Package: unattended-upgrades
Version: 0.79.4
Severity: grave
Tags: security
Justification: renders package unusable
Dear Maintainer,
after trying to make it run by myself and googling and make a few questions
here[1] and there[2], I've decided to contact you to report what seems to be a
lack of functionality of the package.
Following the instructions in "/usr/share/doc/unattended-upgrades/README",
after installing the package, I enabled it
sudo dpkg-reconfigure -plow unattended-upgrades
uncommented the proper lines in "/etc/apt/apt.conf.d/50unattended-upgrades"
(below) and waited for it to unattendedly keeps my system update. But that
didn't happen.
After checking the logs in "/var/log/unattended-upgrades/" and
"/var/log/apt/history.log" for several days, no activity was recorded there.
I also tried running it in the "--dry-run" way and it "dry worked" with no
errors.
I've tagged the bug like a security issue because someone could trust the
security updates of their system after installing and enabling the package and
don't check if it's working after a long, and potentially insecure, time.
Thank you for your time and for your job maintaining the package.
Cheers,
g0to
[1]
http://serverfault.com/questions/483751/unattended-upgrades-doesnt-upgrade-or-does-nothing-at-all
[2] http://lists.debian.org/debian-user/2013/03/msg00394.html
-- System Information:
Debian Release: 7.0
Architecture: armhf (armv6l)
Kernel: Linux 3.6.11+ (PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages unattended-upgrades depends on:
ii apt 0.9.7.7+rpi1
ii apt-utils 0.9.7.7+rpi1
ii debconf [debconf-2.0] 1.5.49
ii lsb-base 4.1+Debian8+rpi1
ii lsb-release 4.1+Debian8+rpi1
ii python 2.7.3-4
ii python-apt 0.8.8.1
ii ucf 3.0025+nmu3
ii xz-utils 5.1.1alpha+20120614-2
unattended-upgrades recommends no packages.
Versions of packages unattended-upgrades suggests:
pn bsd-mailx <none>
pn mail-transport-agent <none>
-- Configuration Files:
/etc/apt/apt.conf.d/50unattended-upgrades changed:
// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
// Codename based matching:
// This will follow the migration of a release through different
// archives (e.g. from testing to stable and later oldstable).
"o=Debian,n=wheezy";
"o=Debian,n=wheezy-updates";
"o=Debian,n=wheezy-proposed-updates";
"o=Debian,n=wheezy,l=Debian-Security";
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
// "o=Debian,a=stable";
// "o=Debian,a=stable-updates";
// "o=Debian,a=proposed-updates";
// "origin=Debian,archive=stable,label=Debian-Security";
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
// dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "true";
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "u...@example.com"
//Unattended-Upgrade::Mail "root"
// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
Unattended-Upgrade::Remove-Unused-Dependencies "true";
// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
Unattended-Upgrade::Automatic-Reboot "true";
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";
-- debconf information:
* unattended-upgrades/enable_auto_updates: true
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
