def apt_check():
apt_pkg.init()
cache = apt_pkg.Cache(apt.progress.base.OpProgress())
depcache = apt_pkg.DepCache(cache)
if depcache.broken_count > 0:
raise SystemExit("Error: BrokenCount > 0")
try:
from UpdateManager.Core.UpdateList import UpdateList
ul = UpdateList(None)
except ImportError:
ul = None
# This mimics an upgrade but will never remove anything
depcache.upgrade(True)
if depcache.del_count > 0:
# Unmark (clean) all changes from the given depcache
depcache.init()
depcache.upgrade()
with apt.Cache() as aptcache:
for pkg in cache.packages:
if not depcache.marked_install(pkg) and \
not depcache.marked_upgrade(pkg):
continue
inst_ver = pkg.current_ver
cand_ver = depcache.get_candidate_ver(pkg)
if cand_ver == inst_ver:
continue
security = False
phased = False
if isSecurityUpgrade(cand_ver):
security = True
elif inst_ver:
# Check for security updates that are masked by a candidate
# version from another repo (-proposed or -updates)
for ver in pkg.version_list:
if apt_pkg.version_compare(ver.ver_str, inst_ver.ver_str) \
> 0 and isSecurityUpgrade(ver):
security = True
break
if ul is not None and \
ul._is_ignored_phased_update(aptcache[pkg.name]):
phased = True
yield Upgrade(
package=pkg.name,
installed=inst_ver.ver_str if inst_ver else None,
candidate=cand_ver.ver_str,
security=security,
phased=phased,
)
def run(options=None):
# we are run in "are security updates installed automatically?"
# question mode
if options.security_updates_unattended:
res = apt_pkg.config.find_i("APT::Periodic::Unattended-Upgrade", 0)
#print(res)
sys.exit(res)
# get caches
try:
cache = apt_pkg.Cache(apt.progress.base.OpProgress())
except SystemError as e:
sys.stderr.write("E: "+ _("Error: Opening the cache (%s)") % e)
sys.exit(-1)
depcache = apt_pkg.DepCache(cache)
# read the synaptic pins too
if os.path.exists(SYNAPTIC_PINFILE):
depcache.read_pinfile(SYNAPTIC_PINFILE)
depcache.init()
if depcache.broken_count > 0:
sys.stderr.write("E: "+ _("Error: BrokenCount > 0"))
sys.exit(-1)
# do the upgrade (not dist-upgrade!)
try:
saveDistUpgrade(cache,depcache)
except SystemError as e:
sys.stderr.write("E: "+ _("Error: Marking the upgrade (%s)") % e)
sys.exit(-1)
# analyze the ugprade
upgrades = 0
security_updates = 0
# we need another cache that has more pkg details
with apt.Cache() as aptcache:
for pkg in cache.packages:
# skip packages that are not marked upgraded/installed
if not (depcache.marked_install(pkg) or depcache.marked_upgrade(pkg)):
continue
# check if this is really a upgrade or a false positive
# (workaround for ubuntu #7907)
inst_ver = pkg.current_ver
cand_ver = depcache.get_candidate_ver(pkg)
if cand_ver == inst_ver:
continue
# check for security upgrades
if isSecurityUpgrade(cand_ver):
upgrades += 1
security_updates += 1
continue
# check to see if the update is a phased one
try:
from UpdateManager.Core.UpdateList import UpdateList
ul = UpdateList(None)
ignored = ul._is_ignored_phased_update(aptcache[pkg.name])
if ignored:
depcache.mark_keep(pkg)
continue
except ImportError:
pass
upgrades = upgrades + 1
# now check for security updates that are masked by a
# canidate version from another repo (-proposed or -updates)
for ver in pkg.version_list:
if (inst_ver and apt_pkg.version_compare(ver.ver_str, inst_ver.ver_str) <= 0):
#print("skipping '%s' " % ver.VerStr)
continue
if isSecurityUpgrade(ver):
security_updates += 1
break
# print the number of upgrades
if options and options.show_package_names:
write_package_names(sys.stderr, cache, depcache)
elif options and options.readable_output:
write_human_readable_summary(sys.stdout, upgrades, security_updates)
else:
# print the number of regular upgrades and the number of
# security upgrades
sys.stderr.write("%s;%s" % (upgrades,security_updates))
# return the number of upgrades (if its used as a module)
return(upgrades,security_updates)
def run(options=None):
# we are run in "are security updates installed automatically?"
# question mode
if options.security_updates_unattended:
res = apt_pkg.config.find_i("APT::Periodic::Unattended-Upgrade", 0)
#print(res)
sys.exit(res)
# get caches
try:
cache = apt_pkg.Cache(apt.progress.base.OpProgress())
except SystemError as e:
sys.stderr.write("E: "+ _("Error: Opening the cache (%s)") % e)
sys.exit(-1)
depcache = apt_pkg.DepCache(cache)
# read the synaptic pins too
if os.path.exists(SYNAPTIC_PINFILE):
depcache.read_pinfile(SYNAPTIC_PINFILE)
depcache.init()
if depcache.broken_count > 0:
sys.stderr.write("E: "+ _("Error: BrokenCount > 0"))
sys.exit(-1)
# do the upgrade (not dist-upgrade!)
try:
saveDistUpgrade(cache,depcache)
except SystemError as e:
sys.stderr.write("E: "+ _("Error: Marking the upgrade (%s)") % e)
sys.exit(-1)
# analyze the ugprade
upgrades = 0
security_updates = 0
# we need another cache that has more pkg details
with apt.Cache() as aptcache:
for pkg in cache.packages:
# skip packages that are not marked upgraded/installed
if not (depcache.marked_install(pkg) or depcache.marked_upgrade(pkg)):
continue
# check if this is really a upgrade or a false positive
# (workaround for ubuntu #7907)
inst_ver = pkg.current_ver
cand_ver = depcache.get_candidate_ver(pkg)
if cand_ver == inst_ver:
continue
# check for security upgrades
if isSecurityUpgrade(cand_ver):
upgrades += 1
security_updates += 1
continue
# check to see if the update is a phased one
try:
from UpdateManager.Core.UpdateList import UpdateList
ul = UpdateList(None)
ignored = ul._is_ignored_phased_update(aptcache[pkg.name])
if ignored:
depcache.mark_keep(pkg)
continue
except ImportError:
pass
upgrades = upgrades + 1
# now check for security updates that are masked by a
# canidate version from another repo (-proposed or -updates)
for ver in pkg.version_list:
if (inst_ver and apt_pkg.version_compare(ver.ver_str, inst_ver.ver_str) <= 0):
#print("skipping '%s' " % ver.VerStr)
continue
if isSecurityUpgrade(ver):
security_updates += 1
break
# print the number of upgrades
if options and options.show_package_names:
write_package_names(sys.stderr, cache, depcache)
elif options and options.readable_output:
write_human_readable_summary(sys.stdout, upgrades, security_updates)
else:
# print the number of regular upgrades and the number of
# security upgrades
sys.stderr.write("%s;%s" % (upgrades, security_updates))
# return the number of upgrades (if its used as a module)
return(upgrades, security_updates)
