Commit | Line | Data |
---|---|---|
f5f6d9ac MW |
1 | #! /usr/bin/python |
2 | ### | |
3 | ### Report on available package updates, including security updates. | |
4 | ||
5 | import time as T | |
6 | import os as OS | |
7 | import errno as E | |
8 | ||
9 | import apt_pkg as APT | |
10 | import apt.cache as AC | |
11 | ||
12 | ###-------------------------------------------------------------------------- | |
13 | ### Some utility functions. | |
14 | ||
15 | def cache_up_to_date_p(): | |
16 | """Answer whether the cache is up-to-date.""" | |
17 | ||
18 | ## I use the same stamp file as APT's standard periodic update service. | |
19 | ## This needs prodding via a hook in the APT configuration. | |
20 | now = T.time() | |
21 | try: | |
22 | last = OS.path.getmtime('/var/lib/apt/periodic/update-stamp') | |
23 | except OSError, err: | |
24 | if err.errno == E.ENOENT: | |
25 | return False | |
26 | return now - last < 86400 | |
27 | ||
28 | def upgradable_packages(): | |
29 | """Return a list of packages for which updates are available.""" | |
30 | cache = AC.Cache() | |
31 | return [pkg for pkg in cache if pkg.is_upgradable] | |
32 | ||
33 | def security_updates_p(pkg): | |
34 | """Answer whether any update for PKG is security-relevant.""" | |
35 | ||
36 | ## There doesn't seem to be a good way of doing this. For distributions | |
37 | ## like `testing', security updates are folded into the main distribution | |
38 | ## after the usual triage process, so they stop looking like security | |
39 | ## updates. Worse, for `unstable' there aren't distinct security updates | |
40 | ## anyway: they're all just thrown into the mixer. The good way to tell | |
41 | ## would be to fetch the changelog and look for urgent changes. Debian's | |
42 | ## Aptitude checks explicitly for `security.debian.org'. This check at | |
43 | ## least also captures Ubuntu. | |
44 | for v in pkg.versions: | |
45 | if v < pkg.installed: | |
46 | continue | |
47 | for o in v.origins: | |
48 | if o.site.startswith('security.'): | |
49 | return True | |
50 | return False | |
51 | ||
52 | ###-------------------------------------------------------------------------- | |
53 | ### Main program. | |
54 | ||
55 | if not cache_up_to_date_p(): | |
56 | print 'W: package cache is more than 24 hours of date' | |
57 | updates = upgradable_packages() | |
58 | if updates: | |
59 | plural = len(updates) != 1 | |
60 | print 'I: updates available for %d %s' % \ | |
61 | (len(updates), plural and 'packages' or 'package') | |
62 | sec = [pkg for pkg in updates if security_updates_p(pkg)] | |
63 | if sec: | |
64 | plural = len(sec) != 1 | |
65 | print 'W: security updates available for %d %s' % \ | |
66 | (len(sec), plural and 'packages' or 'package') | |
67 | ||
68 | ###----- That's all, folks -------------------------------------------------- |