Package: unattended-upgrades
Version: 0.98
Severity: normal
Dear Maintainer,
In /etc/apt/apt.conf.d/50unattended-upgrades, in the the section
labeled "Unattended-Upgrades::Origins-Pattern, there are two problems.
1) The release name is hardcoded to "jessie" in the commented out
example of how to always have the latest software for a named Debian
release, but never automatically upgrade to a new release. This should
default to ${distro_codename}, so people can simply uncomment the
lines to have them work.
2) The line which automatically handles security upgrades is in the
wrong section. It correctly use ${distro_codename}, but is listed with
the archive based matching rules.)
I have an included a patch which fixes those problems.
-- System Information:
Debian Release: 9.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages unattended-upgrades depends on:
ii apt 1.4.7
ii apt-utils 1.4.7
ii debconf [debconf-2.0] 1.5.61
ii init-system-helpers 1.48
ii lsb-base 9.20161125
ii lsb-release 9.20161125
ii python3 3.5.3-1
ii python3-apt 1.4.0~beta3
ii ucf 3.0036
ii xz-utils 5.2.2-1.2+b1
Versions of packages unattended-upgrades recommends:
ii anacron 2.3-24
ii cron [cron-daemon] 3.0pl1-128+b1
Versions of packages unattended-upgrades suggests:
pn bsd-mailx <none>
ii exim4-daemon-light [mail-transport-agent] 4.89-2+deb9u1
pn needrestart <none>
-- debconf information:
* unattended-upgrades/origins_pattern:
"origin=Debian,codename=${distro_codename},label=Debian-Security";
* unattended-upgrades/enable_auto_updates: true
--- /etc/apt/apt.conf.d/50unattended-upgrades.orig 2017-10-01
04:00:12.040037525 -0700
+++ /etc/apt/apt.conf.d/50unattended-upgrades 2017-10-01 04:14:27.382575445
-0700
@@ -19,15 +19,17 @@
// Within lines unattended-upgrades allows 2 macros whose values are
// derived from /etc/debian_version:
// ${distro_id} Installed origin.
-// ${distro_codename} Installed codename (eg, "jessie")
+// ${distro_codename} Installed codename (eg, "buster")
Unattended-Upgrade::Origins-Pattern {
// Codename based matching:
// This will follow the migration of a release through different
// archives (e.g. from testing to stable and later oldstable).
-// "o=Debian,n=jessie";
-// "o=Debian,n=jessie-updates";
-// "o=Debian,n=jessie-proposed-updates";
-// "o=Debian,n=jessie,l=Debian-Security";
+ // Software will be the latest available for the named release,
+ // but the Debian release itself will not be automatically upgraded.
+// "origin=Debian,codename=${distro_codename}";
+// "origin=Debian,codename=${distro_codename}-updates";
+// "origin=Debian,codename=${distro_codename}-proposed-updates";
+ "origin=Debian,codename=${distro_codename},label=Debian-Security";
// Archive or Suite based matching:
// Note that this will silently match a different release after
@@ -37,7 +39,6 @@
// "o=Debian,a=stable-updates";
// "o=Debian,a=proposed-updates";
// "o=Debian Backports,a=${distro_codename}-backports,l=Debian Backports";
- "origin=Debian,codename=${distro_codename},label=Debian-Security";
};
// List of packages to not update (regexp are supported)
