Unattended Upgrades Doc Bug

Bug #1690224 reported by Vincent Cardillo
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu Server Guide
Fix Released
Undecided
Doug Smythies

Bug Description

Re: https://help.ubuntu.com/lts/serverguide/automatic-updates.html

Specifically:

To configure unattended-upgrades, edit /etc/apt/apt.conf.d/50unattended-upgrades and adjust the following to fit your needs:

Unattended-Upgrade::Allowed-Origins {
        "Ubuntu xenial-security";
// "Ubuntu xenial-updates";
};

However:

$ cat /etc/apt/apt.conf.d/50unattended-upgrades
// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
 "${distro_id}:${distro_codename}-security";
// "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
};

The "${distro_id}:${distro_codename}" format is not mentioned in the docs.

Revision history for this message
Doug Smythies (dsmythies) wrote :

Confirmed: serverguide/C/package-management.xml line 332.

Changed in serverguide:
status: New → Confirmed
assignee: nobody → Doug Smythies (dsmythies)
Changed in serverguide:
status: Confirmed → Fix Committed
Revision history for this message
Vincent Cardillo (vincent-z) wrote :

There's another issue I noticed in 16.04 that doesn't happen in 14.04:

Initially, the file /etc/apt/apt.conf.d/50unattended-upgrades is as expected, with everything commented out except the "-security" repository, meaning that only security updates will be applied automatically. *However*, after the first time the `unattended-upgrades` program is run, it overwrites the existing `50unattended-upgrades` file (also indicated in the output logs), and adds an additional, uncommented line, which is: "${distro_id}:${distro_codename}";

Therefore after first run, the state is:

Unattended-Upgrade::Allowed-Origins {
 "${distro_id}:${distro_codename}";
 "${distro_id}:${distro_codename}-security";
// "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
};

This could create unexpected and undesirable behavior for a sysadmin. The documentation should instruct the operator to run the unattended-upgrades program once, and correct that file after it runs the first time.

Revision history for this message
Vincent Cardillo (vincent-z) wrote :

These are the relevant lines from unattended-upgrades-dpkg.log:

Setting up unattended-upgrades (0.90ubuntu0.1) ...
Replacing config file /etc/apt/apt.conf.d/50unattended-upgrades with new version
update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults

Notice the middle line.

Revision history for this message
Doug Smythies (dsmythies) wrote :

@Vincent: There is a mess going on right now with updates. I have asked for help from the Server team.

Changed in serverguide:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.