# Authors: (c) Michael Prokop <mika@grml.org>
# Bug-Reports: see http://grml.org/bugs/
# License: This file is licensed under the GPL v2.
-# Latest change: Mon Sep 17 22:14:33 CEST 2007 [mika]
################################################################################
# misc stuff
umask 022
- [ -n "$NOCOLORS" ] || . /etc/grml_colors
. /etc/grml/lsb-functions || exit 6
[ -x /lib64 ] && GRML64=yes || GRML64=''
# detect kernel version, assume newest kernel version
KERNEL=$(ls -1 /lib/modules/ | sort -r -u | head -1)
-if [ -n "$LATEX_CLEANUP" ] ; then
- rm -rf /usr/share/doc/texlive-latex-recommended/latex/ \
- /usr/share/doc/texlive-latex-base/latex/ \
- /usr/share/doc/texlive-base-bin/pdftex/thanh/ \
- /usr/share/doc/texlive-latex-base/latex/base/ \
- /usr/share/doc/texlive-latex-base/latex/hyperref/ \
- /usr/share/doc/texlive-latex-base/generic/babel/ \
- /usr/share/doc/texlive-latex-recommended/latex/koma-script/ \
- /usr/share/doc/texmf/pgf/pgfmanual.pdf.gz
-fi
-
if [ -f /usr/share/fonts/X11/misc/artwiz-cursor.pcf.gz ] ; then
if dpkg-divert --list artwiz-cursor | grep -q /usr/share/fonts/X11/misc/cursor.pcf.gz ; then
eerror "Broken diversion of artwiz-cursor, see #341397, trying to fix it"
cp /etc/inittab.grml /etc/inittab
eend $?
-if [ -L /usr/include/linux ] ; then
- einfo "/usr/include/linux is ok" ; eend 0
-elif [ -n "$GRML64" ] ; then
- if [ -d /usr/src/linux-headers-"$KERNEL" ] ; then
- einfo "grml64 detected, assuming /usr/src/linux-headers-$KERNEL is ok." ; eend 0
- else
- eerror "/usr/src/linux-headers-$KERNEL not found, exiting." ; eend 1
- exit 10
- fi
-elif [ -d /usr/src/linux-headers-"$KERNEL" ] ; then
- eerror "/usr/include/linux is NOT a symlink to /usr/src/linux/include/linux/ - error"
- eend 1
- exit 10
-else
- ewarn "linux-headers-$KERNEL not installed." ; eend 0
+if [ "$(dpkg --list | awk '/^rc/ { print $2}')" != '' ] ; then
+ einfo "Purging removed packages"
+ dpkg --purge $(dpkg --list | awk '/^rc/ { print $2}')
+ eend $?
+fi
+
+if [ -x /usr/bin/make -a -r /usr/src/Makefile ] ; then
+ einfo "Cleaning up /usr/src/linux-headers-$KERNEL"
+ ( cd /usr/src
+ VER=$(/bin/ls -d /usr/src/linux-headers-* | head -1)
+ VER=${VER##/usr/src/linux-headers-}
+ if [ -n "$VER" ] ; then
+ VER=$VER make clean && \
+ VER=$VER make symlinks
+ else
+ make clean && \
+ make symlinks
+ fi
+ )
+ eend $?
fi
einfo "Creating ~/.zshrc"
rm -f /var/lib/apt/lists/*Packages
rm -f /var/lib/apt/lists/*Release
rm -f /var/lib/apt/lists/*Sources
+ rm -f /var/lib/apt/lists/*IndexDiff
rm -f /var/lib/apt/lists/*.gpg
rm -f /var/cache/apt-show-versions/*
rm -f /var/cache/debconf/templates.dat-old
rm -f /var/lib/dpkg/available-old
eend $?
+if ifclass GRML_SMALL ; then
+ einfo "Removing /var/cache/debconf/templates.dat"
+ rm -f /var/cache/debconf/templates.dat
+ eend $?
+
+ einfo "Removing /usr/share/ssh/blacklist.*"
+ rm -f /usr/share/ssh/blacklist.DSA-1024 /usr/share/ssh/blacklist.RSA-2048
+ eend $?
+fi
+
+# get rid of large kernel modules:
+if ifclass GRML_SMALL ; then
+ if [ -r "/lib/modules/${KERNEL}/kernel/fs/ocfs2/ocfs2.ko" ] ; then
+ einfo "Removing /lib/modules/${KERNEL}/kernel/fs/ocfs2/ocfs2.ko"
+ rm -f "/lib/modules/${KERNEL}/kernel/fs/ocfs2/ocfs2.ko"
+ eend $?
+ fi
+ if [ -r "/lib/modules/${KERNEL}/kernel/drivers/isdn/hisax/hisax.ko" ] ; then
+ einfo "Removing /lib/modules/${KERNEL}/kernel/drivers/isdn/hisax/hisax.ko"
+ rm -f "/lib/modules/${KERNEL}/kernel/drivers/isdn/hisax/hisax.ko"
+ eend $?
+ fi
+fi
+
if [ -x /usr/bin/grep-dctrl ] ; then
einfo "Cleaning up /var/lib/dpkg/status"
grep-dctrl -v -F Status "purge ok not-installed" /var/lib/dpkg/status > status.new && \
einfo "Removing x-server-conffiles"
rm -f /etc/X11/xorg.conf /etc/X11/XF86Config-4 \
- /etc/X11/XF86Config /etc/XF86Config /etc/XF86Config-4
+ /etc/X11/XF86Config /etc/XF86Config /etc/XF86Config-4
eend $?
einfo "Removing ssh-keys"
rm -f /etc/ssh/*key*
eend $?
+einfo "Removing unused/backup files"
+ find / -name *~ -print0 | xargs -0 rm -f
+eend $?
