def apt_check(): apt_pkg.init() cache = apt_pkg.Cache(apt.progress.base.OpProgress()) depcache = apt_pkg.DepCache(cache) if depcache.broken_count > 0: raise SystemExit("Error: BrokenCount > 0") try: from UpdateManager.Core.UpdateList import UpdateList ul = UpdateList(None) except ImportError: ul = None # This mimics an upgrade but will never remove anything depcache.upgrade(True) if depcache.del_count > 0: # Unmark (clean) all changes from the given depcache depcache.init() depcache.upgrade() with apt.Cache() as aptcache: for pkg in cache.packages: if not depcache.marked_install(pkg) and \ not depcache.marked_upgrade(pkg): continue inst_ver = pkg.current_ver cand_ver = depcache.get_candidate_ver(pkg) if cand_ver == inst_ver: continue security = False phased = False if isSecurityUpgrade(cand_ver): security = True elif inst_ver: # Check for security updates that are masked by a candidate # version from another repo (-proposed or -updates) for ver in pkg.version_list: if apt_pkg.version_compare(ver.ver_str, inst_ver.ver_str) \ > 0 and isSecurityUpgrade(ver): security = True break if ul is not None and \ ul._is_ignored_phased_update(aptcache[pkg.name]): phased = True yield Upgrade( package=pkg.name, installed=inst_ver.ver_str if inst_ver else None, candidate=cand_ver.ver_str, security=security, phased=phased, )
def run(options=None): # we are run in "are security updates installed automatically?" # question mode if options.security_updates_unattended: res = apt_pkg.config.find_i("APT::Periodic::Unattended-Upgrade", 0) #print(res) sys.exit(res) # get caches try: cache = apt_pkg.Cache(apt.progress.base.OpProgress()) except SystemError as e: sys.stderr.write("E: "+ _("Error: Opening the cache (%s)") % e) sys.exit(-1) depcache = apt_pkg.DepCache(cache) # read the synaptic pins too if os.path.exists(SYNAPTIC_PINFILE): depcache.read_pinfile(SYNAPTIC_PINFILE) depcache.init() if depcache.broken_count > 0: sys.stderr.write("E: "+ _("Error: BrokenCount > 0")) sys.exit(-1) # do the upgrade (not dist-upgrade!) try: saveDistUpgrade(cache,depcache) except SystemError as e: sys.stderr.write("E: "+ _("Error: Marking the upgrade (%s)") % e) sys.exit(-1) # analyze the ugprade upgrades = 0 security_updates = 0 # we need another cache that has more pkg details with apt.Cache() as aptcache: for pkg in cache.packages: # skip packages that are not marked upgraded/installed if not (depcache.marked_install(pkg) or depcache.marked_upgrade(pkg)): continue # check if this is really a upgrade or a false positive # (workaround for ubuntu #7907) inst_ver = pkg.current_ver cand_ver = depcache.get_candidate_ver(pkg) if cand_ver == inst_ver: continue # check for security upgrades if isSecurityUpgrade(cand_ver): upgrades += 1 security_updates += 1 continue # check to see if the update is a phased one try: from UpdateManager.Core.UpdateList import UpdateList ul = UpdateList(None) ignored = ul._is_ignored_phased_update(aptcache[pkg.name]) if ignored: depcache.mark_keep(pkg) continue except ImportError: pass upgrades = upgrades + 1 # now check for security updates that are masked by a # canidate version from another repo (-proposed or -updates) for ver in pkg.version_list: if (inst_ver and apt_pkg.version_compare(ver.ver_str, inst_ver.ver_str) <= 0): #print("skipping '%s' " % ver.VerStr) continue if isSecurityUpgrade(ver): security_updates += 1 break # print the number of upgrades if options and options.show_package_names: write_package_names(sys.stderr, cache, depcache) elif options and options.readable_output: write_human_readable_summary(sys.stdout, upgrades, security_updates) else: # print the number of regular upgrades and the number of # security upgrades sys.stderr.write("%s;%s" % (upgrades,security_updates)) # return the number of upgrades (if its used as a module) return(upgrades,security_updates)
def run(options=None): # we are run in "are security updates installed automatically?" # question mode if options.security_updates_unattended: res = apt_pkg.config.find_i("APT::Periodic::Unattended-Upgrade", 0) #print(res) sys.exit(res) # get caches try: cache = apt_pkg.Cache(apt.progress.base.OpProgress()) except SystemError as e: sys.stderr.write("E: "+ _("Error: Opening the cache (%s)") % e) sys.exit(-1) depcache = apt_pkg.DepCache(cache) # read the synaptic pins too if os.path.exists(SYNAPTIC_PINFILE): depcache.read_pinfile(SYNAPTIC_PINFILE) depcache.init() if depcache.broken_count > 0: sys.stderr.write("E: "+ _("Error: BrokenCount > 0")) sys.exit(-1) # do the upgrade (not dist-upgrade!) try: saveDistUpgrade(cache,depcache) except SystemError as e: sys.stderr.write("E: "+ _("Error: Marking the upgrade (%s)") % e) sys.exit(-1) # analyze the ugprade upgrades = 0 security_updates = 0 # we need another cache that has more pkg details with apt.Cache() as aptcache: for pkg in cache.packages: # skip packages that are not marked upgraded/installed if not (depcache.marked_install(pkg) or depcache.marked_upgrade(pkg)): continue # check if this is really a upgrade or a false positive # (workaround for ubuntu #7907) inst_ver = pkg.current_ver cand_ver = depcache.get_candidate_ver(pkg) if cand_ver == inst_ver: continue # check for security upgrades if isSecurityUpgrade(cand_ver): upgrades += 1 security_updates += 1 continue # check to see if the update is a phased one try: from UpdateManager.Core.UpdateList import UpdateList ul = UpdateList(None) ignored = ul._is_ignored_phased_update(aptcache[pkg.name]) if ignored: depcache.mark_keep(pkg) continue except ImportError: pass upgrades = upgrades + 1 # now check for security updates that are masked by a # canidate version from another repo (-proposed or -updates) for ver in pkg.version_list: if (inst_ver and apt_pkg.version_compare(ver.ver_str, inst_ver.ver_str) <= 0): #print("skipping '%s' " % ver.VerStr) continue if isSecurityUpgrade(ver): security_updates += 1 break # print the number of upgrades if options and options.show_package_names: write_package_names(sys.stderr, cache, depcache) elif options and options.readable_output: write_human_readable_summary(sys.stdout, upgrades, security_updates) else: # print the number of regular upgrades and the number of # security upgrades sys.stderr.write("%s;%s" % (upgrades, security_updates)) # return the number of upgrades (if its used as a module) return(upgrades, security_updates)