fix: correct package cleanup commands in netupgrade
Use apt-get autoremove --purge instead of a separate empty purge step, and pass the CLI yes flag through to apk upgrade so the logged commands match actual behavior.
This commit is contained in:
+4
-7
@@ -219,8 +219,8 @@ runCmd() { # $1=host $2=name $3=cmd
|
||||
ERROR=1
|
||||
fi
|
||||
echo "" | tee -a "${LOGFILENAME}"
|
||||
echo "apt-get ${YESARG} autoremove" | tee -a "${LOGFILENAME}"
|
||||
runSSH "${HOST}" apt-get ${YESARG} autoremove | tee -a "${LOGFILENAME}"
|
||||
echo "apt-get ${YESARG} autoremove --purge" | tee -a "${LOGFILENAME}"
|
||||
runSSH "${HOST}" apt-get ${YESARG} autoremove --purge | tee -a "${LOGFILENAME}"
|
||||
echo "" | tee -a "${LOGFILENAME}"
|
||||
echo "apt-get ${YESARG} autoclean" | tee -a "${LOGFILENAME}"
|
||||
runSSH "${HOST}" apt-get ${YESARG} autoclean | tee -a "${LOGFILENAME}"
|
||||
@@ -228,9 +228,6 @@ runCmd() { # $1=host $2=name $3=cmd
|
||||
echo "apt-get ${YESARG} clean" | tee -a "${LOGFILENAME}"
|
||||
runSSH "${HOST}" apt-get ${YESARG} clean | tee -a "${LOGFILENAME}"
|
||||
echo "" | tee -a "${LOGFILENAME}"
|
||||
echo "apt-get ${YESARG} purge" | tee -a "${LOGFILENAME}"
|
||||
runSSH "${HOST}" apt-get ${YESARG} purge | tee -a "${LOGFILENAME}"
|
||||
echo "" | tee -a "${LOGFILENAME}"
|
||||
fi
|
||||
;;
|
||||
yum)
|
||||
@@ -293,8 +290,8 @@ runCmd() { # $1=host $2=name $3=cmd
|
||||
if ! runSSH "${HOST}" apk update | tee -a "${LOGFILENAME}"; then
|
||||
ERROR=1
|
||||
fi
|
||||
echo "apk upgrade" | tee -a "${LOGFILENAME}"
|
||||
if ! runSSH "${HOST}" apk upgrade | tee -a "${LOGFILENAME}"; then
|
||||
echo "apk upgrade ${YESARG}" | tee -a "${LOGFILENAME}"
|
||||
if ! runSSH "${HOST}" apk upgrade ${YESARG} | tee -a "${LOGFILENAME}"; then
|
||||
ERROR=1
|
||||
fi
|
||||
;;
|
||||
|
||||
@@ -90,7 +90,6 @@ Supported action types currently include:
|
||||
|
||||
### Short term
|
||||
- Tackle the next hardening work as small, reviewable commits instead of one broad patch
|
||||
- Review package-manager cleanup steps that look incorrect or misleading, such as `apt-get purge` without arguments and the current `apk` `-y` handling
|
||||
- Review the remaining quoting-sensitive areas, especially around remote shell command construction
|
||||
|
||||
### Medium term
|
||||
@@ -121,6 +120,8 @@ Supported action types currently include:
|
||||
- `whiptail` checklist defaults are now passed explicitly as `ON`/`OFF`, and selected items are parsed through a dedicated helper instead of relying on raw shell word splitting
|
||||
- The CLI help and README now clarify that `-f` preselects all nodes in the interactive checklist
|
||||
- Log summary generation no longer uses `sed -i` interpolation; the script now writes a temporary file with the summary header plus the existing log content and replaces the original log atomically
|
||||
- The `apk` action now applies `-y` to `apk upgrade` when the CLI `-y` flag is set, making its behavior consistent with the documented intent for supported package managers
|
||||
- The `apt` action now uses `apt-get autoremove --purge` and no longer runs `apt-get purge` without arguments, which makes the cleanup step more meaningful and avoids a misleading command in the log
|
||||
|
||||
## Change guidance
|
||||
- Preserve backward compatibility for existing config files where possible
|
||||
|
||||
Reference in New Issue
Block a user