From Fedora Project Wiki
mNo edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Script version of http://fedorasolved.org/Members/fenris02/post_upgrade_cleanup
='''NO WARRANTY IMPLIED BY RUNNING THIS SCRIPT.  IT IS OUTDATED.'''=
 
== Script version of http://fedorasolved.org/Members/fenris02/post_upgrade_cleanup ==
 
=== You likely want to read the wiki page (above) and use the output from http://fedorapeople.org/cgit/fenris02/public_git/cleanup.git/plain/rpm-verify.sh rather than running this.===
 
 
 
----


<code>
<code>
  #!/bin/bash
  #!/bin/bash
# Script version of http://fedorasolved.org/Members/fenris02/post_upgrade_cleanup
   
   
  # Do not set TMPDIR to any tmpfs mount, these files should remain after boot.
  # Do not set TMPDIR to any tmpfs mount, these files should remain after boot.
  TMPDIR=/root/tmp
  TMPDIR=/root/tmp
  DEBUG=""
  DEBUG=''
VERBOSE='1'
LOG_ALL='1'
LANG=C
DS=$(date +%Y%m%d)
   
   
  if [ "$(whoami)" != "root" ]; then
  if [ "$(whoami)" != "root" ]; then
  echo "Must be run as root"
  echo "Must be run as root."
  exit 1
  exit 1
fi
ping -c3 -q 8.8.8.8 > /dev/null
if [ $? -eq 1 ]; then
  echo "Please ensure you have network connectivity."
  exit 2
  fi
  fi
   
   
  if [ $(runlevel |awk '{print$NF}') != "3" ]; then
  if [ $(runlevel |awk '{print$NF}') != "3" ]; then
  echo "Must be run from runlevel 3"
  echo "Must be run from runlevel 3."
  exit 1
  exit 3
  fi
  fi
 
  cat -<<EOT
  cat -<<EOT
  Press ^C now if you do not have a good backup of your system.
  Press ^C now if you do not have a good backup of your system.
   
   
  If you press enter, this script will try to auto-clean your system.
Please make sure you are not running on battery power.  This cleanup may take
  Once complete, you will need to reboot.
30mins of heavy I/O and this may cause problems if you lose power.
  If you press enter, this script will try to auto-clean your system. Once
  complete, you will need to reboot.
   
   
  EOT
  EOT
  read
  read
#
[ -n "$DEBUG" ] && VERBOSE='1'
[ -n "$VERBOSE" ] && set -x
   
   
  #
  #
  [ -d "${TMPDIR}" ] || mkdir -p "${TMPDIR}"
  [ -d "${TMPDIR}" ] || mkdir -p "${TMPDIR}"
   
   
  DS=$(date +%Y%d%m)
  # needs to be above logging start
YSHELL=${TMPDIR}/YUM-SHELL_${DS}.txt
[ -n "$VERBOSE" ] && echo 'Set selinux to permissive mode'
[ -n "$DEBUG" ] && read
setenforce 0
# Log all output to a file if LOG_ALL is set
if [ -n "$LOG_ALL" ]; then
  PIPEFILE=$(mktemp -u ${TMPDIR}/${0##*/}-XXXXX.pipe)
  mkfifo --context user_tmp_t $PIPEFILE
  LOGFILE=$(mktemp ${TMPDIR}/${0##*/}-XXXXX.log)
  tee -a $LOGFILE < $PIPEFILE &
  TEEPID=$!
   
   
  setenforce 0
  [[ -t 1 ]] && echo "Writing to logfile '$LOGFILE'."
  exec > $PIPEFILE 2>&1
  #exec < /dev/null 2<&1
  fi
   
   
  #
  #
  echo "Cleaning up yumdb"
  [ -n "$VERBOSE" ] && echo 'Cleaning up yumdb'
[ -n "$DEBUG" ] && read
  rm /var/lib/rpm/__db.00?
  rm /var/lib/rpm/__db.00?
rpm --rebuilddb
yum update -y /etc/*-release dracut rpm yum
  yum clean all
  yum clean all
  yum-complete-transaction
  yum-complete-transaction
   
