Upgrade Linux TinyCore Relay to version 12.0 (5.10.3-tinycore)
| 0 Votes |
Description
IMPORTANT NOTES:
- Due to the potential TinyCore Linux relay configuration being unique to each BigFix deployment, this will need to be thoroughly tested in your own environment before deploying to Production.
- This fixlet requires all files to be cached on the BigFix root server. The prefetch block in the action script is blank for this reason. You will need to manually cache all files listed below and update the prefetch statement.
- This fixlet is designed to upgrade from a specific existing TinyCore Linux v10 configuration. If you are upgrading from a different version and do not have the same extensions installed, you will need to modify the action script
This fixlet will upgrade relays running Linux TinyCore 10.0 to Linux TinyCore 12.0. The OS, kernel, and extensions will be upgraded. The filetool format is also updated to work with Linux TinyCore 12.0. VM Tools and openssl are both updated in this fixlet.
This fixlet requires all files (os, kernel, and extensions) to be cached on the BigFix server. The extensions can be downloaded locally on the relay using the TinyCore repo using the built in "tce-" commands or directly from the following URL: https://distro.ibiblio.org/tinycorelinux/12.x/x86/tcz/
The files in this fixlet have been tested as of 12/31/2021.
If version rollback is needed, all files are backed up to "/home/tc/v10_backup/".
The following files will be updated/added and are cached on the BigFix server:
- core.gz
- vmlinuz
- bzip2-lib.tcz
- bzip2-lib.tcz.md5.txt
- fuse.tcz
- fuse.tcz.md5.txt
- glib2.tcz
- glib2.tcz.dep
- glib2.tcz.md5.txt
- libdnet.tcz
- libdnet.tcz.md5.txt
- libffi.tcz
- libffi.tcz.md5.txt
- libtirpc.tcz
- libtirpc.tcz.md5.txt
- ncursesw.tcz
- ncursesw.tcz.md5.txt
- nspr.tcz
- nspr.tcz.md5.txt
- nss.tcz
- nss.tcz.dep
- nss.tcz.md5.txt
- openssl-1.1.1.tcz
- openssl-1.1.1.tcz.md5.txt
- open-vm-tools.tcz
- open-vm-tools.tcz.dep
- open-vm-tools.tcz.md5.txt
- pcre.tcz
- pcre.tcz.dep
- pcre.tcz.md5.txt
- sqlite3.tcz
- sqlite3.tcz.md5.txt
- tzdata.tcz
- tzdata.tcz.md5.txt
This fixlet removes the following two extensions. openssl has been replaced by openssl-1.1.1 and libattr is no longer present in the v12 repo.
- openssl
- libattr
Property Details
| 26907 | |
| Beta - Preliminary testing ready for more | |
| Upgrade Linux TinyCore Relay to version 12.0 (5.10.3-tinycore) | |
| jules.miller@va.gov | |
| 2/25/2022 12:00:00 AM | |
| Tiny Core Linux, Virtual Relay Appliance | |
| JulesM on 2/25/2022 11:29:01 AM | |
| JulesM on 3/26/2022 6:40:08 PM | |
| 892 Views / 2 Downloads | |
* Average over 0 ratings.
** Log In or Register to add your rating.
|
Relevance
| Used in 8 fixlets | * Results in a true/false |
name of operating system contains "TinyCore"
| Used in 1 fixlet | * Results in a true/false |
exists relay service whose (version of it >= "10.0.5")
| Used in 1 fixlet | * Results in a true/false |
not (it as string = "Linux TinyCore 12.0 (5.10.3-tinycore)") of operating system
| Used in 1 fixlet | * Results in a true/false |
not exists file "/mnt/sda1/tce/optional/openssh.tcz" OR not exists file "/usr/local/etc/ssh/ssh_config.orig" OR not exists lines whose (it = "openssh.tcz") of files "/mnt/sda1/tce/onboot.lst"
Actions
Action 1 (default)
Action Link Click
here to deploy this action.
Script Type
BigFix Action Script
//TinyCore v12 Upgrade
//Download the files
//INSERT PREFETCH STATEMENT HERE
//Verify the downloaded files exist
continue if {exists (file of folder (pathname of folder "__Download" of client folder of current site)) whose (name of it contains "core.gz")}
continue if {exists (file of folder (pathname of folder "__Download" of client folder of current site)) whose (name of it contains "vmlinuz")}
continue if {(it = 32) of number of (files of folder (pathname of folder "__Download" of client folder of current site)) whose (name of it contains ".tcz")}
//Create backup directory for v10 files
if {not exists folder "/home/tc/v10_backup"}
wait mkdir /home/tc/v10_backup
endif
//Backup the old OS, Kernel
wait mv -f /mnt/sda1/tce/boot/core.gz /home/tc/v10_backup/
wait mv -f /mnt/sda1/tce/boot/vmlinuz /home/tc/v10_backup/
//Copy in the v12 OS and Kernel
continue if {not exists file "/mnt/sda1/tce/boot/core.gz"}
continue if {not exists file "/mnt/sda1/tce/boot/vmlinuz"}
wait mv -f "{pathname of file "core.gz" of folder "__Download" of client folder of current site}" /mnt/sda1/tce/boot/
wait mv -f "{pathname of file "vmlinuz" of folder "__Download" of client folder of current site}" /mnt/sda1/tce/boot/
continue if {exists file "/mnt/sda1/tce/boot/core.gz"}
continue if {exists file "/mnt/sda1/tce/boot/vmlinuz"}
//Backup the old extensions, md5 and dep files that are being upgraded
delete __appendfile
appendfile #!/bin/sh
appendfile mv -f /mnt/sda1/tce/optional/fuse.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/glib2.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/libdnet.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/libffi.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/libtirpc.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/ncursesw.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/nspr.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/nss.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/open-vm-tools.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/sqlite3.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/tzdata.tcz* /home/tc/v10_backup/
appendfile cp -f /mnt/sda1/tce/optional/openssl.tcz* /home/tc/v10_backup/
appendfile cp -f /mnt/sda1/tce/optional/libattr.tcz* /home/tc/v10_backup/
//Copy in the updated v12 extensions
appendfile mv -f {(concatenations ("\ ") of substrings separated by " " of it) of (pathname of folder "__Download" of client folder of current site & "/*.tcz*")} /mnt/sda1/tce/optional/
//Create and Run the extcopy script
delete /var/opt/BESClient/extcopy.sh
move __appendfile /var/opt/BESClient/extcopy.sh
wait chmod 555 /var/opt/BESClient/extcopy.sh
run /bin/sh /var/opt/BESClient/extcopy.sh
//Wait 1 minutes.
// Set starting time
parameter "startTime1" = "{apparent registration server time}"
pause while {(apparent registration server time - time (parameter "startTime1")) < 1*minute}
continue if {(it = 31) of number of (files of folder "/home/tc/v10_backup/")}
continue if {(exists file "/mnt/sda1/tce/optional/openssl-1.1.1.tcz") AND (exists file "/mnt/sda1/tce/optional/openssl-1.1.1.tcz.md5.txt")}
//Remove openssl and libattr extensions via tce audit delete
delete __appendfile
appendfile #!/bin/sh
appendfile su -c "tce-audit builddb" tc
appendfile su -c "tce-audit delete openssl" tc
appendfile su -c "tce-audit delete libattr" tc
//Remove openssl and libattr from onboot.lst
appendfile sed -i '/openssl.tcz/d' /mnt/sda1/tce/onboot.lst
appendfile sed -i '/libattr.tcz/d' /mnt/sda1/tce/onboot.lst
//Add pcre.tcz and openssl-1.1.1.tcz to onboot.lst
if {(not exists (lines of file "/mnt/sda1/tce/onboot.lst") whose (it contains "openssl-1.1.1.tcz"))}
appendfile echo 'openssl-1.1.1.tcz' >> /mnt/sda1/tce/onboot.lst
endif
if {(not exists (lines of file "/mnt/sda1/tce/onboot.lst") whose (it contains "pcre.tcz"))}
appendfile echo 'pcre.tcz' >> /mnt/sda1/tce/onboot.lst
endif
//Filetool fix
if {(exists (lines of file "/opt/.filetool.lst") whose (it contains "/etc/shadow"))}
appendfile sed -i 's/\///' /opt/.filetool.lst
endif
//filetool.sh -b
appendfile sudo filetool.sh -b
appendfile sleep 10
appendfile sudo reboot
//Create and Run the v12upgrade script
delete /var/opt/BESClient/v12upgrade.sh
move __appendfile /var/opt/BESClient/v12upgrade.sh
wait chmod 555 /var/opt/BESClient/v12upgrade.sh
run /bin/sh /var/opt/BESClient/v12upgrade.sh
Success Criteria
This action will be considered successful when the applicability relevance evaluates to false.
Sharing
| Social Media: |
