Check Debian Security repository from apt-cache policy output

Instead of parsing files,we can ask apt-cache to list the enabled repository
and look for one labeled "Debian-Security" provided by Debian.

linux/CHANGELOG

@@ -9,6 +9,8 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
 
 ### Changed
 
+* IS_DEBIANSECURITY: check Debian Security repository from apt-cache policy output
+
 ### Deprecated
 
 ### Removed

linux/evocheck.sh

@@ -226,20 +226,9 @@ check_syslogconf() {
         || failed "IS_SYSLOGCONF" "syslog evolix config file missing"
 }
 check_debiansecurity() {
-    if is_debian_bullseye; then
+    # Look for enabled "Debian-Security" sources from the "Debian" origin
-        # https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.html#security-archive
+    apt-cache policy | grep "\bl=Debian-Security\b" | grep "\bo=Debian\b" | grep --quiet "\bc=main\b"
-        # https://www.debian.org/security/
+    test $? -eq 0 || failed "IS_DEBIANSECURITY" "missing Debian-Security repository"
-        pattern="^deb  ?(\[.*\])? ?http://security\.debian\.org/debian-security/? bullseye-security main"
-    elif is_debian_buster; then
-        pattern="^deb  ?(\[.*\])? ?http://security\.debian\.org/debian-security/? buster/updates main"
-    elif is_debian_stretch; then
-        pattern="^deb  ?(\[.*\])? ?http://security\.debian\.org/debian-security/? stretch/updates main"
-    else
-        pattern="^deb.*security"
-    fi
-
-    source_file="/etc/apt/sources.list"
-    grep -qE "${pattern}" "${source_file}" || failed "IS_DEBIANSECURITY" "missing debian security repository"
 }
 check_aptitudeonly() {
     if is_debian_squeeze || is_debian_wheezy; then