[Yum-devel] [PATCH] Make yum-cron code and config files prettier.

Matthew Miller mattdm at mattdm.org
Thu Jul 28 21:40:46 UTC 2011


On Thu, Jul 28, 2011 at 05:20:35PM -0400, James Antill wrote:
>  *nods*, pushed these ... more patches please :).

Cool. Here's one more, which _should_ only be cosmetic and have no changes
in functionality. The caveat is that I've only tested it lightly -- like, in
the past fifteen minutes. So it may have some accidentally-introduced bugs,
which in any case I promise to smooth out quickly. (It's now running live on
a couple of test systems, so I should find out.) If you want to wait to push
this one I understand. :)



-- 
Matthew Miller           mattdm at mattdm.org          <http://mattdm.org/>
-------------- next part --------------
>From 0c50ecaa5618d451dcf2ae29cfb3952ac0cb8ddf Mon Sep 17 00:00:00 2001
From: Matthew Miller <mattdm at mattdm.org>
Date: Thu, 28 Jul 2011 17:23:55 -0400
Subject: [PATCH 3/3] Make yum-cron code and config files prettier.

Added comments (including important clarifications for config options). Also
includes some somewhat-gratuitous formatting changes, but should have no
differences in functionality
---
 yum-cron/yum-cleanup.cron.sh |   11 ++-
 yum-cron/yum-cron.sh         |  135 ++++++++++++++++++++++++++----------------
 yum-cron/yum-cron.sysconfig  |  124 +++++++++++++++++++++++---------------
 yum-cron/yum-cron.sysvinit   |   19 +++---
 yum-cron/yum-update.cron.sh  |   13 +++--
 5 files changed, 185 insertions(+), 117 deletions(-)

diff --git a/yum-cron/yum-cleanup.cron.sh b/yum-cron/yum-cleanup.cron.sh
index 0842135..e38e80f 100755
--- a/yum-cron/yum-cleanup.cron.sh
+++ b/yum-cron/yum-cleanup.cron.sh
@@ -1,23 +1,26 @@
 #!/bin/bash
 
-# Only run if this flag file is set (by /etc/rc.d/init.d/yum-cron)
+# Only run if this flag is set. The flag is created by the yum-cron init
+# script when the service is started -- this allows one to use chkconfig and
+# the standard "service stop|start" commands to enable or disable yum-cron.
 if [[ ! -f /var/lock/subsys/yum-cron ]]; then
   exit 0
 fi
 
-# Grab config settings
+# Read configuration settings from the sysconfig directory.
 if [[ -f /etc/sysconfig/yum-cron ]]; then
   source /etc/sysconfig/yum-cron
 fi
 
-# Only run on certain days of the week 
+# Only run on certain days of the week, based on the
+# settings in the above-mentioned sysconfig file.
 dow=`date +%w` 
 DAYS_OF_WEEK=${DAYS_OF_WEEK:-0123456} 
 if [[ "${DAYS_OF_WEEK/$dow/}" == "${DAYS_OF_WEEK}" ]]; then 
   exit 0 
 fi 
 
-# And only _clean_ on a subset of that
+# And only _clean_ on a subset of the configured days.
 CLEANDAY=${CLEANDAY:-0}
 if [[ "${CLEANDAY/$dow/}" == "${CLEANDAY}" ]]; then
   exit 0
diff --git a/yum-cron/yum-cron.sh b/yum-cron/yum-cron.sh
index d1a32ec..1b690f1 100755
--- a/yum-cron/yum-cron.sh
+++ b/yum-cron/yum-cron.sh
@@ -1,110 +1,143 @@
 #!/bin/bash
 
