-Facter.add("apt_has_updates") do
- confine :osfamily => 'Debian'
- if File.executable?("/usr/lib/update-notifier/apt-check")
- apt_check_result = Facter::Util::Resolution.exec('/usr/lib/update-notifier/apt-check 2>&1')
- if not apt_check_result.nil? and apt_check_result =~ /^\d+;\d+$/
- apt_package_updates = apt_check_result.split(';')
+Facter.add('apt_has_updates') do
+ confine osfamily: 'Debian'
+ if File.executable?('/usr/bin/apt-get')
+ apt_get_result = Facter::Util::Resolution.exec('/usr/bin/apt-get -s -o Debug::NoLocking=true upgrade 2>&1')
+ unless apt_get_result.nil?
+ apt_package_updates = [[], []]
+ apt_get_result.each_line do |line|
+ next unless line =~ %r{^Inst\s}
+ package = line.gsub(%r{^Inst\s([^\s]+)\s.*}, '\1').strip
+ apt_package_updates[0].push(package)
+ security_matches = [
+ %r{ Debian[^\s]+-updates[, ]},
+ %r{ Debian-Security:},
+ %r{ Ubuntu[^\s]+-security[, ]},
+ %r{ gNewSense[^\s]+-security[, ]},
+ ]
+ re = Regexp.union(security_matches)
+ if line.match(re)
+ apt_package_updates[1].push(package)
+ end
+ end