HEX
Server: Apache
System: Linux eisbus 6.8.12-9-pve #1 SMP PREEMPT_DYNAMIC PMX 6.8.12-9 (2025-03-16T19:18Z) x86_64
User: www-data (33)
PHP: 8.2.29
Disabled: NONE
$ pwd: /lib/inithooks/firstboot.d/
Upload Files
File: //lib/inithooks/firstboot.d/95secupdates
#!/bin/bash -e
# install security updates
# SEC_UPDATES: SKIP, FORCE (if none specified, will be interactive)

. /etc/default/inithooks
[ -e $INITHOOKS_CONF ] && . $INITHOOKS_CONF

# exit if running live
grep -qs boot=live /proc/cmdline && exit 2

install_updates() {
    # if registered with hub, update with status
    if grep SERVERID= /var/lib/hubclient/server.conf -q -s; then
        hubclient-status sec-updates
    fi

    LOGFILE=/var/log/cron-apt/log
    # containers won't have /lib/modules; sending stderr to /dev/null avoids
    # displaying error message about missing path
    OLDMD5=$(ls -la /lib/modules /boot 2>/dev/null | md5sum)
    for actionfile in /etc/cron-apt/action.d/*; do
        while read aptcmd; do
            aptcmd=$(echo $aptcmd | sed "s|-q||")
            aptcmd=$(echo $aptcmd | sed "s|-o quiet=.*||")
            DEBIAN_FRONTEND=noninteractive apt-get $aptcmd | tee -a $LOGFILE
        done < $actionfile
    done
    # per above note re containers
    NEWMD5=$(ls -la /lib/modules /boot 2>/dev/null | md5sum)
    if [ "$NEWMD5" != "$OLDMD5" ]; then
        chmod +x $INITHOOKS_PATH/firstboot.d/99reboot
    fi
}

[ "$SEC_UPDATES" == "SKIP" ] && exit 0

if [ "$SEC_UPDATES" == "FORCE" ]; then
    install_updates
else
    $INITHOOKS_PATH/bin/secupdates-ask.py && install_updates
fi

exit 0
@ Telegram