Scott Pinkelman bio photo

Scott Pinkelman

web development, data visualization, digital literacy

Twitter LinkedIn Github Email / PGP Key

Bash Script for Drush Security Updates

I have a VPS with a handful of sites on them; a few built with Wordpress, a few built with Drupal, and a few static sites. I periodically run security updates, but I’ve been practicing bash scripts lately, so I gave myself the task of automating security updates. In this script I use the wonderful drush utility to do security updates (modules and core) only, as I’ll wait for moments when I have more time updates all modules updates and test.

It’s very simple; I have another script that does backups, so I’m not doing them here. The main drush command

drush up --security-only

is interactive, so if you don’t want to go through with it you can just hit ‘n’.

# Script to do security updates only in Drupal 6 and Drupal 7 using drush version 6.2.0
# Note: drush up --security-only updates modules as well as core

# run `which drush` to find this path
# where your drupal sites live
echo "Scanning sites directory for Drupal installations"
cd $site_dir
for i in $(ls)
        a=$(readlink -f $i)
        # if your site files are in directories immediately
        # beneath your site_dir, i.e. /var/www/,
        # then you don't need to `cd public_html'
        # just use `cd $a` below
        cd $a && cd public_html
        echo $(pwd)
        status=$($drush status | wc -l)
        # Count the lines on drush status to see if it's
        # actually a drupal site
        if [[ $status -gt 7 ]]
                echo "Drupal site found"
                # `drush up` is interactive, so if you
                # don't want updates hit `n` for each site
                $drush up --security-only
                echo "No Drupal site found in this directory"
        cd $site_dir
echo "Done with Drupal Security Updates"

I use this on a handful of simple sites and it works for me. If you’re managing more complicated sites it might not be for you. Use at your own risk!

View on Github