On 5 July 2013 15:05, Robie Basak <[email protected]> wrote: > check_apt does not correctly report pending security updates as > critical, as it is designed to do. > > https://launchpad.net/bugs/1031680 > > The problem is the fundamental way it's designed. I reported this to > upstream and they said the following: > > I agree with your stance on parsing apt-get output, and I'd love > to see a replacement that does the job using an APT API. I'm > less keen on having the behaviour depend on whether or not some > tool is available, though; as that's problematic with respect to > maintenance and support. And I guess update-notifier is a bit > too Ubuntu-ish to add a hard dependency on apt-check ... > > There's a suitable replacement written by Simon Déziel here: > > https://github.com/simondeziel/custom-nagios-plugins/blob/master/plugins/check_apt_upgrade > > > What do you think? How far down my list should we go? >
It's reasonable expectation for default nagios/check_mk/icinga configurations on both Debian and Ubuntu to have updates and security checks that work. Given that check_apt doesn't do what it says on the tin, on Ubuntu systems, imho it's best to ship check_apt_upgrade under check_apt name. To do so, we need to carefully check/test that standard nagios & perf data options are supported by check_apt_upgrade and flags/options that it doesn't support are either gracefully ignored or passed to the original check_apt plugin. This way we should be able to replace non-working check, with the one that does work and push that as an SRU. Regards, Dmitrijs. -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
