Sve brisanje se događa u remove_bloat()

[carnet-upgrade.git] / src / functions.sh

# Ivan 'ico' Rako <irako@srce.hr>
# Zoran 'jelly' Dzelajlija <jelly@srce.hr>
# Zeljko Boros <zelja@carnet.hr>

PHPVER="7.4"
MDB="10.5"
PINFILE="/etc/apt/preferences.d/99-carnet"


notice () {
  LC_MESSAGES=hr_HR dialog --backtitle "$title" --msgbox "$*" 18 75
}

first_warning () {
  LC_MESSAGES=hr_HR dialog --backtitle "$title" --yesno "$msg_first_warning" 18 75
  if [ $? -ne 0 ]; then
    log "Upgrade canceled."
    exit 0
  fi
}

second_warning () {
  LC_MESSAGES=hr_HR dialog --backtitle "$title" --yesno "$msg_second_warning" 18 75
  if [ $? -ne 0 ]; then
    log "Upgrade canceled."
    exit 0
  fi
}

pkg() {
  local version
  dpkg -l "$1" 2> /dev/null | egrep -q "^.i" || return 1
  [ -z "$2" ] && return 0
  version=$(dpkg -s "$1" | awk '/^Version:/ {print $2}')
  dpkg --compare-versions "$version" "$2" "$3" 2>&1 > /dev/null
}

log() {
  local old_umask
  logfile=${logfile:=/var/log/carnet-upgrade.log}

  old_umask=$(umask)
  umask 0077

  echo "$(date +'%Y-%m-%d %H:%M:%S') $*" >> $logfile
  echo "CN: $*"

  umask $old_umask
  chmod og= $logfile
}

# safe in-place s///
check_and_sed() {
  [ "$DEBIAN_SCRIPT_DEBUG" ] && set -vx
  local s sedcmd ret i
  s="$1"
  shift
  sedcmd="$1"
  shift
  ret=2
  for i in $*
  do
    [ -e "$i" ]        || continue
    egrep -q "$s" "$i" || continue
    [ -h "$i" ]        && i=$(readlink -f "$i")
    sed "$sedcmd" "$i" > "$i.dpkg-tmp"
    chown --reference "$i" "$i.dpkg-tmp"
    chmod --reference "$i" "$i.dpkg-tmp"
    mv "$i.dpkg-tmp" "$i"
    ret=0
  done
  if [ "$ret" -eq 0 ]; then
    log "Done \"$sedcmd\" to $*"
  fi
  return $ret
}

pkgadd () {
  [ -n "$*" ] || return 0
  log "Installing $* ..."
  apt-get -y$s install $* || {
    dpkg --configure -a
    apt-get -yf install
    apt-get -y$s install $*
  }
}

pkgrm () {
  [ -n "$*" ] || return 0
  log "Purging $* ..."
  apt-get -y$s --purge remove $* || {
    dpkg --configure -a
    apt-get -yf install
    apt-get -y$s --purge remove $*
  }
}

pkgrm_only () {
  [ -n "$*" ] || return 0
  log "Removing $* ..."
  apt-get -y$s remove $* || {
    dpkg --configure -a
    apt-get -yf install
    apt-get -y$s remove $*
  }
}


apt_update() {
  log "Running apt-get update ..."
  apt-get -y$s update || {
    apt-get -yf install
    apt-get -y$s update
  }
  apt-get autoclean
}

apt_download() {
  log "Running apt-get download ..."
  apt-get -dy$s dist-upgrade
}

dist_upgrade () {
  log "Running upgrade ..."
  apt-get -y$s upgrade || {
    dpkg --configure -a
    apt-get -y$s upgrade
  }

  log "Running dist-upgrade ..."
  apt-get -y$s dist-upgrade || {
    dpkg --configure -a
    apt-get -y$s dist-upgrade
  }
}

apt_autoremove () {
  log "Running autoremove ..."
  apt-get -y$s --purge autoremove || {
    dpkg --configure -a
    apt-get -yf install
  }
}

# remove stale package information from available
#   warning, in file '/var/lib/dpkg/available'
#   near line 58185 package 'vim-cn': missing architecture
cleanup_available () {
  log "Cleaning dpkg available file"

  available=$(mktemp /var/lib/carnet-upgrade/available.XXXXXX)
  apt-cache dumpavail > $available

  dpkg --clear-avail
  dpkg --update-avail $available

  rm -f $available
}

remove_x() {
  LC_MESSAGES=hr_HR dialog --backtitle "$title" --yesno "$msg_remove_x" 18 75
  if [ $? -eq 0 ]; then
    log "Removing X Window System"
    pkgrm xserver-xorg
  else
    log "Skipping X Window System removal"
  fi
}

remove_bloat() {
### zelja 2023-07-06
tempdelfile=$(mktemp /tmp/tempdelfile.XXXX)

for a in $bloats; do echo apt-get -qq -y remove $a 2\> /dev/null ; done > $tempdelfile

/bin/bash $tempdelfile
rm $tempdelfile

return 0


  local to_remove add_this i j n text to_show cmd tmpfile installed
  local update_selections pkgs_to_deselect pkgs_to_remove oldifs pkglist
  text="$msg_remove_bloat"

