Upgrade Linux TinyCore Relay to version 12.0 (5.10.3-tinycore)
Log In or Register to download the BES file, and more.

0 Votes

Description

IMPORTANT NOTES:

  • Due to the potential TinyCore Linux relay configuration being unique to each BigFix deployment, this will need to be thoroughly tested in your own environment before deploying to Production.
  • This fixlet requires all files to be cached on the BigFix root server.  The prefetch block in the action script is blank for this reason.  You will need to manually cache all files listed below and update the prefetch statement. 
  • This fixlet is designed to upgrade from a specific existing TinyCore Linux v10 configuration.  If you are upgrading from a different version and do not have the same extensions installed, you will need to modify the action script

This fixlet will upgrade relays running Linux TinyCore 10.0 to Linux TinyCore 12.0.  The OS, kernel, and extensions will be upgraded.  The filetool format is also updated to work with Linux TinyCore 12.0.  VM Tools and openssl are both updated in this fixlet.

This fixlet requires all files (os, kernel, and extensions) to be cached on the BigFix server.  The extensions can be downloaded locally on the relay using the TinyCore repo using the built in "tce-" commands or directly from the following URL: https://distro.ibiblio.org/tinycorelinux/12.x/x86/tcz/

The files in this fixlet have been tested as of 12/31/2021.

If version rollback is needed, all files are backed up to "/home/tc/v10_backup/".

The following files will be updated/added and are cached on the BigFix server:

  • core.gz
  • vmlinuz
  • bzip2-lib.tcz
  • bzip2-lib.tcz.md5.txt
  • fuse.tcz
  • fuse.tcz.md5.txt
  • glib2.tcz
  • glib2.tcz.dep
  • glib2.tcz.md5.txt
  • libdnet.tcz
  • libdnet.tcz.md5.txt
  • libffi.tcz
  • libffi.tcz.md5.txt
  • libtirpc.tcz
  • libtirpc.tcz.md5.txt
  • ncursesw.tcz
  • ncursesw.tcz.md5.txt
  • nspr.tcz
  • nspr.tcz.md5.txt
  • nss.tcz
  • nss.tcz.dep
  • nss.tcz.md5.txt
  • openssl-1.1.1.tcz
  • openssl-1.1.1.tcz.md5.txt
  • open-vm-tools.tcz
  • open-vm-tools.tcz.dep
  • open-vm-tools.tcz.md5.txt
  • pcre.tcz
  • pcre.tcz.dep
  • pcre.tcz.md5.txt
  • sqlite3.tcz
  • sqlite3.tcz.md5.txt
  • tzdata.tcz
  • tzdata.tcz.md5.txt

This fixlet removes the following two extensions. openssl has been replaced by openssl-1.1.1 and libattr is no longer present in the v12 repo.

  • openssl
  • libattr

Property Details

ID26907
StatusBeta - Preliminary testing ready for more
TitleUpgrade Linux TinyCore Relay to version 12.0 (5.10.3-tinycore)
Sourcejules.miller@va.gov
Source Release Date2/25/2022 12:00:00 AM
KeywordsTiny Core Linux, Virtual Relay Appliance
Added by on 2/25/2022 11:29:01 AM
Last Modified by on 3/26/2022 6:40:08 PM
Counters 892 Views / 2 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 8 fixlets   * Results in a true/false
Show indented relevance
name of operating system contains "TinyCore"
Used in 1 fixlet   * Results in a true/false
Show indented relevance
exists relay service whose (version of it >= "10.0.5")
Used in 1 fixlet   * Results in a true/false
Show indented relevance
version of operating system = "10.0"
Used in 1 fixlet   * Results in a true/false
Show indented relevance
not (it as string = "Linux TinyCore 12.0 (5.10.3-tinycore)") of operating system
Used in 1 fixlet   * Results in a true/false
Show indented relevance
not exists file "/mnt/sda1/tce/optional/openssh.tcz" OR not exists file "/usr/local/etc/ssh/ssh_config.orig" OR not exists lines whose (it = "openssh.tcz") of files "/mnt/sda1/tce/onboot.lst"

Actions

Action 1 (default)

Action Link Click here to deploy this action.
Script Type BigFix Action Script
//TinyCore v12 Upgrade

//Download the files

//INSERT PREFETCH STATEMENT HERE

//Verify the downloaded files exist

continue if {exists (file of folder (pathname of folder "__Download" of client folder of current site)) whose (name of it contains "core.gz")}
continue if {exists (file of folder (pathname of folder "__Download" of client folder of current site)) whose (name of it contains "vmlinuz")}
continue if {(it = 32) of number of (files of folder (pathname of folder "__Download" of client folder of current site)) whose (name of it contains ".tcz")}

