On Thu, Mar 07, 2013 at 04:43:03PM +0100, g0to wrote: > Package: unattended-upgrades > Version: 0.79.4 > Severity: grave > Tags: security > Justification: renders package unusable
Thanks for your bugreport. > after trying to make it run by myself and googling and make a few questions > here[1] and there[2], I've decided to contact you to report what seems to be > a lack of functionality of the package. > > Following the instructions in "/usr/share/doc/unattended-upgrades/README", > after installing the package, I enabled it > > sudo dpkg-reconfigure -plow unattended-upgrades > > uncommented the proper lines in "/etc/apt/apt.conf.d/50unattended-upgrades" > (below) and waited for it to unattendedly keeps my system update. But that > didn't happen. > After checking the logs in "/var/log/unattended-upgrades/" and > "/var/log/apt/history.log" for several days, no activity was recorded there. > I also tried running it in the "--dry-run" way and it "dry worked" with no > errors. > > I've tagged the bug like a security issue because someone could trust the > security updates of their system after installing and enabling the package > and don't check if it's working after a long, and potentially insecure, time. > > Thank you for your time and for your job maintaining the package. The way you enabled it should work so I would need some additional information from you to figure out what is going on. Could you please send me the output of: $ apt-config dump|grep Periodic and then the debug output that: $ sudo unattended-upgrade --debug --dry-run > /tmp/un.output 2&>1 This will generate a file /tmp/un.output that I need too. and finally the file: /var/log/unattended-upgrades/unattended-upgrades.log That hopefully gives me enough information to figure out what is going on. I suspect for some reason the script is not run in your cron which is strange. It hooks into /etc/cron.daily/apt, you can also run: $ sudo sh -x /etc/cron.daily/apt and add the output to this report as well. Note that this code has a sleep (to distribute load better) in it, so the command will take some minutes to complete. Cheers, Michael > Cheers, > g0to > > [1] > http://serverfault.com/questions/483751/unattended-upgrades-doesnt-upgrade-or-does-nothing-at-all > [2] http://lists.debian.org/debian-user/2013/03/msg00394.html > > > -- System Information: > Debian Release: 7.0 > Architecture: armhf (armv6l) > > Kernel: Linux 3.6.11+ (PREEMPT) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages unattended-upgrades depends on: > ii apt 0.9.7.7+rpi1 > ii apt-utils 0.9.7.7+rpi1 > ii debconf [debconf-2.0] 1.5.49 > ii lsb-base 4.1+Debian8+rpi1 > ii lsb-release 4.1+Debian8+rpi1 > ii python 2.7.3-4 > ii python-apt 0.8.8.1 > ii ucf 3.0025+nmu3 > ii xz-utils 5.1.1alpha+20120614-2 > > unattended-upgrades recommends no packages. > > Versions of packages unattended-upgrades suggests: > pn bsd-mailx <none> > pn mail-transport-agent <none> > > -- Configuration Files: > /etc/apt/apt.conf.d/50unattended-upgrades changed: > // Automatically upgrade packages from these origin patterns > Unattended-Upgrade::Origins-Pattern { > // Codename based matching: > // This will follow the migration of a release through different > // archives (e.g. from testing to stable and later oldstable). > "o=Debian,n=wheezy"; > "o=Debian,n=wheezy-updates"; > "o=Debian,n=wheezy-proposed-updates"; > "o=Debian,n=wheezy,l=Debian-Security"; > // Archive or Suite based matching: > // Note that this will silently match a different release after > // migration to the specified archive (e.g. testing becomes the > // new stable). > // "o=Debian,a=stable"; > // "o=Debian,a=stable-updates"; > // "o=Debian,a=proposed-updates"; > // "origin=Debian,archive=stable,label=Debian-Security"; > }; > // List of packages to not update > Unattended-Upgrade::Package-Blacklist { > // "vim"; > // "libc6"; > // "libc6-dev"; > // "libc6-i686"; > }; > // This option allows you to control if on a unclean dpkg exit > // unattended-upgrades will automatically run > // dpkg --force-confold --configure -a > // The default is true, to ensure updates keep getting installed > //Unattended-Upgrade::AutoFixInterruptedDpkg "false"; > // Split the upgrade into the smallest possible chunks so that > // they can be interrupted with SIGUSR1. This makes the upgrade > // a bit slower but it has the benefit that shutdown while a upgrade > // is running is possible (with a small delay) > //Unattended-Upgrade::MinimalSteps "true"; > // Install all unattended-upgrades when the machine is shuting down > // instead of doing it in the background while the machine is running > // This will (obviously) make shutdown slower > //Unattended-Upgrade::InstallOnShutdown "true"; > // Send email to this address for problems or packages upgrades > // If empty or unset then no email is sent, make sure that you > // have a working mail setup on your system. A package that provides > // 'mailx' must be installed. E.g. "u...@example.com" > //Unattended-Upgrade::Mail "root" > // Set this value to "true" to get emails only on errors. Default > // is to always send a mail if Unattended-Upgrade::Mail is set > //Unattended-Upgrade::MailOnlyOnError "true"; > // Do automatic removal of new unused dependencies after the upgrade > // (equivalent to apt-get autoremove) > Unattended-Upgrade::Remove-Unused-Dependencies "true"; > // Automatically reboot *WITHOUT CONFIRMATION* if a > // the file /var/run/reboot-required is found after the upgrade > Unattended-Upgrade::Automatic-Reboot "true"; > // Use apt bandwidth limit feature, this example limits the download > // speed to 70kb/sec > //Acquire::http::Dl-Limit "70"; > > > -- debconf information: > * unattended-upgrades/enable_auto_updates: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
