diff --git a/README.md b/README.md index a273001..228eca9 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,116 @@ +# Spacewalk Debian +Spacewalk Script Installer + +This script is for client / server installation. +- Centos = client and execute daily cron task for import errata and sync chanels. +- Debian = server and execute daily cron task for download errata and send on spacewalk. + +## How to use : + +Copy and Past in your terminal : + +```bash +wget -Nnv https://raw.githubusercontent.com/liberodark/spacewalk-scripts/install.sh && chmod +x install.sh; ./install.sh +``` + +## How is work : + +For Centos 7 is a client + +Just install the script ! + +For Debian 9 is a server + +Just install the script ! +need to make a first ssh connexion on your spacewalk from this debian + +## How is use manually : + +### On Debian + +- Install + +``` +apt install -y html2text git +``` + +- Download Scripts + +``` +git clone https://github.com/liberodark/spacewalk-scripts +``` + +- Need to edit spacewalk_errata_debian.cron with ip / user / password + +``` +nano spacewalk_errata_debian.cron +cp -a spacewalk_errata_debian.cron /etc/cron.daily/spacewalk_errata_debian.cron +``` + +- Install Files : + +``` +mkdir -p /home/errata/spacewalk-scripts/ +mv spacewalk-scripts /home/errata/spacewalk-scripts +``` + +### On Centos + + +``` +yum install -y git +``` + +- Download Scripts + +``` +git clone https://github.com/liberodark/spacewalk-scripts +``` + +- Need to install file + +``` +nano spacewalk_sync_debian.cron +cp -a nano spacewalk_sync_debian.cron /etc/cron.daily/nano spacewalk_sync_debian.cron +``` + +- Edit errata-import-debian.py + +``` +nano errata-import-debian.py +login = 'MYLOGIN' # Line 46 +password = 'MYPASSWORD' # Line 47 +``` + +- Install Files : + +``` +mkdir -p /home/errata/spacewalk-scripts/ +mv spacewalk-scripts /home/errata/spacewalk-scripts +``` + +## Debian 6.x / 7.x + +Save your source list : + +```cp -a /etc/apt/sources.list /etc/apt/sources.list.bak``` + +For Debian 6.x + +```echo "deb http://archive.debian.org/debian/ squeeze main" > /etc/apt/sources.list``` + +For Debian 7.x + +```echo "deb http://archive.debian.org/debian/ wheezy main" > /etc/apt/sources.list``` + +## Linux Compatibility : + +- Debian 8.x / 9.x +- Centos 7.x + + +## Script informations : + - **getDebianAnnouncements.py** By https://github.com/rpasche This downloads all security announcements of debian from the current year and the year before and uses html2text to transform it to ascii text - **parseUbuntu.py** parses https://lists.ubuntu.com/archives/ubuntu-security-announce/$DATE.txt.gz into an XML which can be read by errata-import.pl / errata-import.py - **parseDebian.py** By https://github.com/rpasche the same as parseUbuntu.py, but parses all security announcements downloaded with getDebianAnnouncements.py and writes this to an XML file for later use with errata-import-debian.py diff --git a/install.sh b/install.sh new file mode 100644 index 0000000..c45d501 --- /dev/null +++ b/install.sh @@ -0,0 +1,79 @@ +#!/bin/bash +# +# About: Install Script of Spacewalk automatically +# Author: liberodark +# License: GNU GPLv3 + +#================================================= +# CHECK UPDATE +#================================================= + + update_source="https://raw.githubusercontent.com/liberodark/spacewalk-scripts/master/install.sh" + version="0.0.4" + + echo "Welcome on Spacewalk Script Install $version" + + # make update if asked + if [ "$1" = "noupdate" ]; then + update_status="false" + else + update_status="true" + fi ; + + # update updater + if [ "$update_status" = "true" ]; then + wget -O $0 $update_source + $0 noupdate + exit 0 +fi ; + +#================================================= +# CHECK ROOT +#================================================= + +if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST AND VAR +#================================================= + +distribution=$(cat /etc/*release | head -n +1 | awk '{print $1}') + +#============================================== +# SPACEWALK +#============================================== +echo "Install Script for Spacewalk" + +# Check OS & spacewalk + + if [ $? != 1 ]; then + + if [[ "$distribution" =~ .CentOS || "$distribution" = CentOS ]]; then + read -p "What is your user of spacewalk ?" user + read -p "What is your password of spacewalk ?" password + + yum install -y html2text git + mkdir -p /home/errata/spacewalk-scripts/ + git clone https://github.com/liberodark/spacewalk-scripts/ + mv spacewalk-scripts /home/errata/spacewalk-scripts + cp -a spacewalk_sync_debian.cron /etc/cron.daily/spacewalk_sync_debian.cron + sed -i "s@MYLOGIN@${user}@@g" /home/errata/spacewalk-scripts/errata-import-debian.py + sed -i "s@MYPASSWORD@${password}@@g" /home/errata/spacewalk-scripts/errata-import-debian.py + + elif [[ "$distribution" =~ .Debian || "$distribution" = Debian || "$distribution" =~ .Ubuntu || "$distribution" = Ubuntu ]]; then + read -p "What is your ssh user of spacewalk ?" ssh_user + read -p "What is your ssh password of spacewalk ?" ssh_password + read -p "What is your ip of spacewalk ?" ssh_ip + + apt-get update + apt-get install -y html2text git sshpass + mkdir -p /home/errata/spacewalk-scripts/ + git clone https://github.com/liberodark/spacewalk-scripts/ + mv spacewalk-scripts /home/errata/spacewalk-scripts + cp -a spacewalk_errata_debian.cron /etc/cron.daily/spacewalk_errata_debian.cron + sed -i "s@ssh_user@${ssh_user}@@g" /etc/cron.daily/spacewalk_errata_debian.cron + sed -i "s@ssh_password@${ssh_password}@@g" /etc/cron.daily/spacewalk_errata_debian.cron + sed -i "s@ssh_ip@${ssh_ip}@@g" /etc/cron.daily/spacewalk_errata_debian.cron + + fi +fi diff --git a/spacewalk_errata_debian.cron b/spacewalk_errata_debian.cron new file mode 100644 index 0000000..1c99315 --- /dev/null +++ b/spacewalk_errata_debian.cron @@ -0,0 +1,23 @@ +MAILTO=root + +# try to create the lock and check the outcome +LOCKFILE=/var/run/spacewalk_errata_debian.lock +#lockfile -r 0 ${LOCKFILE} 1>/dev/null 2>&1 +#status=$? +#if [ ${status} -ne 0 ] ;then +if [ -e "$LOCKFILE" ]; then + echo "Another instance already running. Aborting." + exit 1 +else + touch "$LOCKFILE" +fi +trap "rm ${LOCKFILE}" EXIT + + +#get errata file and checksums +cd /home/errata/spacewalk-scripts/ + + +python getDebianAnnouncements.py +python parseDebian.py +sshpass -p "ssh_password" scp -r -p /tmp/debian_security ssh_user@ssh_ip:/tmp/debian_security \ No newline at end of file diff --git a/spacewalk_sync_debian.cron b/spacewalk_sync_debian.cron new file mode 100644 index 0000000..5f158ba --- /dev/null +++ b/spacewalk_sync_debian.cron @@ -0,0 +1,27 @@ +MAILTO=root + +# try to create the lock and check the outcome +LOCKFILE=/var/run/spacewalk_sync_debian.lock +#lockfile -r 0 ${LOCKFILE} 1>/dev/null 2>&1 +#status=$? +#if [ ${status} -ne 0 ] ;then +if [ -e "$LOCKFILE" ]; then + echo "Another instance already running. Aborting." + exit 1 +else + touch "$LOCKFILE" +fi +trap "rm ${LOCKFILE}" EXIT + +#sync channels and publish updates +/usr/bin/spacewalk-repo-sync -c wheezy_main +/usr/bin/spacewalk-repo-sync -c jessie_main +/usr/bin/spacewalk-repo-sync -c stretch_main + + +#get errata file and checksums +cd /home/errata/spacewalk-scripts/ + +mkdir -p /tmp/debian_security/parsed +python errata-import-debian.py +sudo rm -r /tmp/debian_security \ No newline at end of file