Jarno Elonen wrote: > ..and the said utility script looks like this: > > ------------------------------------ > source /etc/upgrade-system.conf > > echo "Updating available package lists..." > apt-get -q=2 update
Are you randomizing your start time? Look at cron-apt for an example.
Otherwise there is a high potential to cause a load spike and trigger
failures. [Note that $RANDOM is a bash'ism.]
> echo -e "\nUpgrading installed packages..."
> apt-get $UPGRADEOPTS
Is UPGRADEOPTS upgrade? Or dist-upgrade? For 'testing' it would need
to be dist-upgrade, of course.
To make this script run the same when run interactively as well as run
from cron the following may be beneficial. Or perhaps redirect the
input 'exec </dev/null'.
export DEBIAN_FRONTEND=noninteractive
I also set the following in my scripts. But I have a huge pool of
machines. Getting the same mail from each and everyone of them is a
D-DOS attack on me. :-) I only mention it for those others like me
with a large number of machines in a pool and trying to do automatic
updates.
export DEBCONF_ADMIN_EMAIL=""
[I need to file a bug against ssh not to complain if telnetd (not
telnetd-ssl) is installed. That is what prompted that. :-) ]
> echo -e "\nCleaning APT cache..."
> apt-get clean
>
> if [ -f /usr/bin/deborphan ]
> then
> echo -e "\nChecking for orphan files..."
> if [ `deborphan $ORPHANOPTS | wc -l | tr -d " "` = 0 ];
> then
> echo "No orphan file to be purged."
> else
> echo "Purging orphan files..."
> deborphan $ORPHANOPTS | xargs dpkg --purge
The --purge would make me nervous. But I guess I should just file a
bug against gphoto2 since it always shows up in deborphan's output on
my system. Something is strange about it. But one can always hold
it to avoid that.
> fi
> fi
>
> if [ -f /usr/bin/update-menus ]
> then
> echo -e "\nUpdating menus..."
> update-menus
> fi
>
> echo -e "\nSystem upgrade completed."
> ------------------------------------
Some more random thoughts without much thinking...
In my own scripts I always set these options:
APT::Get::Remove "false";
But by the use of deborphan above I know you don't want to disable
removing packages. But I do and it makes the process much safer. But
this next one you might want, at least the --force-confold part. The
replace missing config file one has raised a lot of debate in the
past.
DPkg::Options {"--force-confmiss";"--force-confold"};
Bob
pgpXCz5CjQvjj.pgp
Description: PGP signature
