The Debian security team does a great job of providing updated
packages in a timely manner to address any security problems in stable
releases.
However, there is no simple way of taking advantage of this fact and
staying up-to-date using the default Gnome or KDE installations
currently provided with Sarge.
The only available option currently is Synaptic, which, while a great
piece of software, is buried in the menu and offers a
not-so-convenient 5-click upgrade procedure (in it's default mode at
least, which is what is available from the menu).
Luckily, on my quest to remedy this situation, I found two applets
that are already written that address this problem. Both check for
APT updates at regular intervals and rely on Synaptic to do the actual
upgrade. Here are the pros and cons of each:
apt-watch (http://alioth.debian.org/projects/apt-watch/):
Pros:
- Written by a DD (Daniel Burrows)
- Already packaged and in Debian
- Uses a user-to-root helper by default (although not
su-to-root as it should)
- Allows for separating security updates from other updates
Cons:
- Ugly, non-intuitive icons
- Only offers Daily and Weekly time options
- Download Upgrades menu option doesn't work (but is not
really necessary)
- Doesn't work with KDE
apt-indicator (http://apt-indicator.sourceforge.net/):
Pros:
- Visually pleasing, intuitive icons
- Lists packages that are available for upgrade without
having to launch Synaptic
- Allows any kind of time setting
- Works with Gnome and KDE
Cons:
- Wasn't made for Debian (but works anyway)
- Doesn't use user-to-root by default (requires patch)
My preference after having evaluated both is definitely apt-indicator.
Overall it is more intuitive and easy to use, offers all the features
that are needed, and supports both Gnome and KDE.
For those who want to try apt-indicator under testing, here is the
quick guide:
- Download:
http://voxel.dl.sourceforge.net/sourceforge/apt-indicator/apt-indicator-0.0.4rc2.tar.bz2
- Apply the attached patch.
- Install the build dependencies (need g++, etc. as well):
qt3-dev-tools libqt3-dev libapt-pkg-dev libqt3-mt-dev help2man
xsltproc docbook-xsl
- make && make install
- Run 'apt-indicator' under Gnome or KDE
- If your system is already up-to-date with testing and you want to
downgrade a package to test the update, here is a good one currently
(install 0.90.0-3):
ftp://ftp.us.debian.org/debian/pool/main/g/gnome-system-tools/
Work left to do:
- Fix run_program.cpp to properly work with any command
- Look into dist_upgrade.cpp:177 APT_UPDATE_ASSERT call
- Figure out if the XSL stylesheet we have (for the docs) is
the one it expects
- Make sure Sarge's Synaptic supports --update-mode
- Add an option for Synaptic's --non-interactive mode
- Package it
I'm going to keep working on it and I'll try to have a package for it
soon. It would be nice to know if there is enough interest in this
feature to get it into Sarge, or if it is too late to be adding new
software (even security-related software) into the testing process at
this point.
Jason
diff -ur apt-indicator-0.0.4rc2.orig/doc/Makefile apt-indicator-0.0.4rc2/doc/Makefile
--- apt-indicator-0.0.4rc2.orig/doc/Makefile 2004-04-26 08:36:11.000000000 -0400
+++ apt-indicator-0.0.4rc2/doc/Makefile 2004-10-03 12:15:03.000000000 -0400
@@ -1,7 +1,7 @@
include ../main.mak
HTMLDOCDIR=html/
-STYLESHEET=/usr/share/xml/docbook/xsl-stylesheets/html/chunk.xsl
