#! /bin/bash
# @(#)(CAcert) $Id: pkg-conform,v 1.5 2016/08/01 14:46:01 wytze Exp $
# pkg-conform - bring set of installed OpenSUSE packages in conformance with
#		the desired state for the CAcert xxx server

TMPDIR=/tmp/pkg-conform.$$
mkdir ${TMPDIR}
trap "rm -rf ${TMPDIR}" 0 1 2 3 15

# BASE = packages in the base image
sort >${TMPDIR}/BASE <<\!
aaa_base
aaa_base-extras
acl
adjtimex
augeas-lenses
bash
bash-completion
binutils
boxbackup-client
branding-openSUSE
bridge-utils
bundle-lang-common-en
bzip2
ca-certificates
ca-certificates-mozilla
cantarell-fonts
coreutils
cpio
cracklib
cracklib-dict-full
crda
cron
cronie
cryptsetup
curl
cyrus-sasl
dbus-1
dbus-1-x11
dconf
deltarpm
device-mapper
dhcpcd
diffutils
dirmngr
dracut
e2fsprogs
elfutils
ethtool
expat
file
file-magic
filesystem
fillup
findutils
fipscheck
gawk
gio-branding-openSUSE
glib2-tools
glibc
glibc-extra
glibc-locale
glib-networking
glib-networking-lang
gpg2
gpg-pubkey
grep
gsettings-backend-dconf
gsettings-desktop-schemas
gzip
hardlink
info
insserv-compat
iproute2
iptables
iputils
kbd
kernel-xen
klogd
kmod
kmod-compat
kpartx
krb5
less
libacl1
libadns1
libapparmor1
libasm1
libassuan0
libattr1
libaudit1
libaugeas0
libblkid1
libbz2-1
libcap2
libcap-ng0
libcom_err2
libcrack2
libcroco-0_6-3
libcryptsetup4
libcurl4
libdb-4_8
libdbus-1-3
libdconf1
libdw1
libedit0
libelf0
libelf1
libestr0
libexpat1
libext2fs2
libffi4
libfipscheck1
libgc1
libgcc_s1
libgcrypt20
libgdbm4
libgio-2_0-0
libglib-2_0-0
libgmodule-2_0-0
libgmp10
libgnutls28
libgobject-2_0-0
libgpg-error0
libgsasl7
libgsasl-lang
libgudev-1_0-0
libhogweed2
libICE6
libidn11
libiptc0
libjson-c2
libkeyutils1
libkmod2
libksba8
libldap-2_4-2
libldapcpp1
liblogging0
liblua5_1
liblzma5
libmagic1
libmetalink3
libmnl0
libmodman1
libmount1
libncurses5
libncurses6
libnetfilter_conntrack3
libnettle4
libnfnetlink0
libnl3-200
libnl-config
libntlm0
libopenssl1_0_0
libp11-kit0
libpci3
libpcre1
libpopt0
libprocps3
libproxy1
libpth20
libpwquality1
libpython2_7-1_0
libqrencode3
libreadline6
libreiserfscore0
libsasl2-3
libseccomp2
libselinux1
libsemanage1
libsepol1
libsgutils2-2
libSM6
libsmartcols1
libsolv-tools
libsqlite3-0
libssh2-1
libstdc++6
libtasn1
libtasn1-6
libtirpc1
libudev1
libusb-0_1-4
libusb-1_0-0
libustr-1_0-1
libutempter0
libuuid1
libwicked-0-6
libwrap0
libX11-6
libX11-data
libx86emu1
libXau6
libxcb1
libxml2-2
libXt6
libxtables10
libyaml-0-2
libz1
libzio1
libzypp
logrotate
lsb-release
lsof
mailx
mingetty
msmtp
ncurses-utils
netcfg
net-tools
openslp
openssh
openssh-askpass
openssh-helpers
openssl
openSUSE-release
openSUSE-release-ftp
p11-kit
p11-kit-tools
pam
pam-config
pciutils
pciutils-ids
perl
perl-base
perl-Bootloader
perl-gettext
permissions
pigz
pinentry
pkg-config
postfix
procps
psutils
python
python-base
rcs
reiserfs
rpm
rsync
rsyslog
sed
sg3_utils
shadow
shared-mime-info
sudo
suse-module-tools
sysconfig
sysconfig-netconfig
sysfsutils
syslog-service
systemd
systemd-bash-completion
systemd-presets-branding-openSUSE
systemd-sysvinit
sysvinit-tools
tar
terminfo-base
time
timezone
traceroute
tunctl
ucode-amd
udev
update-alternatives
util-linux
util-linux-systemd
vim
vim-data
vlan
wallpaper-branding-openSUSE
wget
which
wicked
wicked-service
wireless-regdb
xfsprogs
xtables-plugins
xz
zypper
zypper-aptitude
zypper-log
!

# EXTRA = packages to be added for the server
sort >>${TMPDIR}/EXTRA <<\!
!

# DELETE = packages to be removed from the server
sort >>${TMPDIR}/DELETE <<\!
!

# GOAL = complete list of packages required on the server
sort ${TMPDIR}/BASE ${TMPDIR}/EXTRA |\
grep -h -v -f ${TMPDIR}/DELETE >${TMPDIR}/GOAL

# CURRENT = packages currently installed on the server
rpm -qa --qf '%{NAME}\n' |\
sort >${TMPDIR}/CURRENT

REMOVE=`comm -13 ${TMPDIR}/GOAL ${TMPDIR}/CURRENT`
if [ -n "${REMOVE}" ]
then
	echo "The following packages will be removed from the system:"
	for pkg in ${REMOVE}
	do
		echo "	${pkg}"
	done
	zypper remove ${REMOVE}
else
	echo "No packages need to be removed from the system"
fi

ADD=`comm -23 ${TMPDIR}/GOAL ${TMPDIR}/CURRENT`
if [ -n "${ADD}" ]
then
	echo "The following packages will be installed on the system:"
	for pkg in ${ADD}
	do
		echo "	${pkg}"
	done
	zypper install ${ADD}
else
	echo "No packages need to be installed on the system"
fi