Devuan bug report logs - #78
unattended-upgrades: Default config for Origins-Pattern is for Debian, does not match Devuan repos/packages

version graph

Package: unattended-upgrades; Maintainer for unattended-upgrades is Devuan Developers <devuan-dev@lists.dyne.org>; Source for unattended-upgrades is src:unattended-upgrades.

Reported by: bobemoe/gup <inbox.devuanbugs@jhodges.co.uk>

Date: Fri, 19 May 2017 17:33:01 UTC

Severity: normal

Found in version 1.11.2

Fixed in version 2.9.1+nmu3

Done: Mark Hindley <mark@hindley.org.uk>

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#78; Package unattended-upgrades. (full text, mbox, link).


Acknowledgement sent to bobemoe/gup <inbox.devuanbugs@jhodges.co.uk>:
New bug report received and forwarded. Copy sent to owner@bugs.devuan.org.

Your message specified a Severity: in the pseudo-header, but the severity value important was not recognised. The default severity normal is being used instead. The recognised values are: critical, grave, normal, minor, wishlist.

(full text, mbox, link).


Message #5 received at submit@bugs.devuan.org (full text, mbox, reply):

From: bobemoe/gup <inbox.devuanbugs@jhodges.co.uk>
To: Devuan Bug Tracking System <submit@bugs.devuan.org>
Subject: unattended-upgrades: Default config for Origins-Pattern is for Debian, does not match Devuan repos/packages
Date: Fri, 19 May 2017 18:13:34 +0100
Package: unattended-upgrades
Version: 0.83.3.2+deb8u1
Severity: important

I think the expected behaviour for unattended-upgrades with default
configuration is to only install security updates, however no updates are
installed at all.

The only uncommented line in /etc/apt/apt.conf.d/50unattended-upgrades is:
"origin=Debian,codename=${distro_codename},label=Debian-Security";
which looks like it should match the security repo, but for Devuan it 
does not.
I have added this line:
"a=stable-security,label=Devuan";
Which now correctly matches updates from the security repo.

This means manual intervention is required to configure the package to 
achieve
what is expected default behaviour, someone installing this package assuming
that it will apply security updates may get a nasty surprise!

I'm not sure the best way to fix this, adding the line as I have done 
feels a
bit like a workaround, as a comment in the config file says it reads 
variables
from /etc/debian_version, but this is not present on Devuan. We probably 
need
to patch something to read the /etc/devuan_version file. However, this 
alone
I don't think will solve the issue as it looks like origin, codename and 
label
differ between Debian and Devuan repos, so all the other example 
patterns in the
file may also need tweaking one way or another.

If I get a chance I will take a deeper look but it may be a while.

-- System Information:
Distributor ID:    Devuan
Description:    Devuan GNU/Linux 1.0 (jessie)
Release:    1.0
Codename:    jessie
Architecture: x86_64

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages unattended-upgrades depends on:
ii  apt                    1.0.9.8.4
ii  apt-utils              1.0.9.8.4
ii  debconf [debconf-2.0]  1.5.56
ii  init-system-helpers    1.24+devuan1.0
ii  lsb-base               4.1+devuan2
ii  lsb-release            4.1+devuan2
ii  python3                3.4.2-2
ii  python3-apt            0.9.3.12
ii  ucf                    3.0030
ii  xz-utils               5.1.1alpha+20120614-2+b3

unattended-upgrades recommends no packages.

Versions of packages unattended-upgrades suggests:
ii  bsd-mailx                                  8.1.2-0.20141216cvs-2
ii  exim4-daemon-light [mail-transport-agent]  4.84.2-2+deb8u3

