[Pkg-nagios-devel] Bug#827757: apt-get upgrade doesn't want to upgrade packages in need of an upgrade
david at kalnischkies.de
Mon Jun 20 21:28:54 UTC 2016
Control: reassign -1 monitoring-plugins-basic
On Mon, Jun 20, 2016 at 04:52:37PM +0200, Christoph Anton Mitterer wrote:
> apt however, doesn't upgade:
> # apt-get upgrade
"apt-get upgrade" is documented to not install new (or remove) packages.
It is strictly upgrading only. New packages can introduce new interfaces
and especially new (potentially internet-facing) deamons and are hence
not "safe" – at least not as safe as just upgrading is which is
frequently done unattended (by a program or on "autopilot" by a human).
aptitude doesn't have this restricting. "apt upgrade" hasn't either btw.
Even "apt-get upgrade" can be told to lift this restriction with
So, not a bug in apt(-get) – it is a feature! ;)
> I'd guess that the check_apt Icinga/Nagios check uses apt-get upgrade
> to look for upgradable packages, because it returns:
> # /usr/lib/nagios/plugins/check_apt
> APT OK: 0 packages available for upgrade (0 critical updates). |available_upgrades=0;;;0 critical_updates=0;;;0
> Which is bad of course, and the security problem here.
I guess the nagios check shouldn't use 'apt-get upgrade', but that
depends on what it is supposed to show (aka what its users expect) and
what it actually uses (based on "critical updates" I guess it is using
its own code, perhaps a binding…) but both I don't know hence
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: not available
More information about the Pkg-nagios-devel