]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/sh | |
2 | #set -e | |
3 | # | |
4 | # This file understands the following apt configuration variables: | |
5 | # Values here are the default. | |
6 | # Create /etc/apt/apt.conf.d/10periodic file to set your preference. | |
7 | # | |
8 | # Dir "/"; | |
9 | # - RootDir for all configuration files | |
10 | # | |
11 | # Dir::Cache "var/cache/apt/"; | |
12 | # - Set apt package cache directory | |
13 | # | |
14 | # Dir::Cache::Archives "archives/"; | |
15 | # - Set package archive directory | |
16 | # | |
17 | # APT::Periodic::Enable "1"; | |
18 | # - Enable the update/upgrade script (0=disable) | |
19 | # | |
20 | # APT::Periodic::BackupArchiveInterval "0"; | |
21 | # - Backup after n-days if archive contents changed.(0=disable) | |
22 | # | |
23 | # APT::Periodic::BackupLevel "3"; | |
24 | # - Backup level.(0=disable), 1 is invalid. | |
25 | # | |
26 | # Dir::Cache::Backup "backup/"; | |
27 | # - Set periodic package backup directory | |
28 | # | |
29 | # APT::Archives::MaxAge "0"; (old, deprecated) | |
30 | # APT::Periodic::MaxAge "0"; (new) | |
31 | # - Set maximum allowed age of a cache package file. If a cache | |
32 | # package file is older it is deleted (0=disable) | |
33 | # | |
34 | # APT::Archives::MinAge "2"; (old, deprecated) | |
35 | # APT::Periodic::MinAge "2"; (new) | |
36 | # - Set minimum age of a package file. If a file is younger it | |
37 | # will not be deleted (0=disable). Useful to prevent races | |
38 | # and to keep backups of the packages for emergency. | |
39 | # | |
40 | # APT::Archives::MaxSize "0"; (old, deprecated) | |
41 | # APT::Periodic::MaxSize "0"; (new) | |
42 | # - Set maximum size of the cache in MB (0=disable). If the cache | |
43 | # is bigger, cached package files are deleted until the size | |
44 | # requirement is met (the oldest packages will be deleted | |
45 | # first). | |
46 | # | |
47 | # APT::Periodic::Update-Package-Lists "0"; | |
48 | # - Do "apt-get update" automatically every n-days (0=disable) | |
49 | # | |
50 | # APT::Periodic::Download-Upgradeable-Packages "0"; | |
51 | # - Do "apt-get upgrade --download-only" every n-days (0=disable) | |
52 | # | |
53 | # APT::Periodic::Download-Upgradeable-Packages-Debdelta "1"; | |
54 | # - Use debdelta-upgrade to download updates if available (0=disable) | |
55 | # | |
56 | # APT::Periodic::Unattended-Upgrade "0"; | |
57 | # - Run the "unattended-upgrade" security upgrade script | |
58 | # every n-days (0=disabled) | |
59 | # Requires the package "unattended-upgrades" and will write | |
60 | # a log in /var/log/unattended-upgrades | |
61 | # | |
62 | # APT::Periodic::AutocleanInterval "0"; | |
63 | # - Do "apt-get autoclean" every n-days (0=disable) | |
64 | # | |
65 | # APT::Periodic::CleanInterval "0"; | |
66 | # - Do "apt-get clean" every n-days (0=disable) | |
67 | # | |
68 | # APT::Periodic::Verbose "0"; | |
69 | # - Send report mail to root | |
70 | # 0: no report (or null string) | |
71 | # 1: progress report (actually any string) | |
72 | # 2: + command outputs (remove -qq, remove 2>/dev/null, add -d) | |
73 | # 3: + trace on | |
74 | # | |
75 | # APT::Periodic::RandomSleep "1800"; | |
76 | # - The apt cron job will delay its execution by a random | |
77 | # time span between zero and 'APT::Periodic::RandomSleep' | |
78 | # seconds. | |
79 | # This is done because otherwise everyone would access the | |
80 | # mirror servers at the same time and put them collectively | |
81 | # under very high strain. | |
82 | # You can set this to '0' if you are using a local mirror and | |
83 | # do not care about the load spikes. | |
84 | # Note that sleeping in the apt job will be delaying the | |
85 | # execution of all subsequent cron.daily jobs. | |
86 | # | |
87 | ||
88 | check_stamp() | |
89 | { | |
90 | stamp="$1" | |
91 | interval="$2" | |
92 | ||
93 | if [ $interval -eq 0 ]; then | |
