From f21bf40c92e09c11d5859e621f89181ae931e286 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 9 Oct 2017 17:48:43 +0200 Subject: [PATCH 1/6] Refactor updater.sh and add --rand-sleep option --- src/pkgupdate/updater.sh | 220 ++++++++++++++++++++++++--------------- 1 file changed, 138 insertions(+), 82 deletions(-) diff --git a/src/pkgupdate/updater.sh b/src/pkgupdate/updater.sh index 65e5421e..e36ea648 100755 --- a/src/pkgupdate/updater.sh +++ b/src/pkgupdate/updater.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (c) 2016, CZ.NIC, z.s.p.o. (http://www.nic.cz/) +# Copyright (c) 2016-2017, CZ.NIC, z.s.p.o. (http://www.nic.cz/) # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -47,7 +47,7 @@ ptimeout() { # unless it exits till then. # Because there is a lot of killing and a lot of potentially nonexistent # processes we ignore stderr, but we don't want to dump stderr of process it - # self so we redirect it to different output and than back to stderror. + # self so we redirect it to different output and then back to stderror. /bin/sh -c ' ( sleep $1 @@ -86,7 +86,8 @@ while [ $NET_WAIT -gt 0 ] && ! ping -c 1 -w 1 api.turris.cz >/dev/null 2>&1; do done get-api-crl || { - ptimeout 120 create_notification -s error "Updater selhal: Chybí CRL, pravděpodobně je problém v připojení k internetu." "Updater failed: Missing CRL, possibly broken Internet connection." || echo "Create notification failed" | logger -t updater -p daemon.error; + ptimeout 120 create_notification -s error "Updater selhal: Chybí CRL, pravděpodobně je problém v připojení k internetu." "Updater failed: Missing CRL, possibly broken Internet connection." || \ + echo "Create notification failed" | logger -t updater -p daemon.error exit 1 } @@ -94,83 +95,84 @@ STATE_DIR=/tmp/update-state LOCK_DIR="$STATE_DIR/lock" LOG_FILE="$STATE_DIR/log2" PID_FILE="$STATE_DIR/pid" +STATE_FILE="$STATE_DIR/state" +ERROR_FILE="$STATE_DIR/last_error" +APPROVALS='' APPROVAL_ASK_FILE=/usr/share/updater/need_approval APPROVAL_GRANTED_FILE=/usr/share/updater/approvals EXIT_CODE=1 BACKGROUND=false -BACKGROUNDED=false -TMP_DIR="/tmp/$$.tmp" +RAND_SLEEP=false PKGUPDATE_ARGS="" -while [ "$1" ] ; do - case "$1" in +for ARG in "$@"; do + case "$ARG" in -h|--help) echo "Usage: updater.sh [OPTION]..." - echo "-e (ERROR|WARNING|INFO|DBG|TRACE) Message level printed on stderr. In default set to INFO." + echo "-e (ERROR|WARNING|INFO|DBG|TRACE)" + echo " Message level printed on stderr. In default set to INFO." + echo "-b|--background" + echo " Run updater in background (detach from terminal)" + echo "--rand-sleep" + echo " Sleep random amount of the time with maximum of half an hour before running updater." exit 0 ;; - -b) + -b|--background) BACKGROUND=true ;; - -r) - BACKGROUNDED=true + --rand-sleep) + RAND_SLEEP=true ;; -w|-n) - echo "Argument $1 ignored as a compatibility measure for old updater." + echo "Argument $ARG ignored as a compatibility measure for old updater." >&2 ;; - *) - PKGUPDATE_ARGS="$PKGUPDATE_ARGS $1" + *) # Pass any other argument to pkgupdate + PKGUPDATE_ARGS="$PKGUPDATE_ARGS $ARG" ;; esac shift done -if ! $BACKGROUNDED ; then - # Prepare a state directory and lock - mkdir -p /tmp/update-state - if ! mkdir "$LOCK_DIR" ; then +# Prepare a state directory and lock +updater_lock() { + mkdir -p "$STATE_DIR" + if ! mkdir "$LOCK_DIR" 2>/dev/null ; then echo "Already running" >&2 echo "Already running" | logger -t updater -p daemon.warning EXIT_CODE=0 exit fi - cat /dev/null >"$LOG_FILE" - echo startup >"$STATE_DIR/state" - rm -f "$STATE_DIR/last_error" "$STATE_DIR/log2" - echo $$>"$PID_FILE" -else - # When we are backgrounded we can't ask user so force --batch - PKGUPDATE_ARGS="$PKGUPDATE_ARGS --batch" -fi -if $BACKGROUND ; then - "$0" -r --batch >/dev/null 2>&1 & - # Make sure the PID is of the process actually doing the work - echo $!