I want my cron-run reporting script to notify me in case there are updates for my packages. Is the a way to make apt-get give me the list of available updates but don't do anything more?
Asked
Active
Viewed 4.1e+01k times
16 Answers
319
apt
For modern versions of apt there is a specific switch for this:
apt list --upgradable
apt-get
For the old apt-get command the -u switch shows a list of packages that are available for upgrade:
# apt-get -u upgrade --assume-noFrom the apt-get man page:
-u
--show-upgraded Show upgraded packages; Print out a list of all packages that are to be upgraded. Configuration Item: APT::Get::Show-Upgraded.
--assume-no Automatic "no" to all prompts. <== To prevent it from starting to install
Niklas Rosencrantz
- 4,228
jasonwryan
- 73,126
72
apt-get --just-print upgrade
Is not read that easily, below is a perl one liner to parse apt-get's output:
apt-get --just-print upgrade 2>&1 | perl -ne 'if (/Inst\s([\w,\-,\d,\.,~,:,\+]+)\s\[([\w,\-,\d,\.,~,:,\+]+)\]\s\(([\w,\-,\d,\.,~,:,\+]+)\)? /i) {print "PROGRAM: $1 INSTALLED: $2 AVAILABLE: $3\n"}'
This should output something like:
PROGRAM: grub-pc INSTALLED: 1.99-21ubuntu3.1 AVAILABLE: 1.99-21ubuntu3.9
Hopefully it will help someone else,
Tom
- 721
-
1just for the laugh: apt-get -s upgrade| awk -F'[][() ]+' '/^Inst/{printf "Prog: %s\tcur: %s\tavail: %s\n", $2,$3,$4}' – tink May 17 '13 at 03:19
-
10It could also be much more nice looking, if use
columnlike this:apt-get --just-print upgrade 2>&1 | perl -ne 'if (/Inst\s([\w,\-,\d,\.,~,:,\+]+)\s\[([\w,\-,\d,\.,~,:,\+]+)\]\s\(([\w,\-,\d,\.,~,:,\+]+)\)? /i) {print "PROGRAM: $1 INSTALLED: $2 AVAILABLE: $3\n"}' | column -s " " -t– AntonioK Jul 14 '15 at 11:35 -
1
-
2
-
-
40
Another option, inspired by enzotib :
aptitude search '~U' | wc -l
This command will use aptitude to output the new packages and then wc to just count the lines.
On a sidenote, I found that enzotib's solution without the single quotes around the ~U didn't work for me. (Wheezy, ZSH, aptitude 0.6.8.2)
Update :
With the new apt you can do:
apt list --upgradeable
31
-
-
3It's a shame this doesn't return different exit codes depending on whether there are upgrades available or not. Would have been nice to able to use this in a script. – Dale C. Anderson Jun 05 '17 at 19:32
21
You can run
aptitude -F%p --disable-columns search ~U
or the undocumented
/usr/lib/update-notifier/apt-check -p; echo
Another method using an apt-get simulation:
apt-get -s dist-upgrade | awk '/^Inst/ { print $2 }'
enzotib
- 51,661
-
1
-
apt-get -s dist-upgrade works good too and has same output when you pipe it through that awker – ychaouche Feb 09 '17 at 09:28
-
thank you! this got out of quite a bit of dependency hell. was trying to
dist-upgradebut not lose some packages so needed to useaptitude.aptitude install $(apt-get -s dist-upgrade | awk '/^Inst/ { print $2 }')did the trick! – Jayen Dec 03 '17 at 10:18
14
apt-get update && apt-get -s upgrade
will list available updates without actually installing.
First command updates package index files before simulated (thus -s) upgrade is done. "-s" will do a simulated upgrade showing packets that would be installed but will not actually install anything.
On the contrary "-u" instead of "-s" would actually install after confirmation.
ajaaskel
- 424
-
3The simulate option can be triggered with any of
-s, --simulate, --just-print, --dry-run, --recon, --no-act, recon and dry-run are my personal favorites. – ThorSummoner Dec 17 '15 at 17:24
12
Take a look at package "apticron":
apticron - Simple tool to mail about pending package updates
Apticron is a simple script which sends daily emails about pending package updates such as security updates, properly handling packages on hold both by dselect and aptitude.
Steen Schütt
- 3,642
f4m8
- 1,989
- 1
- 11
- 5
10
I needed full version information on possible upgrades, so I used a modification of jasonwryan's answer:
apt-get -V -u upgrade
It's simple and IMO reasonably formatted output.
Ben Brian
- 261
5
apt-get update > /dev/null && apt-get --just-print upgrade | grep "Inst "
is the most simple for cron emails; there is no user iteration, and if there are no updates there is no output.
user1133275
- 5,574
4
Just filter the output of
apt-get update && apt-get -s -V -u upgrade
to have only the preferred information in your log.
Most likely, you'll need the beautiful part after the line
...
