@echo off cd /d %~dp0 rem ====================================== rem Rev.1 RASG(abe) 自動セキュリティパッチ適用(Developer options追加) rem ====================================== SETLOCAL enabledelayedexpansion set WORKDIR=C:\DKC200\others\mssp\log\ set TMPFILE_INSTALLED=%WORKDIR%patchlist.txt set TMPFILE_MEDIA=%WORKDIR%patchlist_all.txt set ERRORCHECK=0 set OPTIONALL=-all set EXCEPTFILE=%~dp0except.txt rem >>>>> Rev.1 ::Patch格納情報 set BAT_DIR=C:\SecurityPatch\bat\ set MEDIA_DIR=C:\SecurityPatch\media\ ::オプション(初期値はautoモードでない) set OPTIONAUTO=-auto set autoMode= ::ファイル定義 set FTPCMD_CHECKFILE=ftpcmd_check.txt set FTPCMD_CHECK_RESULT_TMP=ftpcmd_check_result_tmp.txt set RESULTFILE_AUTO=Result.txt ::logファイル set LOG_FILE=updateSeclog.txt rem <<<<< Rev.1 if not EXIST %WORKDIR% ( mkdir %WORKDIR% ) rem >>>>> Rev.1 ::自動セキュリティパッチ適用であるか確認 if "%OPTIONAUTO%"=="%2" ( echo %date%%time% [SECURITY PATCH CHECK AUTO MODE] >> %BAT_DIR%%LOG_FILE% set autoMode=%OPTIONAUTO% ) ::Resultファイルが存在するなら削除 if "!autoMode!"=="%OPTIONAUTO%" ( if EXIST %BAT_DIR%%RESULTFILE_AUTO% ( echo %date%%time% [%BAT_DIR%%RESULTFILE_AUTO% Delete] >> %BAT_DIR%%LOG_FILE% del /q %BAT_DIR%%RESULTFILE_AUTO% ) ) rem <<<<< Rev.1 rem Patchの一覧出力 wmic qfe >%TMPFILE_INSTALLED% rem 同梱されているPatchの一覧を出力 rem >>>>> Rev.1 ::AutoModeの場合は、パッチ格納サーバのPatch一覧を取得する if "!autoMode!"=="%OPTIONAUTO%" ( echo %date%%time% [GET PATCH LIST Start] >> %BAT_DIR%%LOG_FILE% ftp -s:%BAT_DIR%%FTPCMD_CHECKFILE% rem ftp接続し取得したPatch一覧をコピーする copy %BAT_DIR%%FTPCMD_CHECK_RESULT_TMP% %TMPFILE_MEDIA% del /q %BAT_DIR%%FTPCMD_CHECK_RESULT_TMP% echo %date%%time% [GET PATCH LIST End] >> %BAT_DIR%%LOG_FILE% ) else ( rem <<<<< Rev.1 dir %~dp0*.msu /b /a-d > %TMPFILE_MEDIA% 2>NUL ) rem オプションの引数を確認 if "%OPTIONALL%"=="%1" ( CALL :ALL if !ERRORLEVEL!==1 GOTO :ERROREND GOTO :END ) else ( CALL :NORMAL if !ERRORLEVEL!==1 GOTO :ERROREND GOTO :END ) :NORMAL rem NGの結果のみ出力する FOR /F "tokens=2,4 delims=-" %%a IN (%TMPFILE_MEDIA%) DO ( set target=%%a if "!target:kb=!" == "!target!" ( set target=%%b if "!target:kb=!" == "!target!" ( echo Invalid patch exists. exit /b 2 ) ) find /I "!target!" %EXCEPTFILE% >NUL if !ERRORLEVEL!==0 ( rem 例外リスト内のパッチは確認不要 rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( echo %date%%time% [!target! EXCEPT] >> %BAT_DIR%%LOG_FILE% ) rem <<<<< Rev.1 ) else ( find /I "!target!" %TMPFILE_INSTALLED% >NUL if !ERRORLEVEL!==0 ( rem echo !target! OK ) else ( echo !target! NG rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( echo !target! NG >> %BAT_DIR%%RESULTFILE_AUTO% 2>NUL echo %date%%time% [!target! NG] >> %BAT_DIR%%LOG_FILE% ) rem <<<<< Rev.1 set /A ERRORCHECK=ERRORCHECK+1 ) ) ) EXIT /b 0 :ALL rem OK/NGの両方の結果を出力する FOR /F "tokens=2,4 delims=-" %%a IN (%TMPFILE_MEDIA%) DO ( set target=%%a if "!target:kb=!" == "!target!" ( set target=%%b if "!target:kb=!" == "!target!" ( echo Invalid patch exists. exit /b 2 ) ) find /I "!target!" %EXCEPTFILE% >NUL if !ERRORLEVEL!==0 ( rem 例外リスト内のパッチは確認不要 rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( echo %date%%time% [!target! EXCEPT] >> %BAT_DIR%%LOG_FILE% ) rem <<<<< Rev.1 ) else ( find /I "!target!" %TMPFILE_INSTALLED% >NUL if !ERRORLEVEL!==0 ( echo !target! OK rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( echo !target! OK >> %BAT_DIR%%RESULTFILE_AUTO% 2>NUL echo %date%%time% [!target! OK] >> %BAT_DIR%%LOG_FILE% ) rem <<<<< Rev.1 ) else ( echo !target! NG rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( echo !target! NG >> %BAT_DIR%%RESULTFILE_AUTO% 2>NUL echo %date%%time% [!target! NG] >> %BAT_DIR%%LOG_FILE% ) rem <<<<< Rev.1 set /A ERRORCHECK=ERRORCHECK+1 ) ) ) EXIT /b 0 :END rem 最終結果の確認 if %ERRORCHECK%==0 ( echo The patches are applied successfully. ) else ( echo Some pathces are not applied. ) rem >>>>> Rev.1 ::NGがない場合はCompletedを上書きする if "!autoMode!"=="%OPTIONAUTO%" ( if "!ERRORCHECK!"=="0" ( echo %date%%time% [WRITE Completed] >> %BAT_DIR%%LOG_FILE% echo Completed > %BAT_DIR%%RESULTFILE_AUTO% 2>NUL ) ) rem <<<<< Rev.1 rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( rem pauseしない ) else ( rem <<<<< Rev.1 pause ) EXIT /b 0 :ERROREND echo An error occured. rem >>>>> Rev.1 if "!autoMode!"=="%OPTIONAUTO%" ( echo %date%%time% [ERROR OCCURED] >> %BAT_DIR%%LOG_FILE% rem pauseしない ) else ( rem <<<<< Rev.1 pause ) EXIT /b 0