apt.systemd.daily 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509
  1. #!/bin/sh
  2. #set -e
  3. #
  4. # This file understands the following apt configuration variables:
  5. # Values here are the default.
  6. # Create /etc/apt/apt.conf.d/10periodic file to set your preference.
  7. #
  8. # Dir "/";
  9. # - RootDir for all configuration files
  10. #
  11. # Dir::Cache "var/cache/apt/";
  12. # - Set apt package cache directory
  13. #
  14. # Dir::Cache::Archives "archives/";
  15. # - Set package archive directory
  16. #
  17. # APT::Periodic::Enable "1";
  18. # - Enable the update/upgrade script (0=disable)
  19. #
  20. # APT::Periodic::BackupArchiveInterval "0";
  21. # - Backup after n-days if archive contents changed.(0=disable)
  22. #
  23. # APT::Periodic::BackupLevel "3";
  24. # - Backup level.(0=disable), 1 is invalid.
  25. #
  26. # Dir::Cache::Backup "backup/";
  27. # - Set periodic package backup directory
  28. #
  29. # APT::Archives::MaxAge "0"; (old, deprecated)
  30. # APT::Periodic::MaxAge "0"; (new)
  31. # - Set maximum allowed age of a cache package file. If a cache
  32. # package file is older it is deleted (0=disable)
  33. #
  34. # APT::Archives::MinAge "2"; (old, deprecated)
  35. # APT::Periodic::MinAge "2"; (new)
  36. # - Set minimum age of a package file. If a file is younger it
  37. # will not be deleted (0=disable). Useful to prevent races
  38. # and to keep backups of the packages for emergency.
  39. #
  40. # APT::Archives::MaxSize "0"; (old, deprecated)
  41. # APT::Periodic::MaxSize "0"; (new)
  42. # - Set maximum size of the cache in MB (0=disable). If the cache
  43. # is bigger, cached package files are deleted until the size
  44. # requirement is met (the oldest packages will be deleted
  45. # first).
  46. #
  47. # APT::Periodic::Update-Package-Lists "0";
  48. # - Do "apt-get update" automatically every n-days (0=disable)
  49. #
  50. # APT::Periodic::Download-Upgradeable-Packages "0";
  51. # - Do "apt-get upgrade --download-only" every n-days (0=disable)
  52. #
  53. # APT::Periodic::Download-Upgradeable-Packages-Debdelta "1";
  54. # - Use debdelta-upgrade to download updates if available (0=disable)
  55. #
  56. # APT::Periodic::Unattended-Upgrade "0";
  57. # - Run the "unattended-upgrade" security upgrade script
  58. # every n-days (0=disabled)
  59. # Requires the package "unattended-upgrades" and will write
  60. # a log in /var/log/unattended-upgrades
  61. #
  62. # APT::Periodic::AutocleanInterval "0";
  63. # - Do "apt-get autoclean" every n-days (0=disable)
  64. #
  65. # APT::Periodic::CleanInterval "0";
  66. # - Do "apt-get clean" every n-days (0=disable)
  67. #
  68. # APT::Periodic::Verbose "0";
  69. # - Send report mail to root
  70. # 0: no report (or null string)
  71. # 1: progress report (actually any string)
  72. # 2: + command outputs (remove -qq, remove 2>/dev/null, add -d)
  73. # 3: + trace on
  74. #
  75. check_stamp()
  76. {
  77. stamp="$1"
  78. interval="$2"
  79. if [ $interval -eq 0 ]; then
  80. debug_echo "check_stamp: interval=0"
  81. # treat as no time has passed
  82. return 1
  83. fi
  84. if [ ! -f $stamp ]; then
  85. debug_echo "check_stamp: missing time stamp file: $stamp."
  86. # treat as enough time has passed
  87. return 0
  88. fi
  89. # compare midnight today to midnight the day the stamp was updated
  90. stamp_file="$stamp"
  91. stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null)
  92. if [ "$?" != "0" ]; then
  93. # Due to some timezones returning 'invalid date' for midnight on
  94. # certain dates (e.g. America/Sao_Paulo), if date returns with error
  95. # remove the stamp file and return 0. See coreutils bug:
  96. # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html
  97. rm -f "$stamp_file"
  98. return 0
  99. fi
  100. now=$(date --date=$(date --iso-8601) +%s 2>/dev/null)
  101. if [ "$?" != "0" ]; then
  102. # As above, due to some timezones returning 'invalid date' for midnight
  103. # on certain dates (e.g. America/Sao_Paulo), if date returns with error
  104. # return 0.
