tonyclemmey · November 19, 2022 00:45
diff --git a/compare_packages.sh b/compare_packages.sh
 #!/usr/bin/perl -w
 # run: "apt list --installed | tail -n +2 > file.list" on each computer
 # name them: compare_one.list and compare_two.list

 use strict;
 use warnings;

 my $num_args = $#ARGV + 1;
 my $file_one="compare_one.list";
 my $file_two="compare_two.list";
 if($num_args > 2) {
 	print "Maximum 2 files to compare.\n";
 	exit;
 } elsif($num_args == 2) {
 	$file_one=$ARGV[0];	
 	$file_two=$ARGV[1];
 } elsif ($num_args == 1) {
 	$file_one=$ARGV[0];	
 } 
 if ( ! -e $file_one ) {
 	print  "$file_one does not exists\n";
 	print  "run: '/usr/bin/apt list --installed | tail -n +2 > compare.list' in each computer\n";
 	print  "and name them: compare_one.list and compare_two.list\n";
 	print  "or specify two parameters to this command. For example:\n";
 	print  "./compare_ubuntu_apt.pl that_server.list this_server.list\n";
 	print  "If the second file is missing, it will automatically generated.\n";
 	exit;
 }
 if ( ! -e $file_two ) {
 	print "$file_two does not exists, assuming THIS computer\n";
 	`/usr/bin/apt list --installed | tail -n+2 > $file_two`
 }

 open my $info1, $file_one or die "Could not open $file_one: $!";
 open my $info2, $file_two or die "Could not open $file_two: $!";

 my (%origin, %different, %missing);

 while( my $line1 = <$info1>)  { 
    chomp($line1);
    if($line1 ne "") {
        my ($pkg, $unused, $version) = split(/\/| /, $line1);
        $origin{$pkg} = $version;
    }
 }
 while( my $line2 = <$info2>)  {   
    chomp($line2);
    if($line2 ne "") {
        my ($pkg, $unused, $version) = split(/\/| /, $line2);
        if ( $origin{$pkg} ) {
            if( $origin{$pkg} eq $version ) {
                #Do nothing here...
            } else {
                $different{$pkg} = $origin{$pkg} . " -> " . $version;
            }
            delete ( $origin{$pkg} );
        } else {
            $missing{$pkg} = $version;
        }
    }
 }
 close $info1;
 close $info2;

 if (scalar(keys(%different)) > 0) {
 	print "----------------------------------\n";
 	print " DIFFERENCES $file_one -> $file_two\n";
 	print "----------------------------------\n";
 	foreach (sort keys %different) {
 		print " @ $_ : $different{$_}\n";
 	}
 }
 if (scalar(keys(%origin)) > 0) {
 	print "----------------------------------\n";
 	print " MISSING IN $file_two\n";
 	print "----------------------------------\n";
 	foreach (sort keys %origin) {
 		print " + $_ : $origin{$_}\n";
 	}
 }
 if (scalar(keys(%missing)) > 0) {
 	print "----------------------------------\n";
 	print " MISSING IN $file_one\n";
 	print "----------------------------------\n";
 	foreach (sort keys %missing) {
 		print " - $_ : $missing{$_}\n";
 	}
 }
 if (scalar(keys(%different)) == 0 && scalar(keys(%origin)) == 0 && scalar(keys(%missing)) == 0) {
 	print "No differences were found.\n";
 }
 print "\n";
diff --git a/update_packages.sh b/update_packages.sh
 #!/bin/bash

 # Extended Security Maintenance (esm-infra)
 sudo ua status

 # Installed packages
 sudo apt --installed list | tail -n +2 > installed_packages.list

 # List security upgrades
 sudo apt list --upgradable | grep security

 # Install security updates only from tmp source
 grep security /etc/apt/sources.list | sudo tee /tmp/security.sources.list

 # dry run
 sudo apt upgrade -o Dir::Etc::Sourcelist=/tmp/security.sources.list --dry-run | tee upgraded_packages_dry_run.list

 # run
 sudo apt upgrade -o Dir::Etc::Sourcelist=/tmp/security.sources.list -y | tee upgraded_packages.list

 # OR

 # Print security upgrades
 sudo apt --just-print upgrade | awk 'tolower($4) ~ /.*security.*/ || tolower($5) ~ /.*security.*/ {print $2}' | sort | uniq

 # Install security upgrades
 UPGRADE_LIST=$(apt --just-print upgrade | awk 'tolower($4) ~ /.*security.*/ || tolower($5) ~ /.*security.*/ {print $2}' | sort | uniq)