  [ "$DEBUG" ] && set -x
  n=0
  pkglist=$(mktemp /var/lib/carnet-upgrade/pkglist.XXXXXX)
  COLUMNS=200 dpkg -l | awk '$1 ~ /^.i/ { print $2 }' > $pkglist
  for i in $(echo "$bloats" | sed 's/           */      /g'| awk -F'    ' '{print $2}')
  do
    if grep -q "^$i$" $pkglist; then
      installed="$installed $i"
      add_this="$(echo "$bloats" | egrep "      .*\b${i}\b" | sed 's/           */      /g'| awk -F'    ' '{print $1}')"
      if ! echo "$to_show" | grep -q "$add_this"; then
        to_show="$to_show \"$add_this\" \"\" on"
        n=$(($n+1))
      fi
    fi
  done
  [ "$DEBUG" ] || rm -f $pkglist
  [ -z "$to_show" ] && return 0
  test $n -gt 8 && n=8
  tmpfile=$(mktemp /var/lib/carnet-upgrade/dialog-tmp.XXXXXX)
  cmd="LC_MESSAGES=hr_HR dialog --nocancel --backtitle \""$title"\" --checklist \""$text"\" 20 75 $n $to_show"
  [ "$DEBUG" ] && set +x
    eval $cmd 2> $tmpfile
  [ "$DEBUG" ] && set -x
  to_remove="$(cat $tmpfile | sed 's/\"\ \"/    /g; s/\"\ *//g; s/\\//g')"
  [ "$DEBUG" ] || rm -f $tmpfile 
  [ "$DEBUG" ] && echo "DEBUG: to_remove=$to_remove" 1>&2
  oldifs="$IFS"
  IFS=" " # tab
  for i in $(echo "$to_remove")
  do
    IFS="$oldifs"
    for j in $(echo "$bloats" | grep "^$i" | sed 's/            */      /g'| awk -F'    ' '{print $2}')
    do
      # hopefully this will tell apt not to reinstall them at upgrade time
      update_selections="${update_selections}
        $j      deinstall"
      pkgs_to_deselect="$pkgs_to_deselect $j"
      # only remove those that really are installed
      if echo "$installed" | grep -q "$j"; then
        pkgs_to_remove="$pkgs_to_remove $j"
      fi
    done
  done
  IFS="$oldifs"
  [ "$DEBUG" ] && echo "DEBUG: pkgs_to_remove=$pkgs_to_remove" 1>&2
  # Finally, remove those
  if [ -n "$update_selections" ]; then
    echo "$update_selections" | dpkg --set-selections
    log "Deselected:${pkgs_to_deselect}"
  fi
  eval pkgrm $pkgs_to_remove
}

remove_cn_bloat() {
### Sve obrisano u remove_bloat()
return 0

  local installed pkg cn_pkgs dialog_list selection cn_del to_del del_pkgs

  # get installed packages
  installed=$(mktemp /var/lib/carnet-upgrade/pkglist.XXXXXX)
  COLUMNS=200 dpkg -l | awk '$1 ~ /^.i/ { print $2 }' >$installed

  # detect installed CN packagees
  for pkg in $(echo "$cn_bloats" | cut -d' ' -f1); do
    if grep -qx $pkg $installed; then
      cn_pkgs="$cn_pkgs $pkg"
      dialog_list="$dialog_list $pkg '' off"
    fi
  done
  rm -f $installed

  # report status or finish if no CN packages found
  if [ "$cn_pkgs" ]; then
    log "Found CN packages:$cn_pkgs"
  else
    log "No CN packages found."
    return
  fi

  # user selects the packages to delete
  selection=$(mktemp /var/lib/carnet-upgrade/selection.XXXXXX)
  eval LC_MESSAGES=hr_HR dialog --nocancel --backtitle \""$title"\" \
    --checklist \""$msg_remove_cn_bloat"\" 20 75 6 $dialog_list 2>$selection

  # expand the package list to include the services
  for pkg in $(cat $selection); do
    pkg=${pkg%\"}
    pkg=${pkg#\"}
    cn_del="$cn_del $pkg"
    to_del=$(echo "$cn_bloats" | grep ^$pkg)
    del_pkgs="$del_pkgs $to_del"
  done
  rm -f $selection

  # report selection or finish if no service selected
  if [ "$cn_del" ]; then
    log "Removing CN services:$cn_del"
  else
    log "No CN services selected for removal."
    return
  fi

  # delete the cn packages and relevant services
  pkgrm_only $del_pkgs
}

post_upgrade() {
  touch "$post_upgrade_queuetab"
  if ! grep -q "true    $*" "$post_upgrade_queuetab"; then
    echo "true  $*" >> "$post_upgrade_queuetab"
  fi
}

run_post_upgrade() {
  if [ -f "$post_upgrade_queuetab" ]; then
    run_actions post_upgrade "$post_upgrade_queuetab"
    mv "$post_upgrade_queuetab" "${post_upgrade_queuetab}.done.$(date '+%Y-%m-%d.%H:%M:%S')"
  fi      
}

