debian/apt.cron.daily

   1 #!/bin/sh
   2 #
   3
   4 #set -e
   5 #
   6 # This file understands the following apt configuration variables:
   7 #
   8 #  "APT::Periodic::Update-Package-Lists=1"
   9 #  - Do "apt-get update" automatically every n-days (0=disable)
  10 #
  11 #  "APT::Periodic::Download-Upgradeable-Packages=0",
  12 #  - Do "apt-get upgrade --download-only" every n-days (0=disable)
  13 #
  14 #  "APT::Periodic::AutocleanInterval"
  15 #  - Do "apt-get autoclean" every n-days (0=disable)
  16 #
  17 #  "APT::Periodic::Unattended-Upgrade"
  18 #  - Run the "unattended-upgrade" security upgrade script
  19 #    every n-days (0=disabled)
  20 #    Requires the package "unattended-upgrades" and will write
  21 #    a log in /var/log/unattended-upgrades
  22 #
  23 #  "APT::Archives::MaxAge",
  24 #  - Set maximum allowed age of a cache package file. If a cache
  25 #    package file is older it is deleted (0=disable)
  26 #
  27 #  "APT::Archives::MaxSize",
  28 #  - Set maximum size of the cache in MB (0=disable). If the cache
  29 #    is bigger, cached package files are deleted until the size
  30 #    requirement is met (the biggest packages will be deleted
  31 #    first).
  32 #
  33 #  "APT::Archives::MinAge"
  34 #  - Set minimum age of a package file. If a file is younger it
  35 #    will not be deleted (0=disable). Usefull to prevent races
  36 #    and to keep backups of the packages for emergency.
  37 #
  38
  39 check_stamp()
  40 {
  41     stamp="$1"
  42     interval="$2"
  43
  44     if [ $interval -eq 0 ]; then
  45         return 1
  46     fi
  47
  48     if [ ! -f $stamp ]; then
  49         return 0
  50     fi
  51
  52     # compare midnight today to midnight the day the stamp was updated
  53     stamp=$(date --date=$(date -r $stamp --iso-8601) +%s)
  54     now=$(date --date=$(date --iso-8601) +%s)
  55     delta=$(($now-$stamp))
  56
  57     # intervall is in days,
  58     interval=$(($interval*60*60*24))
  59     #echo "stampfile: $1"
  60     #echo "interval=$interval, now=$now, stamp=$stamp, delta=$delta"
  61
  62     if [ $delta -ge $interval ]; then
  63         return 0
  64     fi
  65
  66     return 1
  67 }
  68
  69 update_stamp()
  70 {
  71     stamp="$1"
  72
  73     touch $stamp
  74 }
  75
  76
  77
  78 # we check here if autoclean was enough sizewise
  79 check_size_constraints()
  80 {
  81     # min-age in days
  82     MaxAge=0
  83     MinAge=2
  84     MaxSize=0
  85     CacheDir="var/cache/apt"
  86     CacheArchive="archives/"
  87     eval $(apt-config shell MaxAge APT::Archives::MaxAge)
  88     eval $(apt-config shell MinAge APT::Archives::MinAge)
  89     eval $(apt-config shell MaxSize APT::Archives::MaxSize)
  90     eval $(apt-config shell Dir Dir)
  91     eval $(apt-config shell CacheDir Dir::Cache)
  92     eval $(apt-config shell CacheArchive Dir::Cache::archives)
  93
  94     # sanity check
  95     if [ -z "$CacheDir" -o -z "$CacheArchive" ]; then
  96         echo "empty Dir::Cache or Dir::Cache::archives, exiting"
  97         exit
  98     fi
  99
 100     Cache="${Dir%/}/${CacheDir%/}/${CacheArchive%/}/"
 101
 102     # check age
 103     if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then
 104         find $Cache -name "*.deb"  \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f
 105     elif [ ! $MaxAge -eq 0 ]; then
 106         find $Cache -name "*.deb"  -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f
 107     fi
 108
 109     # check size
 110     if [ ! $MaxSize -eq 0 ]; then
 111         # maxSize is in MB
 112         MaxSize=$(($MaxSize*1024))
 113
 114         #get current time
 115         now=$(date --date=$(date --iso-8601) +%s)
 116         MinAge=$(($MinAge*24*60*60))
 117
 118         # reverse-sort by mtime
 119         for file in $(ls -rt $Cache/*.deb 2>/dev/null); do
 120             du=$(du -s $Cache)
 121             size=${du%%/*}
 122             # check if the cache is small enough
 123             if [ $size -lt $MaxSize ]; then
 124                 break
 125             fi
 126
 127             # check for MinAge of the file
 128             if [ ! $MinAge -eq 0 ]; then
 129                 # check both ctime and mtime
 130                 mtime=$(stat -c %Y $file)
 131                 ctime=$(stat -c %Z $file)
 132                 if [ $mtime -gt $ctime ]; then
 133                     delta=$(($now-$mtime))
 134                 else
 135                     delta=$(($now-$ctime))
 136                 fi
 137                 #echo "$file ($delta), $MinAge"
 138                 if [ $delta -le $MinAge ]; then
 139                     #echo "Skiping $file (delta=$delta)"
 140                     break
 141                 fi
 142             fi
 143
 144             # delete oldest file
 145             rm -f $file
 146         done
 147     fi
 148 }
 149
 150 # sleep for a random intervall of time (default 30min)
 151 # (some code taken from cron-apt, thanks)
 152 random_sleep()
 153 {
 154     RandomSleep=1800
 155     eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep)
 156     if [ $RandomSleep -eq 0 ]; then
 157         return
 158     fi
 159     if [ -z "$RANDOM" ] ; then
 160         # A fix for shells that do not have this bash feature.
