How to enable silent automatic updates for any repository?
Solution 1:
First, install gksu
:
sudo apt-get install gksu
The easiest way of enabling unattended updates for your system is to edit the file 50unattended-upgrades
inside /etc/apt/apt.conf.d/
with your favourite text editor, for example:
gksu gedit /etc/apt/apt.conf.d/50unattended-upgrades
In it you need to comment out the commented sections of the Allowed Origins
block.
Change:
Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
// "${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";
};
to:
Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
"${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";
};
For software that is not on the Ubuntu repos that you would like to update, you need to add an origin and archive to the file. To find what those are for your PPAs, open the folder /var/lib/apt/lists/
, that is the storage area for state information for each package resource. What you are looking for is the files that end with Release in the name.
Open one with your text editor, e.g. for Google Chrome:
gedit /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_Release
Inside you will see something like the following:
Origin: Google, Inc.
Label: Google
Suite: stable
Codename: stable
Version: 1.0
Date: Thu, 17 Nov 2011 19:09:01 +0000
Architectures: i386 amd64
Components: main
Description: Google chrome-linux repository.
The origin is obvious (Origin: Google, Inc.
) and the archive will be whatever is under the line Suite
(Suite: stable
).
If either Origin
or Suite
is missing, then they will be the empty string. But note that if both are missing, then probably it will not be possible to use that source with unattended upgrades without including other sources with the same issue.
After you noted those 2 lines, you need to edit the 50unattended-upgrades
file and add the lines using this format "<origin>:<archive>";
of for this example's sake "Google\, Inc.:stable";
.
Google Chrome's origin is kinda tricky, because it has a space, an end pointn and a comma in it, but most Release files will be easy to read.
As another example, Node JS source specifies an origin (Node Source
) but not an archive; so you can match it with "Node Source:";
.
Allowed Origins is matched using shell-style wildcards (more specifically, with Python's fnmatch()). If you're careful enough to not include conflicting sources, it's possible to write things like "Node *:*";
.
Do not forget to make a backup of your 50unattended-upgrades
file before editing it. Do that with:
sudo cp /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/50unattended-upgrades.bak
To test the changes done on the file, you can use sudo unattended-upgrades
with the parameters --dry-run
and --debug
.
-
--dry-run
will run an unattended upgrades cycle, except it will not really install the upgrades, only check and verify that everything is ok. -
--debug
will enable verbose mode.
You can always check the logs for unattended-upgrades
at /var/log/unattended-upgrades/unattended-upgrades.log
.
You can change the configuration of the unattended upgrades by editing the file /etc/apt/apt.conf.d/10periodic
. Options for the configuration are in the /etc/cron.daily/apt
script header. Read them to configure the frequency of the unattended upgrades.
Solution 2:
Automated approach for @Bruno Pereira's answer: (Please consider starring the github repo if you find the answer useful.)
Code Link: https://github.com/abhigenie92/unattended_upgrades_repos
-
Check repositories to add:
$ python automatic_upgrade.py Add repos: "Ubuntu:xenial"; "LP-PPA-kubuntu-ppa-backports:xenial"; "LP-PPA-tuxonice:xenial"; "LP-PPA-webupd8team-sublime-text-3:xenial"; Skipping files due to not present origin or suite. Or origin being a url.: packagecloud.io_slacktechnologies_slack_debian_dists_jessie_InRelease tiliado.eu_nuvolaplayer_repository_deb_dists_xenial_InRelease
-
Now edit
/etc/apt/apt.conf.d/50unattended-upgrades
to include them:// Automatically upgrade packages from these (origin:archive) pairs Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}-security"; "${distro_id}:${distro_codename}-updates"; "${distro_id}:${distro_codename}-proposed"; "${distro_id}:${distro_codename}-backports"; "Ubuntu:xenial"; "LP-PPA-kubuntu-ppa-backports:xenial"; "LP-PPA-tuxonice:xenial"; "LP-PPA-webupd8team-sublime-text-3:xenial"; }; .... ....
-
Check to see if they are included:
$ sudo unattended-upgrade --dry-run --debug Initial blacklisted packages: Initial whitelisted packages: Starting unattended upgrades script Allowed origins are: ['o=Ubuntu,a=xenial-security', 'o=Ubuntu,a=xenial-updates', 'o=Ubuntu,a=xenial-proposed', 'o=Ubuntu,a=xenial-backports', 'o=Ubuntu,a=xenial', 'o=LP-PPA-kubuntu-ppa-backports,a=xenial', 'o=LP-PPA-tuxonice,a=xenial', 'o=LP-PPA-webupd8team-sublime-text-3,a=xenial'] pkgs that look like they should be upgraded: Fetched 0 B in 0s (0 B/s) fetch.run() result: 0 blacklist: [] whitelist: [] No packages found that can be upgraded unattended and no pending auto-removals
Solution 3:
Editing /etc/apt/apt.conf.d/50unattended-upgrades
, add the following:
Unattended-Upgrade::Origins-Pattern {
"origin=*";
};
This will allow unattended upgrades for all packages.