#!/bin/bash -e
# install security updates
# SEC_UPDATES: SKIP, FORCE (if none specified, will be interactive)

# exit if running live
grep -qs boot=casper /proc/cmdline && exit 2

LOGFILE=/var/log/cron-apt/log
. /etc/default/inithooks

install_updates() {
    for actionfile in /etc/cron-apt/action.d/*; do
        while read aptcmd; do
            aptcmd=$(echo $aptcmd | sed "s|-q||")
            aptcmd=$(echo $aptcmd | sed "s|-o quiet=.*||")
            DEBIAN_FRONTEND=noninteractive apt-get $aptcmd | tee -a $LOGFILE
        done < $actionfile
    done
}

[ "$SEC_UPDATES" == "SKIP" ] && exit 0

if [ "$SEC_UPDATES" == "FORCE" ]; then
    install_updates
else
    $INITHOOKS_PATH/bin/secupdates-ask.py && install_updates  
fi