###

run_actions() {
  local line lineno lineno2 f n name action checkmsg check
  [ "$DEBUG" ] && set -vx
  name="$1"
  f="$2"
  [ -f "$f" ] ||   return 2 # no such file
  n=$(wc -l "$f" | awk '{print $1}')
  [ "$n" -lt 1 ] && return 1 # no lines to process
  log "run_actions ($name) started, processing $n lines from \"$f\"."
  log "-----"
  lineno=0
  lineno2=0
  while [ "$lineno" -lt "$n" ]
  do
    lineno=$(($lineno+1))
    lineno2=$lineno
    line=$(head -$lineno "$f" | tail -1)
    if echo $line | grep -q '^#'; then  # comment
      continue
    fi
    while echo "$line" | egrep -q '\\$' # continuation
    do
      lineno2=$(($lineno2+1))
      line=$(echo -n "$line"| sed 's/\\$//'; head -$lineno2 "$f" | tail -1)
    done
    check=$(echo "$line" | sed 's/              */      /g'| awk -F'    ' '{print $1}')
    action=$(echo "$line" | sed 's/             */      /g'| awk -F'    ' '{print $2}')
    checkmsg=""
    [ "$check" != "true" ] && checkmsg="if '$check'"
    if eval $check; then
      log "$(printf 'action %02d' $lineno) starting: '${action}' $checkmsg "
      if ! eval $action; then
        log "$(printf 'action %02d' $lineno) failed: '${action}' $checkmsg "
        display_action_failure "$action"
        exit 1
      else  
        log "$(printf 'action %02d' $lineno) finished: '${action}' $checkmsg"
      fi
    else
      log "$(printf 'action %02d' $lineno) skipping: '${action}' $checkmsg"
    fi
    [ "$lineno2" -gt "$lineno" ] && lineno=$lineno2
  done
  log "run_actions ($1) finished"
  log "-----"
}

# report action failure
display_action_failure () {
  local action=$1

  notice "
Doslo je do greske prilikom izvrsavanja akcije '$action'. Detalje problema moguce je vidjeti u log datotekama:

  /var/log/carnet-upgrade.log
  /var/log/carnet-upgrade.typescript

Da bi dovrsili zapocete operacije nad paketima pokrenite:

  # dpkg --configure -a
  # apt -f install

Nakon toga ponovno pozovite carnet-upgrade skriptu."
}

# funkcija vraca popis paketa koje treba upgradeati
what_upgrade () {
  local IFSOLD name version package

  for package in `echo "$needed_versions" | awk '{print $1}'| grep -v ^$`; do
    IFSOLD="$IFS"
    IFS="       " # tab
    read name version <<-EOPTS
        $(echo "$needed_versions" | sed 's/             */      /g' | grep ^$package)
        EOPTS
    IFS="$IFSOLD"
    if pkg "$name" lt "$version"; then
        echo -n " $name"
    fi
  done
}

# funkcija za ispis paketa koje treba upgradeati
check_upgrade () {
  local upgrade
  upgrade=${1:-"`what_upgrade`"}

  if [ "$upgrade" ]; then
    notice "
Prije prelaska na Debian bullseye potrebno je napraviti nadogradnju ovih paketa:
  $upgrade

Pokrenite:
  # apt-get update
  # apt-get dist-upgrade
ili:
  # apt-get update
  # apt-get install${upgrade}
  
Nakon toga ponovno pozovite ovu skriptu."
    log "carnet-upgrade aborted, upgrade of$upgrade needed."
    exit 1
  fi
}

# try to check if we are using the latest version of carnet-upgrade script
check_my_version () {
  local packages latest_version

  packages=$(mktemp /var/lib/carnet-upgrade/Packages.XXXXXX)
  if wget -q -O$packages $packages_uri; then
    latest_version=$(sed -ne \
        '/Package: carnet-upgrade/,/Description:/{ /Version: /s///p }' \
        $packages)
    rm -f $packages

    if [ "$latest_version" ]; then
      log "Running carnet-upgrade version is $version"
      log "Latest carnet-upgrade version is $latest_version"
      if dpkg --compare-versions "$version" lt "$latest_version"; then
        check_upgrade " carnet-upgrade"
      else log "Already using the latest carnet-upgrade version."; fi
    else log "Failed to get latest version, skipping check."; fi
  else log "Failed to download Packages file, skipping check."; fi

  rm -f $packages
}

check_reboot () {
  reboot_required || return 0

  LC_MESSAGES=hr_HR dialog --backtitle "$title" --yesno "$reboot_warning" 18 +75
  if [ $? -eq 0 ]; then
    log "Reboot before continuing."
    exit 0
  else
    log "Proceed without reboot."
  fi
}

# check if the latest kernel is booted
reboot_required () {
  local default_kernel kernel_package running_release running_version

  # try to get default kernel from grub2
  if [ -z "$default_kernel" -a -r "/boot/grub/grub.cfg" ]; then
      default_kernel=$( awk '
           $0 ~ /^set default=".*"/ { 
               def = gensub(/default="(.*)"/, "\\1", "1", $2);
               if (def !~ /^[0-9]+$/) { exit }
           }
           $1 == "menuentry" { menuentry+=1 }
           $1 == "linux" && menuentry==def+1 { print $2; exit }' \
           /boot/grub/grub.cfg 2>/dev/null )
  fi

  # try to get default kernel from grub-legacy
  if [ -z "$default_kernel" -a -r "/boot/grub/menu.lst" ]; then
      default_kernel=$( awk '
           $1 == "default" { def = $2; 
                             if (def !~ /^[0-9]+$/) { exit } }
           $1 == "title" { title+=1 }
           $1 == "kernel" && title==def+1 { print $2; exit }' \
           /boot/grub/menu.lst 2>/dev/null )
  fi

