zshfunc/upgrade-debian-samhain


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

## vim:ft=zsh:foldmethod=marker

upgrade-debian-samhain() {
	for i in $DEBHOSTS; do
		mkdir hosts/$i 2> /dev/null || continue;
		echo $i
		preexec $i;
		ssh $i -t '
			didsudo=0
			check() {
				sudo /usr/sbin/samhain -t check -i -p err -s none -l none -m none
			};
			reinit() {
				if [ "`check 2>&1 | grep "^CRIT" | wc -l`" != 0 ]; then
					echo Updating samhain db...
					sudo samhain --foreground -t update
					didsudo=1
					echo done.
				fi
			}
			if [ -x /usr/sbin/samhain ]; then
				t="`tempfile`";
				trap "rm -f $t" 0 1 2 5 15;
				check > "$t" 2>&1;
				if [ "`grep "^CRIT" "$t" | wc -l`" != 0 ]; then
					echo "samhain db errors found:";
					sed -e "s/.*path=<\([^>]*\)>, .*/\1/" "$t";
					echo;
					echo "Enter 'y' to continue upgrade and update samhaindb for `hostname`";
					read ans;
					[ "$ans" = "y" ] || exit;
				fi;
			fi
			sudo apt-get update &&
			sudo apt-get dist-upgrade &&
			sudo apt-get clean &&
			[ -x /usr/sbin/samhain ] && reinit
			if [ "$didsudo" = 1 ]; then
				echo Updating nagios status
				echo "apt"
				sudo /usr/sbin/dsa-update-apt-status
				echo "samhain"
				grep -q OK /var/cache/dsa/nagios/samhain || sudo dsa-update-samhain-status
				echo done.
			fi
		';
	done
}