Tag Archives: sudo

Too Good To, UNIX & Linux

Too good to #0006

1 Comment

“Sudo on demand” from TGT0003 considered more useful for downgrading privileges on the fly

#!/usr/bin/env bash

want_user=letsencrypt
am_user="$(id -un)"
printf "Running as: %s\n" "${am_user}"
if [[ "${want_user}" != "${am_user}" ]]
then
        printf "Re-executing with sudo.\n"
        exec sudo -u "${want_user}" "${0}"
fi
...

JSON export of all installed packages on Debian/Ubuntu

#!/bin/bash

function dpkg_json(){
    printf "{\n"
    format='"${Package}": { "Version": "${Version}", "Architecture": "${Architecture}", "Status": "${db:Status-Abbrev}" },\n'
    dpkg-query --show --showformat="${format}" | sed '$s/,$//'
    printf "}\n"
}

dpkg_json | jq .

Urlwatch for a new version of a package in the Ubuntu package pool

---
name: "Ubuntu Curtin package (waiting for apt-key fix)"
url: http://archive.ubuntu.com/ubuntu/pool/main/c/curtin/
filter:
  - xpath: //table//td[2]
  - html2text
  - grep: ^curtin.*\.deb$
---
Too Good To, UNIX & Linux

Too good to #0003

Linux uptime in seconds, once and for all

awk '{printf "%i\n", $1}' /proc/uptime

“Sudo on demand”, re-exec shell script with sudo if not running as root

#!/usr/bin/env bash
printf "Running as: %s\n" "$(id -un)"
[[ ${EUID} -ne 0 ]] && printf "Re-executing with sudo.\n" && exec sudo "${0}"

See also TGT0006, this is just as useful for downgrading privileges on the fly.

“When was the last time apt-get on that Debian/Ubuntu machine installed package upgrades?”

  • Reliably answering this is a lot harder than it looks, subject of countless discussions and really does need to parse /var/log/apt/history.log, which is painful.
  • The script below maintains a file /var/log/apt/lastupgrade with the last upgrade’s time stamp, for further processing.
  • Does NOT track invocations of apt-get upgrade that did not lead to package upgrades.
  • Does NOT look behind logfile rotations, which should not be a problem because it’s closely hooked to dpkg.

/usr/sbin/apt-lastupgrade:

#!/bin/bash

while IFS=: read -r key value
do
	if [[ "${key}" == 'Start-Date' ]]
	then
		upgraded=0
	elif [[ "${key}" == 'Upgrade' ]]
	then
		upgraded=1
	elif [[ "${key}" == 'End-Date' ]]
	then
		if [[ ${upgraded} -eq 1 ]]
		then
			printf -v lastupgrade "%s" "${value}"
		fi
		upgraded=0
	fi
done < /var/log/apt/history.log

if [[ -v lastupgrade ]]
then
	tee /var/log/apt/lastupgrade <<-Here
	# Timestamp of last upgrade: ${lastupgrade}
	Here
	touch -d "${lastupgrade}" /var/log/apt/lastupgrade
fi

/etc/apt/apt.conf.d/90lastupgrade:

DPkg::Post-Invoke {"/usr/bin/systemd-run --on-active=60 /usr/sbin/apt-lastupgrade || /bin/true"};

Path of running shell script, dirname for locating config files, includes etc.

me_path="$(readlink -f "${0}")"
me_dir="$(dirname "${me_path}")"
me_base="$(basename "${me_path}")"