNKNOWN=3;

34

+

35

+

get_offset() {

36

+

local file needle

37

+

38

+

file="$1"

39

+

needle="$2"

40

+

pos="$3"

41

+

42

+

perl -e '

43

+

undef $/;

44

+

$i = index(<>, "'"$needle"'", '"$pos"');

45

+

if ($i < 0) {

46

+

exit 1;

47

+

};

48

+

print $i,"\n"' < "$file"

49

+

}

50

+

51

+

get_avail() {

52

+

# This is wrong, but leaves room for when we have to care for machines running

53

+

# myfirstunix-image-0.1-dsa-arm

54

+

local prefix="$1"; shift

55

+

56

+

local kervers=$(uname -r)

57

+

58

+

local metavers=''

59

+

60

+

# DSA uses kernel versions of the form 2.6.29.3-dsa-dl380-oldxeon, where

61

+

# Debian uses versions of the form 2.6.29-2-amd64

62

+

if [ "${kervers#3}" != "$kervers" ]; then

63

+

metavers=$(echo $kervers | sed -r -e 's/^3\.[0-9].[0-9]+-[A-Za-z0-9\.]+-(.*)/\1/')

64

+

elif [ "${kervers//dsa}" != "$kervers" ]; then

65

+

metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+([\.0-9]+?)-(.*)/2.\1-\3/')

66

+

else

67

+

metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+-[A-Za-z0-9\.]+-(.*)/2.\1-\2/')

68

+

fi

69

+

70

+

# Attempt to track back to a metapackage failed. bail

71

+

if [ "$metavers" = "$kervers" ]; then

72

+

return 2

73

+

fi

74

+

75

+

# We're just going to give up if we can't find a matching metapackage

76

+

# I tried being strict once, and it just caused a lot of headaches. We'll see how

77

+

# being lax does for us

78

+

79

+

local output=$(apt-cache policy ${prefix}-image-${metavers} 2>/dev/null)

80

+

local metaavailvers=$(echo "$output" | grep '^ Candidate:' | awk '{print $2}')

81

+

local metainstavers=$(echo "$output" | grep '^ Installed:' | awk '{print $2}')

82

+

83

+

if [ -z "$metaavailvers" ] || [ "$metaavailvers" = '(none)' ]; then

84

+

return 2

85

+

fi

86

+

if [ -z "$metainstavers" ] || [ "$metainstavers" = '(none)' ]; then

87

+

return 2

88

+

fi

89

+

90

+

if [ "$metaavailvers" != "$metainstavers" ] ; then

91

+

echo "${prefix}-image-${metavers} $metaavailvers available but $metainstavers installed"

92

+

return 1

93

+

fi

94

+

95

+

local imagename=0

96

+

# --no-all-versions show shows only the candidate

97

+

for vers in $(apt-cache --no-all-versions show ${prefix}-image-${metavers} | sed -n 's/^Depends: //p' | tr ',' '\n' | tr -d ' ' | grep ${prefix}-image | awk '{print $1}' | sort -u); do

98

+

if dpkg --compare-versions "1.$vers" gt "1.$imagename"; then

99

+

imagename=$vers

100

+

fi

101

+

done

102

+

103

+

if [ -z "$imagename" ] || [ "$imagename" = 0 ]; then

104

+

return 2

105

+

fi

106

+

107

+

if [ "$imagename" != "${prefix}-image-${kervers}" ]; then

108

+

if dpkg --compare-versions 1."$imagename" lt 1."${prefix}-image-${kervers}"; then

109

+

return 2

110

+

fi

111

+

echo "$imagename" != "${prefix}-image-${kervers}"

112

+

return 1

113

+

fi

114

+

115

+

local availvrs=$(apt-cache policy ${imagename} 2>/dev/null | grep '^ Candidate' | awk '{print $2}')

116

+

local kernelversion=$(apt-cache policy ${prefix}-image-${kervers} 2>/dev/null | grep '^ Installed:' | awk '{print $2}')

117

+

118

+

if [ "$availvrs" = "$kernelversion" ]; then

119

+

return 0

120

+

fi

121

+

122

+

echo "$kernelversion != $availvrs"

123

+

return 1

124

+

}

125

+

126

+

cat_vmlinux() {

127

+

local image header filter hdroff

128

+

129

+

image="$1"

130

+

header="$2"

131

+

filter="$3"

132

+

hdroff="$4"

133

+

nextoff=0

134

+

135

+

while : ; do

136

+

off=`get_offset "$image" $header $nextoff`

137

+

local ret="$?"

