Apticron est un logiciel basé sur apt-listchanges et une tache cron qui permet de recevoir des notifications de mise à jour par email.
Apticron est lancé périodiquement (par une crontab), et envoie un email lorsque de nouvelles mise à jour de paquet sont disponibles dans les dépôts apt.
Installation de apticron
root@home:~# aptitude install apticron
Configuration de apticron
La configuration de apticron n'est pas obligatoire, par défaut ce dernier envoie les mails à l'utilisateur root.
Pour changer le destinataire des mails vous avez deux solutions la première consiste à rediriger les mails root, la seconde est de configurer apticron en changeant l'email de destination en suivant la procédure suivante :
root@home:~# dpkg-reconfigure apticron
L'écran de configuration suivant apparait :
Ensuite remplacez root par votre email et validez avec [entrée].
Notification de mise à jour
Pour terminer en beauté voici un exemple de mail que vous recevrez en admettant que votre serveur smtp (cf : configuration d'exim) fonctionne correctement.
apticron report [Thu, 05 Mar 2009 13:26:58 +0100]
========================================================================
apticron has detected that some packages need upgrading on:
home
[ IP ]
The following packages are currently pending an upgrade:
cpio 2.9.90-3
debconf 1.5.26
debconf-i18n 1.5.26
htop 0.8.1-4
iproute 20090115-1
libdes425-3 1.6.dfsg.4~beta1-9
libgssapi-krb5-2 1.6.dfsg.4~beta1-9
libk5crypto3 1.6.dfsg.4~beta1-9
libkrb53 1.6.dfsg.4~beta1-9
libkrb5-3 1.6.dfsg.4~beta1-9
libkrb5support0 1.6.dfsg.4~beta1-9
libpam0g 1.0.1-7
libpam-modules 1.0.1-7
libpam-runtime 1.0.1-7
libpci3 1:3.1.2-1
mtools 4.0.9-1
pciutils 1:3.1.2-1
reiser4progs 1.0.7-2
zlib1g 1:1.2.3.3.dfsg-13
zlib1g-dev 1:1.2.3.3.dfsg-13
========================================================================
Package Details:
Lecture des fichiers de modifications (changelog)...
--- Nouveautés pour krb5 (libkrb53) ---
krb5 (1.6.dfsg.4~beta1-7) unstable; urgency=low
* In response to MIT's 2006 announcement that Kerberos 4 is at end of
life and no longer under development, this version of the krb5 package
removes most support for krb4. In particular, krb4 headers are no
longer included; applications with krb4 support cannot be built using
libkrb5-dev. In addition, krb4 support has been removed from the KDC
and user utilities. If you do not use Kerberos 4 and do not have
krb4-config installed, you should notice no changes. However, if you
do use Kerberos 4, you must transition away from Kerberos 4 before
upgrading to this version.
* Downgrading from this version to a previous version can be
difficult because of library name changes. Please follow these
instructions:
- Get the libkrb53 and libkadm55 debs you want to downgrade to
-dpkg --force-depends --remove libkrb5-3 libkrb5support0 libdes425-3
libgssapi-krb5-2 libgssrpc4 libkadm5clnt5 libkadm5srv5 libkdb5-4
libk5crypto3
- At this point your system has broken Kerberos libraries
- dpkg -i libkrb53*deb libkadm55*deb (using the debs you got above)
- aptitude -f install to fix any other packages that may be broken
-- Sam Hartman <hartmans@debian.org> Thu, 26 Feb 2009 21:12:41 -0500
--- Modifications pour krb5 (libkrb53) ---
krb5 (1.6.dfsg.4~beta1-9) unstable; urgency=medium
* Fix typo in downgrade instructions in NEWS file.
* Fix override for libkadm55
* Upload to unstable.
-- Sam Hartman <hartmans@debian.org> Sun, 01 Mar 2009 15:33:58 -0500
krb5 (1.6.dfsg.4~beta1-8) experimental; urgency=low
* Re-introduce libkrb53 and libkadm55 based on discussion on
debian-devel; in this version, libkrb53 contains only libkrb4. Both
libkrb53 and libkadm55 depend on the split library packages. These
dependencies are unversioned; that means that before any symbols are
added the shlibs files need to be repointed away from libkrb53 and
libkadm55. Any version of the split library packages can satisfy the
symbols needed by the libraries previously shipped in libkrb53.
* Perform two builds; one without krb4 and one with krb4 for the only
warnings; they will go away when the shlibs files are repointed.
* Remove krb4 support from debconf and init scripts.
* Remove the krb4 migration guide from doc-base
* Fix up replaces in control file so that libraries that used to be in
libkadm55 claim to replace libkadm55
* Only use parallel builds on the krb5 build; it breaks krb4 enabled
builds.
* Used versioned replaces; this seems to make it harder to get a system
into a broken state if you remove the new packages, Closes: #517483
-- Sam Hartman <hartmans@debian.org> Sat, 28 Feb 2009 00:42:51 -0500
krb5 (1.6.dfsg.4~beta1-7) experimental; urgency=low
* Do not build krb4 support; this is being removed upstream with 1.7 and
it is strongly desirable to examine the debian implications.
* As a result, the libraries which were previously all in libkrb53 need
to change package names as we are dropping some libraries. So, split
out the libraries into lib<libraryname>-<soname> per policy. The old
format was consistent with policy when it was written 8 years ago, and
has lasted well. As a result, a significant number of new library
packages are introduced.
* Use dpkg-gensymbols support for .symbols files for better version tracking
* Update to policy 3.8.0
- Support parallel=
-- Sam Hartman <hartmans@debian.org> Fri, 20 Feb 2009 16:57:43 -0500
--- Modifications pour cpio ---
cpio (2.9.90-3) unstable; urgency=low
* Fix some variable types leading to spurious "file grew" errors for
files larger than 4GB. closes: #506714.