  # try to get default kernel from lilo
  if [ -z "$default_kernel" ] && type lilo >/dev/null 2>&1; then
      default_kernel=$( lilo -t -v 2>/dev/null \
                        | grep -B3 '[*]$' \
                        | sed -n -e '/^Boot image: / { s///p; q; }' )
  fi

  if [ -z "$default_kernel" ]; then
      log "Could not find default kernel"
      return 1
  fi

  log "Default kernel image: $default_kernel"

  if [ ! -e "$default_kernel" ]; then
      # /boot prefix might be missing
      default_kernel="/boot/${default_kernel#/}"
      if [ ! -e "$default_kernel" ]; then
          log "Default kernel image doesn't exist!?"
          return 1
      fi
  fi

  kernel_package=$( dpkg -S $default_kernel | cut -d: -f 1 )

  if [ -z "$kernel_package" ]; then
      log "Default kernel not installed from a package"
      return 1
  fi

  log "Default kernel package: $kernel_package"

  running_release=$( uname -r )
  running_version=$( uname -v )
  log "Running kernel: $running_release $running_version"

  if [ "$kernel_package" != "${kernel_package#linux-image-3.2.0-}" ] ||
     grep -q "$running_release .* $running_version" $default_kernel
  then
      log "Latest kernel version is running." 
      return 1
  else
      log "Reboot to latest version required."
      return 0
  fi
}

upgrade () {
  local packages
  case "$1" in
    first)
      packages="$packages_first"
    ;;
    second)
      packages="$packages_second"
    ;;
    *)
    return 1
  esac

  pkgupgrade $packages
}

# install packages introduced in this release
install_new () {
  if [ "$new_packages" ]; then
    pkgadd $new_packages
  fi
}

# funkcija utrpa ispravan sources.list
create_sources_list () {
    local sl sl_new
    sl=/etc/apt/sources.list
    sl_new=$( copy_template $sl )

    # comment aai repository if not in use
    if ! pkg srce-keyring; then
        sed -i 's/^\(deb.*ftp.srce.hr\)/#\1/' $sl_new
    fi

    # check if already installed
    if ! cmp $sl $sl_new >/dev/null; then

        # backup old version
        if [ -f $sl -a ! -f $sl.$backup_ext ]; then
            cp -v $sl $sl.$backup_ext
        fi

        # install new version
        cp -v $sl_new $sl
        notice "Novi sadrzaj datoteke /etc/apt/sources.list:

`cat /etc/apt/sources.list`"
    fi

    # make sure permissions are correct
    chmod 0644 $sl
    rm $sl_new
}

# funkcija koja brise grupu proc
remove_group_proc () {
  if getent group proc > /dev/null; then
    groupdel proc || true
    log "groupdel proc (temporarily)"
    post_upgrade add_group_proc
  fi
}

add_group_proc () {
  if ! getent group proc > /dev/null; then
    # grsec uses gid 99 for /proc files
    groupadd -g 99 proc 
    log "groupadd -g 99 proc"

    # update oidentd so it uses the proc group
    if [ -x /etc/init.d/oidentd ]; then
        if gpasswd -a oident proc; then
            /etc/init.d/oidentd restart
        fi
    fi
  fi
}

# backup ldap database
backup_slapd_db () {
  local ldap_backup=/var/backups/slapcat.$backup_ext.gz
  local old_umask result

  if [ ! -f $ldap_backup ]; then
    [ -x /etc/init.d/freeradius ] && /etc/init.d/freeradius stop || true

    if [ -x /etc/init.d/slapd -a -d /var/lib/ldap ]; then
      /etc/init.d/slapd stop || true
      old_umask=`umask`
      umask 0077 # protect the backup file
      slapcat | gzip --best > $ldap_backup
      result=$?
      umask $old_umask
      /etc/init.d/slapd start || true

      if [ "$result" -eq 0 ]; then
        log "$ldap_backup created"
        notice "Napravljen backup slapd baze u $ldap_backup."
      else
        log "$ldap_backup was not created"
        notice "Backup slapd baze u $ldap_backup nije uspio."
        exit 1
      fi
    fi

    [ -x /etc/init.d/freeradius ] && /etc/init.d/freeradius start || true
  else
    log "slapd backup already at $ldap_backup, skipping."
    #notice "Backup slapd baze u $ldap_backup vec postoji!"
  fi
}

# backup etc direktorija
backup_etc_dir () {
  local etc_backup=/var/backups/etc.$backup_ext.tar.gz
  local old_umask

  if [ ! -f $etc_backup ]; then
    old_umask=`umask`
    umask 0077 # protect the backup file

    if tar cfz $etc_backup /etc 2> /dev/null; then
      log "$etc_backup created"
      notice "Napravljen backup /etc direktorija u $etc_backup."
    else
      log "$etc_backup was not created"
      notice "Backup /etc direktorija u $etc_backup nije uspio."
      exit 1
    fi
    umask $old_umask
  else
    log "/etc backup already present in $etc_backup, skipping."
    #notice "Backup /etc direktorija u $etc_backup vec postoji!"
  fi
}

# restore a configuration file if it contains only CN modifications
restore_file () {
  local file file_expect file_restore file_backup

  file=$1
  file_expect=$2
  file_restore=$3
  file_backup=$file.$backup_ext

  [ "$file_expect" ] || file_expect=$cnup/files/$file.expect
  [ "$file_restore" ] || file_restore=$cnup/files/$file.restore

  # check if all required files are there
  if ! [ -e $file -a -e $file_expect -a -e $file_restore ]; then
    log "Required files missing, skipping $file restore."
    return 1
  fi 

