nagios-plugins and check_apt

Dmitrijs Ledkovs xnox at
Mon Jul 8 09:06:25 UTC 2013

On 5 July 2013 15:05, Robie Basak <robie.basak at> wrote:
> check_apt does not correctly report pending security updates as
> critical, as it is designed to do.
> The problem is the fundamental way it's designed. I reported this to
> upstream and they said the following:
>         I agree with your stance on parsing apt-get output, and I'd love
>         to see a replacement that does the job using an APT API. I'm
>         less keen on having the behaviour depend on whether or not some
>         tool is available, though; as that's problematic with respect to
>         maintenance and support.  And I guess update-notifier is a bit
>         too Ubuntu-ish to add a hard dependency on apt-check ...
> There's a suitable replacement written by Simon Déziel here:
> What do you think? How far down my list should we go?

It's reasonable expectation for default nagios/check_mk/icinga
configurations on both Debian and Ubuntu to have updates and security
checks that work.
Given that check_apt doesn't do what it says on the tin, on Ubuntu
systems, imho it's best to ship check_apt_upgrade under check_apt
To do so, we need to carefully check/test that standard nagios & perf
data options are supported by check_apt_upgrade and flags/options that
it doesn't support are either gracefully ignored or passed to the
original check_apt plugin.
This way we should be able to replace non-working check, with the one
that does work and push that as an SRU.



More information about the ubuntu-server mailing list