-- Clint Adams <schizo@debian.org> Mon, 02 Mar 2009 17:32:20 -0500
--- Modifications pour debconf (debconf debconf-i18n) ---
debconf (1.5.26) unstable; urgency=low
* Use 'key not in dict' rather than 'not dict.has_key(key)' in debconf.py;
dict.has_key is deprecated in Python 2.6.
* debconf-apt-progress: Don't send STOP if we didn't start the debconf
frontend ourselves; in that case the application calling us should
arrange to stop itself.
* debconf.py: Use subprocess rather than popen2 if it's available. popen2
is deprecated in Python 2.6.
-- Colin Watson <cjwatson@debian.org> Tue, 03 Mar 2009 16:33:57 +0000
--- Modifications pour htop ---
htop (0.8.1-4) unstable; urgency=low
* debian/patches:
- New 600-openvz-veid-on-kernels-gt-2.6.18.patch: fix determining veid on
openvz-enabled kernels greater than 2.6.18. Patch by
Thorsten Schifferdecker <tsd@debian.systs.org>. (Closes: #516846)
- New 610-rename-veid-to-ctid.patch: openvz: renames 'veid' -> 'ctid' since
it's now a preferred term. Patch by
Thorsten Schifferdecker <tsd@debian.systs.org>. (Closes: #516847)
- New 700-ltrace-support.patch: add ltrace(1) support in addition to strace
support. Patch by <knotor@users.sourceforge.net>.
- New 800-tree-view-with-userland-threads.patch: patch to fix tree view when
userland threads are hidden, taken from Ubuntu.
-- Eugene V. Lyubimkin <jackyf.devel@gmail.com> Mon, 02 Mar 2009 23:17:04 +0200
--- Modifications pour iproute ---
iproute (20090115-1) unstable; urgency=low
[ Andreas Henriksson ]
* debian/rules: Make stamp-doc target depend on patch target.
- package fails to build binary-indep because of missing txt target
in doc/Makefile if invoked manually. Reported by Dean Gaudet.
* New upstream release v2.6.27 (aka 081027, tagged but no tarballs).
- old ipv4 abbrevation compatibility restored. (Closes: #497011)
- make it possible to use tunnel names matching "help", if specified
with explicit "name" parameter before name. (Closes: #497278)
- add new ip link parameters in usage text when running on
a kernel that supports them. (Closes: #504064)
- only print "Nothing to flush" when told to show stats. (Closes: #492196)
* New upstream release v2.6.28 (aka 090115).
-- Andreas Henriksson <andreas@fatal.se> Wed, 20 Aug 2008 23:01:17 +0200
--- Modifications pour mtools ---
mtools (4.0.9-1) unstable; urgency=low
* New upstream version.
- Upstream doesn't ship Changelog anymore
* Rename debian/changelog-legacy to debian/old-changelog
-- Anibal Monsalve Salazar <anibal@debian.org> Tue, 03 Mar 2009 12:46:41 +1100
--- Modifications pour pam (libpam0g libpam-modules libpam-runtime) ---
pam (1.0.1-7) unstable; urgency=low
* 027_pam_limits_better_init_allow_explicit_root:
- fix the patch so that our limit resets are actually *applied*,
which has apparently been broken for who knows how long!
- shadow the finite kernel defaults for RLIMIT_SIGPENDING and
RLIMIT_MSGQUEUE as well, so that the preceding change doesn't
suddenly expose systems to DoS or other issues.
- include documentation in the patch, giving examples of how to set
limits for root. Thanks to Jonathan Marsden.
* pam-auth-update: swap out known md5sums from intrepid pre-release
versions with the md5sums from the released intrepid version
* pam-auth-update: set the umask, so we don't accidentally mark
/etc/pam.d/common-* unreadable. Thanks to Martin Krafft for catching.
Closes: #518042.
-- Steve Langasek <vorlon@debian.org> Tue, 03 Mar 2009 17:18:42 -0800
--- Modifications pour pciutils (libpci3 pciutils) ---
pciutils (1:3.1.2-1) unstable; urgency=low
* New upstream version
* Update pci.ids with snapshot dated 2009-02-20 03:15:01
-- Anibal Monsalve Salazar <anibal@debian.org> Tue, 03 Mar 2009 13:46:34 +1100
--- Modifications pour reiser4progs ---
reiser4progs (1.0.7-2) unstable; urgency=low
* Remove /sbin/make_reiser4 hardlink.
-- Felix Zielcke <fzielcke@z-51.de> Wed, 04 Mar 2009 10:29:35 +0100
--- Modifications pour zlib (zlib1g zlib1g-dev) ---
zlib (1:1.2.3.3.dfsg-13) unstable; urgency=low
* Add LPIA to the list of unaligned architectures to reduce the Ubuntu
diff a little (closes: #517403).
-- Mark Brown <broonie@debian.org> Sun, 01 Mar 2009 20:43:18 +0000
========================================================================
You can perform the upgrade by issuing the command:
aptitude full-upgrade
as root on home
--
apticron
Cet email contient la liste des paquets disponibles en mise à jour. Pour chaque paquet la liste des changements est générée en utilisant apt-listchanges ce qui permet de savoir si la mise à jour est nécessaire ou pas.
Il est à noter que l'utilisation de aptitude full-upgrade est un peu "dangereuse" personnellement je prefère lancer un safe-upgrade qui me parait plus approprier pour une mise à jour classique. Le full-upgrade est plutôt à utiliser lors d'un changement de version.
Bon je m'en vais lancer un petit aptitude safe-upgrade moi ;)
Image : cuellar