-- Configuration Files:
/etc/apt/apt.conf.d/50unattended-upgrades changed:
// Unattended-Upgrade::Origins-Pattern controls which packages are
// upgraded.
//
// Lines below have the format format is "keyword=value,...".  A
// package will be upgraded only if the values in its metadata match
// all the supplied keywords in a line.  (In other words, omitted
// keywords are wild cards.) The keywords originate from the Release
// file, but several aliases are accepted.  The accepted keywords are:
//   a,archive,suite (eg, "stable")
//   c,component     (eg, "main", "crontrib", "non-free")
//   l,label         (eg, "Debian", "Debian-Security")
//   o,origin        (eg, "Debian", "Unofficial Multimedia Packages")
//   n,codename      (eg, "jessie", "jessie-updates")
//     site          (eg, "http.debian.net")
// The available values on the system are printed by the command
// "apt-cache policy", and can be debugged by running
// "unattended-upgrades -d" and looking at the log file.
//
// Within lines unattended-upgrades allows 2 macros whose values are
// derived from /etc/debian_version:
//   ${distro_id}            Installed origin.
//   ${distro_codename}      Installed codename (eg, "jessie")
Unattended-Upgrade::Origins-Pattern {
        // Codename based matching:
        // This will follow the migration of a release through different
        // archives (e.g. from testing to stable and later oldstable).
//      "o=Debian,n=jessie";
//      "o=Debian,n=jessie-updates";
//      "o=Debian,n=jessie-proposed-updates";
//      "o=Debian,n=jessie,l=Debian-Security";
        // Archive or Suite based matching:
        // Note that this will silently match a different release after
        // migration to the specified archive (e.g. testing becomes the
        // new stable).
//      "o=Debian,a=stable";
//      "o=Debian,a=stable-updates";
//      "o=Debian,a=proposed-updates";
"origin=Debian,codename=${distro_codename},label=Debian-Security";
        "a=stable-security,label=Devuan";
};
// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
//    "vim";
//    "libc6";
//    "libc6-dev";
//    "libc6-i686";
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "true";
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";
// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
// Automatically reboot *WITHOUT CONFIRMATION* if
//  the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";
// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";


-- debconf information:
  unattended-upgrades/enable_auto_updates: false
bob@chodbox:~$




Reply sent to Evilham <devuan@evilham.com>:
You have taken responsibility. (full text, mbox, link).


Notification sent to bobemoe/gup <inbox.devuanbugs@jhodges.co.uk>:
bug acknowledged by developer. (full text, mbox, link).


Message #10 received at 78-done@bugs.devuan.org (full text, mbox, reply):

From: Evilham <devuan@evilham.com>
To: 78-done@bugs.devuan.org
Subject: Fixed in newer version
Date: Sun, 17 Dec 2017 22:22:35 +0100
A new version of unattended-upgrades fixes this issue in both jessie and
ascii.
A patch has been sent upstream for beowulf+ support.
-- 
Evilham


Marked as found in versions 1.11.2 and reopened. Request was from Dennis Camera <dennis.camera@ssrq-sds-fds.ch> to control@bugs.devuan.org. (Mon, 19 Jul 2021 09:03:06 GMT) (full text, mbox, link).


Reply sent to Mark Hindley <mark@hindley.org.uk>:
You have taken responsibility. (Thu, 16 Feb 2023 07:30:01 GMT) (full text, mbox, link).


Notification sent to bobemoe/gup <inbox.devuanbugs@jhodges.co.uk>:
bug acknowledged by developer. (Thu, 16 Feb 2023 07:30:04 GMT) (full text, mbox, link).


Message #17 received at 78-done@bugs.devuan.org (full text, mbox, reply):

From: Mark Hindley <mark@hindley.org.uk>
To: Dennis Camera <dennis.camera@ssrq-sds-fds.ch>
Cc: 78-done@bugs.devuan.org
Subject: Re: unattended-upgraded: reappears on beowulf+
Date: Thu, 16 Feb 2023 07:27:22 +0000
Version: 2.9.1+nmu3

On Mon, Jul 19, 2021 at 10:51:24AM +0200, Dennis Camera wrote:
> This bug reoccurs on beowulf (1.11.2) and chimaera (2.8).
> 
> I believe that the unattended-upgrades package needs to be built separately for Devuan to include the 50unattended-upgrades.Devuan.

We now have support for directly rebuilding Debian sources and this is resolved
in Ceres.

Note that rebuilding means the version number does not change.

Closing.

Thanks

Mark

Send a report that this bug log contains spam.


Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Thu Mar 28 21:33:48 2024;