In this article, I will show you how to list the number of package updates available for install from the command line on Linux systems. I have used following tools apt, apt-get, aptitude, yum, apt-check script and apticron to list updates.
Using apt command (above Ubuntu 14.04)
Since ubuntu 14.04 we have a new command called "apt". The following command will list out all the packages that you can update, what their current versions are, and what the new version is.
sudo apt list --upgradable
Listing... Done gnupg/stable 1.4.18-7+deb8u2 amd64 [upgradable from: 1.4.18-7+deb8u1] gpgv/stable 1.4.18-7+deb8u2 amd64 [upgradable from: 1.4.18-7+deb8u1] libgcrypt20/stable 1.6.3-2+deb8u2 amd64 [upgradable from: 1.6.3-2+deb8u1] libidn11/stable 1.29-1+deb8u2 amd64 [upgradable from: 1.29-1+deb8u1] linux-image-3.16.0-4-amd64/stable 3.16.36-1+deb8u1 amd64 [upgradable from: 3.16.7-ckt25-2+deb8u3]
Usually, this command should be run after apt update. If any update is it would show you how many packages can be updated and mentioned command to show you which packages can be upgraded.
Using apt-get Command
I have listed few options of apt-get command to list available packages for upgrade.
apt-get upgrade --dry-run
[sudo] password for user: Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages were automatically installed and are no longer required: libsqlite0 pgdg-keyring Use 'apt-get autoremove' to remove them. The following packages have been kept back: linux-generic linux-headers-generic linux-image-generic The following packages will be upgraded: apparmor apport apt apt-transport-https apt-utils base-files bash bind9-host libapt-inst1.5 libapt-pkg4.12 libbind9-90 libblkid1 libc-bin libc-dev-bin libc6 libc6-dev libcairo-gobject2 libcairo-script-interpreter2 libcairo2 libcairo2-dev libcgmanager0 libcomerr2 libcurl3-gnutls libdbus-1-3 libdbus-1-dev libdns100 libdrm-intel1 libdrm-nouveau2 libdrm-radeon1 libdrm2 ... python-software-properties python-urllib3 python3-apport python3-apt python3-distupgrade python3-problem-report rsyslog systemd-services tcpdump util-linux uuid-runtime wget wpasupplicant x11-common x11proto-core-dev xtrans-dev 161 upgraded, 0 newly installed, 0 to remove and 3 not upgraded. Inst base-files [7.2ubuntu5.1] (7.2ubuntu5.2 Ubuntu:14.04/trusty-updates [amd64]) Conf base-files (7.2ubuntu5.2 Ubuntu:14.04/trusty-updates [amd64]) Inst bash [4.3-7ubuntu1.4] (4.3-7ubuntu1.5 Ubuntu:14.04/trusty-updates [amd64]) ...
Note that the --dry-run allow us to see list of files/packages that will be upgraded but no changes will be made.
Here are the simulate options available --just-print, -s, --simulate, , --dry-run, --recon, --no-act
# apt-get -s dist-upgrade | grep "^[[:digit:]]\+ upgraded" 87 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
# apt-get -s dist-upgrade | grep -Po "^[[:digit:]]+ (?=upgraded)" 87
# apt-get dist-upgrade -s --quiet=2 | grep ^Inst | wc -l 87
Using aptitude Command
To get from "aptitude" command, use the below command to get the list of packages ready for the upgrade. Some versions of aptitude don't require to use single quotes before and after ~U.
aptitude search '~U'
... i scudcloud - ScudCloud is a non official desktop client for Slack i shim-signed - Secure Boot chain-loading bootloader (Microsoft-signed binary) i smbclient - command-line SMB/CIFS clients for Unix i strongswan - IPsec VPN solution metapackage i A strongswan-ike - strongSwan Internet Key Exchange (v2) daemon i A strongswan-plugin-openssl - strongSwan plugin for OpenSSL i A strongswan-starter - strongSwan daemon starter and configuration file parser i sudo - Provide limited super user privileges to specific users ...
Note: that it doesn't search online, only local in your system.
How to check using apt-check script
I was able to get neat output on ubuntu 14.04 using this script.
# /usr/lib/update-notifier/apt-check -p bind9-host python3-problem-report liblwres90 linux-headers-generic libdns100 libisccfg90 ...
# /usr/lib/update-notifier/apt-check --human-readable
33 packages can be updated.
30 updates are security updates.
Using yum and up2date command
Yum is a software package manager that installs, updates, and removes packages on RPM-based systems. It automatically computes dependencies and figures out what things should occur to install packages. To list updates that are available for the installed packages:
yum list updates
Loaded plugins: fastestmirror, refresh-packagekit, security Loading mirror speeds from cached hostfile * base: centos.hyve.com * epel: mirrors.coreix.net * extras: centos.hyve.com * rpmforge: www.mirrorservice.org * updates: mirror.sov.uk.goscomb.net kernel.x86_64 2.6.32-504.3.3.el6 ...
Next utility is up2date. This utility downloads packages from RHN (Red Hat Network) and installs them on your system. The advantage of using up2date to update/install packages is that it automatically resolves dependencies and downloads any additional packages that you may need. It has -l option to show you what package updates are available for download and installing the same.
Apticron tool - Email you the update list
If you need your machine to automatically alert you when new packages are available - apticron might be just the package you are looking for. Apticron is a simple shell script that is called from cron once a day. But you need to install it first:
sudo apt-get install apticron
Now apticron will send emails once a day when there are new packages available. A sample of an email looks like this:
apticron report [Mon, 10 Jul 2017 10:42:01 -0800] ========================================================================
apticron has detected that some packages need upgrading on:[your machine name] [ 188.8.131.52 ]
The following packages are currently pending an upgrade:
--- Changes for xfree86 (xfree86-common libice6 libsm6 xlibs-data libx11-6 libxext6 libxpm4) ---
xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high
* Non-maintainer update by the Security Team:
Fixes several vulnerabilities reported by iDefense
(CVE-2006-6101, CVE-2006-6102, CVE-2006-6103)
-- Moritz Muehlenhoff Sun, 9 Jul 2017 13:31:35 +0000
You can perform the upgrade by issuing the command:
as root on faustus.example.com
It is recommended that you simulate the upgrade first to confirm that
the actions that would be taken are reasonable. The upgrade may be
simulated by issuing the command:
apt-get -s dist-upgrade
Keeping your computer's software up to date is the single most important task for protecting your system. Ubuntu can alert you to pending updates, and also be configured to apply updates automatically. Please note that updates may restart services on your server, so this may not be appropriate for all environments.