>"$PID_FILE" - exit -fi -mkdir -p "$TMP_DIR" + rm -f "$ERROR_FILE" "$LOG_FILE" + echo startup >"$STATE_FILE" + echo $$ >"$PID_FILE" +} -WATCHER= -CPID= +# Cleanup to remove various files from state directory on updater exit trap_handler() { - rm -rf "$LOCK_DIR" "$PID_FILE" "$TMP_DIR" - [ -n "$WATCHER" ] && kill -9 $WATCHER 2>/dev/null - [ -n "$CPID" ] && if kill $CPID 2>/dev/null; then - ( - sleep 5 - kill -9 $CPID 2>/dev/null - ) & fi + rm -rf "$LOCK_DIR" "$PID_FILE" exit $EXIT_CODE } -trap trap_handler EXIT INT QUIT TERM ABRT +setup_cleanup() { + trap trap_handler EXIT INT QUIT TERM ABRT +} + +# Execution suspend for random amount of time +rand_suspend() { + # We don't have $RANDOM and base support in arithmetic mode so we use this instead + local T_RAND="$( printf %d 0x$(head -c 2 /dev/urandom | hexdump -e '"%x"'))" + T_RAND="$(( $T_RAND % 1800 ))" + echo "Suspending updater for $T_RAND seconds" >&2 + echo "Suspending updater for $T_RAND seconds" | logger -t updater -p daemon.info + sleep $T_RAND +} -# Check if we need an approval and if so, if we get it. -APPROVALS= -config_get_bool NEED_APPROVAL approvals need 0 -if [ "$NEED_APPROVAL" = "1" ] ; then +# Prepare approvals +# This function sets APPROVALS variable. It contains option for pkgupdate to +# enable approvals and latest approved hash. +approvals_prepare() { APPROVALS="--ask-approval=$APPROVAL_ASK_FILE" if [ -f "$APPROVAL_GRANTED_FILE" ]; then - # Get a treshold time when we grant approval automatically. In case we don't, we set the time to + # Get a threshold time when we grant approval automatically. In case we don't, we set the time to # 1, which is long long time ago in the glorious times when automatic updaters were not # needed. config_get AUTO_GRANT_TIME approvals auto_grant_seconds @@ -178,16 +180,11 @@ if [ "$NEED_APPROVAL" = "1" ] ; then APPROVED_HASH="$(tail -1 "$APPROVAL_GRANTED_FILE" | awk '$2 == "granted" || ( $2 == "asked" && $3 <= "'"$AUTO_GRANT_TRESHOLD"'" ) {print $1}')" [ -n "$APPROVED_HASH" ] && APPROVALS="$APPROVALS --approve=$APPROVED_HASH" fi -else - # If approvals aren't enabled then run always in batch mode (don't ask user) - PKGUPDATE_ARGS="$PKGUPDATE_ARGS --batch" -fi - -# Run the actual updater -ptimeout 3000 pkgupdate $PKGUPDATE_ARGS --state-log --task-log=/usr/share/updater/updater-log $APPROVALS -EXIT_CODE="$?" +} -if [ -f "$APPROVAL_ASK_FILE" ] ; then +# Handle new generated approvals request +approvals_request() { + local HASH read HASH <"$APPROVAL_ASK_FILE" if ! grep -q "^$HASH" "$APPROVAL_GRANTED_FILE" ; then echo "$HASH asked $(date -u +%s)" >"$APPROVAL_GRANTED_FILE" @@ -204,33 +201,92 @@ if [ -f "$APPROVAL_ASK_FILE" ] ; then || echo "Create notification failed" | logger -t updater -p daemon.error fi fi -else - if [ "$EXIT_CODE" = 0 ] ; then - # When we run successfully and didn't need any further approval, we - # used up all the current approvals by that (if we ever want to - # do the same thing again, we need to ask again). So delete all - # the granted and asked lines ‒ asked might have reached approval - # by being there long enough. Keep any other (like denied) permanently. - sed -i -e '/asked/d;/granted/d' "$APPROVAL_GRANTED_FILE" 2>/dev/null +} + +# Do post-update actions for approvals +approvals_finish() { + if [ -f "$APPROVAL_ASK_FILE" ] ; then + approvals_request + else + if [ "$EXIT_CODE" = 0 ] ; then + # When we run successfully and didn't need any further approval, we + # used up all the current approvals by that (if we ever want to do the + # same thing again, we need to ask again). + rm -f "$APPROVAL_GRANTED_FILE" + fi fi -fi -# Evaluate what has run -STATE=$(cat "$STATE_DIR"/state) -if [ "$STATE" != "error" ] && ([ "$EXIT_CODE" != "0" ] || [ "$STATE" != "done" ]); then - echo lost >"$STATE_DIR"/state -fi +} -if [ -s "$STATE_DIR"/log2 ] && grep -q '^[IR]' "$STATE_DIR/log2" ; then - ptimeout 120 create_notification -s update "$(sed -ne 's/^I \(.*\) \(.*\)/ • Nainstalovaná verze \2 balíku \1/p;s/^R \(.*\)/ • Odstraněn balík \1/p' "$LOG_FILE")" "$(sed -ne 's/^I \(.*\) \(.*\)/ • Installed version \2 of package \1/p;s/^R \(.*\)/ • Removed package \1/p' "$LOG_FILE")" || echo "Create notification failed" | logger -t updater -p daemon.error -fi -if [ "$EXIT_CODE" != 0 ] || [ "$STATE" != "done" ] ; then - if [ -s "$STATE_DIR/last_error" ] ; then - ERROR=$(cat "$STATE_DIR/last_error") +# Create notifications +notify_user() { + if [ -s "$LOG_FILE" ] && grep -q '^[IR]' "$LOG_FILE" ; then + ptimeout 120 create_notification -s update \ + "$(sed -ne 's/^I \(.*\) \(.*\)/ • Nainstalovaná verze \2 balíku \1/p;s/^R \(.*\)/ • Odstraněn balík \1/p' "$LOG_FILE")" \ + "$(sed -ne 's/^I \(.*\) \(.*\)/ • Installed version \2 of package \1/p;s/^R \(.*\)/ • Removed package \1/p' "$LOG_FILE")" \ + || echo "Create notification failed" | logger -t updater -p daemon.error + fi + if [ "$STATE" != "done" ] ; then + if [ -s "$ERROR_FILE" ] ; then + ERROR=$(cat "$ERROR_FILE") + else + ERROR="Unknown error" + fi + ptimeout 120 create_notification -s error "Updater selhal: $ERROR" "Updater failed: $ERROR" || echo "Create notification failed" | logger -t updater -p daemon.error + fi + ptimeout 120 notifier || echo "Notifier failed" | logger -t updater -p daemon.error +} + +# Function handling everything about pkgupdate execution +run_updater() { + config_get_bool NEED_APPROVAL approvals need 0 + if [ "$NEED_APPROVAL" = "1" ] ; then + approvals_prepare else - ERROR="Unknown error" + # If approvals aren't enabled then run always in batch mode (don't ask user) + PKGUPDATE_ARGS="$PKGUPDATE_ARGS --batch" fi - ptimeout 120 create_notification -s error "Updater selhal: $ERROR" "Updater failed: $ERROR" || echo "Create notification failed" | logger -t updater -p daemon.error -fi -ptimeout 120 notifier || echo "Notifier failed" | logger -t updater -p daemon.error -# Let the trap clean up here + # Run the actual updater + ptimeout 3000 pkgupdate $PKGUPDATE_ARGS --state-log --task-log=/usr/share/updater/updater-log $APPROVALS + EXIT_CODE="$?" + + # Evaluate what has run + STATE=$(cat "$STATE_FILE") + if [ "$STATE" != "error" ] && ([ "$EXIT_CODE" != "0" ] || [ "$STATE" != "done" ]); then + echo lost >"$STATE_FILE" + fi + + approvals_finish + notify_user +} + +run_immediate() { + # updater_lock have to be called before calling this function + setup_cleanup + run_updater +} + +run_delayed() { + rand_suspend + updater_lock + run_immediate +} + +if $BACKGROUND; then + # When we are backgrounded we can't ask user so force --batch + PKGUPDATE_ARGS="$PKGUPDATE_ARGS --batch" + if $RAND_SLEEP; then + run_delayed >/dev/null 2>&1 /dev/null 2>&1 "$PID_FILE" # Make sure the PID is of the process actually doing the work +else + if $RAND_SLEEP; then + run_delayed + else + updater_lock + run_immediate + fi +fi -- GitLab From 55b2d50f810f299470d6c747b690c2f81fee3b63 Mon Sep 17 00:00:00 2001 From: Vojtech Myslivec Date: Fri, 20 Oct 2017 14:41:37 +0200 Subject: [PATCH 