Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Auto update check, checks for updates to base system + packages and sends email alerts

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    102 Posts 24 Posters 39.3k Views 39 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG Offline
      Gertjan @tariqali
      last edited by

      @tariqali

      This :

      d1a7646e-29e5-44cf-8213-685b893cab02-image.png

      will run the script .... when ... ones ?

      You still have to :
      Make sure your have the pfSense Cron Package.
      Add a cron task that execute the script ones every - when ever you want - per day (week ? month ? hours ?).
      And of course, test it and check up with it ones in a while.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      T 1 Reply Last reply Reply Quote 1
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Yes that will run it once but you shouldn't need that. The field allows Filer to run a command after it has added back a file which may be required. This script doesn't need it though. It's run by cron anyway.

        1 Reply Last reply Reply Quote 0
        • T Offline
          tariqali @Gertjan
          last edited by

          @Gertjan Yup I setup CRON to run every night.

          1 Reply Last reply Reply Quote 0
          • GertjanG Gertjan referenced this topic on
          • GertjanG Gertjan referenced this topic on
          • wgstarksW Offline
            wgstarks
            last edited by

            I seem to be having problems with this update checker. I first noticed today that it wasn't working at all although there were updates available for pfsense+ as well as system patches. While checking I realized that I wasn't using the latest php from github so I updated it to-

            ?php
            
              require_once("pkg-utils.inc");
              require_once("notices.inc");
              require_once("util.inc");
            
              $msg = null;
              $pmsg = null;
              $p = 0;
            
              log_error("Starting update check");
            
              // pfSense base system check
              $system_version = get_system_pkg_version(false, false);
              if ($system_version === false) {
                printf("%s\n", 'Unable to check for updates');
                log_error("Unable to check for updates, exiting");
                exit;
              }
            
              if (!is_array($system_version) ||
                !isset($system_version['version']) ||
                !isset($system_version['installed_version'])) {
                printf("%s\n", 'Error in version information');
                log_error("Error in version information, exiting");
                exit;
              }
            
              switch ($system_version['pkg_version_compare']) {
                case '<':
                  //printf("%s%s%s\n", "pfSense version ", $system_version['version'], " is available");
                  $msg = "An update to pfSense version " . $system_version['version'] . " is available\n\n";
                  break;
                case '=':
                  //printf("%s%s%s\n", "pfSense version ", $system_version['version'], " (installed) is current");
                  break;
                case '>':
                  printf("%s%s%s\n", "pfSense version ", $system_version['installed_version'], " is NEWER than the latest available version ", $system_version['version']);
                  $msg = "pfSense version " . $system_version['version'] . " is available (downgrade)\n\n";
                  break;
                default:
                  printf("%s\n", 'Error comparing installed with latest version available');
                  log_error("Error comparing installed with latest version available");
                  break;
              }
            
              // package check
              $package_list = get_pkg_info('all', true, true);
              $installed_packages = array_filter($package_list, function($v) {
                return (isset($v['installed']) && isset($v['name']));
              });
            
              if (empty($installed_packages)) {
                printf("%s\n", 'No packages installed');
                log_error("No packages installed, exiting");
                exit;
              }
            
              foreach ($installed_packages as $pkg) {
                if (isset($pkg['installed_version']) && isset($pkg['version'])) {
                  //printf("%s%s%s\n", $pkg['shortname'], ': ', $pkg['installed_version']);
                  $version_compare = pkg_version_compare($pkg['installed_version'], $pkg['version']);
                  if ($version_compare != '=') {
                    $p++;
                    $pmsg .= "\n".$pkg['shortname'].': '.$pkg['installed_version'].' ==> '.$pkg['version'];
                    if ($version_compare == '>') {
                      $pmsg .= ' (downgrade)';
                    }
                    printf("%s%s%s%s%s\n", $pkg['shortname'], ': ', $pkg['installed_version'], ' ==> ', $pkg['version']);
                  }
                }
              }
            
              if ($p > 0) {
                $msg = $msg . "The following updates are available and can be installed using System > Package Manager:\n" . $pmsg;
              }
            