 # dry run
 sudo apt install --only-upgrade $UPGRADE_LIST --dry-run | tee upgraded_packages_dry_run.list

 # run
 sudo apt install --only-upgrade $UPGRADE_LIST -y | tee upgraded_packages.list

 # Exclude packages from updates by putting them on hold
 EXCLUDE_PKGS="nginx apache2 php5"
 sudo apt-mark hold $EXCLUDE_PKGS
 sudo apt-mark unhold $EXCLUDE_PKGS
	#!/usr/bin/perl -w
	# run: "apt list --installed \| tail -n +2 > file.list" on each computer
	# name them: compare_one.list and compare_two.list

	use strict;
	use warnings;

	my $num_args = $#ARGV + 1;
	my $file_one="compare_one.list";
	my $file_two="compare_two.list";
	if($num_args > 2) {
	print "Maximum 2 files to compare.\n";
	exit;
	} elsif($num_args == 2) {
	$file_one=$ARGV[0];
	$file_two=$ARGV[1];
	} elsif ($num_args == 1) {
	$file_one=$ARGV[0];
	}
	if ( ! -e $file_one ) {
	print "$file_one does not exists\n";
	print "run: '/usr/bin/apt list --installed \| tail -n +2 > compare.list' in each computer\n";
	print "and name them: compare_one.list and compare_two.list\n";
	print "or specify two parameters to this command. For example:\n";
	print "./compare_ubuntu_apt.pl that_server.list this_server.list\n";
	print "If the second file is missing, it will automatically generated.\n";
	exit;
	}
	if ( ! -e $file_two ) {
	print "$file_two does not exists, assuming THIS computer\n";
	`/usr/bin/apt list --installed \| tail -n+2 > $file_two`
	}

	open my $info1, $file_one or die "Could not open $file_one: $!";
	open my $info2, $file_two or die "Could not open $file_two: $!";

	my (%origin, %different, %missing);

	while( my $line1 = <$info1>) {
	chomp($line1);
	if($line1 ne "") {
	my ($pkg, $unused, $version) = split(/\/\| /, $line1);
	$origin{$pkg} = $version;
	}
	}
	while( my $line2 = <$info2>) {
	chomp($line2);
	if($line2 ne "") {
	my ($pkg, $unused, $version) = split(/\/\| /, $line2);
	if ( $origin{$pkg} ) {
	if( $origin{$pkg} eq $version ) {
	#Do nothing here...
	} else {
	$different{$pkg} = $origin{$pkg} . " -> " . $version;
	}
	delete ( $origin{$pkg} );
	} else {
	$missing{$pkg} = $version;
	}
	}
	}
	close $info1;
	close $info2;

	if (scalar(keys(%different)) > 0) {
	print "----------------------------------\n";
	print " DIFFERENCES $file_one -> $file_two\n";
	print "----------------------------------\n";
	foreach (sort keys %different) {
	print " @ $_ : $different{$_}\n";
	}
	}
	if (scalar(keys(%origin)) > 0) {
	print "----------------------------------\n";
	print " MISSING IN $file_two\n";
	print "----------------------------------\n";
	foreach (sort keys %origin) {
	print " + $_ : $origin{$_}\n";
	}
	}
	if (scalar(keys(%missing)) > 0) {
	print "----------------------------------\n";
	print " MISSING IN $file_one\n";
	print "----------------------------------\n";
	foreach (sort keys %missing) {
	print " - $_ : $missing{$_}\n";
	}
	}
	if (scalar(keys(%different)) == 0 && scalar(keys(%origin)) == 0 && scalar(keys(%missing)) == 0) {
	print "No differences were found.\n";
	}
	print "\n";
	#!/bin/bash

	# Extended Security Maintenance (esm-infra)
	sudo ua status

	# Installed packages
	sudo apt --installed list \| tail -n +2 > installed_packages.list

	# List security upgrades
	sudo apt list --upgradable \| grep security

	# Install security updates only from tmp source
	grep security /etc/apt/sources.list \| sudo tee /tmp/security.sources.list

	# dry run
	sudo apt upgrade -o Dir::Etc::Sourcelist=/tmp/security.sources.list --dry-run \| tee upgraded_packages_dry_run.list

	# run
	sudo apt upgrade -o Dir::Etc::Sourcelist=/tmp/security.sources.list -y \| tee upgraded_packages.list

	# OR

	# Print security upgrades
	sudo apt --just-print upgrade \| awk 'tolower($4) ~ /.security./ \|\| tolower($5) ~ /.security./ {print $2}' \| sort \| uniq

	# Install security upgrades
	UPGRADE_LIST=$(apt --just-print upgrade \| awk 'tolower($4) ~ /.security./ \|\| tolower($5) ~ /.security./ {print $2}' \| sort \| uniq)

	# dry run
	sudo apt install --only-upgrade $UPGRADE_LIST --dry-run \| tee upgraded_packages_dry_run.list

	# run
	sudo apt install --only-upgrade $UPGRADE_LIST -y \| tee upgraded_packages.list

	# Exclude packages from updates by putting them on hold
	EXCLUDE_PKGS="nginx apache2 php5"
	sudo apt-mark hold $EXCLUDE_PKGS
	sudo apt-mark unhold $EXCLUDE_PKGS