36

I'm working on some system admin automation using fabric and I'd like to be able to monitor the number of packages that need upgrading on a given machine. This is the same information that I can see when I first log in to a machine, i.e. this part:

35 packages can be updated.
22 updates are security updates.

Is there a command that I can run (preferably without sudo) that gives just that information?

I've looked at the apt-python bindings, but they seem to have a high learning curve and they also appear to be changed around a lot -- I'd like something that will work at least as far back as lucid without needing to do different things on different Ubuntu versions.

Braiam
  • 66,947
  • 30
  • 177
  • 264
KayEss
  • 598
  • 1
  • 5
  • 15

4 Answers4

33

To obtain that output, you can use the command

sudo /usr/lib/update-notifier/update-motd-updates-available

or, if you don't want to use sudo,

cat /var/lib/update-notifier/updates-available

Explanation

The login application shows the output found in the file /etc/motd, that is a symbolic link to /var/run/motd.

This last file is updated by the mounted-varrun service (see /etc/init/mounted-varrun.conf) invoking all scripts in /etc/update-motd.d/, and in particular

/etc/update-motd.d/90-updates-available

that in turn calls the script

/usr/lib/update-notifier/update-motd-updates-available

this script executes various actions, and at last writes the output to the text file

/var/lib/update-notifier/updates-available

EDIT

Regarding the reboot part of the question, run this command

/usr/lib/update-notifier/update-motd-reboot-required

it will give no output if reboot is not required.

enzotib
  • 92,255
  • 11
  • 164
  • 178
  • I'm just checking on a machine running 11.04 and byobu shows 44 updates required. `cat`ing the file you suggest is blank, and the script you first point to doesn't exist on this machine -- is it in some package that needs to be installed? I have `/usr/lib/update-manager`, but no `update-notifier` directory. – KayEss Jun 22 '11 at 11:42
  • Tested on 11.04 desktop. Those files belong to `update-notifier-common` that was installed automatically on a fresh installation (not upgrade from 10.10). – enzotib Jun 22 '11 at 12:17
  • I've looked at some more machines. For those that have `/var/lib/update-notifier/apt-check` this looks like it returns the two numbers, i.e. 43;24 (43 updates, 24 are security ones), but even that doesn't appear on all my machines. I suppose that this file might have moved between packages in different versions. – KayEss Jun 23 '11 at 02:12
23

Why can't you just run this?

/usr/lib/update-notifier/apt-check --human-readable

That's what /usr/lib/update-notifier/update-motd-updates-available does to collect the information, at least in the version of Ubuntu I'm using (12.10).

Seth
  • 57,282
  • 43
  • 144
  • 200
Tom Barron
  • 331
  • 2
  • 4
4

I also search for a scripred method for a update check inside minimal docker containers, when I found a comment in /usr/lib/update-notifier/apt-check:

apt-get -s -o Debug::NoLocking=true upgrade | grep ^Inst

This allows a scripted update check, without the need to install the update-notifier-common package

d a i s y
  • 5,411
  • 9
  • 41
  • 59
Simon Sudler
  • 3,771
  • 3
  • 20
  • 33
0

You can use the check_apt plugin from monitoring-plugins-basic (Nagios), with the advantage of getting different return codes depending on whether updates are available:

$ /usr/lib/nagios/plugins/check_apt
APT WARNING: 18 packages available for upgrade (0 critical updates). |available_upgrades=18;;;0 critical_updates=0;;;0
$ echo $?
1

Return codes have the following meanings:

  • 0 --> no packages available for upgrade
  • 1 --> non critical packages available for upgrade
  • 2 --> critical updates available

References:

Clauz
  • 21
  • 1