Re: Unattended upgrades.
- Date: Fri, 24 Mar 2017 17:13:21 +0000
- From: Lisi Reisz <lisi.reisz@xxxxxxxxx>
- Subject: Re: Unattended upgrades.
On Friday 24 March 2017 09:56:23 didier gaumet wrote:
> Le 24/03/2017 à 09:41, Lisi Reisz a écrit :
> > Let's start with the file you mention:
> > /etc/apt/apt.conf.d/20auto-upgrades It isn't there.
> the Debian wiki indicates that it has to be created, either by typing a
> content in an editor or you can symply type as root:
> # dpkg-reconfigure -plow unattended-upgrades
This is what I had missed! I have now run it.
> > lisi@Eros:~$ su
> > Password:
> > root@Eros:/home/lisi# unattended-upgrades
> > root@Eros:/home/lisi#
> > What has that done? I can verify nothing because I can't see what it has
> > or has not done. It took a long while doing it, but appears to have dome
> > nothing.
> unattended-upgrades is not intended to be interactive (all benefit would
> be lost), so it does not display anything.
> if you want to observe how unattended-upgrades has run, you may examine
> the content of:
This I had seen, but not "got" anywhere with them before. Having run
# dpkg-reconfigure -plow unattended-upgrades
unattended-upgrades.log exists and is not empty.
still does not exist, but it has clearly not yet been called for. Hopefully
it will tell me when unattended-upgrades has run.
> > If I have to run it myself, then it isn't working. The whole point, from
> > my point of view, is for it to work unattended.
> you do not have to run unattended-upgrades yourself: I was suggesting to
> run unattended-upgrades yourself just un order to verify it runs when
> to work unattended, unattended-upgaded has:
> - to be installed
> - to be told what and how to upgrade (that is the role of
> - to be told when to upgrade (that is the role of
> /etc/apt/apt.conf.d/20auto-upgrades), else it never runs.
> > I have clearly completely misunderstood what unattended-upgrades is
> > intended to do. If it won't work automatically but requires me to run
> > it, in what sense is it unattended? It said that it runs by default. I
> > have obviously misunderstood what "run" means in this context.
> > As I said above, /etc/apt/apt.conf.d/20auto-upgrades doesn't exist.
> > That is what I have been trying unsuccessfully to achieve. If the
> > defaults work fine, then what are they doing? If I need to run it, in
> > what way is it any different from or preferable to any other method of
> > running upgrades?
> > So, to summarise, it is my expectations that are at fault.
> > Unattended-upgrades does not by default run unattended. One has to set
> > up a cron job or something.
> > Having been reading the file /etc/apt/apt.conf.d/50unattended-upgrades,
> > which does exist, I have come to the conclusion that sadly this is all
> > well above my pay-grade anyway.
> I would summarize it differently: installing unattended-upgrades is not
> sufficient, it has to be set-up and its default setup is valid for a
> reasonable goal.
Yes. Thank you. I had not succeeded in setting it up. let us hope that I
> For basic needs (automatic upgrades of security fixes for the stable
> channel of Debian):
> # apt-get install unattended-upgrades
> # dpkg-reconfigure -plow unattended-upgrades
> is sufficient.
Fingers crossed, all is now well. Thank you.
> If you have different or mode elaborate needs, you have to fiddle with
> the set-up.
> There are other ways of getting automatic upgrades, the only one I have
> tested is cron-apt and I reckon unattended-upgrades is probably simpler.
Thank you for your help. Let us hope that all is now well! I shall have to
leave my desktop un-upgraded for a bit in order to see - I normally check for
> NOTE: It appears that upgrade-system is a package that could interest
> you: having looked quickly at it (but having never tested it), it seems
> to require no set-up, just to be installed, to automatically upgrade all
> packages to their newest version available (do not forget to do an
> apt-get purge unattended-upgrades, it would be cleaner that way).
No, this is the "Ubuntu way" that I specifically wanted to avoid. When all
updating is set up up to run automatically in this way.
I dislike any and all automatic upgrades. I have no doubt that I could use
them to get myself, or anyone else, in an infernal mess. I have however got
a particular problem at the moment, and after the discussion on the list
about the fact that unattended-upgrades are now installed by default I felt
that I should consider going that way. I am putting it on my machine with
trepidation and worry, but I must test it on myself first.
I want it because I have two clients 11 miles away and am partially sighted:
i.e. 11 miles is a long way. My husband has been seriously ill and I have
been unable to go out far or for long. Teamviewer has taken a dive. Getting
at least security upgrades done has become urgent. The clients cannot be
persuaded to regard it as so! (They could bring their computers to me.) I
would like, next time I get access, to set up both their computers to at
least install important security upgrades automatically, for next time I
can't get out, anyhow until I manage to set up remote access. They have
dynamic IP and a somewhat tricky ISP supplied router. Again, I need access,
and for more than a few minutes.