+# This script is designed to be run from cron to automatically keep your
+# system up to date with the latest security patches and bug fixes. It
+# can download and/or apply package updates as configured in
+# /etc/sysconfig/yum-cron.
+
+
+# These are used by /etc/init.d/yum-cron on shutdown to protect against
+# abruptly shutting down mid-transaction. Therefore, you shouldn't change
+# them without changing that.
 LOCKDIR=/var/lock/yum-cron.lock
-LOCKFILE=$LOCKDIR/pidfile
+PIDFILE=$LOCKDIR/pidfile
 TSLOCK=$LOCKDIR/ts.lock
+
+
+# This is the home of the yum scripts which power the various actions the
+# yum-cron system performs.
 SCRIPTDIR=/usr/share/yum-cron/
 
-if [ -z "$1" ]; then
+# If no command line options were given, exit with a usage message.
+if [[ -z "$1" ]]; then
   echo "Usage: yum-cron {update|cleanup|...}"
   exit 1
 else
   ACTION=$1
 fi
 
+# If a command line option was given, it must match a yum script.
 YUMSCRIPT=${SCRIPTDIR}/${ACTION}.yum
-if [ ! -r $YUMSCRIPT ]; then
+if [[ ! -r $YUMSCRIPT ]]; then
   echo "Script for action \"$ACTION\" is not readable in $SCRIPTDIR."
   exit 1
 fi  
 
-# Grab config settings
-if [ -f /etc/sysconfig/yum-cron ]; then
+
+# Read the settings from our config file.
+if [[ -f /etc/sysconfig/yum-cron ]]; then
   source /etc/sysconfig/yum-cron
 fi
-# set default for SYSTEMNAME
-[ -z "$SYSTEMNAME" ]  && SYSTEMNAME=$( hostname ) 
 
-# if DOWNLOAD_ONLY is set then we force CHECK_ONLY too.
-# Gotta check before one can download!
-if [ "$DOWNLOAD_ONLY" == "yes" ]; then
-  CHECK_ONLY=yes
-fi
+# If no system name is set, use the hostname
+[[ -z "$SYSTEMNAME" ]] && SYSTEMNAME=$( hostname ) 
+
+# If DOWNLOAD_ONLY is set, then we force CHECK_ONLY too.
+# Gotta check for updates before we can possibly download them.
+[[ "$DOWNLOAD_ONLY" == "yes" ]] && CHECK_ONLY=yes
 
+# This holds the output from the "meat" of this script, so that it can
+# be nicely mailed to the configured destination when we're done.
 YUMTMP=$(mktemp /var/run/yum-cron.XXXXXX)
 touch $YUMTMP 
-[ -x /sbin/restorecon ] && /sbin/restorecon $YUMTMP
+# Yay SELinux.
+[[ -x /sbin/restorecon ]] && /sbin/restorecon $YUMTMP
 
