#!/bin/bash
# ===============================================================
#
# PACKAGE MANAGER: YUM
# CentOS
#
# included by ../check_packages2install
#
# ---------------------------------------------------------------
# ah <axel.hahn@unibe.ch>
# 2022-06-03  v1.0  ah  first version
# 2022-06-07  v1.1  ah  add sudo for yum --bugfix check-update
#                       rename functions
# 2022-08-31  v1.2  ah  status line depends on os major version
# 2023-07-17  v1.3  ah  fix hiding obsolete packages
# 2023-08-24  v1.4  ah  centos9: update getStatusLine() + getSecurityCount
# 2023-08-25  v1.5  ah  centos9: fix package lists
# 2023-09-12  v1.6  ah  almalinux9: fix package lists
# 2023-10-20  v1.7  ah  harden sudo command execution
# ===============================================================


# ---------------------------------------------------------------
# command to list of updates
function yum.getUpdates(){
    sudo -n /usr/bin/yum -y check-update
}

# ---------------------------------------------------------------
# extract list of packages 2 install
# global  string  packagemanOut  output of update lister command
function yum.getPackageList(){
    # detect number of line containing "Obsoleting Packages"
    (if grep '^Obsoleting Packages' <<< "$packagemanOut" >/dev/null ; then
      local iStart=1
      local iEnd; typeset -i iEnd
      iEnd=$( echo "$packagemanOut" | grep -n '^Obsoleting Packages' | cut -f 1 -d ':' )-1
      echo "$packagemanOut" | sed -n ${iStart},${iEnd}p
    else
      echo "$packagemanOut"
    fi)  | grep -v "^Last metadata" | grep -i "[a-z]"
}

# ---------------------------------------------------------------
# get custom status
# global  string  packages2install  output of yum.getPackageList() - see ../check_packages2install
function yum.getStatusLine(){
  local _osversion
  typeset -i _osversion
  _osversion=$( ph.getOSMajor )

  case "$_osversion" in
    6|7)
      if ! sudo /usr/bin/yum --bugfix check-update 2>&1 | grep security; then
        echo "No update available (older version v$_osversion). rc = $?"
      fi
      ;;
    8)
      if ! sudo /usr/bin/yum --security check-update 2>&1 | grep "available" ; then
        echo "No update available. rc = $?"
      fi
      ;;
    9)
      local _total; _total=$( echo -n "${packages2install}" | wc -l )
      local _sec;     _sec=$( sudo /usr/bin/yum -y --security check-update \
          | grep -v "^Last" \
          | grep -v "^No security updates needed" \
          | grep -c "[a-z]" 
        )

      # create a status line like in former yum versions
      if [ -z "$_sec" ]; then
        echo "No packages needed for security; ${_total} packages available"
      else
        echo "$_sec package(s) needed for security, out of $_total available"
      fi
      ;;
    *)
      echo "see below ... version ${_osversion} not implemented yet..."
      ;;
  esac


}

# ---------------------------------------------------------------
# extract count of critical packages
# param  string  text to extract critical counter from
function yum.getSecurityCount(){
  local summary="$1"
  # example outputs:
  # I    No packages needed for security; 223 packages available
  # II   2 package(s) needed for security, out of 237 available
  # III  No security updates needed, but 61 updates available          << centos 8 stream
  # IV   [yum] No packages needed for security; 223 packages available << centos 9
  # V    [yum] 2 package(s) needed for security, out of 237 available  << centos 9
  echo "$summary" | cut -f 2  -d ' ' | sed "s#[^0-9]##g"
}

# ---------------------------------------------------------------