~mdw / rcheck / blame
| Commit | Line | Data |
|---|---|---|
| f5f6d9ac MW |
1 | #! /usr/bin/python |
| 2 | ### | |
| 3 | ### Report on available package updates, including security updates. | |
| 4 | ||
| 5 | import time as T | |
| 6 | import os as OS | |
| 7 | import errno as E | |
| 8 | ||
| 9 | import apt_pkg as APT | |
| 10 | import apt.cache as AC | |
| 11 | ||
| 12 | ###-------------------------------------------------------------------------- | |
| 13 | ### Some utility functions. | |
| 14 | ||
| 15 | def cache_up_to_date_p(): | |
| 16 | """Answer whether the cache is up-to-date.""" | |
| 17 | ||
| 18 | ## I use the same stamp file as APT's standard periodic update service. | |
| 19 | ## This needs prodding via a hook in the APT configuration. | |
| 20 | now = T.time() | |
| 21 | try: | |
| 22 | last = OS.path.getmtime('/var/lib/apt/periodic/update-stamp') | |
| 23 | except OSError, err: | |
| 24 | if err.errno == E.ENOENT: | |
| 25 | return False | |
| 26 | return now - last < 86400 | |
| 27 | ||
| 28 | def upgradable_packages(): | |
| 29 | """Return a list of packages for which updates are available.""" | |
| 30 | cache = AC.Cache() | |
| 31 | return [pkg for pkg in cache if pkg.is_upgradable] | |
| 32 | ||
| 33 | def security_updates_p(pkg): | |
| 34 | """Answer whether any update for PKG is security-relevant.""" | |
| 35 | ||
| 36 | ## There doesn't seem to be a good way of doing this. For distributions | |
| 37 | ## like `testing', security updates are folded into the main distribution | |
| 38 | ## after the usual triage process, so they stop looking like security | |
| 39 | ## updates. Worse, for `unstable' there aren't distinct security updates | |
| 40 | ## anyway: they're all just thrown into the mixer. The good way to tell | |
| 41 | ## would be to fetch the changelog and look for urgent changes. Debian's | |
| 42 | ## Aptitude checks explicitly for `security.debian.org'. This check at | |
| 43 | ## least also captures Ubuntu. | |
| 44 | for v in pkg.versions: | |
| 45 | if v < pkg.installed: | |
| 46 | continue | |
| 47 | for o in v.origins: | |
| 48 | if o.site.startswith('security.'): | |
| 49 | return True | |
| 50 | return False | |
| 51 | ||
| 52 | ###-------------------------------------------------------------------------- | |
| 53 | ### Main program. | |
| 54 | ||
| 55 | if not cache_up_to_date_p(): | |
| 56 | print 'W: package cache is more than 24 hours of date' | |
| 57 | updates = upgradable_packages() | |
| 58 | if updates: | |
| 59 | plural = len(updates) != 1 | |
| 60 | print 'I: updates available for %d %s' % \ | |
| 61 | (len(updates), plural and 'packages' or 'package') | |
| 62 | sec = [pkg for pkg in updates if security_updates_p(pkg)] | |
| 63 | if sec: | |
| 64 | plural = len(sec) != 1 | |
| 65 | print 'W: security updates available for %d %s' % \ | |
| 66 | (len(sec), plural and 'packages' or 'package') | |
| 67 | ||
| 68 | ###----- That's all, folks -------------------------------------------------- |