Automatic package update nagging with apticron
Posted by JacobAppelbaum on Wed 24 Jan 2007 at 11:21
apticron is a simple shell script that is called from cron once a day.
faustus:~# apt-get install apticron Reading Package Lists... Done Building Dependency Tree... Done The following extra packages will be installed: apt-listchanges python-apt Suggested packages: x-terminal-emulator The following NEW packages will be installed: apt-listchanges apticron python-apt 0 upgraded, 3 newly installed, 0 to remove and 7 not upgraded. Need to get 105kB of archives. After unpacking 389kB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://mirrors.kernel.org stable/main python-apt 0.5.10 [41.5kB] Get:2 http://mirrors.kernel.org stable/main apt-listchanges 2.59-0.2 [56.0kB] Get:3 http://mirrors.kernel.org stable/main apticron 1.1.12 [7332B] Fetched 105kB in 26s (3897B/s) Preconfiguring packages ...You'll be prompted to configure apt-listchanges first. You'll be asked how you want display package changes. I selected text as I find it the least intrusive.
Next you'll be prompted to configure apt-listchanges. Enter the email where you wish to receive package update information.
The package will finish installing:
Selecting previously deselected package apt-listchanges. (Reading database ... 57554 files and directories currently installed.) Unpacking apt-listchanges (from .../apt-listchanges_2.59-0.2_all.deb) ... Selecting previously deselected package apticron. Unpacking apticron (from .../apticron_1.1.12_all.deb) ... Setting up apt-listchanges (2.59-0.2) ... Creating config file /etc/apt/listchanges.conf with new version Setting up apticron (1.1.12) ...Now apticron should send emails once a day when there are new packages available. A sample of such an email looks like this:
apticron report [Fri, 19 Jan 2007 18:42:01 -0800]
========================================================================
apticron has detected that some packages need upgrading on:
faustus.example.com
[ 1.2.3.4 ]
The following packages are currently pending an upgrade:
xfree86-common 4.3.0.dfsg.1-14sarge3
libice6 4.3.0.dfsg.1-14sarge3
libsm6 4.3.0.dfsg.1-14sarge3
xlibs-data 4.3.0.dfsg.1-14sarge3
libx11-6 4.3.0.dfsg.1-14sarge3
libxext6 4.3.0.dfsg.1-14sarge3
libxpm4 4.3.0.dfsg.1-14sarge3
========================================================================
Package Details:
Reading changelogs...
--- Changes for xfree86 (xfree86-common libice6 libsm6 xlibs-data libx11-6 libxext6 libxpm4) ---
xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high
* Non-maintainer update by the Security Team:
Fixes several vulnerabilities reported by iDefense
(CVE-2006-6101, CVE-2006-6102, CVE-2006-6103)
-- Moritz Muehlenhoff Sun, 7 Jan 2007 13:31:35 +0000
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on faustus.example.com
It is recommended that you simulate the upgrade first to confirm that
the actions that would be taken are reasonable. The upgrade may be
simulated by issuing the command:
apt-get -s dist-upgrade
-- apticron
Take a look in the following shell scripts if you're interested in seeing how it's executed by cron or how it accomplishes such useful nagging:
/etc/cron.daily/apticron /usr/sbin/apticronapticron won't give output if there aren't packages to update. If you know you have some needed upgrades, you can easily run apticron as cron would to see if its working as expected:
faustus:~# /etc/cron.daily/apticronOther relevant and related configuration files to explore:
/etc/apticron/apticron.conf /etc/apt/listchanges.conf /etc/apt/apt.conf.d/20listchanges
Posted by Anonymous (217.83.xx.xx) on Wed 24 Jan 2007 at 14:44
I'm using cron-apt for that.
This is probalby doing the same, isnt't it?
What i like most about it, is that i can let cron-apt use different sources list as well.
so my sources.list stays the same, everything stable. But at night cron-apt runs one time with my original sources.list and 1 hour later it runs again but with a sources list, let's say testing.list, that checks if any of my packets from testing also need to be upgraded.
This is probalby doing the same, isnt't it?
What i like most about it, is that i can let cron-apt use different sources list as well.
so my sources.list stays the same, everything stable. But at night cron-apt runs one time with my original sources.list and 1 hour later it runs again but with a sources list, let's say testing.list, that checks if any of my packets from testing also need to be upgraded.
[ Parent | Reply to this comment ]
You should write an article about cron-apt and contrast it with apticron! :-)
[ Parent | Reply to this comment ]
Posted by Anonymous (83.7.xx.xx) on Wed 24 Jan 2007 at 17:48
My method for an automatic packet update is a simple script running from crontab at the night. The script downloads all available actualisations and if there are any - it sends to me an e-mail message.
Simple and good working from years ;)
---
#!/bin/bash
apt-get update > /dev/null
apt-get upgrade -d -y | grep "Download complete" >/dev/null && mail -s "There are actualisactions for /my_machie_name/" my@email.address < /path/to/mail_message_body
---
Simple and good working from years ;)
---
#!/bin/bash
apt-get update > /dev/null
apt-get upgrade -d -y | grep "Download complete" >/dev/null && mail -s "There are actualisactions for /my_machie_name/" my@email.address < /path/to/mail_message_body
---
[ Parent | Reply to this comment ]
Ports of the Ubuntu update manager are available in etch (packages update-manager and update-notifier are the important parts), and i find they work really well. My only question is: it uses synaptic internally - does this use aptitude, or apt-get, or its own library to manipulate apt?
[ Parent | Reply to this comment ]
This uses apt-get, apt-cache, and apt-listchanges internally.
[ Parent | Reply to this comment ]
I wonder how well this will work if i normally use aptitude from the command line, then... :-|
[ Parent | Reply to this comment ]
As long as you update the packages with aptitude, I suspect it's going to make no difference at all. It doesn't do very much. It updates the package list and then sends you email about out of date packages. These are pretty universal operations. You could easily make the script use aptitude if you want to hack on it.
I think another more useful hack would be to sign/encrypt the emails with gpg.
I think another more useful hack would be to sign/encrypt the emails with gpg.
[ Parent | Reply to this comment ]
Posted by Anonymous (217.43.xx.xx) on Wed 31 Jan 2007 at 16:07
Another option is the check_debian_packages script. Put it in a crontab and you'll get updates when ever a newer version's ready. It'll also play nice with Nagios if you want to monitor lots of machines.
[ Parent | Reply to this comment ]
Anyone know if you can get apt-listchanges or apticron to keep quiet about packages manually set to hold?
[ Parent | Reply to this comment ]