   
  #
  #
  echo "Removing old packages from cache directories"
  [ -n "$VERBOSE" ] && echo 'Removing old packages from cache directories'
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
  DIST=$(rpm --eval '%{dist}')
  DIST=$(rpm --eval '%{dist}')
  for D in /var/cache/yum /var/lib/yum/plugins/local; do
  for D in /var/cache/yum /var/lib/yum/plugins/local; do
  [ -d $D ] \
  [ -d $D ] \
    && find $D -type f -name \*.rpm \
    && find $D -type f -name \*.rpm \
      |grep -v $DIST \
      |grep -v $DIST \
      |xargs rm -f
      |xargs rm -f
  done
  done
   
   
  #
  #
  echo "Repairing permissions"
  [ -n "$VERBOSE" ] && echo 'Repairing permissions'
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
  rpm -a --setugids; rpm -a --setperms
  [ -n "$VERBOSE" ] && echo 'This may take a few minutes, resetting user/group ownership'
time rpm -a --setugids > /dev/null 2>&1
[ -n "$VERBOSE" ] && echo 'This may take a few minutes, resetting permissions'
time rpm -a --setperms > /dev/null 2>&1
[ -x /usr/bin/package-cleanup ] || yum install -y yum-utils
   
   
  yum install yum-utils
  YSHELL=${TMPDIR}/YUM-SHELL_${DS}.txt
YSHELL2=${TMPDIR}/YUM-SHELL2_${DS}.txt
# Reinstall desktops and sync
YSHELL3=${TMPDIR}/YUM-SHELL3_${DS}.txt
   
   
  # Locate installed leaves packages that were installed as a dep of some other package
  # Locate installed leaves packages that were installed as a dep of some other package
  repoquery --installed --qf "%{nvra} - %{yumdb_info.reason}" \
  repoquery --installed --qf "%{nvra} - %{yumdb_info.reason}" \
  `package-cleanup --leaves -q --all` \
  `package-cleanup --leaves -q --all` \
  |grep '\- dep' \
  |grep '\- dep' \
  |while read n a a; do \
  |while read n a a; do \
    echo remove $n
    echo remove $n
  done > $YSHELL
  done > $YSHELL
   
   
  # Locate installed desktops
  # reinstall duplicate packages, might clean them without breaking
  yum grouplist -v \
  package-cleanup -q --dupes > ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt
  |sed '1,/^Installed/d;/^Available/,$d;s/[^()]*//;s/(//;s/)//;s/^/install @/' \
[ -s ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt ] && \
  |grep desktop >> $YSHELL
  cat ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt | \
    while read PKGNAME; do
      rpm -q --qf 'reinstall %{name}.%{arch}\n' $PKGNAME >> $YSHELL
    done
   
   
  # Add default package sets
  # Add default package sets
Line 76: Line 132:
  reinstall policycoreutils*
  reinstall policycoreutils*
  reinstall selinux*
  reinstall selinux*
install fpaste
install redhat-lsb
install rpmconf
install yum-plugin-local
EOT
# Break out non-essential groups so that yum succeeds even on rawhide
cat ->> $YSHELL2 <<EOT
  install @admin-tools
  install @admin-tools
  install @base
  install @base
Line 85: Line 149:
  install @input-methods
  install @input-methods
  install @printing
  install @printing
install fpaste
  install memtest86+
  install memtest86+
install redhat-lsb
install rpmconf
distribution-synchronization
  EOT
  EOT
   
   
  echo run >> $YSHELL
  # Locate installed desktops -- Hack around broken depsolver
yum grouplist -v \
  |sed '1,/^Installed/d;/^Available/,$d;s/[^()]*//;s/(//;s/)//;' \
  |grep desktop \
  |while read GROUP; do
    echo "remove @${GROUP}" >> $YSHELL3
    echo "install @${GROUP}" >> $YSHELL3
  done
# Add default package sets
echo 'run' >> $YSHELL
# Break out non-essential groups so that yum succeeds even on rawhide
echo 'run' >> $YSHELL2
# Locate installed desktops -- Hack around broken depsolver
echo 'run' >> $YSHELL3
   