-# Note - the lockfile code doesn't try and use YUMTMP to email messages nicely.
-# Too many ways to die, this gets handled by normal cron error mailing.
-# Try mkdir for the lockfile, will test for and make it in one atomic action
+# Here is the gigantic block of lockfile logic.
+#
+# Note: the lockfile code doesn't currently try and use YUMTMP to email
+# messages nicely, so this gets handled by normal cron error mailing.
+#
+
+# We use mkdir for the lockfile, as this will test for and if possible
+# create the lock in one atomic action. (So there's no race condition.)
 if mkdir $LOCKDIR 2>/dev/null; then
-  # store the current process ID in there so we can check for staleness later
-  echo "$$" >"${LOCKFILE}"
-  # and clean up locks and tempfile if the script exits or is killed  
-  trap "{ rm -f $LOCKFILE $TSLOCK; rmdir $LOCKDIR 2>/dev/null; rm -f $YUMTMP; exit 255; }" INT TERM EXIT
+  # Store the current process ID in the lock directory so we can check for
+  # staleness later.
+  echo "$$" >"${PIDFILE}"
+  # And, clean up locks and tempfile when the script exits or is killed.
+  trap "{ rm -f $PIDFILE $TSLOCK; rmdir $LOCKDIR 2>/dev/null; rm -f $YUMTMP; exit 255; }" INT TERM EXIT
 else
-  # lock failed, check if process exists.  First, if there's no PID file
-  # in the lock directory, something bad has happened, we can't know the
-  # process name, so clean up the old lockdir and restart
-  if [ ! -f $LOCKFILE ]; then
+  # Lock failed -- check if a running process exists.  
+  # First, if there's no PID file in the lock directory, something bad has
+  # happened.  We can't know the process name, so, clean up the old lockdir
+  # and restart.
+  if [[ ! -f $PIDFILE ]]; then
     rmdir $LOCKDIR 2>/dev/null
-    echo "yum-cron: no lock PID, clearing and restarting myself" >&2
+    echo "yum-cron: no lock PID; clearing and restarting myself." >&2
     exec $0 "$@"
   fi
-  OTHERPID="$(cat "${LOCKFILE}")"
+  OTHERPID="$(cat "${PIDFILE}")"
   # if cat wasn't able to read the file anymore, another instance probably is
   # about to remove the lock -- exit, we're *still* locked
-    if [ $? != 0 ]; then
-      echo "yum-cron: lock failed, PID ${OTHERPID} is active" >&2
+    if [[ $? != 0 ]]; then
+      echo "yum-cron: lock failed. PID ${OTHERPID} is active." >&2
       exit 0
     fi
     if ! kill -0 $OTHERPID &>/dev/null; then
-      # lock is stale, remove it and restart
-      echo "yum-cron: removing stale lock of nonexistant PID ${OTHERPID}" >&2
+      # Lock is stale. Remove it and restart.
+      echo "yum-cron: removing stale lock of nonexistant PID ${OTHERPID}." >&2
       rm -rf "${LOCKDIR}"
-      echo "yum-cron: restarting myself" >&2
+      echo "yum-cron: restarting myself." >&2
       exec $0 "$@"
     else
-      # Remove stale (more than a day old) lockfiles
+      # Remove lockfiles more than a day old -- they must be stale.
       find $LOCKDIR -type f -name 'pidfile' -amin +1440 -exec rm -rf $LOCKDIR \;
-      # if it's still there, it wasn't too old, bail
-      if [ -f $LOCKFILE ]; then
-        # lock is valid and OTHERPID is active - exit, we're locked!
-        echo "yum-cron: lock failed, PID ${OTHERPID} is active" >&2
+      # If it's still there, it *wasn't* too old. Bail!
+      if [[ -f $PIDFILE ]]; then
+        # Lock is valid and OTHERPID is active -- exit, we're locked!
+        echo "yum-cron: lock failed. PID ${OTHERPID} is active." >&2
         exit 0
       else
-        # lock was invalid, restart
-        echo "yum-cron: removing stale lock belonging to stale PID ${OTHERPID}" >&2
-        echo "yum-cron: restarting myself" >&2
+        # Lock was invalid. Restart.
+        echo "yum-cron: removing stale lock belonging to stale PID ${OTHERPID}." >&2
+        echo "yum-cron: restarting myself." >&2
         exec $0 "$@"
       fi
     fi
 fi
 
-# Now, do the actual work; we special case "update" because it has
-# complicated conditionals; for everything else we just run yum with the
-# right parameters and corresponding script.  Right now, that's just
-# "cleanup" but theoretically there could be other actions.
+# Now, do the actual work.
+
+# We special case "update" because it has complicated conditionals; for
+# everything else we just run yum with the right parameters and
+# corresponding script.  Right now, that's just "cleanup" but theoretically
+# there could be other actions.
 
