Debian

cron 任務中的“apt-get -y upgrade”執行但不升級系統

  • November 18, 2014

該伺服器執行 Debian 7,我面臨著一個很大的謎團。

這是我的 cron 任務:

$ sudo crontab -e

42 15 * * * apt-get -y update >> /var/log/my-apt-update.txt
52 15 * * * apt-get -y upgrade >> /var/log/my-apt-upgrade.txt

我添加了該">> /var/log/my-apt-upgrade.txt"部分,因為我試圖了解為什麼我的系統永遠不會升級。

cron 任務執行。每天我在 /var/log/syslog 中都有這些行:

Nov 14 15:42:01 myhostname /USR/SBIN/CRON[3374]: (root) CMD (apt-get -y update >> /var/log/my-apt-update.txt)
Nov 14 15:52:01 myhostname /USR/SBIN/CRON[3394]: (root) CMD (apt-get -y upgrade >> /var/log/my-apt-upgrade.txt)

並且 /var/log/my-apt-upgrade.txt 有這樣的段落(我只顯示最後兩天):

Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be upgraded:
 file libmagic1
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/256 kB of archives.
After this operation, 110 kB disk space will be freed.
Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be upgraded:
 file libmagic1
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/256 kB of archives.
After this operation, 110 kB disk space will be freed.

如您所見,包“file”和“libmagic1”應該在第一天就升級了。但他們不是。所以第二天,他們再次被提及。但沒有升級。

而今天,如果我跑

$ sudo apt-get -y upgrade

再次提到包“file”和“libmagic1”並且它們得到了升級(最後)。

因此,如您所見,我可以手動升級。但是這些包應該在 cron 任務執行時就已經升級了。

關於這個謎團的任何線索?

11 月 15 日星期六 11:48 補充:

這是我的 /var/log/apt/history.log 在 cron 作業期間出現的內容。

Start-Date: 2014-11-13  15:52:03
Commandline: apt-get -y upgrade
Upgrade: file:amd64 (5.11-2+deb7u5, 5.11-2+deb7u6), libmagic1:amd64 (5.11-2+deb7u5, 5.11-2+deb7u6)
Error: Sub-process /usr/bin/dpkg returned an error code (2)
End-Date: 2014-11-13  15:52:03

Start-Date: 2014-11-14  15:52:03
Commandline: apt-get -y upgrade
Upgrade: file:amd64 (5.11-2+deb7u5, 5.11-2+deb7u6), libmagic1:amd64 (5.11-2+deb7u5, 5.11-2+deb7u6)
Error: Sub-process /usr/bin/dpkg returned an error code (2)
End-Date: 2014-11-14  15:52:03

不同包的 /var/log/apt/history.log 中會出現相同類型的消息。例如,本月早些時候,“wget”軟體包需要一些更新(這次我嘗試使用 -qq 選項,但這個選項似乎沒有任何區別)。

Start-Date: 2014-11-03  15:52:02
Commandline: apt-get -y -qq upgrade
Upgrade: wget:amd64 (1.13.4-3+deb7u1, 1.13.4-3+deb7u2)
Error: Sub-process /usr/bin/dpkg returned an error code (2)
End-Date: 2014-11-03  15:52:02

Start-Date: 2014-11-04  15:52:02
Commandline: apt-get -y -qq upgrade
Upgrade: wget:amd64 (1.13.4-3+deb7u1, 1.13.4-3+deb7u2)
Error: Sub-process /usr/bin/dpkg returned an error code (2)
End-Date: 2014-11-04  15:52:03

Start-Date: 2014-11-05  15:52:03
Commandline: apt-get -y -qq upgrade
Upgrade: wget:amd64 (1.13.4-3+deb7u1, 1.13.4-3+deb7u2)
Error: Sub-process /usr/bin/dpkg returned an error code (2)
End-Date: 2014-11-05  15:52:03

看來我找到了問題的原因。

為了檢測錯誤,我必須在我的自定義日誌中擷取 stderr。事實證明這樣做很有用,因為一些錯誤沒有郵寄到 root,也沒有寫入其他日誌。

為了在我的日誌中擷取 stderr,我首先將 cron 任務更改為:

52 15 * * * apt-get -y upgrade >> /var/log/my-apt-upgrade.txt 2>&1

今天要更新包“wlibgcrypt11”。這一次,我的日誌發現了一個錯誤。它比之前在 /var/log/apt/history.log 中出現的模糊錯誤消息更明確。

今天在 /var/log/my-apt-upgrade.txt 中:

Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be upgraded:
 libgcrypt11
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
dpkg-preconfigure: unable to re-open stdin: 
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/300 kB of archives.
After this operation, 35.8 kB of additional disk space will be used.
dpkg: warning: 'ldconfig' not found in PATH or not executable
dpkg: warning: 'start-stop-daemon' not found in PATH or not executable
dpkg: error: 2 expected programs not found in PATH or not executable
Note: root's PATH should usually contain /usr/local/sbin, /usr/sbin and /sbin
E: Sub-process /usr/bin/dpkg returned an error code (2)

所以這是一個PATH錯誤。

我係統上的根路徑包含所有必需的目錄。visudo 中的secure_path 變數也是如此。這就是為什麼當我手動執行 sudo apt-get 時一切正常的原因。

但是 cron 沒有設置環境變數。所以我為每個 cron 任務添加了一個 PATH 環境變數。

$ sudo crontab -e

22 16 * * * PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' apt-get -y update >> /var/log/my-new-apt-update.txt 2>&1
32 16 * * * PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' apt-get -y upgrade >> /var/log/my-new-apt-upgrade.txt 2>&1

它奏效了!cron 任務成功更新了包。

引用自:https://serverfault.com/questions/644460