After installing unattended-upgrades 1.11.2 on buster I am seeing this:
// Within lines unattended-upgrades allows 2 macros whose values are
// derived from /etc/debian_version:
// ${distro_id} Installed origin.
// ${distro_codename} Installed codename (eg, "buster")
Unattended-Upgrade::Origins-Pattern {
// Codename based matching:
// This will follow the migration of a release through different
// archives (e.g. from testing to stable and later oldstable).
// Software will be the latest available for the named release,
// but the Debian release itself will not be automatically upgraded.
// "origin=Debian,codename=${distro_codename}-updates";
// "origin=Debian,codename=${distro_codename}-proposed-updates"; "origin=Debian,codename=${distro_codename},label=Debian"; "origin=Debian,codename=${distro_codename},label=Debian-Security";
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
// "o=Debian,a=stable";
// "o=Debian,a=stable-updates";
// "o=Debian,a=proposed-updates";
// "o=Debian Backports,a=${distro_codename}-backports,l=Debian Backports";
};
Based on the comment above, this is the desired setting that should work? The 2020-09-13 image is too new to have any pending security updates.
$ sudo unattended-upgrade --dry-run
$ cat /var/log/unattended-upgrades/unattended-upgrades.log
2020-02-17 17:23:12,666 INFO Checking if system is running on battery is skipped. Please install powermgmt-base package to check power status and skip installing updates when the system is running on battery.
2020-02-17 17:23:13,016 INFO Initial blacklist :
2020-02-17 17:23:13,026 INFO Initial whitelist:
2020-02-17 17:23:13,032 INFO Starting unattended upgrades script
2020-02-17 17:23:13,039 INFO Allowed origins are: origin=Debian,codename=buster,label=Debian, origin=Debian,codename=buster,label=Debian-Security
2020-02-17 17:23:35,232 INFO No packages found that can be upgraded unattended and no pending auto-removals
After installing unattended-upgrades 1.11.2 on buster I am seeing this:
// Within lines unattended-upgrades allows 2 macros whose values are version: Upgrade: :Origins- Pattern { Debian, codename= ${distro_ codename} -updates" ; Debian, codename= ${distro_ codename} -proposed- updates" ;
"origin= Debian, codename= ${distro_ codename} ,label= Debian" ;
"origin= Debian, codename= ${distro_ codename} ,label= Debian- Security" ;
// derived from /etc/debian_
// ${distro_id} Installed origin.
// ${distro_codename} Installed codename (eg, "buster")
Unattended-
// Codename based matching:
// This will follow the migration of a release through different
// archives (e.g. from testing to stable and later oldstable).
// Software will be the latest available for the named release,
// but the Debian release itself will not be automatically upgraded.
// "origin=
// "origin=
// Archive or Suite based matching: a=stable" ; a=stable- updates" ; a=proposed- updates" ; a=${distro_ codename} -backports, l=Debian Backports";
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
// "o=Debian,
// "o=Debian,
// "o=Debian,
// "o=Debian Backports,
};
Based on the comment above, this is the desired setting that should work? The 2020-09-13 image is too new to have any pending security updates.
$ sudo unattended-upgrade --dry-run unattended- upgrades/ unattended- upgrades. log Debian, codename= buster, label=Debian, origin= Debian, codename= buster, label=Debian- Security
$ cat /var/log/
2020-02-17 17:23:12,666 INFO Checking if system is running on battery is skipped. Please install powermgmt-base package to check power status and skip installing updates when the system is running on battery.
2020-02-17 17:23:13,016 INFO Initial blacklist :
2020-02-17 17:23:13,026 INFO Initial whitelist:
2020-02-17 17:23:13,032 INFO Starting unattended upgrades script
2020-02-17 17:23:13,039 INFO Allowed origins are: origin=
2020-02-17 17:23:35,232 INFO No packages found that can be upgraded unattended and no pending auto-removals