   
  #
  #
  echo "Removing dependency leaves and installing default package sets"
  echo 'Generate package list before package-updates'
[ -x /usr/bin/show-installed ] || yum install -y yum-utils
show-installed -f kickstart -e -o ${TMPDIR}/SHOW-INSTALLED1_${DS}.txt
[ -n "$VERBOSE" ] && echo 'Importing Keys for Fedora versions: https://fedoraproject.org/keys'
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
curl -s https://fedoraproject.org/keys |\
  grep fedoraproject.org/static |\
  cut -f2 -d\" |\
  while read URL; do
    rpm --import $URL
  done
#
[ -n "$VERBOSE" ] && echo 'Removing dependency leaves and installing default package sets'
[ -n "$DEBUG" ] && read
[ -x /usr/sbin/semanage ] || yum install policycoreutils-python
  semanage -o ${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt
  semanage -o ${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt
  mv /etc/selinux/targeted ${TMPDIR}/targeted.${DS}
  mv /etc/selinux/targeted ${TMPDIR}/targeted.${DS}
  yum shell $YSHELL
  mkdir -p /etc/selinux/targeted
time yum shell $YSHELL2 -y --disableplugin=presto --skip-broken
time yum shell $YSHELL3 -y --disableplugin=presto --skip-broken
time yum distribution-synchronization -y --disableplugin=presto --skip-broken
time yum shell $YSHELL -y --disableplugin=presto --skip-broken
[ -f /etc/PackageKit/CommandNotFound.conf ] \
  && sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf
# Something went around above if this directory does not exist
[ -n "$VERBOSE" ] && echo 'Resetting local selinux policy'
[ -n "$DEBUG" ] && read
[ -d /etc/selinux/targeted/policy ] || yum reinstall -y selinux-policy-targeted
  semanage -i ${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt
  semanage -i ${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt
   
   
  # Remove duplicate packages if any found
  #
  package-cleanup --dupes > ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt
[ -n "$VERBOSE" ] && echo 'Remove duplicate packages if any found.'
  [ -n "$DEBUG" ] && read
  package-cleanup --cleandupes
  package-cleanup --cleandupes
   
   
  #
  #
  echo "Moving ~/.config/ directories to ~/.config.${DS}"
  echo 'Generate package list after package-updates'
[ -x /usr/bin/show-installed ] || yum install yum-utils
show-installed -f kickstart -e -o ${TMPDIR}/SHOW-INSTALLED2_${DS}.txt
#
[ -n "$VERBOSE" ] && echo "Moving ~/.config/ directories to ~/.config.${DS}"
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
  getent passwd \
  getent passwd \
  |while IFS=: read userName passWord userID groupID geCos homeDir userShell; do
  |while IFS=: read userName passWord userID groupID geCos homeDir userShell; do
    [ -d "${homeDir}/.config" ] \
    [ -d "${homeDir}/.config" ] \
      && echo mv "${homeDir}/.config" "${homeDir}/.config.${DS}"
      && mv "${homeDir}/.config" "${homeDir}/.config.${DS}"
  done
  done
   
   
  #
  #
  echo "Correct labels"
  [ -n "$VERBOSE" ] && echo 'Correct labels.'
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
  fixfiles -R -a restore
  [ -x /sbin/fixfiles ] || yum install -y policycoreutils
time fixfiles -R -a restore
   
   
  # Merge *.rpmnew files semi-automatically
  #
[ -n "$VERBOSE" ] && echo 'Merge *.rpmnew files semi-automatically.'
[ -n "$DEBUG" ] && read
[ -x /usr/sbin/rpmconf ] || yum install -y rpmconf
  rpmconf -a
  rpmconf -a
   
