root@uu-sru-x:~# unattended-upgrade --verbose Initial blacklisted packages: Initial whitelisted packages: Starting unattended upgrades script Allowed origins are: o=Ubuntu,a=xenial, o=Ubuntu,a=xenial-security, o=UbuntuESM,a=xenial Packages that will be upgraded: root@uu-sru-x:~# update-motd Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 5.0.0-32-generic x86_64)
* Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 0 packages can be updated. 0 updates are security updates. 1 updates could not be installed automatically. For more details, see /var/log/unattended-upgrades/unattended-upgrades.log root@uu-sru-x:~# dpkg -l unattended-upgrades | cat Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-===================-==========================-============-=========================================== ii unattended-upgrades 1.1ubuntu1.18.04.7~16.04.4 all automatic installation of security upgrades ** Tags removed: verification-needed verification-needed-bionic verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unattended-upgrades in Ubuntu. https://bugs.launchpad.net/bugs/1823070 Title: unattended-upgrades should tell the user (via motd) when security updates are held back Status in unattended-upgrades package in Ubuntu: Fix Released Status in unattended-upgrades source package in Xenial: Fix Committed Status in unattended-upgrades source package in Bionic: Fix Committed Status in unattended-upgrades source package in Disco: Fix Committed Bug description: [Impact] * MOTD does not go into details about upgradable packages being security fixes or just normal updates. * Users should be made aware if some of the security updates could not have been applied. * The fix is adding a snipped to MOTD where the number of packages kept back by unattended-upgrades is shown. [Test Case] * The debian/tests/upgrade-all-security is extended to check if the number of kept back packages are shown in MOTD and a new test is added (test/test_motd.py) to check if the list of kept back packages are saved properly. * To test the fix manually: 1. Mark a package upgradable from the -security pocket as held, then run unattended-upgrades. 2. Observe MOTD messate showing the number of packages being kept back. [Regression Potential] * Unattended-upgrades may crash when saving kept packages and always return with failure. MOTD may hang or print error while printing the packages kept back by u-u. * It is not a regression, but the log referenced in MOTD does not always contain explanation why each package was kept back, unless debugging is enabled. One case where packages are not mentioned in the log is when the packages are held using 'apt-mark hold' command. [Original Bug Text] Currently we have the following pieces as part of the default UX on Ubuntu 18.04 and later: 1) unattended-upgrades automatically installs security updates daily by default 2) the motd reports the number of available updates, including security updates. A user who knows about 1) also knows that a non-zero number of pending security updates listed in 2) is nothing to worry about. However, unattended-upgrades will also cleverly detect when a security update cannot safely be installed non-interactively due to conffile changes on the system. In this case, unattended-upgrades should also inform the user via the motd that these updates are not being installed. Otherwise, there's nothing to tell the user that the non-zero count of available security updates in motd is a *problem*. Suggested wording: N security updates will not be automatically installed due to local changes. See /var/log/foo for details. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1823070/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