              // check for updates to builtin packages
              exec("/usr/sbin/pkg upgrade -n | /usr/bin/sed -ne '/UPGRADED/,/^$/p'", $output, $retval);
              if (($retval == 0) && (count($output))) {
                $msg .= "\n\n" . "Some packages are part of the base system and will not show up in Package Manager. If any such updates are listed below, run `pkg upgrade` from the shell to install them:\n\n";
                array_shift($output);
                $msg .= implode("\n", array_map('ltrim', $output));
              }
            
              if (!empty($msg)) {
                log_error("Updates were found - sending email");
                notify_via_smtp($msg);
                // to send alerts to ALL configured targets (email, Pushover, Slack etc) use the line below instead:
                // notify_all_remote($msg);
              }
            
              log_error("Update check complete");
            
            ?>
            

            This yielded a notification for updates available-

            Notifications in this message: 1
            ================================
            
            12:00:13 The following updates are available and can be installed using System > Package Manager:
            
            System_Patches: 2.2.11_15 ==> 2.2.11_16
            
            Some packages are part of the base system and will not show up in Package Manager. If any such updates are listed below, run `pkg upgrade` from the shell to install them:
            
            pfSense-pkg-System_Patches: 2.2.11_15 -> 2.2.11_16 [pfSense]
            

            This contains a notification for updated system patches but still nothing for the pfsense+ update.

            Using this command in cron-

            /usr/local/bin/php -q /root/pkg_check.php
            

            Not sure why pfsense+ update notifications are missing???

            Box: SG-4200

            dennypageD C 2 Replies Last reply Reply Quote 1
            • dennypageD Offline
              dennypage @wgstarks
              last edited by

              @wgstarks said in Auto update check, checks for updates to base system + packages and sends email alerts:

              ?php

              This is missing the angle bracket. It should be:

              <?php
              
              wgstarksW 1 Reply Last reply Reply Quote 0
              • C Offline
                chrcoluk @wgstarks
                last edited by chrcoluk

                @wgstarks If I use your code and run the php command it just echoes the contents of the script to the shell.

                The original script gets executed instead but has an escape_filter error.

                Ok < was missing at the start but still get the same error.

                <pre style="white-space: pre-wrap;">PHP ERROR: Type: 64, File: /home/syslog.inc, Line: 875, Message: Cannot redeclare escape_filter_regex() (previously declared in /home/util.inc:4327)</pre>
                

                Interesting looks like it is sensitive to its run path, moving from /home to /root fixes it.

                pfSense CE 2.8.0

                dennypageD 1 Reply Last reply Reply Quote 0
                • dennypageD Offline
                  dennypage @chrcoluk
                  last edited by

                  @chrcoluk said in Auto update check, checks for updates to base system + packages and sends email alerts:

                  @wgstarks
                  Ok < was missing at the start but still get the same error.

                  <pre style="white-space: pre-wrap;">PHP ERROR: Type: 64, File: /home/syslog.inc, Line: 875, Message: Cannot redeclare escape_filter_regex() (previously declared in /home/util.inc:4327)</pre>
                  

                  Interesting looks like it is sensitive to its run path, moving from /home to /root fixes it.

                  I suspect what it is sensitive to is that you have other files in /home (that should not be there). The include is searching the local directory before /etc/inc.

                  C 1 Reply Last reply Reply Quote 1
                  • wgstarksW Offline
                    wgstarks @dennypage
                    last edited by

                    @dennypage
                    The actual file has the proper <?php. I likely missed it when I copy/pasted for the forum post.

                    Box: SG-4200

                    1 Reply Last reply Reply Quote 0
                    • wgstarksW Offline
                      wgstarks
                      last edited by

                      I installed the system patches updates and now if I run the command I don't get any notifications regarding any updates even though there is a pfsense+ update available.
                      Screenshot 2024-11-26 at 2.20.37 PM.png

                      Also don't get any errors.

