Use cron daily job to rebuild number of updates

Show number of security updates too

main.sh

@@ -248,8 +248,7 @@ VER=$(dpkg --info $DEST/debs/${CHOSEN_KERNEL}_${REVISION}_${ARCH}.deb | grep Des
 VER="${VER/-$LINUXFAMILY/}"
 
 # create board support package
-# TODO: check and remove last part of the condition (! -d)
-[[ -n $RELEASE && ! -f $DEST/debs/$RELEASE/${CHOSEN_ROOTFS}_${REVISION}_${ARCH}.deb && ! -d $DEST/debs/$RELEASE/${CHOSEN_ROOTFS}_${REVISION}_${ARCH} ]] && create_board_package
+[[ -n $RELEASE && ! -f $DEST/debs/$RELEASE/${CHOSEN_ROOTFS}_${REVISION}_${ARCH}.deb ]] && create_board_package
 
 # build additional packages
 [[ $EXTERNAL_NEW == compile ]] && chroot_build_packages

makeboarddeb.sh

@@ -19,7 +19,7 @@ create_board_package()
 	display_alert "Creating board support package" "$BOARD $BRANCH" "info"
 
 	local destination=$DEST/debs/$RELEASE/${CHOSEN_ROOTFS}_${REVISION}_${ARCH}
-
+	rm -rf $destination
 	mkdir -p $destination/DEBIAN
 
 	# Replaces: base-files is needed to replace /etc/update-motd.d/ files on Xenial
@@ -34,11 +34,11 @@ create_board_package()
 	Installed-Size: 1
 	Section: kernel
 	Priority: optional
-	Depends: bash, linux-base
+	Depends: bash, linux-base, u-boot-tools, initramfs-tools
 	Provides: armbian-bsp
 	Conflicts: armbian-bsp
 	Replaces: base-files, mpv
-	Recommends: bsdutils, parted, python3-apt, util-linux, initramfs-tools, toilet, wireless-tools
+	Recommends: bsdutils, parted, python3-apt, util-linux, toilet, wireless-tools
 	Description: Armbian tweaks for $RELEASE on $BOARD ($BRANCH branch)
 	EOF
 
@@ -82,6 +82,7 @@ create_board_package()
 	rm -f /etc/update-motd.d/00-header /etc/update-motd.d/10-help-text
 	if [ -f "/boot/bin/$BOARD.bin" ] && [ ! -f "/boot/script.bin" ]; then ln -sf bin/$BOARD.bin /boot/script.bin >/dev/null 2>&1 || cp /boot/bin/$BOARD.bin /boot/script.bin; fi
 	rm -f /usr/local/bin/h3disp /usr/local/bin/h3consumption
+	ln -sf /usr/lib/armbian/apt-updates /etc/cron.daily/apt-updates
 	exit 0
 	EOF
 
@@ -221,7 +222,7 @@ create_board_package()
 	EOF
 
 	# script to install to SATA
-	mkdir -p $destination/usr/sbin/
+	mkdir -p $destination/usr/sbin/ $destination/usr/lib/armbian/
 	cp -R $SRC/lib/scripts/nand-sata-install/usr $destination/
 	chmod +x $destination/usr/lib/nand-sata-install/nand-sata-install.sh
 	ln -s ../lib/nand-sata-install/nand-sata-install.sh $destination/usr/sbin/nand-sata-install
@@ -232,6 +233,8 @@ create_board_package()
 	install -m 755 $SRC/lib/scripts/check_first_login_reboot.sh 	$destination/etc/profile.d
 	install -m 755 $SRC/lib/scripts/check_first_login.sh 			$destination/etc/profile.d
 
+	install -m 755 $SRC/lib/scripts/apt-updates $destination/usr/lib/armbian/apt-updates
+
 	# setting window title for remote sessions
 	install -m 755 $SRC/lib/scripts/ssh-title.sh $destination/etc/profile.d/ssh-title.sh
 