94 | debug_echo "check_stamp: interval=0" | |
95 | # treat as no time has passed | |
96 | return 1 | |
97 | fi | |
98 | ||
99 | if [ ! -f $stamp ]; then | |
100 | debug_echo "check_stamp: missing time stamp file: $stamp." | |
101 | # treat as enough time has passed | |
102 | return 0 | |
103 | fi | |
104 | ||
105 | # compare midnight today to midnight the day the stamp was updated | |
106 | stamp_file="$stamp" | |
107 | stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null) | |
108 | if [ "$?" != "0" ]; then | |
109 | # Due to some timezones returning 'invalid date' for midnight on | |
110 | # certain dates (e.g. America/Sao_Paulo), if date returns with error | |
111 | # remove the stamp file and return 0. See coreutils bug: | |
112 | # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html | |
113 | rm -f "$stamp_file" | |
114 | return 0 | |
115 | fi | |
116 | ||
117 | now=$(date --date=$(date --iso-8601) +%s 2>/dev/null) | |
118 | if [ "$?" != "0" ]; then | |
119 | # As above, due to some timezones returning 'invalid date' for midnight | |
120 | # on certain dates (e.g. America/Sao_Paulo), if date returns with error | |
121 | # return 0. | |
122 | return 0 | |
123 | fi | |
124 | ||
125 | delta=$(($now-$stamp)) | |
126 | ||
127 | # interval is in days, convert to sec. | |
128 | interval=$(($interval*60*60*24)) | |
129 | debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)" | |
130 | ||
131 | # remove timestamps a day (or more) in the future and force re-check | |
132 | if [ $stamp -gt $(($now+86400)) ]; then | |
133 | echo "WARNING: file $stamp_file has a timestamp in the future: $stamp" | |
134 | rm -f "$stamp_file" | |
135 | return 0 | |
136 | fi | |
137 | ||
138 | if [ $delta -ge $interval ]; then | |
139 | return 0 | |
140 | fi | |
141 | ||
142 | return 1 | |
143 | } | |
144 | ||
145 | update_stamp() | |
146 | { | |
147 | stamp="$1" | |
148 | touch $stamp | |
149 | } | |
150 | ||
151 | # we check here if autoclean was enough sizewise | |
152 | check_size_constraints() | |
153 | { | |
154 | MaxAge=0 | |
155 | eval $(apt-config shell MaxAge APT::Archives::MaxAge) | |
156 | eval $(apt-config shell MaxAge APT::Periodic::MaxAge) | |
157 | ||
158 | MinAge=2 | |
159 | eval $(apt-config shell MinAge APT::Archives::MinAge) | |
160 | eval $(apt-config shell MinAge APT::Periodic::MinAge) | |
161 | ||
162 | MaxSize=0 | |
163 | eval $(apt-config shell MaxSize APT::Archives::MaxSize) | |
164 | eval $(apt-config shell MaxSize APT::Periodic::MaxSize) | |
165 | ||
166 | Cache="/var/cache/apt/archives/" | |
167 | eval $(apt-config shell Cache Dir::Cache::archives/d) | |
168 | ||
169 | # sanity check | |
170 | if [ -z "$Cache" ]; then | |
171 | echo "empty Dir::Cache::archives, exiting" | |
172 | exit | |
173 | fi | |
174 | ||
175 | # check age | |
176 | if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then | |
177 | debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge" | |
178 | find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f | |
179 | elif [ ! $MaxAge -eq 0 ]; then | |
180 | debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only" | |
181 | find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f | |
182 | else | |
183 | debug_echo "skip aging since MaxAge is 0" | |
184 | fi | |
185 | ||
186 | # check size | |
187 | if [ ! $MaxSize -eq 0 ]; then | |
188 | # maxSize is in MB | |
189 | MaxSize=$(($MaxSize*1024)) | |
190 | ||
191 | #get current time | |
192 | now=$(date --date=$(date --iso-8601) +%s) | |
193 | MinAge=$(($MinAge*24*60*60)) | |
194 | ||
195 | # reverse-sort by mtime | |
196 | for file in $(ls -rt $Cache/*.deb 2>/dev/null); do | |
197 | du=$(du -s $Cache) | |
198 | size=${du%%/*} | |
199 | # check if the cache is small enough | |
200 | if [ $size -lt $MaxSize ]; then | |
201 | debug_echo "end remove by archive size: size=$size < $MaxSize" | |
202 | break | |
203 | fi | |
204 | ||