   
  #
  #
  echo "Build problem report"
  [ -n "$VERBOSE" ] && echo 'Build problem report.'
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
  [ -f /etc/sysconfig/prelink ] \
  [ -f /etc/sysconfig/prelink ] \
  && . /etc/sysconfig/prelink \
  && . /etc/sysconfig/prelink \
  && /usr/sbin/prelink -av $PRELINK_OPTS >> /var/log/prelink/prelink.log 2>&1
  && /usr/sbin/prelink -av $PRELINK_OPTS >> /var/log/prelink/prelink.log 2>&1
   
   
  #
  #
[ -n "$VERBOSE" ] && echo 'configure dynamic linker run-time bindings'
  /sbin/ldconfig
  /sbin/ldconfig
   
   
  # Generate reports
  #
  rpm -Va > ${TMPDIR}/rpm-Va.txt 2>&1
  [ -n "$VERBOSE" ] && echo 'Verify all installed packages'
  egrep -v '^.{9}  c /' ${TMPDIR}/rpm-Va.txt > ${TMPDIR}/URGENT-REVIEW_${DS}.txt
  [ -n "$DEBUG" ] && read
  egrep '^.{9}  c /' ${TMPDIR}/rpm-Va.txt > ${TMPDIR}/REVIEW-CONFIGS_${DS}.txt
  time rpm -Va > ${TMPDIR}/RPM-VA_${DS}.txt 2>&1
find /etc /var -name '*.rpm?*' > ${TMPDIR}/REVIEW-OBSOLETE-CONFIGS_${DS}.txt
   
   
  # Need a better way to fix caps
  # Need a better way to fix caps
  echo "Reset file capabilities"
  [ -n "$VERBOSE" ] && echo 'Reset file capabilities'
  [ -n "$DEBUG" ] && read
  [ -n "$DEBUG" ] && read
  egrep '^.{8}P ' ${TMPDIR}/rpm-Va.txt \
  egrep '^.{8}P ' ${TMPDIR}/RPM-VA_${DS}.txt \
  |awk '{print$NF}' \
  |awk '{print$NF}' \
  |xargs rpm --filecaps -qf \
  |xargs rpm --filecaps -qf \
  |grep '= cap' \
  |grep '= cap' \
  |while read fileName eq fileCaps; do
  |while read fileName eq fileCaps; do
    rpm --qf '%{name}.%{arch}\n' -qf "${fileName}" >> ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt
    rpm --qf '%{name}.%{arch}\n' -qf "${fileName}" >> ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt
    setcap "${fileCaps}" "${fileName}"
    setcap "${fileCaps}" "${fileName}"
  done
  done
  sort -u -o ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt
  sort -u -o ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt
  #yum reinstall $(cat ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt)
  #yum reinstall -y $(cat ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt)
    
#
[ -n "$VERBOSE" ] && echo 'Generate reports'
[ -n "$DEBUG" ] && read
time rpm -Va > ${TMPDIR}/RPM-VA2_${DS}.txt 2>&1
egrep -v '^.{9}  (c /|  /lib/modules/.*/modules\.)' ${TMPDIR}/RPM-VA2_${DS}.txt > ${TMPDIR}/URGENT-REVIEW_${DS}.txt
egrep '^.{9}  c /' ${TMPDIR}/RPM-VA2_${DS}.txt > ${TMPDIR}/REVIEW-CONFIGS_${DS}.txt
find /etc -name '*.rpm?*' > ${TMPDIR}/REVIEW-OBSOLETE-CONFIGS_${DS}.txt
# Stop logging.  No changes below this point.
if [ -n "$LOG_ALL" ]; then
  echo "Kill off logger"
  #exec 1>&- 2>&-
  #kill $TEEPID
  rm $PIPEFILE
   #wait $TEEPID
fi
  # Reboot script that works even when init has changed
  # Reboot script that works even when init has changed
  cat -> ${TMPDIR}/raising-elephants.sh <<EOT
  cat -> ${TMPDIR}/raising-elephants.sh <<EOT
Line 165: Line 294:
  # "Raising Elephants Is So Utterly Boring"
  # "Raising Elephants Is So Utterly Boring"
  for ST in r e i s s s u b; do
  for ST in r e i s s s u b; do
  echo \$ST > /proc/sysrq-trigger
  echo \$ST > /proc/sysrq-trigger
  done
  done
   
   
Line 176: Line 305:
   
   
  #EOF
  #EOF
</code>
</code>

Latest revision as of 21:58, 11 October 2013

NO WARRANTY IMPLIED BY RUNNING THIS SCRIPT. IT IS OUTDATED.