138

+

if [ "$ret" != 0 ]; then

139

+

# not found, exit

140

+

return 1

141

+

fi

142

+

143

+

(if [ "$off" != 0 ]; then

144

+

dd ibs="$((off+hdroff))" skip=1 count=0

145

+

fi &&

146

+

dd bs=512k) < "$image" 2>/dev/null | $filter 2>/dev/null

147

+

nextoff=$((off + 1))

148

+

done

149

+

return 0

150

+

}

151

+

152

+

get_image_linux() {

153

+

local image

154

+

155

+

image="$1"

156

+

157

+

# gzip compressed image

158

+

cat_vmlinux "$image" "\x1f\x8b\x08\x00" "zcat" 0

159

+

cat_vmlinux "$image" "\x1f\x8b\x08\x08" "zcat" 0

160

+

# lzma compressed image

161

+

cat_vmlinux "$image" "\x00\x00\x00\x02\xff" "xzcat" -1

162

+

cat_vmlinux "$image" "\x00\x00\x00\x04\xff" "xzcat" -1

163

+

# xz compressed image

164

+

cat_vmlinux "$image" "\xfd\x37\x7a\x58\x5a " "xzcat" 0

165

+

166

+

echo "ERROR: Unable to extract kernel image." 2>&1

167

+

exit 1

168

+

}

169

+

170

+

171

+

freebsd_check_running_version() {

172

+

local imagefile="$1"; shift

173

+

174

+

local r="$(uname -r)"

175

+

local v="$(uname -v| sed -e 's/^#[0-9]*/&:/' -e 's/\+/\\+/g')"

176

+

177

+

local q='@$#$FreeBSD '"$r $v"

178

+

179

+

if zcat "$imagefile" | $STRINGS | egrep -q "$q"; then

180

+

echo "OK"

181

+

else

182

+

echo "not OK"

183

+

fi

184

+

}

185

+

186

+

STRINGS="";

187

+

if [ -x "$(which strings)" ]; then

188

+

STRINGS="$(which strings)"

189

+

elif [ -x "$(which busybox)" -a "$( echo foobar | $(which busybox) strings 2>/dev/null)" = "foobar" ]; then

190

+

STRINGS="$(which busybox) strings"

191

+

fi

192

+

193

+

searched=""

194

+

for on_disk in \

195

+

"/boot/vmlinuz-`uname -r`"\

196

+

"/boot/vmlinux-`uname -r`"\

197

+

"/boot/kfreebsd-`uname -r`.gz"; do

198

+

199

+

if [ -e "$on_disk" ]; then

200

+

if [ -z "$STRINGS" ]; then

201

+

echo "UNKNOWN: 'strings' command missing, perhaps install binutils or busybox?"

202

+

exit $UNKNOWN

203

+

fi

204

+

if [ "${on_disk/vmlinu}" != "$on_disk" ]; then

205

+

on_disk_version="`get_image_linux "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`"

206

+

if [ -x /usr/bin/lsb_release ] ; then

207

+

vendor=$(lsb_release -i -s)

208

+

if [ -n "$vendor" ] && [ "xDebian" != "x$vendor" ] ; then

209

+

on_disk_version=$( echo $on_disk_version|sed -e "s/ ($vendor [[:alnum:]\.-]\+ [[:alnum:]\.]\+)//")

210

+

fi

211

+

fi

212

+

[ -z "$on_disk_version" ] || break

213

+

on_disk_version="`cat "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`"

214

+

[ -z "$on_disk_version" ] || break

215

+

216

+

echo "UNKNOWN: Failed to get a version string from image $on_disk"

217

+

exit $UNKNOWN

218

+

else

219

+

on_disk_version="$(zcat $on_disk | $STRINGS | grep Debian | head -n 1 | sed -e 's/Debian [[:alnum:]]\+ ($.*$)/\1/')"

220

+

fi

221

+

fi

222

+

searched="$searched $on_disk"

223

+

done

224

+

225

+

if ! [ -e "$on_disk" ]; then

226

+

echo "WARNING: Did not find a kernel image (checked$searched) - I have no idea which kernel I am running"

227

+

exit $WARNING

228

+

fi

229

+

230

+

if [ "$(uname -s)" = "Linux" ]; then

231

+

on_disk_version="$(echo $on_disk_version | sed 's/#.*//')"

232

+

running_version="`cat /proc/version | sed 's/#.*//'`"

233

+

if [ -z "$running_version" ] ; then

234

+

echo "UNKNOWN: Failed to get a version string from running system"