+
# remove only "temporary" or saved files in the given directories
nuke(){
for i in `find "$@" -name \*.gz -o -name \*.bz2 -o -name \*.0 2>/dev/null`; do
ewarn "depmod not installed" ; eend 0
fi
-if [ -n "$NOONLINE" ] ; then
- einfo "\$NOONLINE is set, skipping online tasks" ; eend 0
-else
-
-if [ -x /usr/bin/freshclam ] ; then
- einfo "Updating clamav database via running freshclam"
- /usr/bin/freshclam ; eend $?
-else
- ewarn "freshclam not installed" ; eend 0
-fi
-
-if [ -x /usr/bin/update-pciids ] ; then
- einfo "Updating PCI- and USB-ids"
- update-pciids
- update-usbids
- eend $?
-else
- ewarn "update-pciids/update-usbids not installed" ; eend 0
-fi
-
-if [ -x /usr/sbin/nessus-update-plugins ] ; then
- einfo "Updating nessus-plugins"
- nessus-update-plugins
- eend $?
-else
- ewarn "nessus-update-plugins not installed" ; eend 0
-fi
-
-fi # end of $NOONLINE-check
-
einfo "Cleaning and removing some misc files and directories"
rm -f /etc/sysconfig/* /etc/motd.dpkg-new /etc/auto.master.distrib.dpkg-new \
/etc/samba/*.SID /etc/samba/*.tdb /dev/mouse* /dev/cdrom* /dev/cdwriter* \
/var/state/*/* /var/state/* /var/log/nessus/* \
/halt /reboot /ash.static /etc/dhcpc/*.info /etc/dhcpc/resolv* \
/etc/*passwd- /etc/*shadow- /etc/*group- /var/spool/postfix/maildrop/* \
- /etc/lvm/.cache 2>/dev/null
+ /etc/lvm/.cache /etc/lvm/cache/.cache /etc/lvm/backup/main 2>/dev/null
rm -rf /tmp/* /var/tmp/* /var/tmp/.* /var/backups/* /.ssh /root/.ssh /home/*/.ssh \
/home/grml/* /home/grml/.??* /var/lib/texmf/ls-R /var/spool/texmf/ls-R \
- /var/lib/mysql /var/log/lilo_log.* 2>/dev/null
+ /var/lib/mysql /var/log/lilo_log.* /core* 2>/dev/null
nuke /var/log /var/cache
zero /var/local /var/log /var/spool \
/var/lib/games /var/cache/man \
/var/lib/nfs /var/lib/xkb \
/var/mail/grml /var/account/pacct
- mkdir -p /etc/sysconfig/network-scripts /etc/sysconfig/provider
# Recreate empty utmp and wtmp
:>/var/run/utmp
:>/var/run/wtmp
ewarn "update-ca-certificates not installed" ; eend 0
fi
-# some stuff does not have to run every single time...
-if [ -n "$FAST" ] ; then
- einfo "\$FAST is set, skipping some tasks" ; eend 0
-else
-
# regenerate module dependencies and ls.so.cache
if [ -x /sbin/ldconfig ] ; then
einfo "Updating ld.so.cache"
ewarn "mandb not installed" ; eend 0
fi
-if [ -n "$REMOVE_DOCS" ] ; then
- einfo "Cleaning documentation directories..."
- if [ -d /usr/share/doc/grml-docs ] ; then
- mv /usr/share/doc/grml-docs /tmp/
- fi
-
- rm -rf /usr/share/doc
- mkdir /usr/share/doc
-
- if [ -d /tmp/grml-docs ] ; then
- mv /tmp/grml-docs /usr/share/doc/grml-docs
- fi
-
- rm -rf /usr/share/gtk-doc/
- rm -rf /usr/share/man/
- rm -rf /usr/man
- rm -rf /usr/share/info
- eend $?
-
- einfo "Creating /usr/share/info/..."
- mkdir -p /usr/share/info/
- eend $?
-fi
-
if [ -d /var/lib/clamav/ ] ; then
einfo "Cleaning /var/lib/clamav/"
rm -f /var/lib/clamav/clamav-* ; eend $?
rm -rf /etc/resolvconf/run
mkdir /etc/resolvconf/run
touch /etc/resolvconf/run/enable-updates
- mkdir /etc/resolvconf/run/interfaces
+ mkdir /etc/resolvconf/run/interface
cat > /etc/resolvconf/run/resolv.conf << EOF
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
ewarn "updatedb not installed" ; eend 0
fi
-fi # end of $FAST-check
-
einfo "Unmounting all filesystems"
umount -a
eend $?
# list dangling symlinks: ls **/*(-@)
#
# Security-audit:
-# find / \! -type l -perm -2000 -ls > audit/sgid-files
+# find / \! -type l -perm -2000 -ls > audit/sgid-files
# find / \! -type l -perm -0002 -ls > audit/world-writeable-files
# find / \! -type l -perm -4000 -ls > audit/suid-files
# find / ( -perm 4000 -o -perm -2000 \) -exec ls -ld {} \;
# file /usr/sbin/* | grep -v ', stripped' | grep -v 'perl' | grep -v 'Bourne' | grep -v 'python' | grep -v 'symbolic link'
#
# Is software by grml-repos up2date?
-# grep-dctrl --field Maintainer 'Michael Prokop' /var/lib/apt/lists/grml.org_repos_._* | grep Package | awk '{print $2}' | xargs echo
+# grep-dctrl --field Maintainer 'Michael Prokop' /var/lib/apt/lists/grml.org_repos_._* | grep Package | awk '{print $2}' | xargs echo
#
# runlevel.conf:
# for file in /etc/init.d/* ; do grep $file -q /etc/runlevel.conf.hdinstall || echo $file not found ; done