205 | # check for MinAge of the file | |
206 | if [ $MinAge -ne 0 ]; then | |
207 | # check both ctime and mtime | |
208 | mtime=$(stat -c %Y $file) | |
209 | ctime=$(stat -c %Z $file) | |
210 | if [ $mtime -gt $ctime ]; then | |
211 | delta=$(($now-$mtime)) | |
212 | else | |
213 | delta=$(($now-$ctime)) | |
214 | fi | |
215 | if [ $delta -le $MinAge ]; then | |
216 | debug_echo "skip remove by archive size: $file, delta=$delta < $MinAge" | |
217 | break | |
218 | else | |
219 | # delete oldest file | |
220 | debug_echo "remove by archive size: $file, delta=$delta >= $MinAge (sec), size=$size >= $MaxSize" | |
221 | rm -f $file | |
222 | fi | |
223 | fi | |
224 | done | |
225 | fi | |
226 | } | |
227 | ||
228 | # deal with the Apt::Periodic::BackupArchiveInterval | |
229 | do_cache_backup() | |
230 | { | |
231 | BackupArchiveInterval="$1" | |
232 | if [ $BackupArchiveInterval -eq 0 ]; then | |
233 | return | |
234 | fi | |
235 | ||
236 | # Set default values and normalize | |
237 | CacheDir="/var/cache/apt" | |
238 | eval $(apt-config shell CacheDir Dir::Cache/d) | |
239 | CacheDir=${CacheDir%/} | |
240 | if [ -z "$CacheDir" ]; then | |
241 | debug_echo "practically empty Dir::Cache, exiting" | |
242 | return 0 | |
243 | fi | |
244 | ||
245 | Cache="${CacheDir}/archives/" | |
246 | eval $(apt-config shell Cache Dir::Cache::Archives/d) | |
247 | if [ -z "$Cache" ]; then | |
248 | debug_echo "practically empty Dir::Cache::archives, exiting" | |
249 | return 0 | |
250 | fi | |
251 | ||
252 | BackupLevel=3 | |
253 | eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel) | |
254 | if [ $BackupLevel -le 1 ]; then | |
255 | BackupLevel=2 ; | |
256 | fi | |
257 | ||
258 | Back="${CacheDir}/backup/" | |
259 | eval $(apt-config shell Back Dir::Cache::Backup/d) | |
260 | if [ -z "$Back" ]; then | |
261 | echo "practically empty Dir::Cache::Backup, exiting" 1>&2 | |
262 | return | |
263 | fi | |
264 | ||
265 | CacheArchive="$(basename "${Cache}")" | |
266 | test -n "${CacheArchive}" || CacheArchive="archives" | |
267 | BackX="${Back}${CacheArchive}/" | |
268 | for x in $(seq 0 1 $((${BackupLevel}-1))); do | |
269 | eval "Back${x}=${Back}${x}/" | |
270 | done | |
271 | ||
272 | # backup after n-days if archive contents changed. | |
273 | # (This uses hardlink to save disk space) | |
274 | BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp | |
275 | if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then | |
276 | if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then | |
277 | mkdir -p $Back | |
278 | rm -rf $Back$((${BackupLevel}-1)) | |
279 | for y in $(seq $((${BackupLevel}-1)) -1 1); do | |
280 | eval BackY=${Back}$y | |
281 | eval BackZ=${Back}$(($y-1)) | |
282 | if [ -e $BackZ ]; then | |
283 | mv -f $BackZ $BackY ; | |
284 | fi | |
285 | done | |
286 | cp -la $Cache $Back ; mv -f $BackX $Back0 | |
287 | update_stamp $BACKUP_ARCHIVE_STAMP | |
288 | debug_echo "backup with hardlinks. (success)" | |
289 | else | |
290 | debug_echo "skip backup since same content." | |
291 | fi | |
292 | else | |
293 | debug_echo "skip backup since too new." | |
294 | fi | |
295 | } | |
296 | ||
297 | # sleep for a random interval of time (default 30min) | |
298 | # (some code taken from cron-apt, thanks) | |
299 | random_sleep() | |
300 | { | |
301 | RandomSleep=1800 | |
302 | eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep) | |
303 | if [ $RandomSleep -eq 0 ]; then | |
304 | return | |
305 | fi | |
306 | if [ -z "$RANDOM" ] ; then | |
307 | # A fix for shells that do not have this bash feature. | |
308 | RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 )) | |
309 | fi | |
310 | TIME=$(($RANDOM % $RandomSleep)) | |
311 | debug_echo "sleeping for $TIME seconds" | |
312 | sleep $TIME | |
313 | } | |
314 | ||
315 | ||
316 | debug_echo() | |
317 | { | |
318 | # Display message if $VERBOSE >= 1 | |
319 | if [ "$VERBOSE" -ge 1 ]; then | |