235

+

exit $UNKNOWN

236

+

fi

237

+

238

+

if [ "$running_version" != "$on_disk_version" ]; then

239

+

echo "WARNING: Running kernel does not match on-disk kernel image: [$running_version != $on_disk_version]"

240

+

exit $WARNING

241

+

fi

242

+

243

+

ret="$(get_avail linux)"

244

+

if [ $? = 1 ]; then

245

+

echo "WARNING: Kernel needs upgrade [$ret]"

246

+

exit $WARNING

247

+

fi

248

+

else

249

+

image_current=$(freebsd_check_running_version $on_disk)

250

+

running_version="`uname -s` `uname -r` `uname -v`"

251

+

if [ "$image_current" != "OK" ]; then

252

+

approx_time="$(date -d "@`stat -c '%Y' "$on_disk"`" +"%Y-%m-%d %H:%M:%S")"

253

+

echo "WARNING: Currently running kernel ($running_version) does not match on disk image (~ $approx_time)"

254

+

exit $WARNING;

255

+

fi

256

+

257

+

ret="$(get_avail linux)"

258

+

if [ $? = 1 ]; then

259

+

echo "WARNING: Kernel needs upgrade [$ret]"

260

+

exit $WARNING

261

+

fi

262

+

fi

263

+

264

+

echo "OK: Running kernel matches on disk image: [$running_version]"

265

+

exit $OK

waja / gist:70c89069b6ab48c78809c897eb01a9fd

waja a révisé ce gist 11 years ago. Aller à la révision

		@@ -0,0 +1,265 @@
1	+	#!/bin/bash
2	+
3	+	# Check if the running kernel has the same version string as the on-disk
4	+	# kernel image.
5	+
6	+	# Copyright 2008,2009,2011,2012,2013,2014 Peter Palfrader
7	+	# Copyright 2009 Stephen Gran
8	+	# Copyright 2010,2012,2013 Uli Martens
9	+	# Copyright 2011 Alexander Reichle-Schmehl
10	+	#
11	+	# Permission is hereby granted, free of charge, to any person obtaining
12	+	# a copy of this software and associated documentation files (the
13	+	# "Software"), to deal in the Software without restriction, including
14	+	# without limitation the rights to use, copy, modify, merge, publish,
15	+	# distribute, sublicense, and/or sell copies of the Software, and to
16	+	# permit persons to whom the Software is furnished to do so, subject to
17	+	# the following conditions:
18	+	#
19	+	# The above copyright notice and this permission notice shall be
20	+	# included in all copies or substantial portions of the Software.
21	+	#
22	+	# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23	+	# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24	+	# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25	+	# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26	+	# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27	+	# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28	+	# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29	+
30	+	OK=0;
31	+	WARNING=1;
32	+	CRITICAL=2;
33	+	UNKNOWN=3;
34	+
35	+	get_offset() {
36	+	local file needle
37	+
38	+	file="$1"
39	+	needle="$2"
40	+	pos="$3"
41	+
42	+	perl -e '
43	+	undef $/;
44	+	$i = index(<>, "'"$needle"'", '"$pos"');
45	+	if ($i < 0) {
46	+	exit 1;
47	+	};
48	+	print $i,"\n"' < "$file"
49	+	}
50	+
51	+	get_avail() {
52	+	# This is wrong, but leaves room for when we have to care for machines running
53	+	# myfirstunix-image-0.1-dsa-arm
54	+	local prefix="$1"; shift
55	+
56	+	local kervers=$(uname -r)
57	+
58	+	local metavers=''
59	+
60	+	# DSA uses kernel versions of the form 2.6.29.3-dsa-dl380-oldxeon, where
61	+	# Debian uses versions of the form 2.6.29-2-amd64
62	+	if [ "${kervers#3}" != "$kervers" ]; then
63	+	metavers=$(echo $kervers \| sed -r -e 's/^3\.[0-9].[0-9]+-[A-Za-z0-9\.]+-(.*)/\1/')
64	+	elif [ "${kervers//dsa}" != "$kervers" ]; then
65	+	metavers=$(echo $kervers \| sed -r -e 's/^2\.(4\|6)\.[0-9]+([\.0-9]+?)-(.*)/2.\1-\3/')
66	+	else
67	+	metavers=$(echo $kervers \| sed -r -e 's/^2\.(4\|6)\.[0-9]+-[A-Za-z0-9\.]+-(.*)/2.\1-\2/')
68	+	fi
69	+
70	+	# Attempt to track back to a metapackage failed. bail
71	+	if [ "$metavers" = "$kervers" ]; then
72	+	return 2
73	+	fi
74	+
75	+	# We're just going to give up if we can't find a matching metapackage
76	+	# I tried being strict once, and it just caused a lot of headaches. We'll see how
77	+	# being lax does for us
78	+
79	+	local output=$(apt-cache policy ${prefix}-image-${metavers} 2>/dev/null)
80	+	local metaavailvers=$(echo "$output" \| grep '^ Candidate:' \| awk '{print $2}')
81	+	local metainstavers=$(echo "$output" \| grep '^ Installed:' \| awk '{print $2}')
82	+
83	+	if [ -z "$metaavailvers" ] \|\| [ "$metaavailvers" = '(none)' ]; then
84	+	return 2
85	+	fi
86	+	if [ -z "$metainstavers" ] \|\| [ "$metainstavers" = '(none)' ]; then
87	+	return 2
88	+	fi
89	+
90	+	if [ "$metaavailvers" != "$metainstavers" ] ; then
91	+	echo "${prefix}-image-${metavers} $metaavailvers available but $metainstavers installed"
92	+	return 1
93	+	fi
94	+
95	+	local imagename=0
96	+	# --no-all-versions show shows only the candidate
97	+	for vers in $(apt-cache --no-all-versions show ${prefix}-image-${metavers} \| sed -n 's/^Depends: //p' \| tr ',' '\n' \| tr -d ' ' \| grep ${prefix}-image \| awk '{print $1}' \| sort -u); do
98	+	if dpkg --compare-versions "1.$vers" gt "1.$imagename"; then
99	+	imagename=$vers
100	+	fi
101	+	done
102	+
103	+	if [ -z "$imagename" ] \|\| [ "$imagename" = 0 ]; then
104	+	return 2
105	+	fi
106	+
107	+	if [ "$imagename" != "${prefix}-image-${kervers}" ]; then
108	+	if dpkg --compare-versions 1."$imagename" lt 1."${prefix}-image-${kervers}"; then
109	+	return 2
110	+	fi
111	+	echo "$imagename" != "${prefix}-image-${kervers}"
112	+	return 1
113	+	fi
114	+
115	+	local availvrs=$(apt-cache policy ${imagename} 2>/dev/null \| grep '^ Candidate' \| awk '{print $2}')
116	+	local kernelversion=$(apt-cache policy ${prefix}-image-${kervers} 2>/dev/null \| grep '^ Installed:' \| awk '{print $2}')
117	+
118	+	if [ "$availvrs" = "$kernelversion" ]; then