  # is restore needed
  if ! cmp $file_expect $file >/dev/null; then
    log "Config doesn't match the template, skipping $file restore."
    return 1
  fi

  # backup and restore
  if [ ! -e $file_backup ]; then
    log "Restoring config file $file."

    # backup local changes
    cp -av $file $file_backup

    # restore original
    cp -v $file_restore $file

    # restore succedded
    return 0
  else 
    log "Backup file exists, skipping $file restore."
    return 1
  fi
}

# force reconfiguration at the end if package is not upgraded automatically
postupgrade_reconfigure () {
  local cn_package cn_version

  cn_package=$1
  cn_version=$( dpkg -s "$cn_package" | awk '/^Version:/ {print $2}' )
  post_upgrade "pkg $cn_package gt $cn_version || dpkg-reconfigure $cn_package"
}

# copy template into a temporary file
copy_template () {
  local path file template config_new

  path=$1
  file=$(basename $path)
  template=$cnup/files/$path.template
  config_new=$(mktemp /var/lib/carnet-upgrade/$file.XXXXXX)
  cp $template $config_new

  echo $config_new
}

# restore modified config to their package defaults
# so the upgrade doesn't complain so much
restore_configs () {
  local hostname domain config_new memtotal memlimit

  # restore simple configs
  if pkg ntp-cn && pkg ntp lt 1:4.2.6.p5+dfsg-2; then
     if restore_file /etc/ntp.conf; then
        postupgrade_reconfigure ntp-cn
     fi
  fi

  if pkg vsftpd-cn && pkg vsftpd lt 2.3.5-3; then
     if restore_file /etc/vsftpd.conf; then
        postupgrade_reconfigure vsftpd-cn
     fi
  fi

  if pkg amavisd-cn && pkg amavisd-new lt 1:2.7.1-2; then
     if restore_file /etc/cron.d/amavisd-new; then
        rm -f /etc/cron.d/amavisd-new.$backup_ext
        postupgrade_reconfigure amavisd-cn
     fi
  fi

  if pkg ossec-hids lt 2.7-1; then
     if restore_file /var/ossec/rules/local_rules.xml; then
        postupgrade_reconfigure ossec-hids-cn
     fi
  fi

  if pkg sasl2-bin lt 2.1.25.dfsg1-6+deb7u1; then
     if restore_file /etc/default/saslauthd; then
        postupgrade_reconfigure postfix-cn
     fi
  fi

  if pkg base-files lt 7.1wheezy2; then
     restore_file /etc/issue
     restore_file /etc/issue.net
  fi

  # check if monitrc is template based
  if [ -e /etc/monit/monitrc ]; then # monit is removed at this point
     # regenerate config from template
     hostname=$(hostname)
     domain=$(hostname --domain)
     config_new=$(copy_template /etc/monit/monitrc)
     check_and_sed "@localhost" \
       "s/@localhost/@$hostname.$domain/g" $config_new || true
     restore_file /etc/monit/monitrc $config_new
     rm -f $config_new
  fi
}

# load various debconf defaults
debconf_preload () {
  echo libc6 libraries/restart-without-asking boolean true | debconf-set-selections
}

# temporary disable listchanges packages to reduce clutter during upgrade
apt_listchanges () {
  local file command=$1

  for file in /etc/apt/apt.conf.d/20listchanges \
              /etc/apt/apt.conf.d/20listchanges-cn
  do
      case $command in
           disable)
               if [ -f $file ]; then
                   dpkg-divert --local --rename --divert $file.disabled \
                               --add $file || true
               fi
               ;;

           enable)
               # cleanup the diversion even if the file is already removed
               dpkg-divert --rename --remove $file || true
               ;;
     esac
  done
}

# make a silent installation of carnet and srce keyrings
install_keyrings () {
  pkgadd carnet-keyring debian-archive-keyring
  dpkg-reconfigure carnet-keyring debian-archive-keyring

  if pkg srce-keyring; then
    pkgadd srce-keyring
    dpkg-reconfigure srce-keyring
  fi

  apt_update
}

# check if package is orphaned (nothing depends on it)
is_orphaned () {
  local package deps

  package=$1
  deps=$(apt-get remove -s $package | grep ^Remv | wc -l)
  if [ "$deps" -eq 1 ]; then 
    return 0
  else 
    return 1
  fi
}

# remove old and unused libraries
remove_orphaned () {
  local package remove

  apt_autoremove

  remove=
  for package in $orphaned_packages; do
    if is_orphaned $package; then
      remove="$remove $package"
    fi
  done

  if [ "$remove" ]; then
    pkgrm $remove
  fi
}

# monit it causing problems for postinst scripts
# restarting daemons so try to disable it
disable_monit () {
  if pkg monit-cn; then
    pkgrm monit-cn # disables monit in prerm
  fi

  # if configured manually
  if pkg monit; then
    # remove the binary but leave the config
    apt-get remove --yes monit
    # stop the binary
    pkill -9 monit || true
    # move away init for insserv to work
    mv /etc/init.d/monit /var/lib/carnet-upgrade/
  fi
}

# allow monit to run again
enable_monit () {
  if [ -f /var/lib/carnet-upgrade/monit ]; then
    mv /var/lib/carnet-upgrade/monit /etc/init.d/monit
    pkgadd monit-cn
  fi 
}

