Ubuntu – How to check only security updates from the command-line

aptpackage-managementupdates

Is there a way to quickly check for the availability of security updates from the command line?

On my 12.04 system running apt-get update fetches 20MB of data about available packages every time I run it, hitting many repositories along the way. Then I can use any of the methods described here to actually perform the update.

My question is just about detecting the availability of security updates (ie, not performing the actual upgrade using apt-get/aptitude/etc): is there a quick check that can be done from the command line that provides a yes-no answer the question "are there security updates available?". I would like to run that before running the lengthy apt-get update + actual upgrade.

I suppose I don't need to download 20MB of data to know the answer to that every day.

Best Answer

My question is just about detecting the availability of security updates

Yes, that's doable with the caveat that the normal apt-get update will do a full refresh when you next run it (20 MB means it's doing that anyway).

  • sudo sh -c 'grep precise-security /etc/apt/sources.list > /etc/apt/secsrc.list

  • And if you then run the following, you'll see if there are any security updates available (sample output):

    sudo sh -c 'apt-get -o Dir::Etc::sourcelist="secsrc.list" \
-o Dir::Etc::sourceparts="-" update && \
apt-get --assume-no upgrade'

  • This tells apt-get to temporarily use the special security-only sources list, and then runs upgrade, automatically answering no.

  • If there are any, run proper apt-get update (which will do a full refresh), and then upgrade.

  • You could make the above a bash script with a simple grep/exit code check at the end if you don't feel like parsing the apt-get output :)

Related Question