qubes-download-dom0-updates.sh 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
  1. #!/bin/bash
  2. DOM0_UPDATES_DIR=/var/lib/qubes/dom0-updates
  3. DOIT=0
  4. GUI=1
  5. CLEAN=0
  6. CHECK_ONLY=0
  7. OPTS="--installroot $DOM0_UPDATES_DIR --config=$DOM0_UPDATES_DIR/etc/yum.conf"
  8. # DNF uses /etc/yum.repos.d, even when --installroot is specified
  9. OPTS="$OPTS --setopt=reposdir=$DOM0_UPDATES_DIR/etc/yum.repos.d"
  10. PKGLIST=
  11. YUM_ACTION=
  12. export LC_ALL=C
  13. while [ -n "$1" ]; do
  14. case "$1" in
  15. --doit)
  16. DOIT=1
  17. ;;
  18. --nogui)
  19. GUI=0
  20. ;;
  21. --gui)
  22. GUI=1
  23. ;;
  24. --clean)
  25. CLEAN=1
  26. ;;
  27. --check-only)
  28. CHECK_ONLY=1
  29. ;;
  30. --action=*)
  31. YUM_ACTION=${1#--action=}
  32. ;;
  33. -*)
  34. OPTS="$OPTS $1"
  35. ;;
  36. *)
  37. PKGLIST="$PKGLIST $1"
  38. if [ -z "$YUM_ACTION" ]; then
  39. YUM_ACTION=install
  40. fi
  41. ;;
  42. esac
  43. shift
  44. done
  45. if [ -z "$YUM_ACTION" ]; then
  46. YUM_ACTION=upgrade
  47. fi
  48. YUM="yum"
  49. if type dnf >/dev/null 2>&1; then
  50. YUM="dnf --best --allowerasing"
  51. fi
  52. if ! [ -d "$DOM0_UPDATES_DIR" ]; then
  53. echo "Dom0 updates dir does not exists: $DOM0_UPDATES_DIR" >&2
  54. exit 1
  55. fi
  56. mkdir -p $DOM0_UPDATES_DIR/etc
  57. sed -i '/^reposdir\s*=/d' $DOM0_UPDATES_DIR/etc/yum.conf
  58. if [ -e /etc/debian_version ]; then
  59. # Default rpm configuration on Debian uses ~/.rpmdb for rpm database (as
  60. # rpm isn't native package manager there)
  61. mkdir -p "$DOM0_UPDATES_DIR$HOME"
  62. ln -nsf "$DOM0_UPDATES_DIR/var/lib/rpm" "$DOM0_UPDATES_DIR$HOME/.rpmdb"
  63. fi
  64. # Rebuild rpm database in case of different rpm version
  65. rm -f $DOM0_UPDATES_DIR/var/lib/rpm/__*
  66. rpm --root=$DOM0_UPDATES_DIR --rebuilddb
  67. if [ "$CLEAN" = "1" ]; then
  68. $YUM $OPTS clean all
  69. rm -f $DOM0_UPDATES_DIR/packages/*
  70. rm -rf $DOM0_UPDATES_DIR/var/cache/yum/*
  71. fi
  72. if [ "x$PKGLIST" = "x" ]; then
  73. echo "Checking for dom0 updates..." >&2
  74. UPDATES_FULL=`$YUM $OPTS check-update`
  75. check_update_retcode=$?
  76. UPDATES_FULL=`echo "$UPDATES_FULL" | grep -v "^Loaded plugins:\|^Last metadata\|^$"`
  77. if [ $check_update_retcode -eq 1 ]; then
  78. # Exit here if yum have reported an error. Exit code 100 isn't an
  79. # error, it's "updates available" info, so check specifically for exit code 1
  80. exit 1
  81. fi
  82. UPDATES=`echo "$UPDATES_FULL" | grep -v "^Obsoleting\|Could not" | cut -f 1 -d ' '`
  83. if [ -z "$UPDATES" -a $check_update_retcode -eq 100 ]; then
  84. # save not empty string for below condition (-z "$UPDATES"), but blank
  85. # to not confuse the user wwith magic strings in messages
  86. UPDATES=" "
  87. elif [ $check_update_retcode -eq 0 ]; then
  88. # exit code 0 means no updates available - regardless of stdout messages
  89. UPDATES=""
  90. fi
  91. else
  92. PKGS_FROM_CMDLINE=1
  93. fi
  94. if [ -z "$PKGLIST" -a -z "$UPDATES" ]; then
  95. echo "No new updates available"
  96. if [ "$GUI" = 1 ]; then
  97. zenity --info --text="No new updates available"
  98. fi
  99. exit 0
  100. fi
  101. if [ "$CHECK_ONLY" = "1" ]; then
  102. echo "Available updates: "
  103. echo "$UPDATES_FULL"
  104. exit 100
  105. fi
  106. if [ "$DOIT" != "1" -a "$PKGS_FROM_CMDLINE" != "1" ]; then
  107. zenity --question --title="Qubes Dom0 updates" \
  108. --text="There are updates for dom0 available, do you want to download them now?" || exit 0
  109. fi
  110. YUM_COMMAND="fakeroot $YUM $YUM_ACTION -y --downloadonly"
  111. # check for --downloadonly option - if not supported (Debian), fallback to
  112. # yumdownloader
  113. if ! $YUM --help | grep -q downloadonly; then
  114. if [ "$YUM_ACTION" != "install" -a "$YUM_ACTION" != "upgrade" ]; then
  115. echo "ERROR: yum version installed in VM `hostname` does not suppport --downloadonly option" >&2
  116. echo "ERROR: only 'install' and 'upgrade' actions supported ($YUM_ACTION not)" >&2
  117. if [ "$GUI" = 1 ]; then
  118. zenity --error --text="yum version too old for '$YUM_ACTION' action, see console for details"
  119. fi
  120. exit 1
  121. fi
  122. if [ "$YUM_ACTION" = "upgrade" ]; then
  123. PKGLIST=$UPDATES
  124. fi
  125. YUM_COMMAND="yumdownloader --destdir=$DOM0_UPDATES_DIR/packages --resolve"
  126. fi
  127. mkdir -p "$DOM0_UPDATES_DIR/packages"
  128. set -e
  129. if [ "$GUI" = 1 ]; then
  130. ( echo "1"
  131. $YUM_COMMAND $OPTS $PKGLIST
  132. echo 100 ) | zenity --progress --pulsate --auto-close --auto-kill \
  133. --text="Downloading updates for Dom0, please wait..." --title="Qubes Dom0 updates"
  134. else
  135. $YUM_COMMAND $OPTS $PKGLIST
  136. fi
  137. find $DOM0_UPDATES_DIR/var/cache/yum -name '*.rpm' -print0 |\
  138. xargs -0 -r ln -f -t $DOM0_UPDATES_DIR/packages/
  139. if ls $DOM0_UPDATES_DIR/packages/*.rpm > /dev/null 2>&1; then
  140. cmd="/usr/lib/qubes/qrexec-client-vm dom0 qubes.ReceiveUpdates /usr/lib/qubes/qfile-agent"
  141. qrexec_exit_code=0
  142. $cmd $DOM0_UPDATES_DIR/packages/*.rpm || { qrexec_exit_code=$? ; true; };
  143. if [ ! "$qrexec_exit_code" = "0" ]; then
  144. echo "'$cmd $DOM0_UPDATES_DIR/packages/*.rpm' failed with exit code ${qrexec_exit_code}!" >&2
  145. exit $qrexec_exit_code
  146. fi
  147. else
  148. echo "No packages downloaded"
  149. fi