Similar to syspatch(8) with the -c switch, this script supports checking
for updates to packages suitable for cron(8).
This script will run 'pkg_add -Uun' to determine which packages would
have been updated and stores the result. It then removes packages
starting with 'quirks' (a required package on OpenBSD) and determines
how many remain. If there are no packages, return 0, otherwise, echo the
package names and return 2. Returning 0 or 2 is significant because
crontab(5) with the -n switch determines whether to send mail. Since we
are likely to run this nightly, we do not want to flood our inbox with
output from cron when there is no action to take. By exiting with a
non-zero (2) exit status when there are packages, we can ensure we only
get email if there are package updates.
Save the above script to '/usr/local/bin/pkg_update' and run the
following commands for the proper user/group ownership and permissions.
$ doas chmod 755 /usr/local/bin/pkg_update
$ doas chown root:bin /usr/local/bin/pkg_update
We now need to add it to root's crontab.
$ doas crontab -e
At the bottom add the following line:
0 0 * * * -ns /usr/local/bin/pkg_update
Notice the -n switch to not mail on a successful run. We have
purposefully setup the script to have a non-successful (non-zero) exit
when there are packages to update thus generating the email.
You may also opt to add this script to /etc/daily.local with the single
line:
/usr/local/bin/pkg_update
However, it should be noted that this script is designed with return
values for direct use in crontab(5). If being called from the /etc/daily
script, you'll likely want to add some additional messages to be echoed
either in the script directly or in /etc/daily.local.
It is highly recommended to setup a user account where root's email can
be forwarded. See afterboot(8) section 'Mail aliases'.
