#!/bin/bash installDebianUbuntu() { if [[ "$OS_TYPE" == "Ubuntu" || "$OS_TYPE" == "Debian" ]]; then # OS package management needs real root. A root install runs apt directly # (and bootstraps sudo itself on a bare box); the hardened de-sudo manager # is deliberately NOT granted `sudo apt` — the LP_SYSTEM sudoers allowlist # scopes systemctl/ufw/sysctl/loginctl/service, never apt. So at manager # runtime skip cleanly instead of logging apt permission failures (exit # 100) on every preinstall pass; OS/security updates are a host / # install-time concern there. `priv` is the privilege prefix: empty when # we're already root, "sudo" only where sudo-apt is actually permitted. local priv="" if [[ $EUID -ne 0 ]]; then if sudo -n apt-get --version >/dev/null 2>&1; then priv="sudo" else isNotice "OS package updates need root and aren't permitted for the manager — skipping (handled at install time / by the host)." return 0 fi fi if checkIfOSUpdateShouldRun; then installed_apps="apt install curl dialog pv wget git zip htop sqlite3 pv sshpass rsync acl apache2-utils inotify-tools jq p7zip*" isNotice "Installing System Updates... this may take a while." if [[ "$OS_TYPE" == "Debian" ]]; then export DEBIAN_FRONTEND="noninteractive" fi local result; result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 $priv apt update -qq 2>&1 && DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 $priv apt install sudo -yqq 2>&1 && $priv apt-get autoclean 2>&1) checkSuccess "Updating System Operating system." local result; result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 $priv apt update -qq 2>&1) checkSuccess "Running application update" local result; result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 $priv $installed_apps -yqq 2>&1) checkSuccess "Installing system applications" else isNotice "System Updates already ran within the last ${CFG_UPDATER_CHECK} minutes, skipping..." fi $priv mkdir -p "$(dirname "$sysctl")" $priv touch $sysctl fi }