User:Ttrumm: Difference between revisions
From ICO wiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
kjhnkljlk | |||
<source lang="bash"> | <source lang="bash"> | ||
#!/bin/bash | #!/bin/bash | ||
Revision as of 17:04, 21 October 2011
kjhnkljlk
#!/bin/bash
#Skript seadistab Ubuntu nii,et see teeb ise automaatselt turvauuendusi
# kontrollib, kas on piisavalt õiguseid(oled root?)
if [ "$UID" -ne "0" ]
then
echo "Käivita see skript root õigustes!"
exit 1
else
echo "Oled juurkasutaja"
fi
# kontrollib, kas aptitude on paigaldatud/ vajadusel paigaldame
apt-cache policy aptitude | grep "Installed: (none)" > /dev/null
if [ $? -eq 0 ]; then
echo "aptitude pole installitud!"
echo "installin aptitude"
apt-get install aptitude --install-recommends
fi
echo "aptitude on juba installitud"
# Leiame Ubuntu versiooni koodnime. ei oska veel
#$NIMI = grep DISTRIB_CODENAME /etc/lsb-release | cut -d "=" -f2
NIMI=($(grep DISTRIB_CODENAME /etc/lsb-release | cut -d "=" -f2))
# Muuda faili /etc/apt/apt.conf.d/10periodic
cat > /etc/apt/apt.conf.d/10periodic << lopp
APT::Periodic::Enable "1";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "5";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::RandomSleep "1800";
lopp
# Muuda faili /etc/apt/apt.conf.d/50unattended-upgrades ja kasuta õiget koodnime.
cat > /etc/apt/apt.conf.d/50unattended-upgrades << lopp
// Automatically upgrade packages from these (origin, archive) pairs
Unattended-Upgrade::Allowed-Origins {
"Ubuntu <$NIMI>-security";
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. The package 'mailx'
// must be installed or anything that provides /usr/bin/mail.
//Unattended-Upgrade::Mail "root@localhost";
// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";
lopp
# Tekita fail /etc/cron.daily/apt-security-updates. Daily võib asendada weekly-ga või hourly-ga, et uuendataks harvemini või tihedamini.
touch /etc/cron.daily/apt-security-updates
cat > /etc/cron.daily/apt-security-updates << lopp
echo "**************" >> /var/log/apt-security-updates
date >> /var/log/apt-security-updates
aptitude update >> /var/log/apt-security-updates
aptitude safe-upgrade -o Aptitude::Delete-Unused=false --assume-yes --target-release `lsb_release -cs`-security >> /var/log/apt-security-updates
echo "Security updates (if any) installed"
lopp
#Anna failile käivitamisõigus.
chmod +x /etc/cron.daily/apt-security-updates
