dsa-sarge-fn.el v. 0.0

[D Goel]

 dsa-sarge-fn.el --- Report sarge vulnerabilities present on your machine.



INTRODUCTION:
============
This post also includes 2 attachments.

A running count of remaining security vulnerabilities in sarge has
emerged here: http://merkel.debian.org/~joeyh/testing-security.html.

dsa-sarge fetches this count and examines your system for any packages
that need to be upgraded to sid to possibly escape those
vulnerabilities.   It needs shs.el, posted separately.

Drop this file in load-path.  To invoke from any emacs 21, M-x
dsa-sarge.  It will work, though it is really optimized for running
as a shell-script.

To install it for use as a shell-script too, follow the shs.el
instructions: Drop this file dsa-sarge-fn.el, shs.el, the ATTACHED
scripts dsa-sarge and dsa-sarge1 somewhere ~/location, this location
should be common to your emacs' loadpath and bash's path. Also Create
a ~/.emacs.script with this line:

 (add-to-list 'load-path "~/location")





-----------------------------------------------------
The latest version can be had from
http://gnufans.net/~deego .
;;;---------------- CUT HERE -------------------------------

;;; dsa-sarge-fn.el --- Report sarge vulnerabilities present on your machine.
;; Time-stamp: <2005-01-15 21:49:04 deego>
;; Copyright (C) 2005 D. Goel
;; Emacs Lisp Archive entry
;; Filename: dsa-sarge-fn.el
;; Package: dsa-sarge-fn
;; Author: D. Goel <address@hidden>
;; Keywords:
;; Version:  0.0
;; URL: http://gnufans.net/~deego
;; For latest version:

(defconst dsa-sarge-fn-home-page
  "http://gnufans.net/~deego";)

(defconst dsa-sarge-fn-version "0.0")


;; Copyright (C) 2005 D. Goel


 
;; This file is NOT (yet) part of GNU Emacs.
 
;; This is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 2, or (at your option)
;; any later version.
 
;; This is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;; GNU General Public License for more details.

;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs; see the file COPYING.  If not, write to the
;; Free Software Foundation, Inc., 59 Temple Place - Suite 330,
;; Boston, MA 02111-1307, USA.
 

;; provide basic setup for emacs scripting. To the beginning of all
;; emacs shell-scripts, don't forget to add (add-to-list 'load-path
;; directory) and (require 'shs).  Use shs as a convenient way to call
;; shell-commands from the script.

;; shs.el has been renamed to shs.el since there exists another shs.el
;; -- shs stands for SHell-Script.

(require 'cl)
(require 'shs)




;;; Introduction:
;; Stuff that gets posted to gnu.emacs.sources
;; as introduction
(defconst dsa-sarge-fn-introduction
  "This post also includes 2 attachments.

A running count of remaining security vulnerabilities in sarge has
emerged here: http://merkel.debian.org/~joeyh/testing-security.html.

dsa-sarge fetches this count and examines your system for any packages
that need to be upgraded to sid to possibly escape those
vulnerabilities.   It needs shs.el, posted separately.

Drop this file in load-path.  To invoke from any emacs 21, M-x
dsa-sarge.  It will work, though it is really optimized for running
as a shell-script.

To install it for use as a shell-script too, follow the shs.el
instructions: Drop this file dsa-sarge-fn.el, shs.el, the ATTACHED
scripts dsa-sarge and dsa-sarge1 somewhere ~/location, this location
should be common to your emacs' loadpath and bash's path. Also Create
a ~/.emacs.script with this line:

 (add-to-list 'load-path \"~/location\")




"
)

;;;###autoload
(defun dsa-sarge-fn-introduction ()
  "Provides electric help from variable `dsa-sarge-fn-introduction'."
  (interactive)
  (with-electric-help
   '(lambda () (insert dsa-sarge-fn-introduction) nil) "*doc*"))


(defun dsa-sarge-fn (&rest args)
  " Report security upgrades for hybrid systems:
Try to parse http://merkel.debian.org/~joeyh/testing-security.html,
examine our system against that, and ADVISE on any packages that need to
be upgraded to sid to comply with the security advisory.  

Of course, you do need to have all the appropriate security sources for
stable and testing in your sources.list.
"
  (interactive)
  

  (shs-start)
  (display-buffer shs-buffer)
  ;;(shs-shell "clear")
  ;; this doesn't work: 
  ;;(shsm "I will try to apt-get update now, but if you don't want
  ;;that part, just interrrupt it with C-c. ")
  ;;(shs-shell "sudo apt-get -u update")
  (shsm "This script reports WRONG results if there are any packages
that are younger than the latest stable versions.  Thus, always type
apt-get update; apt-get -t stable upgrade before using this script.")



  (shsm "Getting versions..")
  (let* (
         (versions (shs-shell "apt-show-versions"))
         (pagestr 
          (shs-shell
           (concat 
            "w3m -dump "
            "http://merkel.debian.org/~joeyh/testing-security.html";)))
         (infos (split-string pagestr "\n")))
    (loop for info in infos do
          (cond
           ((string-match " needed" info)
            (let* ((words (split-string info))
                   (pos 
                    (or 
                     (position "needed" words :test 'string=)
                     (position "needed," words :test 'string=)))
                   ;; version: 
                   (wantedv (and (numberp pos) (> pos 0)
                                 (nth (- pos 1) words)))
                   (pkg (nth 1 words))
                   (policy 
                    (and (stringp pkg)
                         (shs-shell (concat "apt-cache policy "
                                             pkg))))
                   ;; words
                   (policyw (split-string policy))
                   (installedv
                    (and (string= "Installed:" (second policyw))
                         (third policyw)))
                   (okp
                    (or 
                     (equal installedv "(none)")
                     (string-match "Unable to locate package" policy)
                     (and (stringp wantedv)
                          (stringp installedv)
                          (string= wantedv installedv))
                     (string-match (concat pkg "/stable uptodate")
                                   versions)))
                   (avp (string-match wantedv policy)))
              (unless okp
                (shsm "=========================================")
                (shsm
                 "%s: Installed: %s, Needed: %s%s"
                 pkg installedv wantedv
                 (if (not avp) " -- UNAVAILABLE???" "")
                 ))))))
    (shsm "=========================================")
    (shsm "%s%s" "If you didn't see any packages mentioned above,"
          "you are all clear!")
    (shs-bye)
    ))

;;;###autoload
(defalias 'dsa-sarge 'dsa-sarge-fn)

             
             
         
         


(provide 'dsa-sarge-fn)

dsa-sarge
Description: script

dsa-sarge1
Description: script