make /usr/libexec/security-misc/apt-get-update more reliable

usr/libexec/security-misc/apt-get-update

@@ -11,31 +11,25 @@ set -o pipefail
 export LC_ALL=C
 pidfile="/run/helper-scripts/security-misc-apt-get-update-pid"
 
-write_pid_file() {
+sigterm_trap() {
-  safe-rm -r -f -- "$pidfile"
+   /usr/libexec/helper-scripts/apt-get-update-kill-helper
-  install -m644 /dev/null "$pidfile"
+   exit 143
-  echo "$$" | sponge -- "$pidfile"
 }
 
-sigterm_trap() {
+## terminate potential previous invocations.
-   if [ "$lastpid" = "" ]; then
+/usr/libexec/helper-scripts/apt-get-update-kill-helper
-      exit 143
-   fi
-   if ! kill -0 -- "$lastpid" &>/dev/null ; then
-      exit 143
-   fi
-   kill -s sigterm -- "$lastpid"
-   exit 143
-}
 
 trap "sigterm_trap" SIGTERM SIGINT
 
 [[ -v timeout_after ]] || timeout_after="600"
 [[ -v kill_after ]] || kill_after="10"
 
-write_pid_file
+start-stop-daemon \
-
+  --make-pidfile \
-timeout \
+  --pidfile "$pidfile" \
+  --exec /usr/bin/timeout \
+  --start \
+  -- \
     --kill-after="$kill_after" \
     "$timeout_after" \
       apt-get update --error-on=any "$@" &