@@ -274,7 +277,7 @@ create_board_package()
 		echo "export VDPAU_OSD=1" > $destination/etc/profile.d/90-vdpau.sh
 		chmod 755 $destination/etc/profile.d/90-vdpau.sh
 	fi
-	if [[ ( $LINUXFAMILY == sun50iw2 || $LINUXFAMILY == sun8i ) && $BRANCH == dev ]]; then
+	if [[ ( $LINUXFAMILY == sun50iw2 || $LINUXFAMILY == sun8i || $LINUXFAMILY == pine64 ) && $BRANCH == dev ]]; then
 		# add mpv config for x11 output - slow, but it works compared to no config at all
 		mkdir -p $destination/etc/mpv/
 		cat <<-EOF > $destination/etc/mpv/mpv.conf

scripts/apt-updates

@@ -0,0 +1,125 @@
+#!/usr/bin/python3
+#
+#   40-updates - create the list of packages for update with caching
+#   Copyright (c) 2015 Igor Pecovnik
+#
+#   Author:  Igor Pecovnik igor.pecovnik@gmail.com
+#   Based upon prior work by Nick Charlton, Dustin Kirkland and Michael Vogt.
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program; if not, write to the Free Software Foundation, Inc.,
+#   51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+import sys
+import subprocess
+import apt_pkg
+import time
+import os
+import os.path as path
+
+myfile = "/var/cache/apt/archives/updates.number"
+
+# update procedure
+DISTRO = subprocess.Popen(["lsb_release", "-c", "-s"], stdout=subprocess.PIPE).communicate()[0].strip()
+
+class OpNullProgress(object):
+	'''apt progress handler which supresses any output.'''
+	def update(self):
+		pass
+	def done(self):
+		pass
+
+def is_security_upgrade(pkg):
+	'''
+	Checks to see if a package comes from a DISTRO-security source.
+	'''
+	security_package_sources = [("Ubuntu", "%s-security" % DISTRO),
+							   ("Debian", "%s-security" % DISTRO)]
+
+	for (file, index) in pkg.file_list:
+		for origin, archive in security_package_sources:
+			if (file.archive == archive and file.origin == origin):
+				return True
+	return False
+
+# init apt and config
+apt_pkg.init()
+
+# open the apt cache
+try:
+	cache = apt_pkg.Cache(OpNullProgress())
+except SystemError as e:
+	sys.stderr.write("Error: Opening the cache (%s)" % e)
+	sys.exit(0)
+
+# setup a DepCache instance to interact with the repo
+depcache = apt_pkg.DepCache(cache)
+
+# take into account apt policies
+depcache.read_pinfile()
+
+# initialise it
+depcache.init()
+
+# give up if packages are broken
+if depcache.broken_count > 0:
+	sys.stderr.write("Error: Broken packages exist.")
+	sys.exit(0)
+
+# mark possible packages
+try:
+	# run distro-upgrade
+	depcache.upgrade(True)
+	# reset if packages get marked as deleted -> we don't want to break anything
+	if depcache.del_count > 0:
+		depcache.init()
+
+	# then a standard upgrade
+	depcache.upgrade()
+except SystemError as e:
+	sys.stderr.write("Error: Couldn't mark the upgrade (%s)" % e)
+	sys.exit(0)
+
+# run around the packages
+upgrades = 0
+security_upgrades = 0
+for pkg in cache.packages:
+	candidate = depcache.get_candidate_ver(pkg)
+	current = pkg.current_ver
+
+	# skip packages not marked as upgraded/installed
+	if not (depcache.marked_install(pkg) or depcache.marked_upgrade(pkg)):
+		continue
+
+	# increment the upgrade counter
+	upgrades += 1
+
+	# keep another count for security upgrades
+	if is_security_upgrade(candidate):
+		security_upgrades += 1
+
+	# double check for security upgrades masked by another package
+	for version in pkg.version_list:
+		if (current and apt_pkg.version_compare(version.ver_str, current.ver_str) <= 0):
+			continue
+		if is_security_upgrade(version):
+			security_upgrades += 1
+			break
+
+f = open(myfile, 'w')
+f.write('NUM_UPDATES="{}"\n'.format(upgrades))
+f.write('NUM_SECURITY_UPDATES="{}"\n'.format(security_upgrades))
+f.write('DATE="{}"\n'.format(time.strftime("%Y-%m-%d %H:%M")))
+f.close()
+
+exit(0)

scripts/update-motd.d/40-updates

@@ -1,147 +1,11 @@
-#!/usr/bin/python3
-#
-#   40-updates - create the list of packages for update with caching
-#   Copyright (c) 2015 Igor Pecovnik
-#
-#   Author:  Igor Pecovnik igor.pecovnik@gmail.com
-#   Based upon prior work by Nick Charlton, Dustin Kirkland and Michael Vogt.
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 2 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License along
-#   with this program; if not, write to the Free Software Foundation, Inc.,
-#   51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#!/bin/bash
 