                      Box: SG-4200

                      1 Reply Last reply Reply Quote 0
                      • C Offline
                        chrcoluk @dennypage
                        last edited by

                        @dennypage yeah makes sense, I use home as a work path for when I modify pfsense files before adding them as patches in the system patches area. Root path doesnt have any hence that path been ok.

                        pfSense CE 2.8.0

                        1 Reply Last reply Reply Quote 0
                        • wgstarksW Offline
                          wgstarks @luckman212
                          last edited by

                          @luckman212 said in Auto update check, checks for updates to base system + packages and sends email alerts:

                          I'm in the process of upgrading my systems to 23.09.1 and will update this script shortly (if it's possible) to handle the new update mechanism.

                          Looks like the script was never updated.☹️
                          GitHub shows the latest update was Mar 2nd, 2022 on gist.

                          Box: SG-4200

                          luckman212L 1 Reply Last reply Reply Quote 0
                          • luckman212L Offline
                            luckman212 LAYER 8 @wgstarks
                            last edited by

                            Yes, sorry to everyone who was waiting on that. Timing of other things just got in the way. I'm going to make another attempt at this. Hopefully it will bear fruit.

                            1 Reply Last reply Reply Quote 5
                            • GertjanG Gertjan referenced this topic on
                            • luckman212L Offline
                              luckman212 LAYER 8
                              last edited by

                              To anyone following this thread: I'm on pfSense+ 25.07 now and testing a new version of the Auto update check script. Once 25.07 is released (in a few days I expect...) I will push this update, should work on current pfSense 2.8.x / 25.07.

                              luckman212L 1 Reply Last reply Reply Quote 8
                              • luckman212L Offline
                                luckman212 LAYER 8 @luckman212
                                last edited by

                                I updated the script and the top post. Please report any issues!

                                M C MarinSNBM 3 Replies Last reply Reply Quote 5
                                • M Offline
                                  mind12 @luckman212
                                  last edited by

                                  @luckman212 Ty for your time. Works great on previous stable 2.7.2.

                                  1 Reply Last reply Reply Quote 0
                                  • C Offline
                                    chrcoluk @luckman212
                                    last edited by chrcoluk

                                    @luckman212 I think mine still works from before on 2.8.0, but I have noticed the first post has no link to the github page, do you mind providing it in there?

                                    Output below from the old version, seems good still. (wgstarks)

                                    # /usr/local/bin/php -q /root/pkg_check.php
                                    System_Patches: 2.2.20_2 ==> 2.2.22
                                    

                                    I will hold of updating the package for now, so if you post the link, I will test the new code.

                                    pfSense CE 2.8.0

                                    luckman212L 1 Reply Last reply Reply Quote 0
                                    • luckman212L Offline
                                      luckman212 LAYER 8 @chrcoluk
                                      last edited by

                                      @chrcoluk It's not a full Git repo, just a Gist as of now. The link should be there but it's https://gist.github.com/luckman212/5e69ecf04e000ace47eb8f760b71e160 in case you need. The revisions are visible if you need to refer to the previous version.

                                      C 1 Reply Last reply Reply Quote 1
                                      • C Offline
                                        chrcoluk @luckman212
                                        last edited by

                                        @luckman212 Thanks, I also see now the link in first post, sorry its obscure as text was same colour.

                                        I confirm it works fine on 2.8.0, both email and cli output work also.

                                        pfSense CE 2.8.0

                                        1 Reply Last reply Reply Quote 1
                                        • MarinSNBM Offline
                                          MarinSNB @luckman212
                                          last edited by

                                          @luckman212

                                          It works great! Thanks so much for all your work on this!

                                          Netgate 6100 Max pfSense+
                                          —>Unifi Aggregation/24 Pro PoE/24 PoE Enterprise switches
                                          —> UCK2+
                                          —> 3x U6E APs

                                          1 Reply Last reply Reply Quote 1
                                          • M Offline
                                            mikethiessen
                                            last edited by

                                            I'm still on 24.11 and I tried this script to see if it would show me that 25.07 is available, but it didn't catch that. I got some other things though.

                                            luckman212L 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.