[yum-commits] 2 commits - docs/yum-security.8 plugins/security

James Antill james at osuosl.org
Fri Nov 6 15:14:19 UTC 2009


 docs/yum-security.8          |    2 -
 plugins/security/security.py |   67 +++++++++++++++++++++++++++++++++++++------
 2 files changed, 59 insertions(+), 10 deletions(-)

New commits:
commit 6754c33dac7360a2ea3d48089da445debf09c862
Author: James Antill <james at and.org>
Date:   Fri Nov 6 10:11:52 2009 -0500

    Add summary-updateinfo command

diff --git a/docs/yum-security.8 b/docs/yum-security.8
index f8e65d5..e901578 100644
--- a/docs/yum-security.8
+++ b/docs/yum-security.8
@@ -37,7 +37,7 @@ both of the last two take these \fIsub-commands\fPs:
 .IP "\fB<advisory> [advisory...]\fP"
 Is used to display information about one or more advisories.
 .PP 
-.IP "\fBlist-updateinfo\fP" "\fBinfo-updateinfo\fP"
+.IP "\fBlist-updateinfo\fP" "\fBinfo-updateinfo\fP" "\fBsummary-updateinfo\fP"
 Is used to list all of the relevant errata notice information, from the
 updateinfo.xml data in yum. This includes bugzillas, CVEs and security updates.
 You can also list "new" packages, by passing new as the first argument.
diff --git a/plugins/security/security.py b/plugins/security/security.py
index a7192da..6261bd4 100755
--- a/plugins/security/security.py
+++ b/plugins/security/security.py
@@ -35,6 +35,8 @@
 # yum list-updateinfo security / sec
 # yum list-updateinfo new
 #
+# yum summary-updateinfo
+#
 # yum update-minimal --security
 
 import yum
@@ -55,7 +57,7 @@ __package_name__ = "yum-plugin-security"
 # newpackages is weird, in that we'll never display that because we filter to
 # things relevant to installed pkgs...
 __update_info_types__ = ("security", "bugfix", "enhancement",
-                         "recommended", "newpackages")
+                         "recommended", "newpackage")
 
 def _rpm_tup_vercmp(tup1, tup2):
     """ Compare two "std." tuples, (n, a, e, v, r). """
@@ -206,7 +208,7 @@ class SecurityListCommand:
         else:
             msg("%s %-8s %s" % (notice['update_id'], notice['type'], pkg))
 
-    def show_pkg_exit(self):
+    def show_pkg_exit(self, base, md_info):
         pass
 
     def _get_new_pkgs(self, md_info):
@@ -280,6 +282,7 @@ class SecurityListCommand:
                     continue
                 done_pkgs.add(pkgs[0].name)
                 self.show_pkg(base, msg, pkgs[0], notice, None)
+            self.show_pkg_exit(base, md_info)
             return 0, [basecmd + ' new done']
 
         opts.sec_cmds = extcmds
@@ -300,9 +303,10 @@ class SecurityListCommand:
                               notice, show_type)
         ysp_chk_used_map(used_map, msg)
 
-        self.show_pkg_exit()
+        self.show_pkg_exit(base, md_info)
         return 0, [basecmd + ' done']
             
+
 class SecurityInfoCommand(SecurityListCommand):
     show_pkg_info_done = {}
     def getNames(self):
@@ -315,10 +319,51 @@ class SecurityInfoCommand(SecurityListCommand):
         # Python-2.4.* doesn't understand str(x) returning unicode *sigh*
         obj = notice.__str__()
         msg(obj)
-    
-    def show_pkg_exit(self):
+
+    def show_pkg_exit(self, base, md_info):
+        self.show_pkg_info_done = {}
+
+
+class SecuritySummaryCommand(SecurityListCommand):
+    show_pkg_info_done = {}
+    def getNames(self):
+        return ['summary-updateinfo']
+
+    def show_pkg(self, base, msg, pkg, notice, disp=None):
+        if notice['update_id'] in self.show_pkg_info_done:
+            return
+        self.show_pkg_info_done[notice['update_id']] = notice
+
+    def show_pkg_exit(self, base, md_info):
+        def _msg(x):
+            print x
+        counts = {}
+        for notice in self.show_pkg_info_done.values():
+            counts[notice['type']] = counts.get(notice['type'], 0) + 1
+        maxsize = 0
+        for T in ('newpackage', 'security', 'bugfix', 'enhancement'):
+            if T not in counts:
+                continue
+            size = len(str(counts[T]))
+            if maxsize < size:
+                maxsize = size
+        if not maxsize:
+            _check_running_kernel(base, md_info, _msg)
+            return
+
+        outT = {'newpackage' : 'New Package',
+                'security' : 'Security',
+                'bugfix' : 'Bugfix',
+                'enhancement' : 'Enhancement'}
+        print "Updates Info Summary:"
+        for T in ('newpackage', 'security', 'bugfix', 'enhancement'):
+            if T not in counts:
+                continue
+            print "    %*u %s update(s)" % (maxsize, counts[T], outT[T])
+        _check_running_kernel(base, md_info, _msg)
         self.show_pkg_info_done = {}
 
+
 # "Borrowed" from yumcommands.py
 def yumcommands_checkRootUID(base):
     """
@@ -434,6 +479,7 @@ def config_hook(conduit):
 
     conduit.registerCommand(SecurityListCommand())
     conduit.registerCommand(SecurityInfoCommand())
+    conduit.registerCommand(SecuritySummaryCommand())
     conduit.registerCommand(SecurityUpdateCommand())
     def osec(opt, key, val, parser):
          # CVE is a subset of --security on RHEL, but not on Fedora
commit 003d8b76e4ca1f9433a7a98209f81073ab0f0da0
Author: James Antill <james at and.org>
Date:   Fri Nov 6 09:36:06 2009 -0500

    Move running kernel check to it's own function

diff --git a/plugins/security/security.py b/plugins/security/security.py
index 5491748..a7192da 100755
--- a/plugins/security/security.py
+++ b/plugins/security/security.py
@@ -578,10 +578,13 @@ def exclude_hook(conduit):
     else:
         conduit.info(2, 'No packages needed for security; %d packages available' % tot)
 
+    _check_running_kernel(conduit._base, md_info, lambda x: conduit.info(2, x))
+
+def _check_running_kernel(yb, md_info, msg):
     if not hasattr(yum.misc, 'get_running_kernel_pkgtup'):
         return # Back compat.
 
-    kern_pkgtup = yum.misc.get_running_kernel_pkgtup(self.ts)
+    kern_pkgtup = yum.misc.get_running_kernel_pkgtup(yb.ts)
     if kern_pkgtup[0] is None:
         return
 
@@ -590,7 +593,7 @@ def exclude_hook(conduit):
         if found_sec or notice['type'] != 'security':
             continue
         found_sec = True
-        ipkg = conduit._base.rpmdb.searchPkgTuple(pkgtup)
+        ipkg = yb.rpmdb.searchPkgTuple(pkgtup)
         if not ipkg:
             continue # Not installed
         ipkg = ipkg[0]
@@ -598,8 +601,8 @@ def exclude_hook(conduit):
                                    kern_pkgtup[3], kern_pkgtup[4],
                                    kern_pkgtup[1])
 
-        conduit.info(2, 'Security: %s is an installed security update' % ipkg)
-        conduit.info(2, 'Security: %s is the currently running version' % rpkg)
+        msg('Security: %s is an installed security update' % ipkg)
+        msg('Security: %s is the currently running version' % rpkg)
         break
 
 


More information about the Yum-commits mailing list