 {
   case "$ACTION" in
     update)
-        if [ "$CHECK_ONLY" == "yes" ]; then
+        # There's three broad possibilties here:
+        #   CHECK_ONLY (possibly with DOWNLOAD_ONLY)
+        #   CHECK_FIRST (exits _silently_ if we can't access the repos)
+        #   nothing special -- just do it
+        
+        if [[ "$CHECK_ONLY" == "yes" ]]; then
+          # TSLOCK is used by the safe-shutdown code in the init script.
           touch $TSLOCK
           /usr/bin/yum $YUM_PARAMETER -e 0 -d 0 -y check-update 1> /dev/null 2>&1
           case $? in
             1)   exit 1;;
             100) echo "New updates available for host $SYSTEMNAME";
                  /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y -C check-update
-                 if [ "$DOWNLOAD_ONLY" == "yes" ]; then
+                 if [[ "$DOWNLOAD_ONLY" == "yes" ]]; then
                      /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y --downloadonly update
                      echo "Updates downloaded. Use \"yum -C update\" manually to install them."
                  fi
                  ;;
           esac
-        elif [ "$CHECK_FIRST" == "yes" ]; then
-          # Don't run if we can't access the repos
+        elif [[ "$CHECK_FIRST" == "yes" ]]; then
+          # Don't run if we can't access the repos.
           touch $TSLOCK
           /usr/bin/yum $YUM_PARAMETER -e 0 -d 0 check-update 2>&-
           case $? in
@@ -126,11 +159,11 @@ fi
 
 } >> $YUMTMP 2>&1
 
-if [ ! -z "$MAILTO" ] && [ -x /bin/mail ]; then 
-# if MAILTO is set, use mail command (ie better than standard mail with cron output) 
-  [ -s "$YUMTMP" ] && mail -s "System update: $SYSTEMNAME" $MAILTO < $YUMTMP 
+if [[ ! -z "$MAILTO" && -x /bin/mail ]]; then 
+# If MAILTO is set, use mail command for prettier output.
+  [[ -s "$YUMTMP" ]] && mail -s "System update: $SYSTEMNAME" $MAILTO < $YUMTMP 
 else 
-# default behavior is to use cron's internal mailing of output from cron-script
+# The default behavior is to use cron's internal mailing of output.
   cat $YUMTMP
 fi 
 rm -f $YUMTMP 
diff --git a/yum-cron/yum-cron.sysconfig b/yum-cron/yum-cron.sysconfig
index 5b40237..a689446 100644
--- a/yum-cron/yum-cron.sysconfig
+++ b/yum-cron/yum-cron.sysconfig
@@ -1,64 +1,92 @@
-# Pass any given paramter to yum, as run in all the scripts invoked
-# by this package.  Be aware that this is global, and yum is invoked in 
-# several modes by these scripts for which your own parameter might not
-# be appropriate
+# This is the configuration file for yum-cron, a simple system for
+# keeping your machine up to date. These options are used variously by
+# the main script, by the cron scripts, and by the init script.
+
+# Main Options
+#--------------------------------------------------------------------------
+
+# Pass any given parameter to yum, as run in all the scripts invoked by
+# this package. Be aware that this is global, and yum is invoked in
+# several modes by these scripts, and your parameter might not be
+# appropriate in all cases.
 YUM_PARAMETER=
 
-# Don't install, just check (valid: yes|no)
+# Don't install; just check and report. 
+# (Valid options: yes|no)
 CHECK_ONLY=no
 
-# Check to see if you can reach the repos before updating (valid: yes|no)
+# Don't install; just check for and download any pending updates. This
+# implies CHECK_ONLY=yes, as we've gotta check first to see what to
+# download.
+# (Valid options: yes|no)
+DOWNLOAD_ONLY=no
+
+# Check to see if we can reach the repos before attempting an update.
+# If there is an error, exit silently with no output. You might want
+# this if you know your network connectivity is sporadic.
+# (Valid options: yes|no)
 CHECK_FIRST=no
 
-# Don't install, just check and download (valid: yes|no)
-# Implies CHECK_ONLY=yes (gotta check first to see what to download)
-DOWNLOAD_ONLY=no
 