2/6] updatersh: Fix updater.sh background mode updater.sh must run itself on background because NUCI interface does not handle shell function on background well These changes include - new run_backgrounded function - a little refactor of main flow - handle rand-sleep mode when running on background --- src/pkgupdate/updater.sh | 68 ++++++++++++++++++++++++++++++---------- 1 file changed, 52 insertions(+), 16 deletions(-) diff --git a/src/pkgupdate/updater.sh b/src/pkgupdate/updater.sh index e36ea648..c7e6e3ed 100755 --- a/src/pkgupdate/updater.sh +++ b/src/pkgupdate/updater.sh @@ -104,6 +104,13 @@ EXIT_CODE=1 BACKGROUND=false RAND_SLEEP=false PKGUPDATE_ARGS="" +# This variable is set throught env variables, we must not redefine it here +# Just make it a non-env variable and set the default value if it is not defined +export -n RUNNING_ON_BACKGROUND +RUNNING_ON_BACKGROUND=${RUNNING_ON_BACKGROUND:-false} +# ARGS for myself when running in background mode +BACKGROUND_UPDATER_ARGS='' + for ARG in "$@"; do case "$ARG" in @@ -122,6 +129,8 @@ for ARG in "$@"; do ;; --rand-sleep) RAND_SLEEP=true + # remember this arg in case of BACKGROUND mode + BACKGROUND_UPDATER_ARGS="$BACKGROUND_UPDATER_ARGS --rand-sleep" ;; -w|-n) echo "Argument $ARG ignored as a compatibility measure for old updater." >&2 @@ -272,21 +281,48 @@ run_delayed() { run_immediate } -if $BACKGROUND; then - # When we are backgrounded we can't ask user so force --batch - PKGUPDATE_ARGS="$PKGUPDATE_ARGS --batch" - if $RAND_SLEEP; then - run_delayed >/dev/null 2>&1 /dev/null 2>&1 "$PID_FILE" # Make sure the PID is of the process actually doing the work +# Foris is running updater.sh on the background throw the NUCI interface +# and there is a bug in it that it does not handle shell functions running on +# background well +# So we need to run whole script again! And do not forget to pass the args +run_backgrounded() { + # we will set RUNNING_ON_BACKGROUND env variable for the child + # and of course in batch mode + RUNNING_ON_BACKGROUND='true' "$0" $BACKGROUND_UPDATER_ARGS $PKGUPDATE_ARGS --batch < /dev/null > /dev/null 2>&1 & + + # Make sure the PID is of the process actually doing the work + echo $! > "$PID_FILE" + exit 0 +} + + +# main ------------------------------------------------------------------------- +# There are several states of this script which needs to be handled. +# These states are described with following variables: +# - RAND_SLEEP: to run with random delay (intended for cron jobs) +# - BACKGROUND: to drop run updater on background +# - RUNNING_ON_BACKGROUND: already running on background +# +# Not all combinations does make sense (i.e. BACKGROUND && RUNNING_ON_BACKGROUND) +# so following logic handles these states + +# 1) Lock updater as soon as possible +# Do not lock it, if running delayed or if this proces run on background +# (locked already) +if [ "$RAND_SLEEP" != 'true' -a "$RUNNING_ON_BACKGROUND" != 'true' ]; then + updater_lock +fi + +# 2) Running on background +# Drop to background, if needed, but not when already on background +if [ "$BACKGROUND" = 'true' -a "$RUNNING_ON_BACKGROUND" != 'true' ]; then + run_backgrounded +fi + +# 3) Finally run the updater +# Delayed or immediately +if $RAND_SLEEP; then + run_delayed else - if $RAND_SLEEP; then - run_delayed - else - updater_lock - run_immediate - fi + run_immediate fi -- GitLab From 1663791be89903575df37cbb495ad3a82817a73c Mon Sep 17 00:00:00 2001 From: Vojtech Myslivec Date: Thu, 19 Oct 2017 14:46:34 +0200 Subject: [PATCH 3/6] updatersh: Add some local vars --- src/pkgupdate/updater.