Added security patch check for Fedora-systems

c19eabde · root · ac8e6c83 · c19eabde
Commit c19eabde authored Jul 14, 2021 by root
--- a/linux/host-monitor.sh
+++ b/linux/host-monitor.sh
@@ -157,11 +157,40 @@ esac

 #  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Security patches
-SecurityPatches="$(apt-get update &>/dev/null && apt list --upgradable 2>/dev/null | egrep "\-security" | sed -e 's/\[upgradable from: //' -e 's/\]//' | tr '[/ ]' '\t')"
-# List of: Package  Channel CurrentVer  Arch    NewVersion
-# intel-microcode focal-updates,focal-security,focal-updates,focal-security 3.20210216.0ubuntu0.20.04.1 amd64 3.20201110.0ubuntu0.20.04.2
-# libhogweed5 focal-updates,focal-security,focal-updates,focal-security 3.5.1+really3.5.1-2ubuntu0.1  amd64 3.5.1+really3.5.1-2
-# libmysqlclient21  focal-updates,focal-security,focal-updates,focal-security 8.0.25-0ubuntu0.20.04.1 amd64 8.0.22-0ubuntu0.20.04.3
+UbuntuSecurityPackages() {
+    SecurityPatches="$(apt-get update &>/dev/null && apt list --upgradable 2>/dev/null | egrep "\-security" | sed -e 's/\[upgradable from: //' -e 's/\]//' | tr '[/ ]' '\t')"
+    # List of: Package  Channel CurrentVer  Arch    NewVersion
+    # intel-microcode focal-updates,focal-security,focal-updates,focal-security 3.20210216.0ubuntu0.20.04.1 amd64 3.20201110.0ubuntu0.20.04.2
+    # libhogweed5 focal-updates,focal-security,focal-updates,focal-security 3.5.1+really3.5.1-2ubuntu0.1  amd64 3.5.1+really3.5.1-2
+    # libmysqlclient21  focal-updates,focal-security,focal-updates,focal-security 8.0.25-0ubuntu0.20.04.1 amd64 8.0.22-0ubuntu0.20.04.3
+}
+
+FedoraSecurityPackages() {
+    AvailableSecurityPatches="$(yum --security check-update 2>/dev/null | awk '/ package/,/Obsoleting/' | egrep -v "^Obsoleting|^[0-9]* package|^$|^No packages needed for security")"
+    # List of: name.arch                   [epoch:]version-release             repo or @installed-from-repo
+    # MariaDB-client.x86_64                10.4.20-1.el7.centos                mariadb
+    # MariaDB-common.x86_64                10.4.20-1.el7.centos                mariadb
+    # If there is anything, we need to know the current package
+    if [ -n "$AvailableSecurityPatches" ]; then
+        Ret=$'\n'
+        SecurityPatches=""
+        while read Package NewVersion Repo; do 
+            # Get the current version of the new package
+            CurrentVersion="$(yum info "$Package" | egrep "^Version" | head -1 | awk '{print $NF}')"
+            # Assemble the string
+            SecurityPatches+="${Package} ${Repo} ${CurrentVersion} x86_64 ${NewVersion%-*}${Ret}"
+        done <<< "$AvailableSecurityPatches"
+        SecurityPatches="$(echo "$SecurityPatches" | egrep -v "^$")"
+    fi
+}
+
+
+case "$(echo "${OS,,}" | cut -c-6)" in
+    "centos") FedoraSecurityPackages;;
+    "red ha") FedoraSecurityPackages;;
+    "ubuntu") UbuntuSecurityPackages;;
+esac
+


 #  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -