How to configure apticron to just report security / critical updates?

Question

We're going to try out apticron, but we don't want to know about every package that could be updated -- only the security / critical updates. How do we configure apticron to do this?

PS -- yes, we are subscribed to the Debian security announcement list.

score 1 · Answer 1 · edited Aug 11 '18 at 03:18

I had a similar issue, I created a new sources.list file which held only the sources I wanted Apticron to work with

And then I changed the Apticron code so it will use the file I created.

sudo grep "-security" /etc/apt/sources.list | sudo grep -v "#" > /etc/apt/security.sources.list

Above command will create a new sources list specifically for security.

Inside the /usr/sbin/apticron code I made the following changes.

Update the package lists

/usr/bin/apt-get -qq update -o Dir::Etc::SourceList=/etc/apt/security.sources.list || true

Get the list of packages which are pending an upgrade

PKGNAMES=`/usr/bin/apt-get -o Dir::Etc::SourceList=/etc/apt/security.sources.list -q -y --ignore-hold --allow-unauthenticated -s dist-upgrade | \
/bin/grep ^Inst | /usr/bin/cut -d\  -f2 | /usr/bin/sort`

It did work for me. This link contains tutorial how to create and use a different source.list for apt-get.

The link to the tutorial is broken/down. You'll need to edit the bash Apticron application file `/usr/sbin/apticron` — Gianfranco P., Mar 20 '18 at 23:57

score 0 · Answer 2 · edited Apr 13 '17 at 12:14

0

The 'unattend-upgrades' package actually looks promising for what you intend, https://help.ubuntu.com/10.04/serverguide/C/automatic-updates.html Should I have to enable automatic update on Debian lenny stable?

edited Apr 13 '17 at 12:14

Community

1

answered Jan 06 '12 at 21:27

dtbnguyen

312
1
5

2

Hi user1125087 I'd rather not use an automated unattended updater. I'd rather test out the update myself on a test machine first, then do the update manually. Also, if some code breaks all of a sudden, and if I'm using an automated unattended updater tool, I'd have to remember that such a tool could have pushed the update that cause the code to fail. – PhilAG Jan 07 '12 at 01:24
Couldn't you just set the, "APT::Periodic::Unattended-Upgrade" option to 0? This would stop auto install but would still download the update/s? – dtbnguyen Jan 07 '12 at 02:36
If you're selling expedicious you could then write a script to cross reference between the apticron email and unattend's downloads? Thinking about a cleaner solution though... – dtbnguyen Jan 07 '12 at 02:47

How to configure apticron to just report security / critical updates?

2 Answers2