Automated YOU Security updates without Kernel

From MicroFocusInternationalWiki
Jump to: navigation, search

Application

If you have a need in your environment to apply Security updates without having a new Kernel being applyed, then the following should help you accomplish this goal.

Explanation

This script checks for available security updates and removes any kernel related update and applies the rest, and if there are no updates then it will append to /var/log/online_update.log stating that there are no updates available.

Script

Copy the text below into a file preferably named online_security_update.sh

--snip--

#!/bin/bash
# online_security_update.sh
# This script will calculate all security updates available for any SLES9 system and will remove the kernel from the patches to apply.
# The script will then download and install the patches, due to the nature of the online_update commands used.
# If no patches are available it will kick out a log of it in /var/log/online_update.log
# Note: this is only for SECURITY Updates. 
 
touch /tmp/patches.txt
touch /var/log/online_update.log
online_update -sd security | sed '/(Security)/ !d' | sed '/^ S / !d' | sed '/kernel/ d' | awk '{print $2}' | tr "\n" "," | sed '$s/.$//' >> /tmp/patches.txt
update=`</tmp/patches.txt`
if [ "$update" != "" ]; then
online_update -S $update
else 
echo "`date` -  No Security Updates Available" >> /var/log/online_update.log
fi
rm /tmp/patches.txt

--snip--

Once you have this shell script created you can save it in /usr/bin or something with the chmod 755 permissions on it. Now you are ready to set it up to run as a Cron Job at your desired date and time.

Enjoy!!