320 | echo $1 1>&2 | |
321 | fi | |
322 | } | |
323 | ||
324 | check_power(){ | |
325 | # laptop check, on_ac_power returns: | |
326 | # 0 (true) System is on main power | |
327 | # 1 (false) System is not on main power | |
328 | # 255 (false) Power status could not be determined | |
329 | # Desktop systems always return 255 it seems | |
330 | if which on_ac_power >/dev/null 2>&1; then | |
331 | on_ac_power | |
332 | POWER=$? | |
333 | if [ $POWER -eq 1 ]; then | |
334 | debug_echo "exit: system NOT on main power" | |
335 | return 1 | |
336 | elif [ $POWER -ne 0 ]; then | |
337 | debug_echo "power status ($POWER) undetermined, continuing" | |
338 | fi | |
339 | debug_echo "system is on main power." | |
340 | fi | |
341 | return 0 | |
342 | } | |
343 | ||
344 | # ------------------------ main ---------------------------- | |
345 | ||
346 | if test -r /var/lib/apt/extended_states; then | |
347 | # Backup the 7 last versions of APT's extended_states file | |
348 | # shameless copy from dpkg cron | |
349 | if cd /var/backups ; then | |
350 | if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then | |
351 | cp -p /var/lib/apt/extended_states apt.extended_states | |
352 | savelog -c 7 apt.extended_states >/dev/null | |
353 | fi | |
354 | fi | |
355 | fi | |
356 | ||
357 | # check apt-config existence | |
358 | if ! which apt-config >/dev/null 2>&1; then | |
359 | exit 0 | |
360 | fi | |
361 | ||
362 | # check if the user really wants to do something | |
363 | AutoAptEnable=1 # default is yes | |
364 | eval $(apt-config shell AutoAptEnable APT::Periodic::Enable) | |
365 | ||
366 | if [ $AutoAptEnable -eq 0 ]; then | |
367 | exit 0 | |
368 | fi | |
369 | ||
370 | # Set VERBOSE mode from apt-config (or inherit from environment) | |
371 | VERBOSE=0 | |
372 | eval $(apt-config shell VERBOSE APT::Periodic::Verbose) | |
373 | debug_echo "verbose level $VERBOSE" | |
374 | if [ "$VERBOSE" -le 2 ]; then | |
375 | # quiet for 0,1,2 | |
376 | XSTDOUT=">/dev/null" | |
377 | XSTDERR="2>/dev/null" | |
378 | XAPTOPT="-qq" | |
379 | XUUPOPT="" | |
380 | else | |
381 | XSTDOUT="" | |
382 | XSTDERR="" | |
383 | XAPTOPT="" | |
384 | XUUPOPT="-d" | |
385 | fi | |
386 | if [ "$VERBOSE" -ge 3 ]; then | |
387 | # trace output | |
388 | set -x | |
389 | fi | |
390 | ||
391 | check_power || exit 0 | |
392 | ||
393 | # check if we can lock the cache and if the cache is clean | |
394 | if which apt-get >/dev/null 2>&1 && ! eval apt-get check $XAPTOPT $XSTDERR ; then | |
395 | debug_echo "error encountered in cron job with \"apt-get check\"." | |
396 | exit 0 | |
397 | fi | |
398 | ||
399 | # Global current time in seconds since 1970-01-01 00:00:00 UTC | |
400 | now=$(date +%s) | |
401 | ||
402 | # Support old Archive for compatibility. | |
403 | # Document only Periodic for all controlling parameters of this script. | |
404 | ||
405 | UpdateInterval=0 | |
406 | eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists) | |
407 | ||
408 | DownloadUpgradeableInterval=0 | |
409 | eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages) | |
410 | ||
411 | UnattendedUpgradeInterval=0 | |
412 | eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade) | |
413 | ||
414 | AutocleanInterval=0 | |
415 | eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval) | |
416 | ||
417 | CleanInterval=0 | |
418 | eval $(apt-config shell CleanInterval APT::Periodic::CleanInterval) | |
419 | ||
420 | BackupArchiveInterval=0 | |
421 | eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval) | |
422 | ||
423 | Debdelta=1 | |
424 | eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta) | |
425 | ||
426 | # check if we actually have to do anything that requires locking the cache | |
427 | if [ $UpdateInterval -eq 0 ] && | |
428 | [ $DownloadUpgradeableInterval -eq 0 ] && | |
429 | [ $UnattendedUpgradeInterval -eq 0 ] && | |
430 | [ $BackupArchiveInterval -eq 0 ] && | |
431 | [ $AutocleanInterval -eq 0 ] && | |
432 | [ $CleanInterval -eq 0 ]; then | |
433 | ||
434 | # check cache size | |
435 | check_size_constraints | |
436 | ||
437 | exit 0 | |
438 | fi | |
439 | ||
440 | # deal with BackupArchiveInterval | |
441 | do_cache_backup $BackupArchiveInterval | |
442 | ||
443 | # sleep random amount of time to avoid hitting the | |
444 | # mirrors at the same time | |
445 | random_sleep | |
446 | check_power || exit 0 | |
447 | ||
448 | # include default system language so that "apt-get update" will | |
449 | # fetch the right translated package descriptions | |
450 | if [ -r /etc/default/locale ]; then | |
451 | . /etc/default/locale | |
452 | export LANG LANGUAGE LC_MESSAGES LC_ALL | |
453 | fi | |
454 | ||
455 | # update package lists | |
456 | UPDATED=0 | |
457 | UPDATE_STAMP=/var/lib/apt/periodic/update-stamp | |
458 | if check_stamp $UPDATE_STAMP $UpdateInterval; then | |
459 | if eval apt-get $XAPTOPT -y update $XSTDERR; then | |
460 | debug_echo "download updated metadata (success)." | |
461 | if which dbus-send >/dev/null 2>&1 && pidof dbus-daemon >/dev/null 2>&1; then | |
462 | if dbus-send --system / app.apt.dbus.updated boolean:true ; then | |
463 | debug_echo "send dbus signal (success)" | |
464 | else | |
465 | debug_echo "send dbus signal (error)" | |
466 | fi | |
467 | else | |
468 | debug_echo "dbus signal not send (command not available)" | |
469 | fi | |
470 | update_stamp $UPDATE_STAMP | |
471 | UPDATED=1 | |
472 | else | |
473 | debug_echo "download updated metadata (error)" | |
474 | fi | |
475 | else | |
476 | debug_echo "download updated metadata (not run)." | |
477 | fi | |
478 | ||
479 | # download all upgradeable packages (if it is requested) | |
480 | DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp | |
481 | if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then | |
482 | if [ $Debdelta -eq 1 ]; then | |
483 | debdelta-upgrade >/dev/null 2>&1 || true | |
484 | fi | |
485 | if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then | |
486 | update_stamp $DOWNLOAD_UPGRADEABLE_STAMP | |
487 | debug_echo "download upgradable (success)" | |
488 | else | |
489 | debug_echo "download upgradable (error)" | |
490 | fi | |
491 | else | |
492 | debug_echo "download upgradable (not run)" | |
493 | fi | |
494 | ||
495 | # auto upgrade all upgradeable packages | |
496 | UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp | |
497 | if which unattended-upgrade >/dev/null 2>&1 && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then | |
498 | if unattended-upgrade $XUUPOPT; then | |
499 | update_stamp $UPGRADE_STAMP | |
500 | debug_echo "unattended-upgrade (success)" | |
501 | else | |
502 | debug_echo "unattended-upgrade (error)" | |
503 | fi | |
504 | else | |
505 | debug_echo "unattended-upgrade (not run)" | |
506 | fi | |
507 | ||
508 | # clean package archive | |
509 | CLEAN_STAMP=/var/lib/apt/periodic/clean-stamp | |
510 | if check_stamp $CLEAN_STAMP $CleanInterval; then | |
511 | if eval apt-get $XAPTOPT -y clean $XSTDERR; then | |
512 | debug_echo "clean (success)." | |
513 | update_stamp $CLEAN_STAMP | |
514 | else | |
515 | debug_echo "clean (error)" | |
516 | fi | |
517 | else | |
518 | debug_echo "clean (not run)" | |
519 | fi | |
520 | ||
521 | # autoclean package archive | |
522 | AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp | |
523 | if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then | |
524 | if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then | |
525 | debug_echo "autoclean (success)." | |
526 | update_stamp $AUTOCLEAN_STAMP | |
527 | else | |
528 | debug_echo "autoclean (error)" | |
529 | fi | |
530 | else | |
531 | debug_echo "autoclean (not run)" | |
532 | fi | |
533 | ||
534 | # check cache size | |
535 | check_size_constraints | |
536 | ||
537 | # | |
538 | # vim: set sts=4 ai : | |
539 | # | |
540 |