# check which of the given packages are installed
grep_installed () {
  local package installed

  for package in $*; do
    if pkg $package; then
      installed="$installed $package"
    fi
  done

  echo $installed
}

# only upgrade packages if they are already installed
pkgupgrade () {
  local packages

  packages=$( grep_installed $* )

  if [ "$packages" ]; then
    eval pkgadd $packages
  fi
}

# upgrade apache2/php
upgrade_apache2 () {
### ne treba od etcha
### pkgrm apache-common # prevents installation of apache2-suexec
  pkgupgrade libapache2-mod-php$PHPVER php$PHPVER-cli php$PHPVER-cn apache2-cn \
    php$PHPVER-odbc mod-security-cn
}

upgrade_amavis () {
  local conf

  # move old config aside
  for conf in /etc/amavisd.conf /etc/amavis/amavisd.conf; do
    if [ -e $conf -a ! -e $conf.$backup_ext ]; then
      mv -v $conf $conf.$backup_ext
    fi
  done

  # workaround for insserv complaining
  if [ -x /sbin/insserv ]; then
    if [ -r /etc/init.d/amavis.amavisd-new ]; then
      /sbin/insserv amavis.amavisd-new
    fi
  fi

  # install new packages
  pkgadd amavisd-cn amavisd-new

  # workaround for insserv complaining
  if [ -x /sbin/insserv ]; then
    if [ -r /etc/init.d/amavis.amavisd-new ]; then
      /sbin/insserv amavis.amavisd-new
    fi
  fi

  # start new packages
  ### By zelja, nema vise amavisd-cn, vjerujemo systemd-u
  ### /etc/init.d/amavisd-cn restart
  /etc/init.d/amavis restart
}

# handle mysql upgrade
upgrade_mysql () {
  if pkg mysql-server || pkg mysql-server-5.5 || \
     pkg mariadb-server || pkg mariadb-server-$MDB
  then
     pkgadd default-mysql-server
     dpkg -P mysql-server mysql-server-5.5 mariadb-server-$MDB
     service mysql restart
  fi
}

# fix postgresql deinstallation during upgrade
upgrade_postgresql () {
  if check_services show 2>&1 | grep -qw postgresql; then
     apt-get install -y postgresql || apt-get -yf install
  fi
}

# upgrade the MTA
upgrade_postfix () {
  pkgadd sasl2-bin postfix-cn

  if pkg postgrey; then
     pkgrm postgrey # not used by postfix-cn anymore
  fi
}


# pinning za baculu da se ne nadogradi sa 7.4.4 na 9.* u busteru
# istu stvar radi i bacula-cn.postinst

fix_bacula() {

   echo "CN: Dodajem pinning bacule na inačicu 7.4.4..."

   test -f $PINFILE || touch $PINFILE

   cp-update bacula-cn $PINFILE <<EOF
   
Package: bacula-fd
Pin: version 7.4.4*
Pin-Priority: 1001

Package: bacula-common
Pin: version 7.4.4*
Pin-Priority: 1001

Package: bacula-console
Pin: version 7.4.4*
Pin-Priority: 1001

EOF

}

# pinning za ocsinventory da se ne nadogradi sa 2.0.5 na 2.4.2

fix_ocsinventory() {

   echo "CN: Dodajem pinning ocsinventory-agenta na inačicu 2.0.5..."
   test -f $PINFILE || touch $PINFILE

   cp-update ocsinventory-agent-cn $PINFILE <<EOF

Package: ocsinventory-agent
Pin: version 2:2.0.5*
Pin-Priority: 1001

EOF

}

# upgrade the IMAP server
upgrade_dovecot() {
 # Funkcija koju je dodao Valentin da popravi propuste u dovecot-cn
 # Mičem zaostale konfiguracije iz conf.d i izlazim prije njegovih akcija jer ubiju certifikate

 test -f /etc/dovecot/conf.d/95-cn6-upgrade.conf && mv /etc/dovecot/conf.d/95-cn6-upgrade.conf* /var/backups || true
 test -f /etc/dovecot/conf.d/95-cn7-upgrade.conf && mv /etc/dovecot/conf.d/95-cn7-upgrade.conf* /var/backups || true
 test -f /etc/dovecot/conf.d/95-cn8-upgrade.conf && mv /etc/dovecot/conf.d/95-cn8-upgrade.conf* /var/backups || true
 test -f /etc/dovecot/conf.d/95-cn9-upgrade.conf && mv /etc/dovecot/conf.d/95-cn9-upgrade.conf* /var/backups || true
   
 return 0

# ostatak se nikada ne izvrši

  local local_conf=/etc/dovecot/conf.d/95-${backup_ext}.conf

  if [ -f /etc/dovecot/conf.d/95-local -a ! -f $local_conf ]; then
     mv /etc/dovecot/conf.d/95-local $local_conf
     sed -i 's/\/usr\/lib\/dovecot\/modules\/imap/\/usr\/lib\/dovecot\/modules/g' $local_conf
     /etc/init.d/dovecot restart
  fi

  if [ ! -f $local_conf ]; then
     pkgrm dovecot-cn

     # restore config
     if [ ! -f /etc/dovecot/dovecot.conf.$backup_ext ]; then
        mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.$backup_ext
        cp /usr/share/dovecot/dovecot.conf /etc/dovecot/dovecot.conf
     fi