-# Error level, practical range 0-10, 0 means print only critical errors which
-# you must be told, 1 means print all errors, even ones that are not important
-# Level 0 is the default
-# ERROR_LEVEL=0
-
-# Debug level, practical range 0-10, higher number means more output
-# Level 1 is a useful level if you want to see what's been done and
-# don't want to read /var/log/yum.log
-# Level 0 is the default
-# DEBUG_LEVEL=1
-
-# Wait a random time before applying updates.
-# With a value of 60, yum-cron will waits random time from 1 to 60 minutes.
-# The value must not be zero
-# Note that this parameter affects the daily cron script; if you change that
-# file or run yum-cron in a different way it will have no effect.
-RANDOMWAIT="60"
-
-# if MAILTO is set and the mail command is available, the mail command 
-# is used to deliver yum output
-
-# by default MAILTO is unset, so crond mails the output by itself
-# example:  MAILTO=root
-MAILTO= 
-
-# you may set SYSTEMNAME if you want your yum emails tagged differently
-# default is output of hostname command 
-# this variable is used only if MAILTO is set too
+# Yum error level. The practical range is 0-10, where 0 means print
+# only critical errors, and 10 means print all errors, even ones that
+# are not important. Level 0 is the default if nothing is set.
+ERROR_LEVEL=0
+
+# Yum debug level. The practical range is 0-10; a higher number means
+# more output. Level 1 is a useful level if you want to see what's been
+# done and don't want to read /var/log/yum.log. Level 0 is the default
+# if no value is set here.
+DEBUG_LEVEL=1
+
+# If MAILTO is set and the /bin/mail command is available, the mail
+# command is used to deliver yum output. If MAILTO is unset, crond will
+# send the output by itself, usually to root (but with a less useful
+# subject line).
+MAILTO=root
+
+# The reports generated by this command generally use the hostname of
+# the system as reported by the hostname command. If you'd prefer to
+# use something else, you can set that here.
 #SYSTEMNAME="" 
 
-# you may set DAYS_OF_WEEK to the days of the week you want to run 
-# default is every day 
-# Note that this parameter affects the daily cron script; if you change that
-# file or run yum-cron in a different way it will have no effect.
+# Scheduling Options (used by the default cron scripts,
+# /etc/cron.daily/yum-cleanup.cron and /etc/cron.daily/yum-update.cron)
+# 
+#   Note that if you use a different cron configuration (for example,
+#   removing the default scripts and adding an entry in /etc/cron.d),
+#   these values will have no effect -- unless you read and act on them
+#   in your new configuration.
+#--------------------------------------------------------------------------
+
+# Wait for a random time up to the given number of minutes before
+# applying updates. With a value of 60, yum-cron will delay between 1
+# and 60 minutes. A value of 0 will result in no delay, which is handy
+# if you want to ensure that updates happen at a known time, but could
+# be bad for update servers to be hit by all clients at exactly the
+# same time.
+RANDOMWAIT=60
+
+# You may set DAYS_OF_WEEK to the numeric days of the week you want to
+# run, where 0 is Sunday and 6 is Saturday. The default is to run every
+# day.
 #DAYS_OF_WEEK="0123456" 
 
-# which day should it do cleanup on?  defaults to 0 (Sunday).  If this day isn't in the 
-# DAYS_OF_WEEK above, it'll never happen
-# Note that this parameter affects the daily cron script; if you change that
-# file or run yum-cron in a different way it will have no effect.
+# The cleanup task (which clears the package cache) can run on a subset
+# of the days above. (If the value chosen here doesn't appear in
+# DAYS_OF_WEEK, the cleanup task will never happen.)
 CLEANDAY="0"
 
-# set to yes to make the yum-cron service to wait for transactions to complete
+# Init System Options (used by /etc/init.d/yum-cron)
+#--------------------------------------------------------------------------
+
+# If SERVICE_WAITS is set to "yes", and a transaction is in progress
+# when the yum-cron service is stopped, the init script will wait 
+# up to SERVICE_WAIT_TIME seconds before killing the task. Without
+# this, system shutdown continues as normal, potentially breaking
+# in-progress transactions.
+# (Valid options: yes|no)
 SERVICE_WAITS=yes
 
