This is a cfengine2 and 3 question. I am trying to get an alert to trigger if a package is installed and it can be upgraded. Is there a way for this to be done?
Like in cfengine3 below.
classes:
"pkginstalled"
expression => fileexists("/pkgname");
reports:
Hr05|Hr16.ubuntu.debian.redhat.pkginstalled::
"Package needs to be upgraded."
Something like this but if the package can't be upgraded don't report anything. The above just reports everything.
The CFEngine documentation says:
"Versions of a particular piece of software are described in wildly different ways, causing a lot of confusion. For instance, a common model is to use major version number, minor version number and patch release number, e.g. 3.1.5. However, many maintainers slap on their own additions, such as 3.1.5-2 or 3.1.5-2.el5. Because these models are operating system, software and release specific, you have to know the versioning numbers used on your operating systems and refer to them properly. CFEngine cannot reliabily guess these things for you." https://auth.cfengine.com/archive/manuals/st-packages#How-CFEngine-compares-package-versions
That being said you can query apt and yum for updateable packages like so:
This is only useful if you are using a package manager of course. This means you should be able to put the results into an slist and output it in report. If you're deploying packages another way things become more difficult.
EDIT: If you want to do this for specific packages you can do so by putting the package name after "upgrade" in the apt command but I have no idea how to do this with yum. Best I can think of is to use cfengines returnszero function with "yum list updates | grep $packagename" or similair. It feels a little clumsy though
