4

I have installed the Unattended Upgrades package and have an apt cron in /etc/cron.daily/aptbut it's not running automatically. There's nothing in /var/log/unattended-upgrades/ and there are pending upgrades..

20auto-upgrades looks like: 

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

50unattended-upgrades looks like: 

// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
        // Archive or Suite based matching:
        // Note that this will silently match a different release after
        // migration to the specified archive (e.g. testing becomes the
        // new stable).
//      "o=Debian,a=stable";
//      "o=Debian,a=stable-updates";
//      "o=Debian,a=proposed-updates";
        "origin=Debian,archive=stable,label=Debian-Security";
        "origin=Debian,archive=oldstable,label=Debian-Security";
};

// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
//      "vim";
//      "libc6";
//      "libc6-dev";
//      "libc6-i686";
};

// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";

// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "true";

// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";

// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
Unattended-Upgrade::Mail "root";

// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";

// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";

// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";


// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";

I have pending upgrades:

Reading state information... Done
The following packages will be upgraded:
  base-files bind9 bind9-host bind9utils ldap-utils libapache2-mod-php5 libbind9-80 libdns88 libisc84 libisccc80 libisccfg82 liblcms1:i386 libldap-2.4-2
  libldap-2.4-2:i386 liblwres80 php5 php5-cli php5-common php5-curl php5-gd php5-mcrypt php5-mysql screen ssl-cert sudo tzdata unzip

Does anyone know what's wrong?

CJD
  • 227
  • 3
  • 5

1 Answers1

1

Your configuration is only applying security updates, as noted in your config with these lines:

"origin=Debian,archive=stable,label=Debian-Security"; "origin=Debian,archive=oldstable,label=Debian-Security";

The remaining upgrades should be from non-security repositories.

If you want those to be upgraded as well, you should uncomment those repositories, and set the archive appropriately for your release. Take special care to read the comment above those repository lines, as it is very important.

You can also check on the activity of unattended-upgrades in /var/log/apt/history.log, and having unattended-upgrades email you will give you more insight into what it is doing.

Hope that helps. =)

Kassandry
  • 639
  • 1
  • 6
  • 15