119	+	return 0
120	+	fi
121	+
122	+	echo "$kernelversion != $availvrs"
123	+	return 1
124	+	}
125	+
126	+	cat_vmlinux() {
127	+	local image header filter hdroff
128	+
129	+	image="$1"
130	+	header="$2"
131	+	filter="$3"
132	+	hdroff="$4"
133	+	nextoff=0
134	+
135	+	while : ; do
136	+	off=`get_offset "$image" $header $nextoff`
137	+	local ret="$?"
138	+	if [ "$ret" != 0 ]; then
139	+	# not found, exit
140	+	return 1
141	+	fi
142	+
143	+	(if [ "$off" != 0 ]; then
144	+	dd ibs="$((off+hdroff))" skip=1 count=0
145	+	fi &&
146	+	dd bs=512k) < "$image" 2>/dev/null \| $filter 2>/dev/null
147	+	nextoff=$((off + 1))
148	+	done
149	+	return 0
150	+	}
151	+
152	+	get_image_linux() {
153	+	local image
154	+
155	+	image="$1"
156	+
157	+	# gzip compressed image
158	+	cat_vmlinux "$image" "\x1f\x8b\x08\x00" "zcat" 0
159	+	cat_vmlinux "$image" "\x1f\x8b\x08\x08" "zcat" 0
160	+	# lzma compressed image
161	+	cat_vmlinux "$image" "\x00\x00\x00\x02\xff" "xzcat" -1
162	+	cat_vmlinux "$image" "\x00\x00\x00\x04\xff" "xzcat" -1
163	+	# xz compressed image
164	+	cat_vmlinux "$image" "\xfd\x37\x7a\x58\x5a " "xzcat" 0
165	+
166	+	echo "ERROR: Unable to extract kernel image." 2>&1
167	+	exit 1
168	+	}
169	+
170	+
171	+	freebsd_check_running_version() {
172	+	local imagefile="$1"; shift
173	+
174	+	local r="$(uname -r)"
175	+	local v="$(uname -v\| sed -e 's/^#[0-9]*/&:/' -e 's/\+/\\+/g')"
176	+
177	+	local q='@\(#\)FreeBSD '"$r $v"
178	+
179	+	if zcat "$imagefile" \| $STRINGS \| egrep -q "$q"; then
180	+	echo "OK"
181	+	else
182	+	echo "not OK"
183	+	fi
184	+	}
185	+
186	+	STRINGS="";
187	+	if [ -x "$(which strings)" ]; then
188	+	STRINGS="$(which strings)"
189	+	elif [ -x "$(which busybox)" -a "$( echo foobar \| $(which busybox) strings 2>/dev/null)" = "foobar" ]; then
190	+	STRINGS="$(which busybox) strings"
191	+	fi
192	+
193	+	searched=""
194	+	for on_disk in \
195	+	"/boot/vmlinuz-`uname -r`"\
196	+	"/boot/vmlinux-`uname -r`"\
197	+	"/boot/kfreebsd-`uname -r`.gz"; do
198	+
199	+	if [ -e "$on_disk" ]; then
200	+	if [ -z "$STRINGS" ]; then
201	+	echo "UNKNOWN: 'strings' command missing, perhaps install binutils or busybox?"
202	+	exit $UNKNOWN
203	+	fi
204	+	if [ "${on_disk/vmlinu}" != "$on_disk" ]; then
205	+	on_disk_version="`get_image_linux "$on_disk" \| $STRINGS \| grep 'Linux version' \| head -n1`"
206	+	if [ -x /usr/bin/lsb_release ] ; then
207	+	vendor=$(lsb_release -i -s)
208	+	if [ -n "$vendor" ] && [ "xDebian" != "x$vendor" ] ; then
209	+	on_disk_version=$( echo $on_disk_version\|sed -e "s/ ($vendor [[:alnum:]\.-]\+ [[:alnum:]\.]\+)//")
210	+	fi
211	+	fi
212	+	[ -z "$on_disk_version" ] \|\| break
213	+	on_disk_version="`cat "$on_disk" \| $STRINGS \| grep 'Linux version' \| head -n1`"
214	+	[ -z "$on_disk_version" ] \|\| break
215	+
216	+	echo "UNKNOWN: Failed to get a version string from image $on_disk"
217	+	exit $UNKNOWN
218	+	else
219	+	on_disk_version="$(zcat $on_disk \| $STRINGS \| grep Debian \| head -n 1 \| sed -e 's/Debian [[:alnum:]]\+ (\(.*\))/\1/')"
220	+	fi
221	+	fi
222	+	searched="$searched $on_disk"
223	+	done
224	+
225	+	if ! [ -e "$on_disk" ]; then
226	+	echo "WARNING: Did not find a kernel image (checked$searched) - I have no idea which kernel I am running"
227	+	exit $WARNING
228	+	fi
229	+
230	+	if [ "$(uname -s)" = "Linux" ]; then
231	+	on_disk_version="$(echo $on_disk_version \| sed 's/#.*//')"
232	+	running_version="`cat /proc/version \| sed 's/#.*//'`"
233	+	if [ -z "$running_version" ] ; then
234	+	echo "UNKNOWN: Failed to get a version string from running system"
235	+	exit $UNKNOWN
236	+	fi
237	+
238	+	if [ "$running_version" != "$on_disk_version" ]; then
239	+	echo "WARNING: Running kernel does not match on-disk kernel image: [$running_version != $on_disk_version]"
240	+	exit $WARNING
241	+	fi
242	+
243	+	ret="$(get_avail linux)"
244	+	if [ $? = 1 ]; then
245	+	echo "WARNING: Kernel needs upgrade [$ret]"
246	+	exit $WARNING
247	+	fi
248	+	else
249	+	image_current=$(freebsd_check_running_version $on_disk)
250	+	running_version="`uname -s` `uname -r` `uname -v`"
251	+	if [ "$image_current" != "OK" ]; then
252	+	approx_time="$(date -d "@`stat -c '%Y' "$on_disk"`" +"%Y-%m-%d %H:%M:%S")"
253	+	echo "WARNING: Currently running kernel ($running_version) does not match on disk image (~ $approx_time)"
254	+	exit $WARNING;
255	+	fi
256	+
257	+	ret="$(get_avail linux)"
258	+	if [ $? = 1 ]; then
259	+	echo "WARNING: Kernel needs upgrade [$ret]"
260	+	exit $WARNING
261	+	fi
262	+	fi
263	+
264	+	echo "OK: Running kernel matches on disk image: [$running_version]"
265	+	exit $OK