diff --git a/linux/kubuntu/setup-unattended-upgrades-full.sh b/linux/kubuntu/setup-unattended-upgrades-full.sh index 5d6074c..cd9eb58 100644 --- a/linux/kubuntu/setup-unattended-upgrades-full.sh +++ b/linux/kubuntu/setup-unattended-upgrades-full.sh @@ -2,7 +2,7 @@ set -e -echo "=== Kubuntu Unattended-Upgrades Setup (VOLLSTÄNDIG) ===" +echo "=== Kubuntu Unattended-Upgrades Setup (VOLLSTÄNDIG v2) ===" echo "" # Prüfen ob Root @@ -11,44 +11,55 @@ if [ "$EUID" -ne 0 ]; then exit 1 fi -echo "[1/6] Paketlisten aktualisieren..." +echo "[1/7] Paketlisten aktualisieren..." apt update -echo "[2/6] unattended-upgrades installieren..." +echo "[2/7] unattended-upgrades installieren..." apt install -y unattended-upgrades -echo "[3/6] Konfiguration anpassen..." +echo "[3/7] Konfiguration anpassen..." +CONF=/etc/apt/apt.conf.d/50unattended-upgrades + # Backup erstellen -cp /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/50unattended-upgrades.bak.$(date +%Y%m%d) +cp "$CONF" "${CONF}.bak.$(date +%Y%m%d)" -# Security-Updates aktivieren -sed -i 's|//\("${distro_id}:${distro_codename}-security";\)|\1|' /etc/apt/apt.conf.d/50unattended-upgrades -sed -i 's|//\("${distro_id}ESMApps:${distro_codename}-apps-security";\)|\1|' /etc/apt/apt.conf.d/50unattended-upgrades -sed -i 's|//\("${distro_id}ESM:${distro_codename}-infra-security";\)|\1|' /etc/apt/apt.conf.d/50unattended-upgrades +# Security-Updates aktivieren (flexibles sed mit optionalem Whitespace) +for pattern in \ + '"${distro_id}:${distro_codename}-security";' \ + '"${distro_id}ESMApps:${distro_codename}-apps-security";' \ + '"${distro_id}ESM:${distro_codename}-infra-security";' \ + '"${distro_id}:${distro_codename}-updates";'; do + sed -i "s|//[[:space:]]*\\(${pattern}\\)|\\1|" "$CONF" +done -# AUCH REGULÄRE UPDATES AKTIVIEREN (Full-Version!) -echo "[4/6] Reguläre Updates aktivieren..." -sed -i 's|//\("${distro_id}:${distro_codename}-updates";\)|\1|' /etc/apt/apt.conf.d/50unattended-upgrades +echo "[4/7] 20auto-upgrades setzen..." +cat > /etc/apt/apt.conf.d/20auto-upgrades <> 'AUTOEOF' +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Unattended-Upgrade "1"; +AUTOEOF -echo "[5/6] GUI-Notifier deaktivieren..." -if dpkg -l | grep -q plasma-discover-notifier; then - apt remove --purge -y plasma-discover-notifier -fi +echo "[5/7] GUI-Notifier deaktivieren (sanft)..." +mkdir -p /etc/xdg/autostart +cat > /etc/xdg/autostart/org.kde.discover.notifier.desktop <> 'DESKEOF' +[Desktop Entry] +Hidden=true +DESKEOF -# Autostart sicherheitshalber entfernen -if [ -f /etc/xdg/autostart/org.kde.discover.notifier.desktop ]; then - rm /etc/xdg/autostart/org.kde.discover.notifier.desktop -fi - -echo "[6/6] Service aktivieren und starten..." +echo "[6/7] Services und Timer aktivieren..." systemctl enable --now unattended-upgrades +systemctl enable --now apt-daily.timer apt-daily-upgrade.timer + +echo "[7/7] Verifikation..." +echo "--- Aktivierte Origins in 50unattended-upgrades ---" +grep -E '^\s+".*";' "$CONF" || echo "(keine aktiven Zeilen gefunden — sed hat nichts geändert!)" echo "" -echo "=== Setup abgeschlossen (VOLLSTÄNDIG) ===" +echo "=== Setup abgeschlossen (VOLLSTÄNDIG v2) ===" echo "Installiert: Security-Updates + reguläre Updates" echo "" echo "Status prüfen mit: sudo systemctl status unattended-upgrades" +echo "Timer prüfen mit: sudo systemctl status apt-daily.timer" echo "Testlauf mit: sudo unattended-upgrade --dry-run" echo "Logs unter: /var/log/unattended-upgrades/" echo "" -echo "Konfiguration gesichert unter: /etc/apt/apt.conf.d/50unattended-upgrades.bak.$(date +%Y%m%d)" +echo "Konfiguration gesichert unter: ${CONF}.bak.$(date +%Y%m%d)"