* Deploys ``apticron`` package that performs checks for available package

  upgrades on daily basis. Mails are delivered to local ``root`` account, and

  can be redirected elsewhere via aliases. If using ``mail_forwarder`` or

  ``mail_server`` roles on the same server, aliases can be set-up through them.

Checking for available package upgrades

---------------------------------------

One of the more annoying chores when you maintain your own infrastructure is

making sure everything is up-to-date. And this has to be done - both in order to

ensure for problem-free experience for users (yourself included), and for making

sure there are no security vulnerabilities that could be exploited by a (random)

adversary.

*Majic Ansible Roles* try to keep you covered on this front as well. As part of

regular deployment, the ``common`` role will deploy and configure ``apticron`` -

a nifty little script that runs on hourly basis and checks if any of your

system-provided packages are outdated.

If ``apticron`` detects an outdated package, it will output this information to

standard output, which will result in the cron daemon sending out an e-mail to

the local root account. These mails can be further directed towards other mail

accounts via aliases (easily achieveable if you use either the

``mail_forwarder`` or ``mail_server`` roles).

No packages will be upgraded automatically - ensuring you can make sure upgrades

occur correctly and do not cause major outage without anyone being present to

fix them.

Another useful package you may want to look into is ``needrestart`` - which runs

as a hook during the upgrade process to detect any processes that seem to be

running with outdated libraries, allowing you to restart them as well. This

package is *not* installed by the ``common`` role out-of-the-box, but you can

easily do so by updating the ``common_packagtes`` setting.