1

unattended-upgrades seems to skip certain upgrades, e. g. google chrome upgrade. A subsequent call of apt-get upgrade then finds and installs the ugrade. Does this mean, I must schedule apt-get upgrade in addition to my unattended-upgrades config if I want everything automated?

I have configured /etc/apt/apt.conf.d/20auto-upgrades like this:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "0";
APT::Periodic::Unattended-Upgrade "1";

And this is my 50unattended-upgrades config (I have taken out all commented lines for better readability):

Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}";
    "${distro_id}:${distro_codename}-security";
    "${distro_id}ESMApps:${distro_codename}-apps-security";
    "${distro_id}ESM:${distro_codename}-infra-security";
    "${distro_id}:${distro_codename}-updates";
};
Unattended-Upgrade::Package-Blacklist {
};
Unattended-Upgrade::DevRelease "auto";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
Unattended-Upgrade::Automatic-Reboot-Time "08:00";

In principle my unattended-upgrade runs regularly and ok.

A time lag between unattended-upgrades and apt-get upgrade is not the explanation because I had also manually started unattended-upgrades right before apt-get upgrade when I encountered the issue.

Thanks for any help

bpn

2 Answers2

1

Shame on me. I found the answer myself on askubuntu:

https://askubuntu.com/questions/64318/how-can-i-enable-silent-automatic-updates-for- google-chrome

The allowed origins above don't include 3rd party sources. So I added "Google LLC:stable"; to the allowed origins in 50unattended-upgrades

Sorry again. I should have googled "unattended-upgrades" in combination with "google chrome".

0

Check your /etc/apt/apt.conf.d/50unattended-upgrades:

it most probably looks like this:

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        // Extended Security Maintenance; doesn't necessarily exist for
        // every release and this system may not have it installed, but if
        // available, the policy for updates is such that unattended-upgrades
        // should also install from here by default.
        "${distro_id}ESMApps:${distro_codename}-apps-security";
        "${distro_id}ESM:${distro_codename}-infra-security";
//      "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};

In this configuration only security updates will be updated automatically. If you want to have more updated automatically, you can remove the comments in those lines.

Gerald Schneider
  • 19,757
  • 8
  • 52
  • 79
  • Thanks Gerald. However if you have a look at my post where I have pasted the 50unattended-upgrades: I have specified "${distro_id}:${distro_codename}-updates"; I would like to not specifying proposed and backports – user3599802 May 12 '22 at 12:33