+STYLESHEET=/usr/share/xml/docbook/stylesheet/nwalsh/html/chunk.xsl
XMLLINT=xmllint --noout --noent --xinclude --postvalid
XSLTPROC=xsltproc --xinclude --stringparam chunker.output.encoding "utf-8"
diff -ur apt-indicator-0.0.4rc2.orig/include/local.h
apt-indicator-0.0.4rc2/include/local.h
--- apt-indicator-0.0.4rc2.orig/include/local.h 2004-04-23 07:26:32.000000000 -0400
+++ apt-indicator-0.0.4rc2/include/local.h 2004-10-03 12:31:16.000000000 -0400
@@ -7,13 +7,13 @@
#ifndef ALT_UPDATE_LOCAL_H
#define ALT_UPDATE_LOCAL_H
-const QString program_name = "APT Indicator"; /**< name of the program */
-const QString synaptic_path = "/usr/bin/synaptic"; /**< default path to the synaptic
program */
+const QString program_name = "Update Monitor"; /**< name of the program */
+const QString synaptic_path = "/usr/sbin/su-to-root -X -c /usr/sbin/synaptic
--update-mode"; /**< default path to the synaptic program */
#ifndef NDEBUG
const int check_interval = 30; /**< default interval between checkings */
#else
-const int check_interval = 86400;
+const int check_interval = 7200;
#endif
const int check_interval_first = 5; /**< interval between program run and first check
*/
diff -ur apt-indicator-0.0.4rc2.orig/main.mak apt-indicator-0.0.4rc2/main.mak
--- apt-indicator-0.0.4rc2.orig/main.mak 2004-08-05 04:50:24.000000000 -0400
+++ apt-indicator-0.0.4rc2/main.mak 2004-10-03 12:11:53.000000000 -0400
@@ -1,6 +1,6 @@
NAME=apt-indicator
VERSION=0.0.4rc2
-QTDIR=/usr/lib/qt3
+QTDIR=/usr/share/qt3
SYSDATADIR=/usr/share
DATADIR=$(DESTDIR)/$(SYSDATADIR)/$(NAME)
INSTALL=install
diff -ur apt-indicator-0.0.4rc2.orig/src/Makefile apt-indicator-0.0.4rc2/src/Makefile
--- apt-indicator-0.0.4rc2.orig/src/Makefile 2004-04-28 04:26:02.000000000 -0400
+++ apt-indicator-0.0.4rc2/src/Makefile 2004-10-03 12:19:24.000000000 -0400
@@ -2,8 +2,8 @@
include ../main.mak
INCLUDES = -I$(QTDIR)/include -I../include
-CPPFLAGS=$(RPM_OPT_FLAGS) $(INCLUDES) -Wall -pedantic -DQT_NO_COMPAT
-DQT_THREAD_SUPPORT -DDATADIR=\"$(DATADIR)\" \
- -DVERSION=\"$(VERSION)\"
+CPPFLAGS=$(RPM_OPT_FLAGS) $(INCLUDES) -Wall -DQT_NO_COMPAT -DQT_THREAD_SUPPORT
-DDATADIR=\"$(DATADIR)\" \
+ -DVERSION=\"$(VERSION)\" -DNDEBUG
LDFLAGS=-L$(QTDIR)/lib -lqt-mt -lapt-pkg -lpthread
diff -ur apt-indicator-0.0.4rc2.orig/src/dist_upgrade.cpp
apt-indicator-0.0.4rc2/src/dist_upgrade.cpp
--- apt-indicator-0.0.4rc2.orig/src/dist_upgrade.cpp 2004-08-04 04:41:17.000000000
-0400
+++ apt-indicator-0.0.4rc2/src/dist_upgrade.cpp 2004-10-03 12:13:50.000000000 -0400
@@ -174,7 +174,7 @@
// Create the download object
AcqTextStatus Stat;
pkgAcquire Fetcher(&Stat);
- APT_UPDATE_ASSERT(!List.GetReleases(&Fetcher));
+// APT_UPDATE_ASSERT(!List.GetReleases(&Fetcher));
Fetcher.Run();
bool Failed = false;
diff -ur apt-indicator-0.0.4rc2.orig/src/run_program.cpp
apt-indicator-0.0.4rc2/src/run_program.cpp
--- apt-indicator-0.0.4rc2.orig/src/run_program.cpp 2004-04-09 03:46:54.000000000
-0400
+++ apt-indicator-0.0.4rc2/src/run_program.cpp 2004-10-03 12:31:06.000000000 -0400
@@ -41,9 +41,10 @@
//run subprocess ...
if (!child_pid_)
{ //child
- char *argv[2] = {NULL, NULL};
- argv[0] = strdup(progname_.data());
- execv(progname_.data(), argv);
+// char *argv[2] = {NULL, NULL};
+// argv[0] = strdup(progname_.data());
+// execv(progname_.data(), argv);
+ system(progname_.data());
_exit(Failed);
}
else