     # copy SSL certificates
     OLD_SSL_CERT="/etc/ssl/certs/dovecot.pem"
     OLD_SSL_KEY="/etc/ssl/private/dovecot.pem"
     SSL_CERT="/etc/dovecot/dovecot.pem"
     SSL_KEY="/etc/dovecot/private/dovecot.pem"
     if [ -f $OLD_SSL_CERT -a -f $OLD_SSL_KEY -a ! -f $SSL_CERT -a ! -f $SSL_KEY ]; then
        if [ ! -e /etc/dovecot/private ]; then
           install -d -o root -g root -m0700 /etc/dovecot/private
        fi

        cp -av $OLD_SSL_CERT $SSL_CERT
        cp -av $OLD_SSL_KEY $SSL_KEY

        chown root:dovecot $SSL_CERT
        chmod 0644 $SSL_CERT
        chown root:dovecot $SSL_KEY
        chmod 0600 $SSL_KEY
     fi

     # install new version and restore local changes
     pkgadd dovecot-core
     doveconf -n -c /etc/dovecot/dovecot.conf.$backup_ext > $local_conf
     sed -i 's/\/user\/lib\/dovecot\/modules\/imap/\/usr\/lib\/dovecot\/modules/g' $local_conf

     pkgadd dovecot-cn
  fi
}

# upgrade bind separately so DNS is not down for too long
# or breaks postinst scripts of other cn packages that depend on
# working resolver
upgrade_bind() {
  pkgadd bind9-cn
}

# handle fail2ban upgrade due to error:
# trying to overwrite '/etc/fail2ban/filter.d/dovecot.conf', which is also in package fail2ban-cn
upgrade_fail2ban() {
  if pkg fail2ban-cn && dpkg -L fail2ban-cn | grep -qF dovecot.conf; then
    pkgrm fail2ban-cn
    pkgadd fail2ban
    pkgadd fail2ban-cn
  fi
}

# manual upgrade of mailman to avoid two copies of mailman running
# first started by python upgrade and second started by mailman itself
upgrade_mailman() {
  if pkg mailman-cn lt 2:2.1.15~cn0; then
    /etc/init.d/mailman stop || true
    pkgadd python
    pkgadd mailman mailman-cn
  fi
}

# manual upgrade of kernel due to new packet name
upgrade_kernel() {
  if pkg kernel-2.6-cn; then
    pkgrm kernel-2.6-cn

    if pkg grub-pc; then
      pkgadd kernel-cn grub-pc
    else
      pkgadd kernel-cn
    fi
  fi
}

get_variable () {
  local name=$1 file=$2 val

  if [ -f "$file" ]; then
     val=$(sed -n "/^[[:space:]]*$name[[:space:]]*=/s/[[:space:]]*//gp" $file)
     val=${val#*=}
  fi

  echo $val
}

# switch to rsyslog
upgrade_syslog() {
  # libc6-dev prevents upgrade
  if pkg libc6-dev; then
     pkgrm libc6-dev
  fi

  pkgadd rsyslog
  dpkg -P sysklogd klogd > /dev/null 2>&1
}

# restore munin configs for silent upgrade
upgrade_munin () {
  local config backup hostname domain

  # new htmldir location
  if [ -d /var/www/munin -a ! -e /var/cache/munin/www ]; then
    mkdir -p /var/cache/munin
    mv /var/www/munin /var/cache/munin/www
  fi

  for pkg_name in munin munin-node; do
     pkg $pkg_name lt '1.4.5-3' || continue

     config=/etc/munin/$pkg_name.conf
     backup=$config.$backup_ext
     if [ -f $config -a ! -f $backup ]; then
        hostname=$(hostname)
        domain=$(hostname --domain)

        cp -av $config $backup
        check_and_sed "$hostname.$domain" \
          "s/$hostname.$domain/localhost.localdomain/g" $config
     fi
     pkgadd $pkg_name
  done

  # force localhost -> hostname replacement in config files
  pkgadd munin-cn
  dpkg-reconfigure munin-cn
}

check_archives_space() {
  local available_disk_space archives_size
  available_disk_space=$(free_space /var/cache/apt/archives/)
  archives_size=$(download_size dist-upgrade)

  if [ $? -ne 0 ]; then
    log "Failed to get download size, skipping check."
    return 0
  fi

  log "Archives space: ${available_disk_space}MB"
  log "Download size: ${archives_size}MB"

  if [ $available_disk_space -lt $archives_size ]; then
    log "carnet-upgrade aborted: not enough space in /var/cache/apt/archives/ (have ${available_disk_space}MB, need ${archives_size}MB)"
    notice "Premalo slobodnog mjesta u /var/cache/apt/archives/ za skidanje paketa (potrebno je barem ${archives_size}MB). Procitajte poglavlje 'Izvanredne situacije' u dokumentaciji."
    exit 1
  fi
}