 161         RANDOM=$(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -c"1-5")
 162     fi
 163     TIME=$(($RANDOM % $RandomSleep))
 164     sleep $TIME
 165 }
 166
 167 # main
 168
 169 if ! which apt-config >/dev/null; then
 170         exit 0
 171 fi
 172
 173 UpdateInterval=0
 174 DownloadUpgradeableInterval=0
 175 eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages)
 176 AutocleanInterval=$DownloadUpgradeableInterval
 177 eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval)
 178
 179 UnattendedUpgradeInterval=0
 180 eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade)
 181
 182
 183 # laptop check, on_ac_power returns:
 184 #       0 (true)    System is on mains power
 185 #       1 (false)   System is not on mains power
 186 #       255 (false) Power status could not be determined
 187 # Desktop systems always return 255 it seems
 188 if which on_ac_power >/dev/null; then
 189     on_ac_power
 190     if [ $? -eq 1 ]; then
 191         exit 0
 192     fi
 193 fi
 194
 195 # check if we can lock the cache and if the cache is clean
 196 # There's a reasonable chance that someone is already running an apt
 197 # frontend that has locked the cache, so exit quietly if it is locked.
 198 if ! apt-get check -q -q 2>/dev/null; then
 199     exit 0
 200 fi
 201
 202 # sleep random amount of time
 203 random_sleep
 204
 205 # check again if we can access the cache
 206 if ! apt-get check -q -q 2>/dev/null; then
 207     exit 1
 208 fi
 209
 210 # set the proxy based on the admin users gconf settings
 211 admin_user=$(getent group admin|cut -d: -f4|cut -d, -f1)
 212 if [ -n "$admin_user" ] && [ -x /usr/bin/sudo ] && [ -z "$http_proxy" ] && [ -x /usr/bin/gconftool ]; then
 213         use=$(sudo -u "$admin_user" gconftool --get /system/http_proxy/use_http_proxy)
 214         host=$(sudo -u "$admin_user" gconftool --get /system/http_proxy/host)
 215         port=$(sudo -u "$admin_user" gconftool --get /system/http_proxy/port)
 216         if [ "$use" = "true" ] && [ -n "$host" ] && [ -n "$port" ]; then
 217                 export http_proxy="http://$host:$port/"
 218         fi
 219 fi
 220
 221 # sleep random amount of time
 222 random_sleep
 223
 224 # check again if we can access the cache
 225 if ! apt-get check -q -q 2>/dev/null; then
 226     exit 1
 227 fi
 228
 229 UPDATE_STAMP=/var/lib/apt/periodic/update-stamp
 230 if check_stamp $UPDATE_STAMP $UpdateInterval; then
 231     # check for a new archive signing key (against the master keyring)
 232     apt-key net-update
 233     # now run the update
 234     if apt-get -qq update -o APT::Update::Auth-Failure::="cp /usr/share/apt/apt-auth-failure.note /var/lib/update-notifier/user.d/" 2>/dev/null; then
 235         # Could possible test access to '/var/run/dbus/system_bus_socket' has well,
 236         # but I'm not sure how stable the internal pipe location is defined as
 237         # being;  so for the moment just 2>/dev/null . --sladen 2007-09-27
 238         if which dbus-send >/dev/null; then
 239             dbus-send --system / app.apt.dbus.updated boolean:true 2>/dev/null || true
 240         fi
 241         update_stamp $UPDATE_STAMP
 242     fi
 243 fi
 244
 245 DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp
 246 if check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then
 247     apt-get -qq -d dist-upgrade 2>/dev/null
 248     update_stamp $DOWNLOAD_UPGRADEABLE_STAMP
 249 fi
 250
 251 UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp
 252 if check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then
 253     unattended-upgrade
 254     update_stamp $UPGRADE_STAMP
 255 fi
 256
 257 AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp
 258 if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then
 259     apt-get -qq autoclean
 260     update_stamp $AUTOCLEAN_STAMP
 261 fi
 262
 263 # check cache size
 264 check_size_constraints