The following packages will be upgraded:
...
that has few spaces in the beginning.
freealx
- 41
-
Hi and welcome to the site. As it stands, your answer is basically a rehash of existing ones and so does not add anything new. You could improve it by, for example, explaining how to filter the output, adding an explanation of what the various switches do etc. – terdon Nov 19 '14 at 17:29
3
Jet another on-liner, inspired by this answer:
function a { read input;dpkg -l ${input} | grep " ${input} " | awk '{$1=$2=$3=$4="";print $0}' | sed 's/^ *//';unset input;};{ apt-get --just-print upgrade 2>&1 | perl -ne 'if (/Inst\s([\w,\-,\d,\.,~,:,\+]+)\s\[([\w,\-,\d,\.,~,:,\+]+)\]\s\(([\w,\-,\d,\.,~,:,\+]+)\)? /i) {print "$1 (\e[1;34m$2\e[0m -> \e[1;32m$3\e[0m)\n"}';} | while read -r line; do echo -en "$line $(echo $line | awk '{print $1}' | a )\n"; done;
The output looks like this (colored):
locales (2.13-38+deb7u7 -> 2.13-38+deb7u8) Embedded GNU C Library: National Language (locale) data [support]
linux-headers-3.2.0-4-amd64 (3.2.65-1+deb7u1 -> 3.2.65-1+deb7u2) Header files for Linux 3.2.0-4-amd64
linux-headers-3.2.0-4-common (3.2.65-1+deb7u1 -> 3.2.65-1+deb7u2) Common header files for Linux 3.2.0-4
sudo (1.8.5p2-1+nmu1 -> 1.8.5p2-1+nmu2) Provide limited super user privileges to specific users
If you dont want the short description use this one:
{ apt-get --just-print upgrade 2>&1 | perl -ne 'if (/Inst\s([\w,\-,\d,\.,~,:,\+]+)\s\[([\w,\-,\d,\.,~,:,\+]+)\]\s\(([\w,\-,\d,\.,~,:,\+]+)\)? /i) {print "$1 (\e[1;34m$2\e[0m -> \e[1;32m$3\e[0m)\n"}';} | while read -r line; do echo -en "$line\n"; done;
Output:
locales (2.13-38+deb7u7 -> 2.13-38+deb7u8)
linux-headers-3.2.0-4-amd64 (3.2.65-1+deb7u1 -> 3.2.65-1+deb7u2)
linux-headers-3.2.0-4-common (3.2.65-1+deb7u1 -> 3.2.65-1+deb7u2)
sudo (1.8.5p2-1+nmu1 -> 1.8.5p2-1+nmu2)
Compilenix
- 31
-
The one liner is fantastic, except it doesn't output the description of some packages. – ychaouche Feb 09 '17 at 10:12
3
apt-check is probably the most efficient scripting method.
/usr/lib/update-notifier/apt-check 2>&1 | cut -d ';' -f 1
A very small modification shows you only the security updates.
/usr/lib/update-notifier/apt-check 2>&1 | cut -d ';' -f 2
flickerfly
- 1,651
3
I like to use this:
apt-get -qq update && apt-get -qq -s upgrade
You get an output like this one:
Inst linux-base [3.5] (4.5~deb8u1 Debian-Security:8/oldstable [all])
Conf linux-base (4.5~deb8u1 Debian-Security:8/oldstable [all])
if there are available updates, and none if there isn't. This way you can simply couple it with a monitoring solution.
user3310438
- 31
2
After writing warning to @jasonwryan's answer, I want to provide my own solution:
apt-get dist-upgrade --assume-no
Unfortunately, this one doesn't work with debian wheezy and I had to check some lxc containers which are still not upgraded. This form will always work:
apt-get dist-upgrade </dev/null
Finally, I also wanted to reformat the output. I chose to change the call again (using --dry-run but ignoring all additional output) because it feels more safe:
apt-get --dry-run dist-upgrade | awk '
BEGIN{p=0}
/^The/{p=1;t=$0}
/no longer required/{p=0}
#optional: /been kept back/{p=0}
p && t{print t;t=""}
/^ / && p{print $0}
'
Returns:
The following packages have been kept back:
iproute
The following packages will be upgraded:
unzip
Daniel Alder
- 846
1
As a variation I use the following:
apt-get -V -s dist-upgrade \
|grep -E "^ .*=>.*" \
|awk 'BEGIN {
ul=sprintf("%*s",40,""); gsub(/ /,"-",ul);
printf "%-30s %-30s %-30s\n", "Package", "Installed", "Available";
printf "%-30.30s %-30.30s %-30.30s\n", ul, ul, ul;
}
{
printf "%-30s %-30s %-30s\n",
$1,
substr($2,2),
substr($4,1,length($4)-1)
}'
Stick it into a script named apt-updates and you can then call apt-updates to get a listing of all updates regardless of user.
You still do need to call apt-get update with privileged access.
Brett Ryan
- 381
-
output only shows the package name (first column), second column always prints "=" and third column is always empty. I'm on Mint. – ychaouche Feb 09 '17 at 10:15
-uis a default option ofapt-get– Daniel Alder Nov 01 '15 at 13:17apt list --upgradableis not an equivalent ofapt-get -u upgrade --assume-no.. the former will only respect UPgrades, no downgrades, while the latter does respect downgrades - i would consider the latter to be the better universal option – Eugen Mayer Nov 16 '18 at 08:55--assume-noin apt-get man page; instead, there is a similar parameter--trivial-only– dpinya Oct 20 '21 at 11:18apt list --upgradableis not well suited for a cron-job:- It will emit a warning about its "unstable" API and therefore
- it will always produce output and generate mails even if there are no packages to upgrade
– Christo Nov 29 '21 at 15:05