X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/7d1d3984806f1a9b33638d11d84d7febbacfc91e..1bc5d775b911e64e2f1e9e12539496ce13dd0945:/debian/apt.cron.daily diff --git a/debian/apt.cron.daily b/debian/apt.cron.daily index 26dfa2530..d1ee08a5c 100644 --- a/debian/apt.cron.daily +++ b/debian/apt.cron.daily @@ -14,6 +14,12 @@ # "APT::Periodic::AutocleanInterval" # - Do "apt-get autoclean" every n-days (0=disable) # +# "APT::Periodic::Unattended-Upgrade" +# - Run the "unattended-upgrade" security upgrade script +# every n-days (0=disabled) +# Requires the package "unattended-upgrades" and will write +# a log in /var/log/unattended-upgrades +# # "APT::Archives::MaxAge", # - Set maximum allowed age of a cache package file. If a cache # package file is older it is deleted (0=disable) @@ -141,12 +147,19 @@ check_size_constraints() fi } +if ! which apt-config >/dev/null; then + exit 0 +fi UpdateInterval=0 DownloadUpgradeableInterval=0 eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages) AutocleanInterval=$DownloadUpgradeableInterval -eval $(apt-config shell AutocleanInterval APT::Periodic::Autoclean) +eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval) + +UnattendedUpgradeInterval=0 +eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade) + # laptop check, on_ac_power returns: # 0 (true) System is on mains power @@ -160,11 +173,24 @@ if which on_ac_power >/dev/null; then fi fi +# check if we can lock the cache and if the cache is clean +if ! apt-get check -q -q 2>/dev/null; then + echo "$0: could not lock the APT cache" + exit 1 +fi + + UPDATE_STAMP=/var/lib/apt/periodic/update-stamp if check_stamp $UPDATE_STAMP $UpdateInterval; then - if apt-get -qq update 2>/dev/null; then + # check for a new archive signing key (against the master keyring) + apt-key net-update + # now run the update + if apt-get -qq update -o APT::Update::Auth-Failure::="cp /usr/share/apt/apt-auth-failure.note /var/lib/update-notifier/user.d/" 2>/dev/null; then + # Could possible test access to '/var/run/dbus/system_bus_socket' has well, + # but I'm not sure how stable the internal pipe location is defined as + # being; so for the moment just 2>/dev/null . --sladen 2007-09-27 if which dbus-send >/dev/null; then - dbus-send --system / app.apt.dbus.updated boolean:true + dbus-send --system / app.apt.dbus.updated boolean:true 2>/dev/null || true fi update_stamp $UPDATE_STAMP fi @@ -176,6 +202,12 @@ if check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then update_stamp $DOWNLOAD_UPGRADEABLE_STAMP fi +UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp +if check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then + unattended-upgrade + update_stamp $UPGRADE_STAMP +fi + AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then apt-get -qq autoclean