|
|
| (6 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| <source lang="bash">
| |
| #!/bin/bash
| |
| #Skript seadistab Ubuntu nii,et see teeb ise automaatselt turvauuendusi
| |
|
| |
|
| # kontrollib, kas on piisavalt õiguseid(oled root?)
| |
| if [ "$UID" -ne "0" ]
| |
| then
| |
| echo "Käivita see skript root õigustes!"
| |
| exit 1
| |
| else
| |
| echo "Oled juurkasutaja"
| |
| fi
| |
|
| |
| # kontrollib, kas aptitude on paigaldatud/ vajadusel paigaldame
| |
| apt-cache policy aptitude | grep "Installed: (none)" > /dev/null
| |
| if [ $? -eq 0 ]; then
| |
| echo "aptitude pole installitud!"
| |
| echo "installin aptitude"
| |
| apt-get install aptitude --install-recommends
| |
|
| |
| fi
| |
| echo "aptitude on juba installitud"
| |
|
| |
| # Leiame Ubuntu versiooni koodnime. ei oska veel
| |
| #$NIMI = grep DISTRIB_CODENAME /etc/lsb-release | cut -d "=" -f2
| |
| NIMI=($(grep DISTRIB_CODENAME /etc/lsb-release | cut -d "=" -f2))
| |
|
| |
| # Muuda faili /etc/apt/apt.conf.d/10periodic
| |
| cat > /etc/apache << lopp
| |
| APT::Periodic::Enable "1";
| |
| APT::Periodic::Update-Package-Lists "1";
| |
| APT::Periodic::Download-Upgradeable-Packages "1";
| |
| APT::Periodic::AutocleanInterval "5";
| |
| APT::Periodic::Unattended-Upgrade "1";
| |
| APT::Periodic::RandomSleep "1800";
| |
| lopp
| |
|
| |
| # Muuda faili /etc/apt/apt.conf.d/50unattended-upgrades ja kasuta õiget koodnime.
| |
| cat > /etc/apt/apt.conf.d/50unattended-upgrades << lopp
| |
| // Automatically upgrade packages from these (origin, archive) pairs
| |
| Unattended-Upgrade::Allowed-Origins {
| |
| "Ubuntu <$NIMI>-security";
| |
| };
| |
|
| |
| // List of packages to not update
| |
| Unattended-Upgrade::Package-Blacklist {
| |
| // "vim";
| |
| // "libc6";
| |
| // "libc6-dev";
| |
| // "libc6-i686";
| |
| };
| |
|
| |
| // Send email to this address for problems or packages upgrades
| |
| // If empty or unset then no email is sent, make sure that you
| |
| // have a working mail setup on your system. The package 'mailx'
| |
| // must be installed or anything that provides /usr/bin/mail.
| |
| //Unattended-Upgrade::Mail "root@localhost";
| |
|
| |
|
| |
| // Automatically reboot *WITHOUT CONFIRMATION* if a
| |
| // the file /var/run/reboot-required is found after the upgrade
| |
| //Unattended-Upgrade::Automatic-Reboot "false";
| |
| lopp
| |
|
| |
| # Tekita fail /etc/cron.daily/apt-security-updates. Daily võib asendada weekly-ga või hourly-ga, et uuendataks harvemini või tihedamini.
| |
| touch /etc/cron.daily/apt-security-updates
| |
| cat > /etc/cron.daily/apt-security-updates << lopp
| |
| echo "**************" >> /var/log/apt-security-updates
| |
| date >> /var/log/apt-security-updates
| |
| aptitude update >> /var/log/apt-security-updates
| |
| aptitude safe-upgrade -o Aptitude::Delete-Unused=false --assume-yes --target-release `lsb_release -cs`-security >> /var/log/apt-security-updates
| |
| echo "Security updates (if any) installed"
| |
| lopp
| |
|
| |
| #Anna failile käivitamisõigus.
| |
| chmod +x /etc/cron.daily/apt-security-updates
| |
| </source>
| |
