Update setup-auto-updates.sh
This commit is contained in:
@@ -120,50 +120,23 @@ enable_timers_if_systemd() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
wait_for_apt_units() {
|
|
||||||
# Wait for apt-daily/apt-daily-upgrade units to finish (up to ~120s)
|
|
||||||
if command -v systemctl >/dev/null 2>&1; then
|
|
||||||
local units=(apt-daily.service apt-daily-upgrade.service)
|
|
||||||
for i in {1..60}; do
|
|
||||||
local busy=0
|
|
||||||
for u in "${units[@]}"; do
|
|
||||||
systemctl is-active --quiet "$u" && { busy=1; break; }
|
|
||||||
done
|
|
||||||
(( busy == 0 )) && return 0
|
|
||||||
(( i % 10 == 0 )) && echo "[INFO] apt units busy…waiting $((i*2))s"
|
|
||||||
sleep 2
|
|
||||||
done
|
|
||||||
echo "[WARN] apt units still busy after ~120s; continuing anyway."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
validate_with_dryrun() {
|
validate_with_dryrun() {
|
||||||
wait_for_apt || true
|
wait_for_apt || true
|
||||||
wait_for_apt_units || true
|
|
||||||
echo "[INFO] Validating unattended-upgrades with a dry run…"
|
echo "[INFO] Validating unattended-upgrades with a dry run…"
|
||||||
local log="/tmp/unattended-upgrades-dryrun.$$"
|
local log="/tmp/unattended-upgrades-dryrun.$$"
|
||||||
|
if ! timeout 180 unattended-upgrades --dry-run --debug >"$log" 2>&1; then
|
||||||
# Temporarily disable ERR trap so a non-zero here doesn't print "[ERROR] Line …"
|
|
||||||
trap - ERR
|
|
||||||
set +e
|
|
||||||
timeout 240 unattended-upgrades --dry-run --debug >"$log" 2>&1
|
|
||||||
local rc=$?
|
|
||||||
set -e
|
|
||||||
trap 'echo "[ERROR] Line $LINENO failed" >&2' ERR
|
|
||||||
|
|
||||||
if (( rc != 0 )); then
|
|
||||||
echo "[WARN] Dry run timed out or failed; see $log"
|
echo "[WARN] Dry run timed out or failed; see $log"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
# Show the header line so you can see what matched
|
||||||
grep -E "Allowed origins are" "$log" | head -n1 || true
|
grep -E "Allowed origins are" "$log" | head -n1 || true
|
||||||
|
# Catch real parser errors
|
||||||
if grep -qiE "Unable to parse|ValueError|AttributeError|ImportError" "$log"; then
|
if grep -qiE "Unable to parse|ValueError|AttributeError|ImportError" "$log"; then
|
||||||
echo "[ERROR] Parsing error detected; see $log"
|
echo "[ERROR] Parsing error detected; see $log"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
show_status() {
|
show_status() {
|
||||||
echo
|
echo
|
||||||
echo "[INFO] Config files:"
|
echo "[INFO] Config files:"
|
||||||
@@ -184,8 +157,22 @@ main() {
|
|||||||
apt_refresh_and_install
|
apt_refresh_and_install
|
||||||
write_50unattended
|
write_50unattended
|
||||||
write_20auto
|
write_20auto
|
||||||
|
|
||||||
|
# If detect_os didn't export OS, derive it so we can gate ESM cleanup.
|
||||||
|
if [[ -z "${OS:-}" ]] && [[ -r /etc/os-release ]]; then
|
||||||
|
# shellcheck disable=SC1091
|
||||||
|
. /etc/os-release
|
||||||
|
OS="${ID,,}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Drop Ubuntu ESM patterns on non-Ubuntu systems (cosmetic; harmless if kept).
|
||||||
|
if [[ "${OS:-}" != "ubuntu" ]]; then
|
||||||
|
sed -i '/UbuntuESM/d' /etc/apt/apt.conf.d/50unattended-upgrades
|
||||||
|
fi
|
||||||
|
|
||||||
enable_timers_if_systemd
|
enable_timers_if_systemd
|
||||||
|
|
||||||
|
# Non-fatal validation (avoid aborting the run if APT is busy).
|
||||||
set +e
|
set +e
|
||||||
validate_with_dryrun
|
validate_with_dryrun
|
||||||
vr=$?
|
vr=$?
|
||||||
|
|||||||
Reference in New Issue
Block a user