Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Debian This forum is for the discussion of Debian Linux.


  Search this Thread
Old 02-21-2014, 11:23 PM   #1
LQ 5k Club
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,578
Blog Entries: 31

Rep: Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197
How to configure unattended-upgrades to upgrade updates?

I have not been able to configure unattended-upgrades to automatically upgrade updates as well as the default security upgrades.

/etc/apt/apt.conf.d/50unattended-upgrades must be changed, specifically the Unattended-Upgrade::Origins-Pattern: section.

I could not find documentation or examples on what to put in this section. The as-installed section is:
// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
        // Archive or Suite based matching:
        // Note that this will silently match a different release after
        // migration to the specified archive (e.g. testing becomes the 
        // new stable).
//      "o=Debian,a=stable";
//      "o=Debian,a=stable-updates";
//      "o=Debian,a=proposed-updates";
Why "stable" rather than wheezy? Is it simply a convenience so the file does not have to be changed if the computer is dist upgraded rather doing a fresh installation? (I prefer to use "wheezy" rather than "stable" after we accidentally upgraded squeeze to wheezy by having "stable" rather than "squeeze" in sources.list and a sysadmin's command line typo -- maybe upgrade instead of safe-upgrade).

Why does the default have a label= while the commented out examples do not?

How can valid values for archive and label be found? The sources.list contents do not seem related. The output from apt-cache policy looks similar but after using them ...
... /var/log/unattended-upgrades/unattended-upgrades.log showed no upgrade done:
2014-02-22 07:14:05,344 INFO Starting unattended upgrades script
2014-02-22 07:14:05,344 INFO Allowed origins are: ['origin=Debian,archive=wheezy,label=Debian-Security', 'origin=Debian,archive=wheezy-updates,label=Debian']
2014-02-22 07:14:07,315 INFO No packages found that can be upgraded unattended
Packages have been downloaded to /var/cache/apt/archives, ready to upgrade. Running aptitude safe-upgrade (and declining to continue) lists the same packages:
root:/var/cache/apt/archives# lrt | tail
-rw-r--r-- 1 root root   819046 Feb  2 08:34 linux-libc-dev_3.2.54-2_amd64.deb
-rw-r--r-- 1 root root 23432568 Feb  2 08:34 linux-image-3.2.0-4-amd64_3.2.54-2_amd64.deb
-rw-r--r-- 1 root root    57944 Feb 12 03:23 libyaml-0-2_0.1.4-2+deb7u3_amd64.deb
-rw-r--r-- 1 root root   201956 Feb 15 22:38 libmagic1_5.11-2+deb7u1_amd64.deb
-rw-r--r-- 1 root root    51908 Feb 15 22:38 file_5.11-2+deb7u1_amd64.deb
-rw-r--r-- 1 root root   996478 Feb 20 18:47 postgresql-client-9.1_9.1.12-0wheezy1_amd64.deb
-rw-r--r-- 1 root root  3268826 Feb 20 18:47 postgresql-9.1_9.1.12-0wheezy1_amd64.deb
-rw-r--r-- 1 root root   136580 Feb 20 18:47 libpq5_9.1.12-0wheezy1_amd64.deb
-rw-r--r-- 1 root root   191966 Feb 20 18:47 libpq-dev_9.1.12-0wheezy1_amd64.deb
drwxr-xr-x 2 root root     4096 Feb 22 07:14 partial
root:~# aptitude safe-upgrade
The following packages will be upgraded: 
  apache2 apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common base-files curl file libc-bin libc-dev-bin 
  libc6 libc6-dev libc6-i386 libcurl3 libcurl3-gnutls libmagic1 libmysqlclient-dev libmysqlclient18 libpq-dev libpq5 
  libssl-dev libssl-doc libssl1.0.0 libyaml-0-2 linux-image-3.2.0-4-amd64 linux-libc-dev locales multiarch-support 
  mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 mysql-server-core-5.5 openssl postgresql-9.1 
  postgresql-client-9.1 tzdata wget whois 
39 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/65.6 MB of archives. After unpacking 2,301 kB will be used.
Do you want to continue? [Y/n/?] n
Version: wheezy.

Old 02-22-2014, 03:05 AM   #2
Senior Member
Registered: Oct 2008
Location: S.E. Montana
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,628

Rep: Reputation: 496Reputation: 496Reputation: 496Reputation: 496Reputation: 496
The thought of unattended upgrades gives me chills so I am not much of an expert.

This may be of some help if you have not seen it;


Those are both for Debian 6 but I can't see how 7 would be a lot different.

Or testing or sid for that matter, although auto upgrades in either of those just strikes me as a silly to automate breaking your system.
Old 02-24-2014, 08:35 PM   #3
LQ Guru
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and CentOS
Posts: 6,040

Rep: Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409

I think the answers are in the README:
The main way to specify which packages will be auto-upgraded is by
means of their "origin" and "archive". These are taken respectively
from the Origin and Suite fields of the respository's Release file
So look in your /var/lib/apt/lists/*_Release files. These also seems to provide the "label" value.


Old 02-25-2014, 04:08 AM   #4
LQ 5k Club
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,578

Original Poster
Blog Entries: 31

Rep: Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197Reputation: 1197
Thanks both

I tried values shown both by apt-cache policy output and as listed in the /var/lib/apt/lists/*debian*_Release files, with and without label= and (clutching at straws) with o= and a= rather than origin= and archive=. Using those configurations, nothing would have been upgraded, as tested by unattended-upgrade --dry-run

Finally I used the sample values listed commented out in the as-installed /etc/apt/apt.conf.d/50unattended-upgrades file:
They worked.

It will be interesting to find out what happens when wheezy is no longer stable but oldstable.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Unattended upgrades: how to automate a few each day? catkin Debian 10 01-19-2014 04:10 AM
Can squid be used to cache OS updates/upgrades? memilanuk Linux - Server 8 02-15-2013 04:08 PM
Ubuntu Updates/Upgrades henriQ Linux - Newbie 11 06-20-2012 09:01 AM
Unattended Updates rkfb Debian 2 02-19-2011 04:08 PM
Is /home ever touched by upgrades or updates? Haz2a Linux - General 5 10-18-2006 09:44 AM > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 09:26 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration