auter man page

auter — manual page for auter 0.8

Synopsis

auter [--enable|--disable|--status] [--prep] [--apply] [--reboot] [--postreboot] [--config=<configfile>] [OPTION]

Description

Actions

--enable
Enable auter
--disable
Disable auter
--status
Show whether enabled or disabled
--prep
Pre-download updates before applying
--apply
Apply updates, and reboot if AUTOREBOOT=yes
--reboot
Reboot system
--postreboot
Run post reboot script

Options

--config=FILE
Specify the full path to an auter config file. Defaults to /etc/auter/auter.conf
-h, --help
Show this help text
-v, --version
Show the version

Enable/Disable

To provide an easy way to switch on/off all auter jobs, use auter --enable or auter --disable to set the lockfile /var/lib/auter/enabled. Auter will check for the presence of this file before running.

Rebooting

Rebooting is an essential part of applying updates, in order to ensure the updated packages are in use. An update to the kernel will always need a reboot. Some application updates, for example Apache, will restart the service. However often libraries are updated, such as openssl, which don't force a reboot of services that use them. Rebooting guarantees that every update is in use by running services. You can either enable AUTOREBOOT=yes in the config file (the default is AUTOREBOOT=no), to reboot after --apply, or you can schedule a seperate schedule for --reboot via a second cronjob. A 2 minute warning is emitted before the server is rebooted, and this can be cancelled by a superuser with shutdown -c.

Config File Options

Config options are set in /etc/auter/auter.conf, or in the file referenced by the --config option.

CONFIGSET
Default: "default"
Required: yes
Defines a name which auter will use to uniquely identify logs and postreboot hooks. This value must be unique amongst configs on a system, and is required when using a custom configuration file.

AUTOREBOOT
Valid options: "yes" or "no"
Default: "no"
If set to "yes" the server will be rebooted 2 minutes after applying updates

PACKAGEMANAGEROPTIONS
Valid options: Any valid yum or dnf options can be specified (including dashes). This is passed directly to the package manager.
Default: ""
See man pages for yum, or dnf as appropriate for more info. Example: "--disableexcludes=all"

PREDOWNLOADUPDATES
Valid options: "yes" or "no"
Default: "yes"
This will only work if --downloadonly option is available in the package manager.

ONLYINSTALLFROMPREP
Valid options: "yes" or "no"
Default: "no"
This will only work if PREDOWNLOADUPDATES is set to 'yes' in the config file. This will only install the updates that were downloaded the last time auter --prep was called. This does work with multiple configsets. The latest updates will be saved in /var/cache/auter/$CONFIGSET

MAXDELAY
Valid options: Any positive number above 0
Default: "3600"
This is the upper limit in seconds of a random time to wait before querying repositories.

PREAPPLYSCRIPTDIR
Valid options: path to directory containing scripts
Default: "/etc/auter/pre-apply.d"
Custom scripts to be run before applying updates

POSTAPPLYSCRIPTDIR
Valid options: path to directory containing scripts
Default: "/etc/auter/post-apply.d"
Custom scripts to be run after applying updates

PREREBOOTSCRIPTDIR
Valid options: path to directory containing scripts
Default: "/etc/auter/pre-reboot.d"
Custom scripts to be run before rebooting. These will only run if AUTOREBOOT="yes" or auter is run with the --reboot option

POSTREBOOTSCRIPTDIR
Valid options: path to directory containing scripts
Default: "/etc/auter/post-reboot.d"
Custom scripts to be run after rebooting. These will only run if AUTOREBOOT="yes" or auter is run with the --reboot option

Exit Codes

0 = updates successful / no updates available

3 = issue related to yum / dnf command

4 = auter disabled via lockfile

5 = script not run as root / DATADIR does not exist / config file does not exist

6 = auter is already running / PIDFILE exists

7 = neither yum nor dnf is available

8 = a pre/post hook exited with a non-zero error code

Files

/etc/auter/auter.conf
Default config file location. Use the --config option to pass an alternative config file to use within /etc/auter.

/usr/bin/auter
The main auter script, which gets called to prepare and apply updates.

/var/lib/auter/enabled
The lock file to determine if auter is enabled. If this file doesn't exist, auter is disabled.

/etc/cron.d/auter
The cron file defining the default schedule for auter. Commented out by default.

/etc/cron.d/auter-postreboot-CONFIGSET
On reboot, auter will add a call to auter --postreboot via an @reboot cron job. The CONFIGSET part of the filename is defined in the auter config file by setting a variable of the same name, and if not defined is set to "default".

/var/lib/auter/last-prep-CONFIGSET
These files contain the list of packages to be updated according to the last time --prep was run. There may be multiple logs if different config files are used. This file will not be updated/created if there are no new updates to be applied. The CONFIGSET part of the filename is defined in the auter config file by setting a variable of the same name, and if not defined is set to "default".

/var/lib/auter/last-update-CONFIGSET
This file contains the updates that were last applied by auter. The CONFIGSET part of the filename is defined in the auter config file by setting a variable of the same name, and if not defined is set to "default".

/etc/auter/pre-apply.d/ /etc/auter/post-apply.d/ /etc/auter/pre-reboot.d/ /etc/auter/post-reboot.d/
Directories containing scripts to run before/after updates are applied, and before/after the server is rebooted (if applicable). Default locations are above, but also customizable in the config file. If any scripts in the pre/post hook directories are not executable a warning will be logged with the filename but auter will continue. If any scripts in the pre-post hook directories exit with a non-zero exit code an error will be logged with the filename and exit code, and auter will abort. Post reboot, there is a delay of 5 mins before the post-reboot script is run to allow the system to become fully ready.

/var/cache/auter/
Will be created during the during install but is also checked (and created if it does not exist) during the prep stage if ONLYINSTALLFROMPREP is set to 'yes'. A configset sub-directory will be created which will hold the updates that were downloaded from the most recent --prep execution. Any existing rpm files will be deleted as part of the following --prep execution. The directories for each profile must have owner and group set to root and must NOT be writable by other.

Info

November 2016 auter 0.8 User Commands