a680976f1e
Especially when signature verification failed, show message about it, not enigmatic "Could not open/read file:///var/lib/qubes/updates/repodata/repomd.xml"
113 lines
3.2 KiB
Bash
Executable File
113 lines
3.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
UPDATEVM=`qubes-prefs --get updatevm`
|
|
UPDATES_STAT_FILE=/var/lib/qubes/updates/dom0-updates-available
|
|
|
|
if [ -z "$UPDATEVM" ]; then
|
|
echo "UpdateVM not set, exiting"
|
|
exit 1
|
|
fi
|
|
|
|
if [ "$1" = "--help" ]; then
|
|
echo "This tool is used to download packages for dom0. Without package list"
|
|
echo "it checks for updates for installed packages"
|
|
echo ""
|
|
echo "Usage: $0 [--clean] [--check-only] [--gui] [<pkg list>]"
|
|
echo " --clean clean yum cache before doing anything"
|
|
echo " --check-only only check for updates (no install)"
|
|
echo " --gui use gpk-update-viewer for update selection"
|
|
echo " <pkg list> download (and install if run by root) new packages"
|
|
echo " in dom0 instead of updating"
|
|
exit
|
|
fi
|
|
|
|
PKGS=
|
|
YUM_OPTS=
|
|
GUI=
|
|
CHECK_ONLY=
|
|
ALL_OPTS=$*
|
|
# Filter out some yum options and collect packages list
|
|
while [ $# -gt 0 ]; do
|
|
case "$1" in
|
|
--enablerepo=*|\
|
|
--disablerepo=*|\
|
|
--clean)
|
|
;;
|
|
--gui)
|
|
GUI=1
|
|
;;
|
|
--check-only)
|
|
CHECK_ONLY=1
|
|
;;
|
|
-*)
|
|
YUM_OPTS="$YUM_OPTS $1"
|
|
;;
|
|
*)
|
|
PKGS="$PKGS $1"
|
|
;;
|
|
esac
|
|
shift
|
|
done
|
|
|
|
ID=$(id -ur)
|
|
if [ $ID != 0 -a -z "$GUI" -a -z "$CHECK_ONLY" ] ; then
|
|
echo "This script should be run as root (when used in console mode), use sudo." >&2
|
|
exit
|
|
fi
|
|
|
|
if [ "$GUI" == "1" -a -n "$PKGS" ]; then
|
|
echo "ERROR: GUI mode can be used only for updates" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Do not start VM automaticaly when running from cron (only checking for updates)
|
|
if [ "$CHECK_ONLY" == "1" ] && ! xl domid $UPDATEVM > /dev/null 2>&1; then
|
|
echo "ERROR: UpdateVM not running, not starting it in non-interactive mode" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# We should ensure the clocks in Dom0 and UpdateVM are in sync
|
|
# becuase otherwise yum might complain about future timestamps
|
|
qvm-sync-clock
|
|
|
|
echo "Checking for dom0 updates" >&2
|
|
|
|
# Start VM if not running already
|
|
qvm-run -a $UPDATEVM true || exit 1
|
|
|
|
/usr/lib/qubes/qrexec_client -d "$UPDATEVM" -l 'tar c /var/lib/rpm /etc/yum.repos.d /etc/yum.conf 2>/dev/null' 'user:tar x -C /var/lib/qubes/dom0-updates' 2> /dev/null
|
|
|
|
qvm-run --pass-io $UPDATEVM "/usr/lib/qubes/qubes_download_dom0_updates.sh --doit --nogui $ALL_OPTS"
|
|
RETCODE=$?
|
|
if [ "$CHECK_ONLY" == "1" ]; then
|
|
exit $RETCODE
|
|
elif [ "$RETCODE" -ne 0 ]; then
|
|
exit $RETCODE
|
|
fi
|
|
# Wait for download completed
|
|
while pidof -x qubes-receive-updates >/dev/null; do sleep 0.5; done
|
|
|
|
if [ -r /var/lib/qubes/updates/errors ]; then
|
|
echo "*** ERROR while receiving updates:" >&2
|
|
cat /var/lib/qubes/updates/errors >&2
|
|
echo "--> if you want to use packages that were downloaded correctly, use yum directly now" >&2
|
|
exit 1
|
|
fi
|
|
|
|
if [ "x$PKGS" != "x" ]; then
|
|
yum $YUM_OPTS install $PKGS
|
|
elif [ -f /var/lib/qubes/updates/repodata/repomd.xml ]; then
|
|
# Above file exists only when at least one package was downloaded
|
|
if [ "$GUI" == "1" ]; then
|
|
gpk-update-viewer
|
|
else
|
|
yum check-update
|
|
if [ $? -eq 100 ]; then
|
|
yum $YUM_OPTS update
|
|
fi
|
|
fi
|
|
yum -q check-update && rm -f $UPDATES_STAT_FILE
|
|
else
|
|
echo "No updates avaliable" >&2
|
|
fi
|