Script version of http://fedorasolved.org/Members/fenris02/post_upgrade_cleanup

You likely want to read the wiki page (above) and use the output from http://fedorapeople.org/cgit/fenris02/public_git/cleanup.git/plain/rpm-verify.sh rather than running this.

#!/bin/bash

# Script version of http://fedorasolved.org/Members/fenris02/post_upgrade_cleanup

# Do not set TMPDIR to any tmpfs mount, these files should remain after boot.
TMPDIR=/root/tmp
DEBUG=
VERBOSE='1'
LOG_ALL='1'

LANG=C
DS=$(date +%Y%m%d)

if [ "$(whoami)" != "root" ]; then
 echo "Must be run as root."
 exit 1
fi

ping -c3 -q 8.8.8.8 > /dev/null
if [ $? -eq 1 ]; then
 echo "Please ensure you have network connectivity."
 exit 2
fi

if [ $(runlevel |awk '{print$NF}') != "3" ]; then
 echo "Must be run from runlevel 3."
 exit 3
fi

cat -<<EOT
Press ^C now if you do not have a good backup of your system.

Please make sure you are not running on battery power.  This cleanup may take
30mins of heavy I/O and this may cause problems if you lose power.

If you press enter, this script will try to auto-clean your system.  Once
complete, you will need to reboot.

EOT
read

#
[ -n "$DEBUG" ] && VERBOSE='1'
[ -n "$VERBOSE" ] && set -x


#
[ -d "${TMPDIR}" ] || mkdir -p "${TMPDIR}"

# needs to be above logging start
[ -n "$VERBOSE" ] && echo 'Set selinux to permissive mode'
[ -n "$DEBUG" ] && read
setenforce 0

# Log all output to a file if LOG_ALL is set
if [ -n "$LOG_ALL" ]; then
 PIPEFILE=$(mktemp -u ${TMPDIR}/${0##*/}-XXXXX.pipe)
 mkfifo --context user_tmp_t $PIPEFILE
 LOGFILE=$(mktemp ${TMPDIR}/${0##*/}-XXXXX.log)
 tee -a $LOGFILE < $PIPEFILE &
 TEEPID=$!

 -t 1  && echo "Writing to logfile '$LOGFILE'."
 exec > $PIPEFILE 2>&1
 #exec < /dev/null 2<&1
fi

#
[ -n "$VERBOSE" ] && echo 'Cleaning up yumdb'
[ -n "$DEBUG" ] && read
rm /var/lib/rpm/__db.00?
rpm --rebuilddb
yum update -y /etc/*-release dracut rpm yum
yum clean all
yum-complete-transaction

#
[ -n "$VERBOSE" ] && echo 'Removing old packages from cache directories'
[ -n "$DEBUG" ] && read
DIST=$(rpm --eval '%{dist}')
for D in /var/cache/yum /var/lib/yum/plugins/local; do
 [ -d $D ] \
   && find $D -type f -name \*.rpm \
     |grep -v $DIST \
     |xargs rm -f
done

#
[ -n "$VERBOSE" ] && echo 'Repairing permissions'
[ -n "$DEBUG" ] && read
[ -n "$VERBOSE" ] && echo 'This may take a few minutes, resetting user/group ownership'
time rpm -a --setugids > /dev/null 2>&1
[ -n "$VERBOSE" ] && echo 'This may take a few minutes, resetting permissions'
time rpm -a --setperms > /dev/null 2>&1

[ -x /usr/bin/package-cleanup ] || yum install -y yum-utils

YSHELL=${TMPDIR}/YUM-SHELL_${DS}.txt
YSHELL2=${TMPDIR}/YUM-SHELL2_${DS}.txt
# Reinstall desktops and sync
YSHELL3=${TMPDIR}/YUM-SHELL3_${DS}.txt