# calculate the list of linux-image packages from kernel-cn dependencies
get_cn_kernels() {
  local cn_kernels linux_images metapkg pkg

  cn_kernels=
  linux_images=$(apt-cache show kernel-cn | grep ^Depends: \
    | grep -o 'linux-image[^, ]*')
  for metapkg in $linux_images; do
    pkg=$(apt-cache show $metapkg | grep ^Depends: \
          | grep -o 'linux-image[^, ]*' | head -1)
    [ "$pkg" ] && cn_kernels="$cn_kernels $pkg"
  done

  echo $cn_kernels
}

# check if there is enough space on / for the new kernel package
check_kernel_space() {
  local available_disk_space kernel_size linux_images pkg ret
  available_disk_space=$(free_space /)

  linux_images=$( get_cn_kernels )
  for pkg in $linux_images; do
    kernel_size=$(installed_size $pkg)
    ret=$?
    [ $ret -eq 0 ] && break
  done

  if [ $ret -ne 0 ]; then
    log "Failed to get installed size, skipping check."
    return 0
  fi

  log "Free space in /: ${available_disk_space}MB"
  log "Kernel package: $pkg"
  log "Kernel size: ${kernel_size}MB"

  if LC_ALL=C apt-get -s install kernel-cn 2>/dev/null \
     | grep -q '^kernel-cn is already the newest version.$'
  then
     log "Not checking free space in /: kernel-cn already installed"
     return
  fi

  if [ $available_disk_space -lt $kernel_size ]; then
    log "carnet-upgrade aborted: not enough space in / (have ${available_disk_space}MB, need ${kernel_size}MB)"
    notice "Premalo mjesta u / za instalaciju kernela (potrebno je barem ${kernel_size}MB). Procitajte poglavlje 'Izvanredne situacije' u dokumentaciji."
    exit 1
  fi
}

# free some space on / partition by cleaning old unused kernels
clean_old_kernels() {
  local installed keep pkg keep remove delete name dialog_list selection

  # find all installed kernels
  installed=$(
    dpkg -l | egrep '^ii  linux-image-[0-9]+[.][0-9]+[.][0-9]+-' \
    | awk '{print $2}'
  )
  log "Found kernel packages: $installed"

  # leave current and new kernels
  keep="linux-image-$(uname -r) $(get_cn_kernels)"
  log "Keep kernel packages: $keep"

  # check what to remove
  remove=
  for pkg in $installed; do
    delete=yes
    for name in $keep; do
      [ "$pkg" = "$name" ] && delete=
    done
    if [ "$delete" = yes ]; then
      remove="$remove $pkg"
    fi
  done
  log "Obsolete kernel packages: $remove"

  if [ "$remove" ]; then
    for pkg in $remove; do
      dialog_list="$dialog_list $pkg '' off"
    done

    # user selects the packages to delete
    selection=$( mktemp /var/lib/carnet-upgrade/selection.XXXXXX )
    eval LC_MESSAGES=hr_HR dialog --nocancel --backtitle \""$title"\" \
      --checklist \""$msg_remove_kernels"\" 20 75 6 $dialog_list 2>$selection

    selected=$( tr -d \" < $selection )
    rm -f $selection

    if [ "$selected" ]; then
      log "Removing kernel packages: $selected"
      pkgrm $selected
    fi
  fi
}

# prevent sysv-rc migration problems
clean_initd_packages() {
  local list removed pkg dialog_list selection selected

  list=$( dpkg -S /etc/init.d/\* | grep -v ^diversion | cut -d: -f1 | sort -u )
  removed=$( dpkg -l $list | sed -n 's/^r.[[:space:]]\+\([^[:space:]]\+\).*/\1/p' )
  log "Found removed packages: $removed"

  if [ "$removed" ]; then
    for pkg in $removed; do
      dialog_list="$dialog_list $pkg '' off"
    done

    # user selects the packages to delete
    selection=$( mktemp /var/lib/carnet-upgrade/selection.XXXXXX )
    eval LC_MESSAGES=hr_HR dialog --nocancel --backtitle \""$title"\" \
      --checklist \""$msg_remove_initd"\" 20 75 6 $dialog_list 2>$selection

    selected=$( tr -d \" < $selection )
    rm -f $selection

    if [ "$selected" ]; then
      log "Purging packages: $selected"
      dpkg -P $selected
    fi
  fi
}

free_space() {
  df --portability --block-size=1M "$1" | tail -1 | awk '{print $4}'
}

download_size() {
  local size
  size=$(LC_ALL=C apt-get --yes --print-uris "$@" | grep '^Need to get ')

  if [ $? -ne 0 ]; then
    log "Failed to get download size for 'apt-get $@'."
    return 1
  fi

  size=${size#Need to get }
  size=${size%%B*}

  size_to_mb "${size}B"
}

installed_size() {
  local package size
  package=$1
  size=$(apt-cache show $package | grep '^Installed-Size:')

  if [ $? -ne 0 ]; then
    log "Failed to get installed size for '$package'."
    return 1
  fi

  size=${size#*: }

  size_to_mb "${size}kB"
}

size_to_mb() {
  local size
  size=$1
  if [ -z "$size" ]; then
    size=0;
  fi

  if [ "${size%kB}" != "$size" ]; then
    size=$(round ${size%kB})
    size=$(($size/1024+1))
  elif [ "${size%MB}" != "$size" ]; then
    size=$(round ${size%MB})
  elif [ "${size%GB}" != "$size" ]; then
    size=$(round ${size%GB})
    size=$(($size*1024))
  elif [ "${size%[0-9]B}" != "$size" ]; then
    size=$(round ${size%B})
    size=$(($size/1024/1024+1))
  else
    log "unrecognized size unit: $size"
    return 1
  fi

  echo $size
}

round() {
  local num
  num=$1

  if [ "${num%.*}" != "$num" ]; then
    num=${num%.*}
    num=$(($num+1))
  fi

  echo $num
}

# make sure carnet-upgrade doesn't get upgraded until the end
hold_carnet_upgrade() {
  echo carnet-upgrade hold | dpkg --set-selections
}

release_carnet_upgrade() {
  echo carnet-upgrade install | dpkg --set-selections
}