From 018fcce82c6b10f20dd950425e8751cb29a4c4f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki-Chudyk?= Date: Mon, 1 Aug 2016 07:07:58 +0200 Subject: [PATCH] add support for automatic security updates for fedora --- fedora/configure_fresh_system | 13 ++++++++-- fedora/etc/dnf/automatic.conf | 46 +++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 2 deletions(-) create mode 100644 fedora/etc/dnf/automatic.conf diff --git a/fedora/configure_fresh_system b/fedora/configure_fresh_system index a379a25e..09dbefa7 100755 --- a/fedora/configure_fresh_system +++ b/fedora/configure_fresh_system @@ -4,19 +4,28 @@ set -e #software and shell sudo dnf -y upgrade --best --allowerasing -sudo dnf -y --best --allowerasing install vim tmux atop zsh thunderbird thunderbird-enigmail thunderbird-lightning firefox aria2 gajim lm_sensors freecad python3-pip qt5-qtbase-devel qt5-qtwebkit-devel meld whois curl pv tor torsocks nodejs terminator gsmartcontrol python-pip mercurial python-devel libxslt-devel libjpeg-turbo-devel conky conky-manager redshift redshift-gtk cmake gtk2-devel intltool gparted wine solaar glances the_silver_searcher dkms kernel-devel gimp transmission-gtk git xz util-linux-user powertop +sudo dnf -y --best --allowerasing install vim tmux atop zsh thunderbird thunderbird-enigmail thunderbird-lightning firefox aria2 gajim lm_sensors freecad python3-pip qt5-qtbase-devel qt5-qtwebkit-devel meld whois curl pv tor torsocks nodejs terminator gsmartcontrol python-pip mercurial python-devel libxslt-devel libjpeg-turbo-devel conky conky-manager redshift redshift-gtk cmake gtk2-devel intltool gparted wine solaar glances the_silver_searcher dkms kernel-devel gimp transmission-gtk git xz util-linux-user powertop dnf-automatic FEDORA_VERSION=`rpm -E %fedora` sudo dnf -y install http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$FEDORA_VERSION.noarch.rpm sudo dnf -y install http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$FEDORA_VERSION.noarch.rpm sudo dnf -y --best --allowerasing install vlc splix gutenprint-cups cups-bjnp keepass mplayer golang ncurses-compat-libs kicad retext sudo dnf -y groupinstall "C Development Tools and Libraries" +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +cp -v /etc/dnf/automatic.conf /etc/dnf/automatic.conf.bak +cp -v $DIR/etc/dnf/automatic.conf /etc/dnf/automatic.conf +diff /etc/dnf/automatic.conf.bak /etc/dnf/automatic.conf + +sudo systemctl enable dnf-automatic.timer +sudo systemctl start dnf-automatic.timer +sudo systemctl list-timers "*dnf-*" + if [[ -z $DONT_START_TOR ]]; then sudo systemctl enable tor sudo systemctl start tor fi -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" DIR="$DIR/../" DIR="$DIR" $DIR/common/configure_fresh_system diff --git a/fedora/etc/dnf/automatic.conf b/fedora/etc/dnf/automatic.conf new file mode 100644 index 00000000..848f2c09 --- /dev/null +++ b/fedora/etc/dnf/automatic.conf @@ -0,0 +1,46 @@ +[commands] +# What kind of upgrade to perform: +# default = all available upgrades +# security = only the security upgrades +upgrade_type = security +random_sleep = 300 + +# Whether updates should be downloaded when they are available. +download_updates = yes + +# Whether updates should be applied when they are available. +# Note that if this is set to no, downloaded packages will be left in the +# cache regardless of the keepcache setting. +apply_updates = yes + + +[emitters] +# Name to use for this system in messages that are emitted. Default is the +# hostname. +# system_name = my-host + +# How to send messages. Valid options are stdio, email and motd. If +# emit_via includes stdio, messages will be sent to stdout; this is useful +# to have cron send the messages. If emit_via includes email, this +# program will send email itself according to the configured options. +# If emit_via includes motd, /etc/motd file will have the messages. +# Default is email,stdio. +emit_via = stdio,email + + +[email] +# The address to send email messages from. +email_from = root@skinnyv + +# List of addresses to send messages to. +email_to = admin@cyplo.net + +# Name of the host to connect to to send email messages. +email_host = localhost + + +[base] +# This section overrides dnf.conf + +# Use this to filter DNF core messages +debuglevel = 1