# Locate installed leaves packages that were installed as a dep of some other package
repoquery --installed --qf "%{nvra} - %{yumdb_info.reason}" \
 package-cleanup --leaves -q --all \
 |grep '\- dep' \
 |while read n a a; do \
   echo remove $n
 done > $YSHELL

# reinstall duplicate packages, might clean them without breaking
package-cleanup -q --dupes > ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt
[ -s ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt ] && \
 cat ${TMPDIR}/DUPLICATE-PACKAGES_${DS}.txt | \
   while read PKGNAME; do
     rpm -q --qf 'reinstall %{name}.%{arch}\n' $PKGNAME >> $YSHELL
   done

# Add default package sets
cat ->> $YSHELL <<EOT
reinstall policycoreutils*
reinstall selinux*
install fpaste
install redhat-lsb
install rpmconf
install yum-plugin-local
EOT

# Break out non-essential groups so that yum succeeds even on rawhide
cat ->> $YSHELL2 <<EOT
install @admin-tools
install @base
install @base-x
install @core
install @dial-up
install @fonts
install @hardware-support
install @input-methods
install @printing
install memtest86+
EOT

# Locate installed desktops -- Hack around broken depsolver
yum grouplist -v \
 |sed '1,/^Installed/d;/^Available/,$d;s/[^()]*//;s/(//;s/)//;' \
 |grep desktop \
 |while read GROUP; do
   echo "remove @${GROUP}" >> $YSHELL3
   echo "install @${GROUP}" >> $YSHELL3
 done

# Add default package sets
echo 'run' >> $YSHELL
# Break out non-essential groups so that yum succeeds even on rawhide
echo 'run' >> $YSHELL2
# Locate installed desktops -- Hack around broken depsolver
echo 'run' >> $YSHELL3

#
echo 'Generate package list before package-updates'
[ -x /usr/bin/show-installed ] || yum install -y yum-utils
show-installed -f kickstart -e -o ${TMPDIR}/SHOW-INSTALLED1_${DS}.txt

[ -n "$VERBOSE" ] && echo 'Importing Keys for Fedora versions: https://fedoraproject.org/keys'
[ -n "$DEBUG" ] && read
curl -s https://fedoraproject.org/keys |\
 grep fedoraproject.org/static |\
 cut -f2 -d\" |\
 while read URL; do
   rpm --import $URL
 done

#
[ -n "$VERBOSE" ] && echo 'Removing dependency leaves and installing default package sets'
[ -n "$DEBUG" ] && read
[ -x /usr/sbin/semanage ] || yum install policycoreutils-python
semanage -o ${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt
mv /etc/selinux/targeted ${TMPDIR}/targeted.${DS}
mkdir -p /etc/selinux/targeted
time yum shell $YSHELL2 -y --disableplugin=presto --skip-broken
time yum shell $YSHELL3 -y --disableplugin=presto --skip-broken
time yum distribution-synchronization -y --disableplugin=presto --skip-broken
time yum shell $YSHELL -y --disableplugin=presto --skip-broken


[ -f /etc/PackageKit/CommandNotFound.conf ] \
 && sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf

# Something went around above if this directory does not exist
[ -n "$VERBOSE" ] && echo 'Resetting local selinux policy'
[ -n "$DEBUG" ] && read
[ -d /etc/selinux/targeted/policy ] || yum reinstall -y selinux-policy-targeted
semanage -i ${TMPDIR}/SELINUX-CUSTOM-CONFIG_${DS}.txt

#
[ -n "$VERBOSE" ] && echo 'Remove duplicate packages if any found.'
[ -n "$DEBUG" ] && read
package-cleanup --cleandupes

#
echo 'Generate package list after package-updates'
[ -x /usr/bin/show-installed ] || yum install yum-utils
show-installed -f kickstart -e -o ${TMPDIR}/SHOW-INSTALLED2_${DS}.txt

