How to find the number of packages needing update from the command line?

Question

I'm working on some system admin automation using fabric and I'd like to be able to monitor the number of packages that need upgrading on a given machine. This is the same information that I can see when I first log in to a machine, i.e. this part:

35 packages can be updated.
22 updates are security updates.

Is there a command that I can run (preferably without sudo) that gives just that information?

I've looked at the apt-python bindings, but they seem to have a high learning curve and they also appear to be changed around a lot -- I'd like something that will work at least as far back as lucid without needing to do different things on different Ubuntu versions.

Answer 1

To obtain that output, you can use the command

sudo /usr/lib/update-notifier/update-motd-updates-available

or, if you don't want to use sudo,

cat /var/lib/update-notifier/updates-available

Explanation

The login application shows the output found in the file /etc/motd, that is a symbolic link to /var/run/motd.

This last file is updated by the mounted-varrun service (see /etc/init/mounted-varrun.conf) invoking all scripts in /etc/update-motd.d/, and in particular

/etc/update-motd.d/90-updates-available

that in turn calls the script

/usr/lib/update-notifier/update-motd-updates-available

this script executes various actions, and at last writes the output to the text file

/var/lib/update-notifier/updates-available

EDIT

Regarding the reboot part of the question, run this command

/usr/lib/update-notifier/update-motd-reboot-required

it will give no output if reboot is not required.

Answer 2

Why can't you just run this?

/usr/lib/update-notifier/apt-check --human-readable

That's what /usr/lib/update-notifier/update-motd-updates-available does to collect the information, at least in the version of Ubuntu I'm using (12.10).

Answer 3

I also search for a scripred method for a update check inside minimal docker containers, when I found a comment in /usr/lib/update-notifier/apt-check:

apt-get -s -o Debug::NoLocking=true upgrade | grep ^Inst

This allows a scripted update check, without the need to install the update-notifier-common package

Answer 4

You can use the check_apt plugin from monitoring-plugins-basic (Nagios), with the advantage of getting different return codes depending on whether updates are available:

$ /usr/lib/nagios/plugins/check_apt
APT WARNING: 18 packages available for upgrade (0 critical updates). |available_upgrades=18;;;0 critical_updates=0;;;0
$ echo $?
1

Return codes have the following meanings:

• 0 --> no packages available for upgrade
• 1 --> non critical packages available for upgrade
• 2 --> critical updates available

References:

• https://nagios-plugins.org/doc/man/check_apt.html
• https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/3/en/pluginapi.html