You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
982 B
32 lines
982 B
#!/bin/bash
|
|
sudo service execguard stop
|
|
sudo apt update
|
|
apt list --upgradable 2>/dev/null | tail -n +2 | cut -d/ -f1 | while read pkg; do
|
|
dpkg -L "$pkg" | grep --color=never -E '^\.?/usr/bin|^\.?/bin|^\.?/usr/sbin' >> sys-updates.list
|
|
done
|
|
# Check if file exists
|
|
if [[ ! -f sys-updates.list ]]; then
|
|
echo "Error: sys-updates.list not found."
|
|
exit 1
|
|
fi
|
|
sudo apt upgrade -y
|
|
# Loop through each line
|
|
while IFS= read -r line; do
|
|
# Trim whitespace
|
|
line="${line#"${line%%[![:space:]]*}"}"
|
|
line="${line%"${line##*[![:space:]]}"}"
|
|
# Skip empty lines and comments
|
|
[[ -z "$line" || "$line" == \#* ]] && continue
|
|
# Skip exact matches to base binary directories
|
|
case "$line" in
|
|
"/usr/bin" | "/usr/sbin" | "/bin")
|
|
continue
|
|
;;
|
|
esac
|
|
echo "Updating: $line"
|
|
sudo execguard --update "$line"
|
|
|
|
done < sys-updates.list
|
|
rm sys-updates.list
|
|
echo "You may want to run, for a while: sudo execguard --init"
|
|
echo "Then re-enable it: sudo service execguard start"
|
|
|