#
[ -n "$VERBOSE" ] && echo "Moving ~/.config/ directories to ~/.config.${DS}"
[ -n "$DEBUG" ] && read
getent passwd \
 |while IFS=: read userName passWord userID groupID geCos homeDir userShell; do
   [ -d "${homeDir}/.config" ] \
     && mv "${homeDir}/.config" "${homeDir}/.config.${DS}"
 done

#
[ -n "$VERBOSE" ] && echo 'Correct labels.'
[ -n "$DEBUG" ] && read
[ -x /sbin/fixfiles ] || yum install -y policycoreutils
time fixfiles -R -a restore

#
[ -n "$VERBOSE" ] && echo 'Merge *.rpmnew files semi-automatically.'
[ -n "$DEBUG" ] && read
[ -x /usr/sbin/rpmconf ] || yum install -y rpmconf
rpmconf -a

#
[ -n "$VERBOSE" ] && echo 'Build problem report.'
[ -n "$DEBUG" ] && read
[ -f /etc/sysconfig/prelink ] \
 && . /etc/sysconfig/prelink \
 && /usr/sbin/prelink -av $PRELINK_OPTS >> /var/log/prelink/prelink.log 2>&1

#
[ -n "$VERBOSE" ] && echo 'configure dynamic linker run-time bindings'
/sbin/ldconfig

#
[ -n "$VERBOSE" ] && echo 'Verify all installed packages'
[ -n "$DEBUG" ] && read
time rpm -Va > ${TMPDIR}/RPM-VA_${DS}.txt 2>&1

# Need a better way to fix caps
[ -n "$VERBOSE" ] && echo 'Reset file capabilities'
[ -n "$DEBUG" ] && read
egrep '^.{8}P ' ${TMPDIR}/RPM-VA_${DS}.txt \
 |awk '{print$NF}' \
 |xargs rpm --filecaps -qf \
 |grep '= cap' \
 |while read fileName eq fileCaps; do
   rpm --qf '%{name}.%{arch}\n' -qf "${fileName}" >> ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt
   setcap "${fileCaps}" "${fileName}"
 done
sort -u -o ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt
#yum reinstall -y $(cat ${TMPDIR}/FCAPS-REINSTALL_${DS}.txt)

#
[ -n "$VERBOSE" ] && echo 'Generate reports'
[ -n "$DEBUG" ] && read
time rpm -Va > ${TMPDIR}/RPM-VA2_${DS}.txt 2>&1
egrep -v '^.{9}  (c /|  /lib/modules/.*/modules\.)' ${TMPDIR}/RPM-VA2_${DS}.txt > ${TMPDIR}/URGENT-REVIEW_${DS}.txt
egrep '^.{9}  c /' ${TMPDIR}/RPM-VA2_${DS}.txt > ${TMPDIR}/REVIEW-CONFIGS_${DS}.txt
find /etc -name '*.rpm?*' > ${TMPDIR}/REVIEW-OBSOLETE-CONFIGS_${DS}.txt

# Stop logging.  No changes below this point.
if [ -n "$LOG_ALL" ]; then
 echo "Kill off logger"
 #exec 1>&- 2>&-
 #kill $TEEPID
 rm $PIPEFILE
 #wait $TEEPID
fi

# Reboot script that works even when init has changed
cat -> ${TMPDIR}/raising-elephants.sh <<EOT
#/bin/bash

# Try this first:
shutdown -r now

sysctl -w kernel.sysrq=1 || echo 1 > /proc/sys/kernel/sysrq

#https://secure.wikimedia.org/wikipedia/en/wiki/Magic_SysRq_key#.22Raising_Elephants.22_mnemonic_device
# "Raising Elephants Is So Utterly Boring"
for ST in r e i s s s u b; do
 echo \$ST > /proc/sysrq-trigger
done

#EOF
EOT
chmod 0700 ${TMPDIR}/raising-elephants.sh

# Done
echo "Verify packages are installed the way you want and then type ${TMPDIR}/raising-elephants.sh"

#EOF

Retrieved from "https://fedoraproject.org/w/index.php?title=User:Fenris02/Cleanup&oldid=356700"