From ec677f720daa3610617cca8cfa0effeb479c03cd Mon Sep 17 00:00:00 2001
From: Romain Dessort <rdessort@evolix.fr>
Date: Wed, 30 Nov 2016 11:39:25 -0500
Subject: [PATCH] Add a check to ensure system is upgraded periodically

---
 evocheck.sh | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/evocheck.sh b/evocheck.sh
index dcb2dbd..09128e0 100755
--- a/evocheck.sh
+++ b/evocheck.sh
@@ -71,6 +71,7 @@ IS_UPTIME=1
 IS_MUNINRUNNING=1
 IS_BACKUPUPTODATE=1
 IS_GITPERMS=1
+IS_NOTUPGRADED=1
 
 #Proper to OpenBSD
 IS_SOFTDEP=1
@@ -438,6 +439,18 @@ if [ -e /etc/debian_version ]; then
     if [ "$IS_GITPERMS" = 1 ]; then
         [ "$(stat -c "%a" /etc/.git/)" = "700" ] || echo 'IS_GITPERMS FAILED!'
     fi
+
+    # Check if /etc/.git/ has read/write permissions for root only.
+    if [ "$IS_NOTUPGRADED" = 1 ]; then
+        last_upgrade=$(date +%s -d $(zgrep -h upgrade /var/log/dpkg.log* |sort -n |tail -1 |cut -f1 -d ' '))
+        limit=$(date +%s -d "now - 42 days")
+        if [ -f /var/log/evolinux/00_prepare_system.log ]; then
+            install_date=$(stat -c %Z /var/log/evolinux/00_prepare_system.log)
+        else
+            install_date=0
+        fi
+        [ $install_date -lt $limit ] && [ $last_upgrade -lt $limit ] && echo 'IS_NOTUPGRADED FAILED!'
+    fi
     
 fi