#! /bin/bash
# @(#)(CAcert) $Id: pkg-conform,v 1.4 2019/08/04 07:31:57 wytze Exp $
# pkg-conform - bring set of installed OpenSUSE packages in conformance with
#		the desired state for the CAcert xxx server

TMPDIR=/tmp/pkg-conform.$$
mkdir ${TMPDIR}
trap "rm -rf ${TMPDIR}" 0 1 2 3 15

# BASE = packages in the base image
sort >${TMPDIR}/BASE <<\!
aaa_base
aaa_base-extras
acl
adjtimex
augeas-lenses
bash
bash-completion
bind-libs
bind-utils
binutils
boxbackup-client
branding-openSUSE
bridge-utils
bundle-lang-common-en
bzip2
ca-certificates
ca-certificates-mozilla
cantarell-fonts
coreutils
cpio
cpp
cpp48
cracklib
cracklib-dict-full
crda
cron
cronie
cryptsetup
curl
cyrus-sasl
dbus-1
dbus-1-x11
dconf
deltarpm
device-mapper
dhcpcd
diffutils
dirmngr
dracut
e2fsprogs
elfutils
ethtool
expat
file
file-magic
filesystem
fillup
findutils
fipscheck
gawk
gcc
gcc-c++
gcc48
gcc48-c++
gio-branding-openSUSE
glib-networking
glib-networking-lang
glib2-tools
glibc
glibc-devel
glibc-extra
glibc-locale
gmp-devel
gpg-pubkey
gpg2
grep
gsettings-backend-dconf
gsettings-desktop-schemas
gzip
hardlink
info
insserv-compat
iproute2
iptables
iputils
kbd
kernel-xen
klogd
kmod
kmod-compat
kpartx
krb5
ldns
ldns-devel
less
libICE6
libSM6
libX11-6
libX11-data
libXau6
libXext6
libXmuu1
libXt6
libacl1
libadns1
libapparmor1
libasan0
libasm1
libassuan0
libatomic1-gcc49
libattr1
libaudit1
libaugeas0
libblkid1
libbotan-1_10-0
libbotan-devel
libbz2-1
libbz2-devel
libcap-ng0
libcap2
libcloog-isl4
libcom_err2
libcrack2
libcroco-0_6-3
libcryptsetup4
libcurl4
libdb-4_8
libdbus-1-3
libdconf1
libdw1
libedit0
libelf0
libelf1
libestr0
libexpat1
libext2fs2
libffi4
libfipscheck1
libgc1
libgcc_s1
libgcrypt20
libgdbm4
libgio-2_0-0
libglib-2_0-0
libgmodule-2_0-0
libgmp10
libgmpxx4
libgnutls28
libgobject-2_0-0
libgomp1-gcc49
libgpg-error0
libgsasl-lang
libgsasl7
libgudev-1_0-0
libhogweed2
libidn11
libiptc0
libisl10
libitm1-gcc49
libjson-c2
libkeyutils1
libkmod2
libksba8
libldap-2_4-2
libldapcpp1
libldns1
liblogging0
liblua5_1
liblzma5
libmagic1
libmetalink3
libmnl0
libmodman1
libmount1
libmpc3
libmpfr4
libncurses5
libncurses6
libnetfilter_conntrack3
libnettle4
libnfnetlink0
libnl-config
libnl3-200
libntlm0
libopenssl-devel
libopenssl1_0_0
libp11-kit0
libpcap1
libpci3
libpcre1
libpopt0
libprocps3
libproxy1
libpth20
libpwquality1
libpython2_7-1_0
libqrencode3
libreadline6
libreiserfscore0
libsasl2-3
libseccomp2
libselinux1
libsemanage1
libsepol1
libsgutils2-2
libsmartcols1
libsmi
libsmi2
libsolv-tools
libsqlite3-0
libssh2-1
libstdc++48-devel
libstdc++6
libtasn1
libtasn1-6
libtirpc1
libtsan0-gcc49
libudev1
libusb-0_1-4
libusb-1_0-0
libustr-1_0-1
libutempter0
libuuid1
libwicked-0-6
libwrap0
libx86emu1
libxcb1
libxml2-2
libxml2-devel
libxml2-tools
libxtables10
libyaml-0-2
libz1
libzio1
libzypp
linux-glibc-devel
logrotate
lsb-release
lsof
mailx
make
mingetty
msmtp
ncurses-devel
ncurses-utils
net-tools
netcfg
openSUSE-release
openSUSE-release-ftp
openslp
openssh
openssh-askpass
openssh-helpers
openssl
p11-kit
p11-kit-tools
pam
pam-config
patch
pciutils
pciutils-ids
perl
perl-Bootloader
perl-base
perl-gettext
permissions
pigz
pinentry
pkg-config
postfix
procps
psutils
python
python-base
python-devel
rcs
readline-devel
readline-doc
reiserfs
rpm
rsync
rsyslog
sed
sg3_utils
shadow
shared-mime-info
site-config
sqlite3
sqlite3-devel
sudo
suse-module-tools
sysconfig
sysconfig-netconfig
sysfsutils
syslog-service
systemd
systemd-bash-completion
systemd-presets-branding-openSUSE
systemd-sysvinit
sysvinit-tools
tack
tar
tcpdump
terminfo-base
time
timezone
traceroute
tunctl
ucode-amd
udev
update-alternatives
util-linux
util-linux-systemd
vim
vim-data
vlan
wallpaper-branding-openSUSE
wget
which
wicked
wicked-service
wireless-regdb
xauth
xfsprogs
xtables-plugins
xz
xz-devel
zlib-devel
zypper
zypper-aptitude
zypper-log
!

# EXTRA = packages to be added for the server
sort >>${TMPDIR}/EXTRA <<\!
!

# DELETE = packages to be removed from the server
sort >>${TMPDIR}/DELETE <<\!
!

# GOAL = complete list of packages required on the server
sort ${TMPDIR}/BASE ${TMPDIR}/EXTRA |\
grep -h -v -f ${TMPDIR}/DELETE >${TMPDIR}/GOAL

# CURRENT = packages currently installed on the server
rpm -qa --qf '%{NAME}\n' |\
sort >${TMPDIR}/CURRENT

REMOVE=`comm -13 ${TMPDIR}/GOAL ${TMPDIR}/CURRENT`
if [ -n "${REMOVE}" ]
then
	echo "The following packages will be removed from the system:"
	for pkg in ${REMOVE}
	do
		echo "	${pkg}"
	done
	zypper remove ${REMOVE}
else
	echo "No packages need to be removed from the system"
fi

ADD=`comm -23 ${TMPDIR}/GOAL ${TMPDIR}/CURRENT`
if [ -n "${ADD}" ]
then
	echo "The following packages will be installed on the system:"
	for pkg in ${ADD}
	do
		echo "	${pkg}"
	done
	zypper install ${ADD}
else
	echo "No packages need to be installed on the system"
fi