Debianセキュリティ情報の更新をシステムメールで通知する
■sudoのCVEの更新とか、とにかくDebianはセキュリティ関連の更新が速いw。
apt-getで気づく前に、いち早く知りたいので、スクリプトを書いた。
cronで1時間置きでも、1日置きでも好きなタイミングでシステムメールでお知らせ。■毎時14分に実行するcrontab
$ sudo env EDITOR=vim crontab -e
$ sudo env EDITOR=vim crontab -l | grep debian_security.sh
14 * * * * /home/labunix/myscripts/debian_security.sh■前回のテキストバックアップネタを少し変えただけ。
はてなブログbetaのテキストバックアップ
http://labunix.hateblo.jp/entry/2012/05/13/021544■Gistを使って見たかった。
github:debian_security.sh
https://github.com/labunix/get_new_hatenadialy_backup
■なんと。。。テキストモードバックアップで使えないので、やっぱり載せます。。。 というかw3mはJavaScriptが使えないので、当然でした。。。 #!/bin/bash # Author : labunix # Description : DSA Report from http://www.debian.org/security # Last Update : 2012/05/24 set -e # for proxy PROXY="/etc/profile.d/proxy.sh" test -x "$PROXY" && . "$PROXY" # for home directory echo "$HOME" | grep "`whoami`" | HOME="/home/`whoami`" cd "$HOME" || exit 1 # for debian security URL HURL="www.debian.org" test -d "$HURL" || mkdir "$HURL" cd "$HURL" || exit 1 # diff settings HGET="getlist.txt" BASE="base.txt" COMP="comp.txt" test -f "$HGET" || touch "$HGET" test -f "$BASE" || touch "$BASE" test -f "$COMP" || touch "$COMP" # get debian security list w3m -dump "http://${HURL}/security" | grep "\[.*DSA" > "$COMP" # diff to BASE ? diff --left-column "$BASE" "$COMP" | sed s/"> "//g | grep "DSA" > "$HGET" # mail if [ -s "$HGET" ];then cat "$HGET" | mail -s "Debian Security Report" root mv "$COMP" "$BASE" else echo "Do Nothing" fi unset PROXY HOME HURL HDAY HGET BASE COMP exit 0 ■おまけのdiff $ diff backup_hatenablog_beta.sh debian_security.sh 3,4c3,4 < # Description : backup http://labunix.hateblo.jp < # Last Update : 2012/05/12 --- > # Description : DSA Report from http://www.debian.org/security > # Last Update : 2012/05/24 15,16c15,16 < # for Hatena Blog Beta URL < HURL="labunix.hateblo.jp" --- > # for debian security URL > HURL="www.debian.org" 21d20 < HDAY="`env LANG=C date '+%Y%m%d'`.log" 25d23 < test -f "$HDAY" || touch "$HDAY" 30,33c28,29 < # xml to URL list < w3m -dump_source "http://${HURL}/sitemap.xml" | \ < sed s/'>'/"\n"/g | grep "^http.*[0-9]" | \ < awk -F\< '{print $1}' > "$COMP" --- > # get debian security list > w3m -dump "http://${HURL}/security" | grep "\[.*DSA" > "$COMP" 35,36c31,32 < # diff to URL lists < diff --left-column "$BASE" "$COMP" | sed s/"> "//g | grep "^http" > "$HGET" --- > # diff to BASE ? > diff --left-column "$BASE" "$COMP" | sed s/"> "//g | grep "DSA" > "$HGET" 38c34 < # getlist --- > # mail 40,45c36 < for list in `cat "$HGET"`;do < hatena_blogbeta=`echo "$list" | sed s%".*entry"%%g | \ < awk -F\/ '{print $2$3$4"_"$5}'` < echo "$list -> $hatena_blogbeta" | tee -a "$HDAY" < w3m -dump "$list" > "$hatena_blogbeta" 2>> "$HDAY" < done --- > cat "$HGET" | mail -s "Debian Security Report" root 47d37 < unset list hatena_blogbeta 50a41 >