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/pkgupdate/updater.sh b/src/pkgupdate/updater.sh index c7e6e3ed..25cb9916 100755 --- a/src/pkgupdate/updater.sh +++ b/src/pkgupdate/updater.sh @@ -179,6 +179,10 @@ rand_suspend() { # This function sets APPROVALS variable. It contains option for pkgupdate to # enable approvals and latest approved hash. approvals_prepare() { + local APPROVED_HASH + local AUTO_GRANT_TRESHOLD + local AUTO_GRANT_TIME + APPROVALS="--ask-approval=$APPROVAL_ASK_FILE" if [ -f "$APPROVAL_GRANTED_FILE" ]; then # Get a threshold time when we grant approval automatically. In case we don't, we set the time to @@ -194,6 +198,9 @@ approvals_prepare() { # Handle new generated approvals request approvals_request() { local HASH + local NOTIFY_APPROVAL + local LIST + read HASH <"$APPROVAL_ASK_FILE" if ! grep -q "^$HASH" "$APPROVAL_GRANTED_FILE" ; then echo "$HASH asked $(date -u +%s)" >"$APPROVAL_GRANTED_FILE" @@ -228,6 +235,8 @@ approvals_finish() { # Create notifications notify_user() { + local ERROR + if [ -s "$LOG_FILE" ] && grep -q '^[IR]' "$LOG_FILE" ; then ptimeout 120 create_notification -s update \ "$(sed -ne 's/^I \(.*\) \(.*\)/ • Nainstalovaná verze \2 balíku \1/p;s/^R \(.*\)/ • Odstraněn balík \1/p' "$LOG_FILE")" \ @@ -247,6 +256,8 @@ notify_user() { # Function handling everything about pkgupdate execution run_updater() { + local NEED_APPROVAL + config_get_bool NEED_APPROVAL approvals need 0 if [ "$NEED_APPROVAL" = "1" ] ; then approvals_prepare -- GitLab From 9ad07548187e8ea645890394d970d29360f5bbe3 Mon Sep 17 00:00:00 2001 From: Vojtech Myslivec Date: Mon, 16 Oct 2017 21:10:07 +0200 Subject: [PATCH 4/6] updatersh: Create notifier fonctions --- src/pkgupdate/updater.sh | 41 ++++++++++++++++++++++++++++++---------- 1 file changed, 31 insertions(+), 10 deletions(-) diff --git a/src/pkgupdate/updater.sh b/src/pkgupdate/updater.sh index 25cb9916..b40d3954 100755 --- a/src/pkgupdate/updater.sh +++ b/src/pkgupdate/updater.sh @@ -70,6 +70,24 @@ ptimeout() { # So we are killing children of children in for loop. } +create_notify_message() { + local level="$1" + local msg_cz="$2" + local msg_en="$3" + ptimeout 120 create_notification -s "$level" "$msg_cz" "$msg_en" || { + echo 'Create notification failed' | logger -t updater -p daemon.error + } +} + +create_notify_error() { + create_notify_message 'error' "$1" "$2" +} + +create_notify_update() { + create_notify_message 'update' "$1" "$2" +} + + config_load updater config_get_bool DISABLED override disable 0 @@ -86,8 +104,9 @@ while [ $NET_WAIT -gt 0 ] && ! ping -c 1 -w 1 api.turris.cz >/dev/null 2>&1; do done get-api-crl || { - ptimeout 120 create_notification -s error "Updater selhal: Chybí CRL, pravděpodobně je problém v připojení k internetu." "Updater failed: Missing CRL, possibly broken Internet connection." || \ - echo "Create notification failed" | logger -t updater -p daemon.error + create_notify_error \ + 'Updater selhal: Chybí CRL, pravděpodobně je problém v připojení k internetu.' \ + 'Updater failed: Missing CRL, possibly broken Internet connection.' exit 1 } @@ -211,10 +230,10 @@ approvals_request() { # Also OPERATION is lowercase to make it pretty uppercase the first character. # TODO do we want to show reboot? LIST="$(awk 'NR>1{printf "\n • %s %s %s", toupper(substr($1,1,1))substr($1,2), $3, $2}' "$APPROVAL_ASK_FILE")" - ptimeout 120 create_notification -s update \ + + create_notify_update \ "Updater žádá o autorizaci akcí. Autorizaci můžete přidělit v administračním rozhraní Foris.$LIST" \ - "The updater requests an autorisation of its planned actions. You can grant it in the Foris administrative interface.$LIST" \ - || echo "Create notification failed" | logger -t updater -p daemon.error + "The updater requests an autorisation of its planned actions. You can grant it in the Foris administrative interface.$LIST" fi fi } @@ -238,10 +257,9 @@ notify_user() { local ERROR if [ -s "$LOG_FILE" ] && grep -q '^[IR]' "$LOG_FILE" ; then - ptimeout 120 create_notification -s update \ - "$(sed -ne 's/^I \(.*\) \(.*\)/ • Nainstalovaná verze \2 balíku \1/p;s/^R \(.*\)/ • Odstraněn balík \1/p' "$LOG_FILE")" \ - "$(sed -ne 's/^I \(.*\) \(.*\)/ • Installed version \2 of package \1/p;s/^R \(.*\)/ • Removed package \1/p' "$LOG_FILE")" \ - || echo "Create notification failed" | logger -t updater -p daemon.error + create_notify_update \ + "$(sed -ne 's/^I \(.*\) \(.*\)/ • Nainstalovaná verze \2 balíku \1/p; s/^R \(.*\)/ • Odstraněn balík \1/p' "$LOG_FILE")" \ + "$(sed -ne 's/^I \(.*\) \(.*\)/ • Installed version \2 of package \1/p; s/^R \(.*\)/ • Removed package \1/p' "$LOG_FILE")" fi if [ "$STATE" != "done" ] ; then if [ -s "$ERROR_FILE" ] ; then @@ -249,7 +267,10 @@ notify_user() { else ERROR="Unknown error" fi - ptimeout 120 create_notification -s error "Updater selhal: $ERROR" "Updater failed: $ERROR" || echo "Create notification failed" | logger -t updater -p daemon.error + + create_notify_error \ + "Updater selhal: $ERROR" \ + "Updater failed: $ERROR" fi ptimeout 120 notifier || echo "Notifier failed" | logger -t updater -p daemon.error } -- GitLab From 94e45605e92ce992ba9713db46412e8902f5fa1f Mon Sep 17 00:00:00 2001 From: Vojtech Myslivec Date: Mon, 16 Oct 2017 21:10:45 +0200 Subject: [PATCH 5/6] updatersh: Refactor test commands --- src/pkgupdate/updater.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pkgupdate/updater.sh b/src/pkgupdate/updater.sh index b40d3954..8bf5e58e 100755 --- a/src/pkgupdate/updater.sh +++ b/src/pkgupdate/updater.sh @@ -243,7 +243,7 @@ approvals_finish() { if [ -f "$APPROVAL_ASK_FILE" ] ; then approvals_request else - if [ "$EXIT_CODE" = 0 ] ; then + if [ "$EXIT_CODE" -eq 0 ] ; then # When we run successfully and didn't need any further approval, we # used up all the current approvals by that (if we ever want to do the # same thing again, we need to ask again). @@ -293,7 +293,7 @@ run_updater() { # Evaluate what has run STATE=$(cat "$STATE_FILE") - if [ "$STATE" != "error" ] && ([ "$EXIT_CODE" != "0" ] || [ "$STATE" != "done" ]); then + if [ "$STATE" != "error" -a \( "$EXIT_CODE" -ne "0" -o "$STATE" != "done" \) ]; then echo lost >"$STATE_FILE" fi -- GitLab From feb6b6e0ce8fef558e0a11f4aaee4ca12ab84ea5 Mon Sep 17 00:00:00 2001 From: Vojtech Myslivec Date: Mon, 16 Oct 2017 21:11:18 +0200 Subject: [PATCH 6/6] updatersh: Refactor awk command --- src/pkgupdate/updater.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/pkgupdate/updater.sh b/src/pkgupdate/updater.sh index 8bf5e58e..e4a93bd7 100755 --- a/src/pkgupdate/updater.sh +++ b/src/pkgupdate/updater.sh @@ -209,7 +209,13 @@ approvals_prepare() { # needed. config_get AUTO_GRANT_TIME approvals auto_grant_seconds AUTO_GRANT_TRESHOLD=$(expr $(date -u +%s) - $AUTO_GRANT_TIME 2>/dev/null || echo 1) - APPROVED_HASH="$(tail -1 "$APPROVAL_GRANTED_FILE" | awk '$2 == "granted" || ( $2 == "asked" && $3 <= "'"$AUTO_GRANT_TRESHOLD"'" ) {print $1}')" + + # only the last line is relevant + APPROVED_HASH="$( awk -v treshold="$AUTO_GRANT_TRESHOLD" 'END { + if ( $2 == "granted" || ( $2 == "asked" && $3 <= treshold ) ) { + print $1 + } + }' "$APPROVAL_GRANTED_FILE" )" [ -n "$APPROVED_HASH" ] && APPROVALS="$APPROVALS --approve=$APPROVED_HASH" fi } -- GitLab