-import sys
-import subprocess
-import apt_pkg
-import time
-import os
-import os.path as path
+NUM_UPDATES=0
 
-def refreshdata():
-		# update procedure
-		DISTRO = subprocess.Popen(["lsb_release", "-c", "-s"],
-								  stdout=subprocess.PIPE).communicate()[0].strip()
+[[ -f /var/cache/apt/archives/updates.number ]] && . /var/cache/apt/archives/updates.number
 
-		class OpNullProgress(object):
-			'''apt progress handler which supresses any output.'''
-			def update(self):
-				pass
-			def done(self):
-				pass
-
-		def is_security_upgrade(pkg):
-			'''
-			Checks to see if a package comes from a DISTRO-security source.
-			'''
-			security_package_sources = [("Ubuntu", "%s-security" % DISTRO),
-									   ("Debian", "%s-security" % DISTRO)]
-
-			for (file, index) in pkg.file_list:
-				for origin, archive in security_package_sources:
-					if (file.archive == archive and file.origin == origin):
-						return True
-			return False
-
-		# init apt and config
-		apt_pkg.init()
-
-		# open the apt cache
-		try:
-			cache = apt_pkg.Cache(OpNullProgress())
-		except SystemError as e:
-			sys.stderr.write("Error: Opening the cache (%s)" % e)
-			sys.exit(0)
-
-		# setup a DepCache instance to interact with the repo
-		depcache = apt_pkg.DepCache(cache)
-
-		# take into account apt policies
-		depcache.read_pinfile()
-
-		# initialise it
-		depcache.init()
-
-		# give up if packages are broken
-		if depcache.broken_count > 0:
-			sys.stderr.write("Error: Broken packages exist.")
-			sys.exit(0)
-
-		# mark possible packages
-		try:
-			# run distro-upgrade
-			depcache.upgrade(True)
-			# reset if packages get marked as deleted -> we don't want to break anything
-			if depcache.del_count > 0:
-				depcache.init()
-
-			# then a standard upgrade
-			depcache.upgrade()
-		except SystemError as e:
-			sys.stderr.write("Error: Couldn't mark the upgrade (%s)" % e)
-			sys.exit(0)
-
-		# run around the packages
-		upgrades = 0
-		security_upgrades = 0
-		for pkg in cache.packages:
-			candidate = depcache.get_candidate_ver(pkg)
-			current = pkg.current_ver
-
-			# skip packages not marked as upgraded/installed
-			if not (depcache.marked_install(pkg) or depcache.marked_upgrade(pkg)):
-				continue
-
-			# increment the upgrade counter
-			upgrades += 1
-
-			# keep another count for security upgrades
-			if is_security_upgrade(candidate):
-				security_upgrades += 1
-
-			# double check for security upgrades masked by another package
-			for version in pkg.version_list:
-				if (current and apt_pkg.version_compare(version.ver_str, current.ver_str) <= 0):
-					continue
-				if is_security_upgrade(version):
-					security_upgrades += 1
-					break
-
-		# to properly update time stamp we need to remove file first
-		if os.path.isfile(myfile):
-			os.remove(myfile)
-
-		f = open(myfile,'w')
-		f.write('%d' % (upgrades))
-		f.close() # you can omit in most cases as the destructor will call it else:
-		os.utime(myfile, None)
-		return
-
-
-# if the file is older than 2 days
-myfile = "/var/cache/apt/archives/updates.number"
-now = time.time()
-twodays_ago = now - 60*60*24*2 # Number of seconds in two days
-lastupgrade = path.getmtime('/var/lib/dpkg/status')
-
-if path.isfile(myfile):
-	fileCreation = path.getmtime(myfile)
-	if (fileCreation < twodays_ago or lastupgrade > fileCreation):
-		refreshdata()
-else:
-		refreshdata()
-
-# display if there are some upgrades
-file = open(myfile, 'r+')
-updates = int(file.read())
-if updates > 0:
-	print("\n[ \033[92m%d updates to install\033[0m: apt upgrade ]\n" % (updates))
+if [[ $NUM_UPDATES -gt 0 ]]; then
+	echo -e "[\e[31m $NUM_SECURITY_UPDATES security updates available, $NUM_UPDATES updates total\e[0m: \e[1mapt upgrade\e[0m ]"
+	echo -e "Last check: \e[92m$DATE\e[0m"
+	echo
+fi