-# set maximum time period (in seconds) for the yum-cron service to wait for
-# transactions to complete.  The default is 300 seconds (5 minutes)
+# 300 is the default.
 SERVICE_WAIT_TIME=300
diff --git a/yum-cron/yum-cron.sysvinit b/yum-cron/yum-cron.sysvinit
index 63c5ec0..084dd32 100755
--- a/yum-cron/yum-cron.sysvinit
+++ b/yum-cron/yum-cron.sysvinit
@@ -1,12 +1,13 @@
 #!/bin/bash
 #
-# yum-cron           This shell script enables the automatic use of YUM
-#
-# Author:       Seth Vidal <skvidal at phy.duke.edu>
+# yum-cron      Enable or disable scheduled yum system updates.
 #
 # chkconfig:	- 50 01
 #
-# description:  Enable daily run of yum, a program updater.
+# description:  This controls whether yum-cron runs. If this service is \
+#               off, the yum-cron scripts in /etc/cron.daily exit \
+#               immediately; otherwise, they download and/or apply package \
+#               updates as configured in /etc/sysconfig/yum-cron.
 # processname:  yum-cron
 # config: /etc/yum/yum-daily.yum
 #
@@ -23,14 +24,14 @@ yumcronpid=/var/lock/yum-cron.lock/pidfile
 RETVAL=0
 
 start() {
-	echo -n $"Enabling nightly yum update: "
+	echo -n $"Enabling scheduled yum updates: "
 	touch "$lockfile" && success || failure
 	RETVAL=$?
 	echo
 }
 
 stop() {
-	echo -n $"Disabling nightly yum update: "
+	echo -n $"Disabling scheduled yum updates: "
 	if [ -f "$yumcronpid" -a "$SERVICE_WAITS" = "yes" ]; then
 	  yum_done=0
 	  if [ ! -f $tslock ]; then
@@ -39,7 +40,7 @@ stop() {
 	    yum_done=1
 	  fi
 	  if [ $yum_done -eq 0 ]; then
-	    echo -n $"Waiting for yum "
+	    echo -n $"Waiting for in-progress yum transaction "
 	    if [ -z "$SERVICE_WAIT_TIME" ]; then
 	      SERVICE_WAIT_TIME=300
 	    fi
@@ -87,10 +88,10 @@ case "$1" in
 	;;
   status)
 	if [ -f $lockfile ]; then
-		echo $"Nightly yum update is enabled."
+		echo $"Scheduled yum updates are enabled."
 		RETVAL=0
 	else
-		echo $"Nightly yum update is disabled."
+		echo $"Scheduled yum updates are disabled."
 		RETVAL=3
 	fi
 	;;
diff --git a/yum-cron/yum-update.cron.sh b/yum-cron/yum-update.cron.sh
index 1801a11..c439ad3 100755
--- a/yum-cron/yum-update.cron.sh
+++ b/yum-cron/yum-update.cron.sh
@@ -1,25 +1,28 @@
 #!/bin/bash
 
-# Only run if this flag file is set (by /etc/rc.d/init.d/yum-cron)
+# Only run if this flag is set. The flag is created by the yum-cron init
+# script when the service is started -- this allows one to use chkconfig and
+# the standard "service stop|start" commands to enable or disable yum-cron.
 if [[ ! -f /var/lock/subsys/yum-cron ]]; then
   exit 0
 fi
 
-# Grab config settings
+# Read configuration settings from the sysconfig directory.
 if [[ -f /etc/sysconfig/yum-cron ]]; then
   source /etc/sysconfig/yum-cron
 fi
 
-# Only run on certain days of the week 
+# Only run on certain days of the week, based on the
+# settings in the above-mentioned sysconfig file.
 dow=`date +%w` 
 DAYS_OF_WEEK=${DAYS_OF_WEEK:-0123456} 
 if [[ "${DAYS_OF_WEEK/$dow/}" == "${DAYS_OF_WEEK}" ]]; then 
   exit 0 
 fi 
 
-# Random wait
+# Wait a random number of minutes, again based on
+# the setting in the sysconfig file.
 [[ $RANDOMWAIT -gt 0 ]] && sleep $(( $RANDOM % ($RANDOMWAIT * 60) + 1 ))
 
 # Action!
 exec /usr/sbin/yum-cron update
-
-- 
1.7.6



More information about the Yum-devel mailing list