  105. return 0
  106. fi
  107. delta=$(($now-$stamp))
  108. # interval is in days, convert to sec.
  109. interval=$(($interval*60*60*24))
  110. debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)"
  111. # remove timestamps a day (or more) in the future and force re-check
  112. if [ $stamp -gt $(($now+86400)) ]; then
  113. echo "WARNING: file $stamp_file has a timestamp in the future: $stamp"
  114. rm -f "$stamp_file"
  115. return 0
  116. fi
  117. if [ $delta -ge $interval ]; then
  118. return 0
  119. fi
  120. return 1
  121. }
  122. update_stamp()
  123. {
  124. stamp="$1"
  125. touch $stamp
  126. }
  127. # we check here if autoclean was enough sizewise
  128. check_size_constraints()
  129. {
  130. MaxAge=0
  131. eval $(apt-config shell MaxAge APT::Archives::MaxAge)
  132. eval $(apt-config shell MaxAge APT::Periodic::MaxAge)
  133. MinAge=2
  134. eval $(apt-config shell MinAge APT::Archives::MinAge)
  135. eval $(apt-config shell MinAge APT::Periodic::MinAge)
  136. MaxSize=0
  137. eval $(apt-config shell MaxSize APT::Archives::MaxSize)
  138. eval $(apt-config shell MaxSize APT::Periodic::MaxSize)
  139. Cache="/var/cache/apt/archives/"
  140. eval $(apt-config shell Cache Dir::Cache::archives/d)
  141. # sanity check
  142. if [ -z "$Cache" ]; then
  143. echo "empty Dir::Cache::archives, exiting"
  144. exit
  145. fi
  146. # check age
  147. if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then
  148. debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge"
  149. find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f
  150. elif [ ! $MaxAge -eq 0 ]; then
  151. debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only"
  152. find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f
  153. else
  154. debug_echo "skip aging since MaxAge is 0"
  155. fi
  156. # check size
  157. if [ ! $MaxSize -eq 0 ]; then
  158. # maxSize is in MB
  159. MaxSize=$(($MaxSize*1024))
  160. #get current time
  161. now=$(date --date=$(date --iso-8601) +%s)
  162. MinAge=$(($MinAge*24*60*60))
  163. # reverse-sort by mtime
  164. for file in $(ls -rt $Cache/*.deb 2>/dev/null); do
  165. du=$(du -s $Cache)
  166. size=${du%%/*}
  167. # check if the cache is small enough
  168. if [ $size -lt $MaxSize ]; then
  169. debug_echo "end remove by archive size: size=$size < $MaxSize"
  170. break
  171. fi
  172. # check for MinAge of the file
  173. if [ $MinAge -ne 0 ]; then
  174. # check both ctime and mtime
  175. mtime=$(stat -c %Y $file)
  176. ctime=$(stat -c %Z $file)
  177. if [ $mtime -gt $ctime ]; then
  178. delta=$(($now-$mtime))
  179. else
  180. delta=$(($now-$ctime))
  181. fi
  182. if [ $delta -le $MinAge ]; then
  183. debug_echo "skip remove by archive size: $file, delta=$delta < $MinAge"
  184. break
  185. else
  186. # delete oldest file
  187. debug_echo "remove by archive size: $file, delta=$delta >= $MinAge (sec), size=$size >= $MaxSize"
  188. rm -f $file
  189. fi
  190. fi
  191. done
  192. fi
  193. }
  194. # deal with the Apt::Periodic::BackupArchiveInterval
  195. do_cache_backup()
  196. {
  197. BackupArchiveInterval="$1"
  198. if [ $BackupArchiveInterval -eq 0 ]; then
  199. return
  200. fi
  201. # Set default values and normalize
  202. CacheDir="/var/cache/apt"
  203. eval $(apt-config shell CacheDir Dir::Cache/d)
  204. CacheDir=${CacheDir%/}
  205. if [ -z "$CacheDir" ]; then
  206. debug_echo "practically empty Dir::Cache, exiting"
  207. return 0
  208. fi
  209. Cache="${CacheDir}/archives/"
  210. eval $(apt-config shell Cache Dir::Cache::Archives/d)
  211. if [ -z "$Cache" ]; then
  212. debug_echo "practically empty Dir::Cache::archives, exiting"
  213. return 0
  214. fi
  215. BackupLevel=3
  216. eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel)
  217. if [ $BackupLevel -le 1 ]; then
  218. BackupLevel=2 ;
  219. fi
  220. Back="${CacheDir}/backup/"
  221. eval $(apt-config shell Back Dir::Cache::Backup/d)
  222. if [ -z "$Back" ]; then
  223. echo "practically empty Dir::Cache::Backup, exiting" 1>&2
  224. return
  225. fi
  226. CacheArchive="$(basename "${Cache}")"
  227. test -n "${CacheArchive}" || CacheArchive="archives"
  228. BackX="${Back}${CacheArchive}/"
  229. for x in $(seq 0 1 $((${BackupLevel}-1))); do
  230. eval "Back${x}=${Back}${x}/"
  231. done
  232. # backup after n-days if archive contents changed.
  233. # (This uses hardlink to save disk space)
  234. BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp
  235. if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then
  236. if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then
  237. mkdir -p $Back
  238. rm -rf $Back$((${BackupLevel}-1))
  239. for y in $(seq $((${BackupLevel}-1)) -1 1); do
  240. eval BackY=${Back}$y
  241. eval BackZ=${Back}$(($y-1))
  242. if [ -e $BackZ ]; then
  243. mv -f $BackZ $BackY ;
  244. fi
  245. done
  246. cp -la $Cache $Back ; mv -f $BackX $Back0
  247. update_stamp $BACKUP_ARCHIVE_STAMP
  248. debug_echo "backup with hardlinks. (success)"
  249. else
  250. debug_echo "skip backup since same content."
  251. fi
  252. else
  253. debug_echo "skip backup since too new."
  254. fi
  255. }
  256. debug_echo()
  257. {
  258. # Display message if $VERBOSE >= 1
  259. if [ "$VERBOSE" -ge 1 ]; then
  260. echo $1 1>&2
  261. fi
  262. }
  263. check_power()
  264. {
  265. # laptop check, on_ac_power returns:
  266. # 0 (true) System is on main power
  267. # 1 (false) System is not on main power
  268. # 255 (false) Power status could not be determined
  269. # Desktop systems always return 255 it seems
  270. if which on_ac_power >/dev/null 2>&1; then
  271. on_ac_power
  272. POWER=$?
  273. if [ $POWER -eq 1 ]; then
  274. debug_echo "exit: system NOT on main power"
  275. return 1
  276. elif [ $POWER -ne 0 ]; then
  277. debug_echo "power status ($POWER) undetermined, continuing"
  278. fi
  279. debug_echo "system is on main power."
  280. fi
  281. return 0
  282. }
  283. # ------------------------ main ----------------------------
  284. if test -r /var/lib/apt/extended_states; then
  285. # Backup the 7 last versions of APT's extended_states file
  286. # shameless copy from dpkg cron
  287. if cd /var/backups ; then
  288. if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then
  289. cp -p /var/lib/apt/extended_states apt.extended_states
  290. savelog -c 7 apt.extended_states >/dev/null
  291. fi
  292. fi
  293. fi
  294. # check apt-config existence
  295. if ! which apt-config >/dev/null 2>&1; then
  296. exit 0
  297. fi
  298. # check if the user really wants to do something
  299. AutoAptEnable=1 # default is yes
  300. eval $(apt-config shell AutoAptEnable APT::Periodic::Enable)
  301. if [ $AutoAptEnable -eq 0 ]; then
  302. exit 0
  303. fi
  304. # Set VERBOSE mode from apt-config (or inherit from environment)
  305. VERBOSE=0
  306. eval $(apt-config shell VERBOSE APT::Periodic::Verbose)
  307. debug_echo "verbose level $VERBOSE"
  308. if [ "$VERBOSE" -le 2 ]; then
  309. # quiet for 0,1,2
  310. XSTDOUT=">/dev/null"
  311. XSTDERR="2>/dev/null"
  312. XAPTOPT="-qq"
  313. XUUPOPT=""
  314. else
  315. XSTDOUT=""
  316. XSTDERR=""
  317. XAPTOPT=""
  318. XUUPOPT="-d"
  319. fi
  320. if [ "$VERBOSE" -ge 3 ]; then
  321. # trace output
  322. set -x
  323. fi
  324. check_power || exit 0
  325. # check if we can lock the cache and if the cache is clean
  326. if which apt-get >/dev/null 2>&1 && ! eval apt-get check $XAPTOPT $XSTDERR ; then
  327. debug_echo "error encountered in cron job with \"apt-get check\"."
  328. exit 0
  329. fi
  330. # Global current time in seconds since 1970-01-01 00:00:00 UTC
  331. now=$(date +%s)
  332. # Support old Archive for compatibility.
  333. # Document only Periodic for all controlling parameters of this script.
  334. UpdateInterval=0
  335. eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists)
  336. DownloadUpgradeableInterval=0
  337. eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages)
  338. UnattendedUpgradeInterval=0
  339. eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade)
  340. AutocleanInterval=0
  341. eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval)
  342. CleanInterval=0
  343. eval $(apt-config shell CleanInterval APT::Periodic::CleanInterval)
  344. BackupArchiveInterval=0
  345. eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval)
  346. Debdelta=1
  347. eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta)
  348. # check if we actually have to do anything that requires locking the cache
  349. if [ $UpdateInterval -eq 0 ] &&
  350. [ $DownloadUpgradeableInterval -eq 0 ] &&
  351. [ $UnattendedUpgradeInterval -eq 0 ] &&
  352. [ $BackupArchiveInterval -eq 0 ] &&
  353. [ $AutocleanInterval -eq 0 ] &&
  354. [ $CleanInterval -eq 0 ]; then
  355. # check cache size
  356. check_size_constraints
  357. exit 0
  358. fi
  359. # deal with BackupArchiveInterval
  360. do_cache_backup $BackupArchiveInterval
  361. # ensure we don't do this on battery
  362. check_power || exit 0
  363. # include default system language so that "apt-get update" will
  364. # fetch the right translated package descriptions
  365. if [ -r /etc/default/locale ]; then
  366. . /etc/default/locale
  367. export LANG LANGUAGE LC_MESSAGES LC_ALL
  368. fi
  369. # update package lists
  370. UPDATED=0
  371. UPDATE_STAMP=/var/lib/apt/periodic/update-stamp
  372. if check_stamp $UPDATE_STAMP $UpdateInterval; then
  373. if eval apt-get $XAPTOPT -y update $XSTDERR; then
  374. debug_echo "download updated metadata (success)."
  375. if which dbus-send >/dev/null 2>&1 && pidof dbus-daemon >/dev/null 2>&1; then
  376. if dbus-send --system / app.apt.dbus.updated boolean:true ; then
  377. debug_echo "send dbus signal (success)"
  378. else
  379. debug_echo "send dbus signal (error)"
  380. fi
  381. else
  382. debug_echo "dbus signal not send (command not available)"
  383. fi
  384. update_stamp $UPDATE_STAMP
  385. UPDATED=1
  386. else
  387. debug_echo "download updated metadata (error)"
  388. fi
  389. else
  390. debug_echo "download updated metadata (not run)."
  391. fi
  392. # download all upgradeable packages (if it is requested)
  393. DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp
  394. if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then
  395. if [ $Debdelta -eq 1 ]; then
  396. debdelta-upgrade >/dev/null 2>&1 || true
  397. fi
  398. if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then
  399. update_stamp $DOWNLOAD_UPGRADEABLE_STAMP
  400. debug_echo "download upgradable (success)"
  401. else
  402. debug_echo "download upgradable (error)"
  403. fi
  404. else
  405. debug_echo "download upgradable (not run)"
  406. fi
  407. # auto upgrade all upgradeable packages
  408. UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp
  409. if which unattended-upgrade >/dev/null 2>&1 && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then
  410. if unattended-upgrade $XUUPOPT; then
  411. update_stamp $UPGRADE_STAMP
  412. debug_echo "unattended-upgrade (success)"
  413. else
  414. debug_echo "unattended-upgrade (error)"
  415. fi
  416. else
  417. debug_echo "unattended-upgrade (not run)"
  418. fi
  419. # clean package archive
  420. CLEAN_STAMP=/var/lib/apt/periodic/clean-stamp
  421. if check_stamp $CLEAN_STAMP $CleanInterval; then
  422. if eval apt-get $XAPTOPT -y clean $XSTDERR; then
  423. debug_echo "clean (success)."
  424. update_stamp $CLEAN_STAMP
  425. else
  426. debug_echo "clean (error)"
  427. fi
  428. else
  429. debug_echo "clean (not run)"
  430. fi
  431. # autoclean package archive
  432. AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp
  433. if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then
  434. if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then
  435. debug_echo "autoclean (success)."
  436. update_stamp $AUTOCLEAN_STAMP
  437. else
  438. debug_echo "autoclean (error)"
  439. fi
  440. else
  441. debug_echo "autoclean (not run)"
  442. fi
  443. # check cache size
  444. check_size_constraints
  445. #
  446. # vim: set sts=4 ai :
  447. #