diff options
author | Simon Rettberg | 2023-12-19 17:56:50 +0100 |
---|---|---|
committer | Simon Rettberg | 2023-12-19 17:56:50 +0100 |
commit | 2dc85873f1331f9d419372cb7b540039abcd3b7e (patch) | |
tree | 3ab67c274c78dc47a19e5bbf88c444e38d47db4e | |
parent | [rebootcontrol] Hide client2client subnets in details view if disabled (diff) | |
download | slx-admin-2dc85873f1331f9d419372cb7b540039abcd3b7e.tar.gz slx-admin-2dc85873f1331f9d419372cb7b540039abcd3b7e.tar.xz slx-admin-2dc85873f1331f9d419372cb7b540039abcd3b7e.zip |
[systemstatus] Add notice about security updates to main page
8 files changed, 85 insertions, 3 deletions
diff --git a/inc/taskmanagercallback.inc.php b/inc/taskmanagercallback.inc.php index 01301be4..fd3cc182 100644 --- a/inc/taskmanagercallback.inc.php +++ b/inc/taskmanagercallback.inc.php @@ -230,4 +230,13 @@ class TaskmanagerCallback IPxeBuilder::compileCompleteCallback($task); } + public static function ssUpgradable(array $task): void + { + $mod = Module::get('systemstatus'); + if ($mod === false) + return; + $mod->activate(1, false); + SystemStatus::setUpgradableData($task); + } + } diff --git a/modules-available/systemstatus/hooks/cron.inc.php b/modules-available/systemstatus/hooks/cron.inc.php new file mode 100644 index 00000000..91e069d4 --- /dev/null +++ b/modules-available/systemstatus/hooks/cron.inc.php @@ -0,0 +1,6 @@ +<?php + +if ((int)gmdate('i') < 5) { + // Don't care about task, this will register a callback + SystemStatus::getUpgradableTask(); +}
\ No newline at end of file diff --git a/modules-available/systemstatus/hooks/main-warning.inc.php b/modules-available/systemstatus/hooks/main-warning.inc.php index facf5d83..6b0ac981 100644 --- a/modules-available/systemstatus/hooks/main-warning.inc.php +++ b/modules-available/systemstatus/hooks/main-warning.inc.php @@ -1,5 +1,10 @@ <?php +$cnt = SystemStatus::getUpgradableSecurityCount(); +if ($cnt > 0) { + Message::addWarning('systemstatus.security-updates-available', true, $cnt); +} + $pkgs = SystemStatus::getPackagesRequiringReboot(); if (!empty($pkgs)) { Message::addInfo('systemstatus.update-reboot-required', true, implode(', ', $pkgs)); diff --git a/modules-available/systemstatus/inc/systemstatus.inc.php b/modules-available/systemstatus/inc/systemstatus.inc.php index 4f87fa4e..dc81419f 100644 --- a/modules-available/systemstatus/inc/systemstatus.inc.php +++ b/modules-available/systemstatus/inc/systemstatus.inc.php @@ -3,6 +3,8 @@ class SystemStatus { + const PROP_UPGRADABLE_COUNT = 'systemstatus.upgradable-count'; + /** * Collect status about the disk and vmstore. * The *Usage vars are filled with arrays with keys mountPoint, fileSystem, @@ -108,4 +110,51 @@ class SystemStatus return array_unique($lines); } + /** + * Get a task struct querying upgradable packages. This adds + * a hook to the task to cache the number of upgradable packages + * that are security upgrades, so it is preferred to call this + * wrapper instead of running the task directly. + */ + public static function getUpgradableTask() + { + $task = Taskmanager::submit('AptGetUpgradable'); + if (Taskmanager::isTask($task)) { + TaskmanagerCallback::addCallback($task, 'ssUpgradable'); + } + return $task; + } + + /** + * Called from Taskmanager callback after invoking getUpgradableTask(). + */ + public static function setUpgradableData(array $task) + { + if (Taskmanager::isFailed($task) || !Taskmanager::isFinished($task) || !isset($task['data']['packages'])) + return; + $count = 0; + foreach ($task['data']['packages'] as $package) { + if (substr($package['source'], -9) === '-security') { + $count++; + } + } + error_log("Upgradable security count: $count, total count: " . count($task['data']['packages'])); + Property::set(self::PROP_UPGRADABLE_COUNT, $count . '|' . count($task['data']['packages']), 61); + } + + /** + * Get number of packages that can be upgraded and are security updates. + * This is a cached value and should be updated at least once an hour. + */ + public static function getUpgradableSecurityCount(): int + { + $str = Property::get(self::PROP_UPGRADABLE_COUNT); + if ($str === false) + return 0; + $p = explode('|', $str); + if (empty($p) || !is_numeric($p[0])) + return 0; + return (int)$p[0]; + } + }
\ No newline at end of file diff --git a/modules-available/systemstatus/lang/de/messages.json b/modules-available/systemstatus/lang/de/messages.json index e9a8e736..551e937a 100644 --- a/modules-available/systemstatus/lang/de/messages.json +++ b/modules-available/systemstatus/lang/de/messages.json @@ -1,5 +1,6 @@ { "apt-db-out-of-date": "Die Systemupdate-Datenbank ist veraltet ({{0}}). Erw\u00e4gen Sie, nach neuen Updates zu suchen, und diese zu installieren.", + "security-updates-available": "Ausstehende Sicherheitsupdates: {{0}}", "storage-low-system": "Dem Betriebssystem geht der freie Speicher aus. Nur noch {{0}} frei. Versuchen Sie, alte \"Netboot Grundsystem\"-Versionen zu l\u00f6schen.", "storage-low-vmstore": "Auf dem VMstore sind nur noch {{0}} frei", "update-reboot-required": "Das Update der folgenden Pakete erfordert einen Reboot des Servers: {{0}}" diff --git a/modules-available/systemstatus/lang/en/messages.json b/modules-available/systemstatus/lang/en/messages.json index d708838a..2afc3431 100644 --- a/modules-available/systemstatus/lang/en/messages.json +++ b/modules-available/systemstatus/lang/en/messages.json @@ -1,5 +1,6 @@ { "apt-db-out-of-date": "The system update database is out of date ({{0}}). Consider checking for new updates and installing them.", + "security-updates-available": "Pending security updates: {{0}}", "storage-low-system": "System storage running out. Only {{0}} free. You could try deleting old Net-boot OS versions.", "storage-low-vmstore": "VMstore space is running out. Only {{0}} left.", "update-reboot-required": "Updating the following system packages requires reboot: {{0}}" diff --git a/modules-available/systemstatus/page.inc.php b/modules-available/systemstatus/page.inc.php index 92cea5ab..f774c4e0 100644 --- a/modules-available/systemstatus/page.inc.php +++ b/modules-available/systemstatus/page.inc.php @@ -48,6 +48,7 @@ class Page_SystemStatus extends Page User::assertPermission('apt.fix'); $aptAction = 'FIX'; break; + default: } if ($aptAction !== null) { if (!Taskmanager::isRunning(Taskmanager::status(self::TM_UPDATE_UUID))) { @@ -94,7 +95,8 @@ class Page_SystemStatus extends Page 'type' => $tab, 'name' => Dictionary::translate('tab_' . $tab), 'enabled' => User::hasPermission('tab.' . $tab), - 'important' => $tab === 'ListUpgradable' && SystemStatus::getAptLastDbUpdateTime() + 864000 < time(), + 'important' => $tab === 'ListUpgradable' + && (SystemStatus::getAptLastDbUpdateTime() + 864000 < time() || SystemStatus::getUpgradableSecurityCount() > 0), ); } Permission::addGlobalTags($data['perms'], null, ['serverreboot']); @@ -135,7 +137,7 @@ class Page_SystemStatus extends Page return; } - $task = Taskmanager::submit('AptGetUpgradable'); + $task = SystemStatus::getUpgradableTask(); // Estimate last time package list was updated $lastPackageInstalled = SystemStatus::getDpkgLastPackageChanges(); @@ -159,6 +161,15 @@ class Page_SystemStatus extends Page $task['data']['error'] = 'ECONNREFUSED'; } + foreach ($task['data']['packages'] as &$pkg) { + if (substr($pkg['source'], -9) === '-security') { + $pkg['row_class'] = 'bg-danger'; + } else { + $pkg['row_class'] = ''; + } + } + unset($pkg); + echo Render::parse('sys-update-main', [ 'task' => $task['data'], 'lastDownload' => Util::prettyTime($lastListDownloadAttempt), diff --git a/modules-available/systemstatus/templates/sys-update-main.html b/modules-available/systemstatus/templates/sys-update-main.html index 4bc3b00d..ca502ddb 100644 --- a/modules-available/systemstatus/templates/sys-update-main.html +++ b/modules-available/systemstatus/templates/sys-update-main.html @@ -76,7 +76,7 @@ </tr> </thead> {{#task.packages}} - <tr> + <tr class="{{row_class}}"> <td><strong>{{name}}</strong><span class="text-muted">/{{source}}</span></td> <td class="slx-smallcol">{{oldVersion}}</td> <td class="slx-smallcol">→</td> |