From a71ef698ac1a45530d2dfa8f1b1571769e96c61c Mon Sep 17 00:00:00 2001 From: David Runge Date: Sat, 25 Feb 2017 00:15:13 +0100 Subject: scripts/update-motd,system/update-motd.service: Adding script to be called by update-motd.service instead of using so many sh invocations in the service file. --- scripts/update-motd | 51 ++++++++++++++++++++++++++++++++++++++++++++++ system/update-motd.service | 15 ++------------ 2 files changed, 53 insertions(+), 13 deletions(-) create mode 100755 scripts/update-motd diff --git a/scripts/update-motd b/scripts/update-motd new file mode 100755 index 0000000..8fe4c81 --- /dev/null +++ b/scripts/update-motd @@ -0,0 +1,51 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# get the hostname +if [ -s /etc/motd.name ]; then + cat /etc/motd.name > /tmp/motd +elif [ -x /usr/bin/banner ]; then + cat /etc/hostname | banner -w 80 > /tmp/motd +else + cat /etc/hostname > /tmp/motd +fi +echo >> /tmp/motd + +# get additional info +if [ -s /etc/motd.info ]; then + cat /etc/motd.info >> /tmp/motd + echo >> /tmp/motd +fi + +# get currently running kernel version +uname -a >> /tmp/motd +echo >> /tmp/motd + +# update package cache +pacman -Sy 2>&1 > /dev/null +pacman -Qu > /tmp/updates +# show updatable packages +if [ -s /tmp/updates ]; then + echo "Package updates available:" >> /tmp/motd + cat /tmp/updates >> /tmp/motd + echo >> /tmp/motd +fi + +if [ -x /usr/bin/arch-audit ]; then + arch-audit -uf "%n|%c" >> /tmp/cves + if [ -s /tmp/cves ]; then + echo "Security updates needed:" >> /tmp/motd + cat /tmp/cves >> /tmp/motd + fi +else + echo "Install arch-audit for information on CVEs." >> /tmp/motd +fi + +# move all to /etc/motd +if [ -x /usr/bin/lolcat ]; then + lolcat /tmp/motd > /etc/motd +else + cat /tmp/motd > /etc/motd +fi + diff --git a/system/update-motd.service b/system/update-motd.service index a821688..740ea7b 100644 --- a/system/update-motd.service +++ b/system/update-motd.service @@ -1,23 +1,12 @@ [Unit] Description=Update MOTD +After=multi-user.target network.target [Service] -Type=oneshot -ExecStart=/usr/bin/sh -c 'if [ -s /etc/motd.name ] ; then cat /etc/motd.name > /tmp/motd ; else cat /etc/hostname | banner -w 80 > /tmp/motd && echo >> /tmp/motd ; fi' -ExecStart=/usr/bin/sh -c 'uname -a >> /tmp/motd' -ExecStart=/usr/bin/sh -c 'echo >> /tmp/motd' -ExecStart=-/usr/bin/sh -c 'pacman -Sy 2>&1 > /dev/null' -ExecStart=/usr/bin/sh -c 'echo "Package updates available:" >> /tmp/motd' -ExecStart=-/usr/bin/sh -c 'pacman -Qu >> /tmp/motd' -ExecStart=/usr/bin/sh -c 'echo >> /tmp/motd' -ExecStart=/usr/bin/sh -c 'echo "Security updates needed:" >> /tmp/motd' -ExecStart=/usr/bin/sh -c 'if [ -x /usr/bin/arch-audit ]; then arch-audit -uf "%n|%c" >> /tmp/motd ; else echo "Install arch-audit from AUR." >> /tmp/motd ; fi' -ExecStart=/usr/bin/sh -c 'if [ -x /usr/bin/lolcat ] ; then lolcat /tmp/motd > /etc/motd ; else mv /tmp/motd /etc/motd ; fi' +ExecStart=/usr/bin/update-motd PrivateDevices=yes PrivateTmp=yes ProtectSystem=full ReadWriteDirectories=/etc/motd ProtectHome=yes NoNewPrivileges=yes - - -- cgit v1.2.3-70-g09d2