Open og900aero opened 1 year ago
The Debian 12 server's icinga2 version:
sudo icinga2 --version icinga2 - The Icinga 2 network monitoring daemon (version: r2.13.6-1)
Copyright (c) 2012-2023 Icinga GmbH (https://icinga.com/) License GPLv2+: GNU GPL version 2 or later https://gnu.org/licenses/gpl2.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
System information: Platform: Debian GNU/Linux Platform version: 12 (bookworm) Kernel: Linux Kernel version: 6.1.0-11-amd64 Architecture: x86_64
Build information: Compiler: GNU 12.2.0 Build host: x86-csail-01 OpenSSL version: OpenSSL 3.0.9 30 May 2023
Application information:
General paths: Config directory: /etc/icinga2 Data directory: /var/lib/icinga2 Log directory: /var/log/icinga2 Cache directory: /var/cache/icinga2 Spool directory: /var/spool/icinga2 Run directory: /run/icinga2
Old paths (deprecated): Installation root: /usr Sysconf directory: /etc Run directory (base): /run Local state directory: /var
Internal paths: Package data directory: /usr/share/icinga2 State path: /var/lib/icinga2/icinga2.state Modified attributes path: /var/lib/icinga2/modified-attributes.conf Objects path: /var/cache/icinga2/icinga2.debug Vars path: /var/cache/icinga2/icinga2.vars PID path: /run/icinga2/icinga2.pid
I'm seeing this same issue with the version of check_apt (v2.3.3) in the monitoring-plugins-basic Debian package on Debian Bookworm (12.1, specifically).
Hi @og900aero (this might apply to you as well @rfrederick),
I have been looking into this issue, and I'm not certain there is a bug. I can replicate a similar discrepancy between the results of running apt update
and ./check_apt -u -v
, but this happens because the plugin check_apt
parses the results of apt-get upgrade
to use in its output message rather than the results of apt-get update
or just apt update
.
For a more concrete example:
apt update
, it just tells me "114 packages can be upgraded. Run 'apt list --upgradable' to see them."apt-get upgrade
, it tells me "113 upgraded, 0 newly installed, 0 to remove and 1 not upgraded." with 1 package being "kept back" which, as far as I know, has to do with dependencies.apt-get upgrade
) are consistent with my results from the plugin.If you run these commands, do you get similar outputs? I'm not as experienced with DEB-based package management, but is the plugin doing something reasonable here?
It looks like it may be reasonable.
It looks like the way for check_apt
to display the "expected" value here is to modify the default options for upgrade
to include the --with-new-pkgs
option, eg. check_apt -U"-o 'Debug::NoLocking=true' --with-new-pkgs -s -qq"
Unfortunately, I do not believe that change solves the problem entirely. With the -s
and -qq
options, new packages are listed no differently than packages available to be upgraded. Adding this option will cause the plugin to potentially report a number larger than both apt update
and the base apt-get upgrade
and apt upgrade
as these treat new packages as separate (update entirely excludes them and upgrade lists them separately). For instance, making this change on my testing environment makes the plugin tell me I have 115 packages available for upgrade while all of apt-get upgrade
, apt upgrade
, and apt update
return 114. This change would make it no longer consistent with apt-get upgrade
but rather with something like: /usr/bin/apt-get -s -qq --with-new-pkgs upgrade | grep ^"Inst" | wc -l
.
Ultimately, my question still remains, and I appreciate anyone's input: is it critical that the plugin is consistent with apt update
or is it fair that it's consistent with apt-get upgrade
?
Hi @og900aero (this might apply to you as well @rfrederick),
I have been looking into this issue, and I'm not certain there is a bug. I can replicate a similar discrepancy between the results of running
apt update
and./check_apt -u -v
, but this happens because the plugincheck_apt
parses the results ofapt-get upgrade
to use in its output message rather than the results ofapt-get update
or justapt update
.For a more concrete example:
- When I run
apt update
, it just tells me "114 packages can be upgraded. Run 'apt list --upgradable' to see them."- But when I run
apt-get upgrade
, it tells me "113 upgraded, 0 newly installed, 0 to remove and 1 not upgraded." with 1 package being "kept back" which, as far as I know, has to do with dependencies.- The results of the second command (
apt-get upgrade
) are consistent with my results from the plugin.If you run these commands, do you get similar outputs? I'm not as experienced with DEB-based package management, but is the plugin doing something reasonable here?
It is possible that it is not a bug. As I read back then, the problem could be that sometimes apt-get update and apt update give different results. I don't remember what exactly it was then, but it has come up a few times since then, and it seems to have happened when a kernel-related update came out.
Hello. Different package count on Debian 12 between check_apt and apt update.
sudo apt update:
Ign:1 http://hwraid.le-vert.net/debian bullseye InRelease Hit:2 http://deb.debian.org/debian bookworm InRelease Hit:3 http://security.debian.org/debian-security bookworm-security InRelease Hit:4 http://deb.debian.org/debian bookworm-updates InRelease Get:5 http://hwraid.le-vert.net/debian bullseye Release [2,840 B] Get:6 http://hwraid.le-vert.net/debian bullseye Release.gpg [520 B] Ign:7 http://repo.mongodb.org/apt/debian bookworm/mongodb-org/5.0 InRelease Hit:8 http://repo.mongodb.org/apt/debian bookworm/mongodb-org/5.0 Release Get:9 http://hwraid.le-vert.net/debian bullseye/main amd64 Packages [1,024 B] Fetched 4,384 B in 1s (5,430 B/s) Reading package lists... Done Building dependency tree... Done Reading state information... Done 1 package can be upgraded. Run 'apt list --upgradable' to see it.
sudo bash -c "'/usr/lib/nagios/plugins/check_apt' '-u' '-v'":
Ign:1 http://hwraid.le-vert.net/debian bullseye InRelease Hit:2 http://deb.debian.org/debian bookworm InRelease Hit:3 http://security.debian.org/debian-security bookworm-security InRelease Hit:4 http://hwraid.le-vert.net/debian bullseye Release Hit:5 http://deb.debian.org/debian bookworm-updates InRelease Ign:6 http://repo.mongodb.org/apt/debian bookworm/mongodb-org/5.0 InRelease Hit:7 http://repo.mongodb.org/apt/debian bookworm/mongodb-org/5.0 Release Reading package lists... APT OK: 0 packages available for upgrade (0 critical updates). |available_upgrades=0;;;0 critical_updates=0;;;0
What is the problem?