//Create backup directory for v10 files

if {not exists folder "/home/tc/v10_backup"}

wait mkdir /home/tc/v10_backup

endif

//Backup the old OS, Kernel

wait mv -f /mnt/sda1/tce/boot/core.gz /home/tc/v10_backup/
wait mv -f /mnt/sda1/tce/boot/vmlinuz /home/tc/v10_backup/

//Copy in the v12 OS and Kernel

continue if {not exists file "/mnt/sda1/tce/boot/core.gz"}
continue if {not exists file "/mnt/sda1/tce/boot/vmlinuz"}

wait mv -f "{pathname of file "core.gz" of folder "__Download" of client folder of current site}" /mnt/sda1/tce/boot/
wait mv -f "{pathname of file "vmlinuz" of folder "__Download" of client folder of current site}" /mnt/sda1/tce/boot/

continue if {exists file "/mnt/sda1/tce/boot/core.gz"}
continue if {exists file "/mnt/sda1/tce/boot/vmlinuz"}

//Backup the old extensions, md5 and dep files that are being upgraded

delete __appendfile
appendfile #!/bin/sh
appendfile mv -f /mnt/sda1/tce/optional/fuse.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/glib2.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/libdnet.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/libffi.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/libtirpc.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/ncursesw.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/nspr.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/nss.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/open-vm-tools.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/sqlite3.tcz* /home/tc/v10_backup/
appendfile mv -f /mnt/sda1/tce/optional/tzdata.tcz* /home/tc/v10_backup/
appendfile cp -f /mnt/sda1/tce/optional/openssl.tcz* /home/tc/v10_backup/
appendfile cp -f /mnt/sda1/tce/optional/libattr.tcz* /home/tc/v10_backup/

//Copy in the updated v12 extensions

appendfile mv -f {(concatenations ("\ ") of substrings separated by " " of it) of (pathname of folder "__Download" of client folder of current site & "/*.tcz*")} /mnt/sda1/tce/optional/

//Create and Run the extcopy script

delete /var/opt/BESClient/extcopy.sh
move __appendfile /var/opt/BESClient/extcopy.sh
wait chmod 555 /var/opt/BESClient/extcopy.sh
run /bin/sh /var/opt/BESClient/extcopy.sh

//Wait 1 minutes.
// Set starting time
parameter "startTime1" = "{apparent registration server time}"

pause while {(apparent registration server time - time (parameter "startTime1")) < 1*minute}

continue if {(it = 31) of number of (files of folder "/home/tc/v10_backup/")}
continue if {(exists file "/mnt/sda1/tce/optional/openssl-1.1.1.tcz") AND (exists file "/mnt/sda1/tce/optional/openssl-1.1.1.tcz.md5.txt")}

//Remove openssl and libattr extensions via tce audit delete

delete __appendfile
appendfile #!/bin/sh
appendfile su -c "tce-audit builddb" tc
appendfile su -c "tce-audit delete openssl" tc
appendfile su -c "tce-audit delete libattr" tc

//Remove openssl and libattr from onboot.lst

appendfile sed -i '/openssl.tcz/d' /mnt/sda1/tce/onboot.lst
appendfile sed -i '/libattr.tcz/d' /mnt/sda1/tce/onboot.lst

//Add pcre.tcz and openssl-1.1.1.tcz to onboot.lst

if {(not exists (lines of file "/mnt/sda1/tce/onboot.lst") whose (it contains "openssl-1.1.1.tcz"))}

appendfile echo 'openssl-1.1.1.tcz' >> /mnt/sda1/tce/onboot.lst

endif

if {(not exists (lines of file "/mnt/sda1/tce/onboot.lst") whose (it contains "pcre.tcz"))}

appendfile echo 'pcre.tcz' >> /mnt/sda1/tce/onboot.lst

endif

//Filetool fix

if {(exists (lines of file "/opt/.filetool.lst") whose (it contains "/etc/shadow"))}

appendfile sed -i 's/\///' /opt/.filetool.lst

endif

//filetool.sh -b

appendfile sudo filetool.sh -b
appendfile sleep 10
appendfile sudo reboot

//Create and Run the v12upgrade script

delete /var/opt/BESClient/v12upgrade.sh
move __appendfile /var/opt/BESClient/v12upgrade.sh
wait chmod 555 /var/opt/BESClient/v12upgrade.sh
run /bin/sh /var/opt/BESClient/v12upgrade.sh
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!