Created
May 30, 2018 19:07
-
-
Save mtfurlan/81ba4124734351db7adbb0afccc1f13c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/apticron b/apticron | |
index d2eea06..e0bbbae 100755 | |
--- a/apticron | |
+++ b/apticron | |
@@ -1,4 +1,5 @@ | |
#!/bin/bash -e | |
+set -eo pipefail | |
# Character set handling differs between the different mailx | |
# implementations in Debian. Make sure we send proper headers, and a | |
@@ -38,6 +39,7 @@ Mailx() { | |
"$@" < "$MAIL_BODY_FILE" | |
fi | |
fi | |
+ | |
rm "$MAIL_BODY_FILE" | |
} | |
@@ -77,7 +79,9 @@ if [ "$ALL_FQDNS" = "1" ] ; then | |
SYSTEM=`/bin/hostname --all-fqdns` | |
fi | |
+ | |
if [ -z "$IPADDRESSES" ] && [ -x /sbin/ip ]; then | |
+ set +o pipefail | |
# Set the IPv4 addresses | |
IPADDRESSES=`(echo $( /bin/hostname --all-ip-addresses ) ; | |
/sbin/ip -f inet addr show scope global 2> /dev/null | \ | |
@@ -92,6 +96,7 @@ if [ -z "$IPADDRESSES" ] && [ -x /sbin/ip ]; then | |
/usr/bin/head -$IPADDRESSNUM |\ | |
/usr/bin/awk '{ print $2 }' |\ | |
/usr/bin/cut -d/ -f1`" | |
+ set -o pipefail | |
fi | |
# Turn our list of addresses into nicely formatted output | |
@@ -115,8 +120,8 @@ fi | |
/usr/bin/apt-get -qq update || true | |
# get the list of packages which are pending an upgrade | |
-PKGNAMES=`/usr/bin/apt-get -q -y --ignore-hold --allow-change-held-packages --allow-unauthenticated -s dist-upgrade | \ | |
- /bin/grep ^Inst | /usr/bin/cut -d\ -f2 | /usr/bin/sort` | |
+PKGNAMES=`/usr/bin/apt-get --allow-downgrades -q -y --ignore-hold --allow-change-held-packages --allow-unauthenticated -s dist-upgrade | \ | |
+ /bin/grep ^Inst | grep Security | /usr/bin/cut -d\ -f2 | /usr/bin/sort` | |
# creating the future last_run file | |
TMPFILE="$(mktemp -t apticron.XXXXXXXXXX)" | |
@@ -125,8 +130,8 @@ for p in $PKGNAMES; do | |
done | |
# workaround to handle apt-get installing packages hold by aptitude. See #137771. | |
-APTITUDE_HOLDS=`grep "^State: 2" -B 3 /var/lib/aptitude/pkgstates 2>/dev/null |grep "^Package: .*$" |cut -d" " -f 2` | |
-DSELECT_HOLDS=`dpkg --get-selections |grep "hold$" |cut -f1` | |
+APTITUDE_HOLDS=`grep "^State: 2" -B 3 /var/lib/aptitude/pkgstates 2>/dev/null |grep "^Package: .*$" |cut -d" " -f 2 || true` | |
+DSELECT_HOLDS=`dpkg --get-selections |grep "hold$" |cut -f1 || true` | |
if [ "$NOTIFY_HOLDS" = "0" ]; then | |
# packages hold by aptitude don't go to the upgrading candidates list | |
@@ -176,7 +181,7 @@ fi | |
if [ -n "$PKGNAMES" ] ; then | |
# do the upgrade downloads | |
- /usr/bin/apt-get --allow-change-held-packages --ignore-hold -qq -d dist-upgrade > /dev/null | |
+ /usr/bin/apt-get --allow-downgrades --allow-change-held-packages --ignore-hold -qq -d dist-upgrade > /dev/null | |
( | |
/bin/cat <<EOF | |
@@ -206,7 +211,7 @@ EOF | |
echo -e "\n(there are $(grep -xf $LAST_RUN_FILE $TMPFILE |wc -l) other packages previously reported to you pending an upgrade!)" | |
fi | |
- MISSING_DEBS=`apt-get -y --ignore-hold --allow-change-held-packages --allow-unauthenticated --print-uris dist-upgrade \ | |
+ MISSING_DEBS=`apt-get --allow-downgrades -y --ignore-hold --allow-change-held-packages --allow-unauthenticated --print-uris dist-upgrade \ | |
| grep "file:" \ | |
| sed "s/'file:\(.*\)' .*/\1/g"` | |
@@ -273,15 +278,14 @@ EOF | |
apticron | |
EOF | |
- ) 2>&1 | Mailx -s "$MAILX_SUBJECT" $EMAIL | |
- | |
+ ) 2>&1 | Mailx -s "$MAILX_SUBJECT" $EMAIL || true | |
elif [ "$NOTIFY_NO_UPDATES" = "1" ] ; then | |
( | |
/bin/cat <<EOF | |
No new packages today. | |
EOF | |
- ) 2>&1 | Mailx -s "$MAILX_NO_UPDATE_SUBJECT" $EMAIL | |
+ ) 2>&1 | Mailx -s "$MAILX_NO_UPDATE_SUBJECT" $EMAIL || true | |
fi | |
# updating the last_run file |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment