Choose style:

Author Topic: Set updates to run automatically <SOLVED>  (Read 770 times)

0 Members and 1 Guest are viewing this topic.

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Set updates to run automatically <SOLVED>
« on: January 14, 2019, 11:11:53 am »
I am setting up a P9 box to run what is basically a monitoring program, and would like to set it to install security and software updates automatically and silently with no user interaction. Can this be done? I will likely be using the minimal install since I only need it to run the one application.
« Last Edit: February 01, 2019, 12:22:55 pm by MNFrozenfish »

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 24789
  • Karma: 2732
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Set updates to run automatically
« Reply #1 on: January 14, 2019, 04:49:07 pm »
Yes it can be done
https://libre-software.net/ubuntu-automatic-updates/
but to save having to reboot on kernel updates, you'll also want to set up kernel livepatching
https://www.omgubuntu.co.uk/2018/04/enable-live-patch-kernel-updates-in-ubuntu-18-04
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #2 on: January 18, 2019, 10:40:37 am »
Yes it can be done
https://libre-software.net/ubuntu-automatic-updates/
but to save having to reboot on kernel updates, you'll also want to set up kernel livepatching
https://www.omgubuntu.co.uk/2018/04/enable-live-patch-kernel-updates-in-ubuntu-18-04
So, I finally had some time to dig into this and when I follow the directions quoted above it doesn't seem to update correctly. The log shows:
Code: [Select]
2019-01-18 07:15:33,496 INFO Initial blacklisted packages: 
2019-01-18 07:15:33,498 INFO Initial whitelisted packages:
2019-01-18 07:15:33,498 INFO Starting unattended upgrades script
2019-01-18 07:15:33,498 INFO Allowed origins are: o=Peppermint,a=bionic, o=Peppermint,a=bionic-security, o=PeppermintESM,a=bionic, o=Peppermint,a=bionic-updates
2019-01-18 07:15:35,116 INFO No packages found that can be upgraded unattended and no pending auto-removals
2019-01-18 07:57:45,240 INFO Initial blacklisted packages:
2019-01-18 07:57:45,240 INFO Initial whitelisted packages:
2019-01-18 07:57:45,240 INFO Starting unattended upgrades script
2019-01-18 07:57:45,241 INFO Allowed origins are: o=Peppermint,a=bionic, o=Peppermint,a=bionic-security, o=PeppermintESM,a=bionic, o=Peppermint,a=bionic-updates
2019-01-18 07:57:46,837 INFO No packages found that can be upgraded unattended and no pending auto-removals
xed /etc/apt/apt.conf.d/50unattended-upgrades
contains
Spoiler (click here to view / hide)
// Automatically upgrade packages from these (origin:archive) pairs
//
// Note that in Ubuntu security updates may pull in new dependencies
// from non-security sources (e.g. chromium). By allowing the release
// pocket these get automatically pulled in.
Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
   "${distro_id}:${distro_codename}-security";
   // Extended Security Maintenance; doesn't necessarily exist for
   // every release and this system may not have it installed, but if
   // available, the policy for updates is such that unattended-upgrades
   // should also install from here by default.
   "${distro_id}ESM:${distro_codename}";
   "${distro_id}:${distro_codename}-updates";
//   "${distro_id}:${distro_codename}-proposed";
//   "${distro_id}:${distro_codename}-backports";
};

// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
//   "vim";
//   "libc6";
//   "libc6-dev";
//   "libc6-i686";
};

// This option will controls whether the development release of Ubuntu will be
// upgraded automatically.
Unattended-Upgrade::DevRelease "false";

// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";

// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGTERM. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "false";

// Install all unattended-upgrades when the machine is shutting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";

// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";

// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";

// Remove unused automatically installed kernel-related packages
// (kernel images, kernel headers and kernel version locked tools).
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";

// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
Unattended-Upgrade::Remove-Unused-Dependencies "true";

// Automatically reboot *WITHOUT CONFIRMATION*
//  if the file /var/run/reboot-required is found after the upgrade
Unattended-Upgrade::Automatic-Reboot "true";

// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
Unattended-Upgrade::Automatic-Reboot-Time "02:38";

// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";

// Enable logging to syslog. Default is False
// Unattended-Upgrade::SyslogEnable "false";

// Specify syslog facility. Default is daemon
// Unattended-Upgrade::SyslogFacility "daemon";

// Download and install upgrades only on AC power
// (i.e. skip or gracefully stop updates on battery)
// Unattended-Upgrade::OnlyOnACPower "true";

// Download and install upgrades only on non-metered connection
// (i.e. skip or gracefully stop updates on a metered connection)
// Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true";
[close]

xed etc/apt/apt.conf.d/20auto-upgrades
contains
Spoiler (click here to view / hide)
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
[close]

When I check update manager I see 50 recommended updates available.
Thanks
« Last Edit: February 01, 2019, 12:04:37 am by AndyInMokum, Reason: encapsulating with [/code] »

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 24789
  • Karma: 2732
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Set updates to run automatically
« Reply #3 on: January 20, 2019, 11:44:37 am »
First of all I should point out that unattended upgrades are NOT A GOOD IDEA .. I just want regular users to understand that there are risks, and this should not be undertaken lightly.

but if you still want to continue, keep reading.....



Okay we need to manually set the repos (and any PPA's you've enabled) in /etc/apt/apt.conf.d/50unattended-upgrades

We're gonna use a (slightly modified) script from here:
https://github.com/abhigenie92/unattended_upgrades_repos
to get a list of repos to add to your 50unattended-upgrades file.

Open a terminal and run:
Code: [Select]
gksudo xed ~/unattended-upgrades_repos.py
when a blank file opens, make it read:-
Code: [Select]
#!/usr/bin/python

import os, re, pdb, platform
from pprint import pprint

## Get the repos
PATH = '/var/lib/apt/lists/'
files = os.listdir(PATH)
release_files = [file for file in files if file.endswith('Release')]

ORIGIN_PATTERN = re.compile('Origin: (.*)\n')
SUITE_PATTERN = re.compile('Suite: (.*)\n')
regex_url = re.compile(
        r'^(?:http|ftp)s?://' # http:// or https://
        r'(?:(?:[A-Z0-9](?:[A-Z0-9-]{0,61}[A-Z0-9])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|' #domain...
        r'localhost|' #localhost...
        r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' # ...or ip
        r'(?::\d+)?' # optional port
        r'(?:/?|[/?]\S+)$', re.IGNORECASE)

skipped_release_files = []
repos_to_add = []
for release_file in release_files:
  with open(PATH + release_file, 'r') as f:
    read_data = f.read()
    # parse to get origin and suite
    origin_string = re.findall(ORIGIN_PATTERN, read_data)
    suite_string = re.findall(SUITE_PATTERN, read_data)
    try:
      repo = "\"%s:%s\";" %(origin_string[0].replace(',',r'\,'),
                            suite_string[0].replace(',',r'\,'))
      if re.match(regex_url, origin_string[0]):
        skipped_release_files.append(release_file)
      else:
        repos_to_add.append(repo)
    except IndexError:
      skipped_release_files.append(release_file)

## Checking if repos_to_add not already present  in /etc/apt/apt.conf.d/50unattended-upgrades
with open('/etc/apt/apt.conf.d/50unattended-upgrades', 'r') as f:
  read_data = f.read()
  # get everything before first };
  raw_data = re.findall('[.\s\S]*};', read_data)
  # replace linux placeholders
  distro_id, _, distro_codename = platform.linux_distribution()
  clean_data = raw_data[0].replace("${distro_id}",distro_id).replace("${distro_codename}",distro_codename)
  repos_already_present = re.findall('".*:.*";', clean_data)

repos_to_add = [repo for repo in repos_to_add if repo not in repos_already_present]

if len(repos_to_add) != 0:
  print ("Add repos:")
  print ('\n'.join(repos_to_add))
else:
  print ("No new repos found that needs to be added.")

if len(skipped_release_files) != 0:
  print ("\nSkipping files due to not present origin or suite. Or origin being a url.:")
  print ('\n'.join(skipped_release_files))
else:
  print ("No repos were skipped.")
SAVE the file, and exit the text editor.

Make that script executable with:
Code: [Select]
chmod +x ~/unattended-upgrades_repos.py
now run it
Code: [Select]
~/unattended-upgrades_repos.py
what was the output ?



The following is an example ONLY .. unless you understand it, just post the output asked for above.

As an example, here's the output from a stock install of Peppermint 9 Respin:-
Code: [Select]
Add repos:
"LP-PPA-peppermintos-p9-respin:bionic";
"LP-PPA-peppermintos-p9-release:bionic";
"Ubuntu:bionic";
"Ubuntu:bionic-updates";
"Ubuntu:bionic-backports";
"Ubuntu:bionic-security";
No repos were skipped.
so now I would edit:
Code: [Select]
gksudo xed /etc/apt/apt.conf.d/50unattended-upgrades
and make it read
Code: [Select]
// Automatically upgrade packages from these (origin:archive) pairs
//
// Note that in Ubuntu security updates may pull in new dependencies
// from non-security sources (e.g. chromium). By allowing the release
// pocket these get automatically pulled in.
Unattended-Upgrade::Allowed-Origins {
"Ubuntu:bionic";
"Ubuntu:bionic-updates";
"Ubuntu:bionic-backports";
"Ubuntu:bionic-security";
"LP-PPA-peppermintos-p9-respin:bionic";
"LP-PPA-peppermintos-p9-release:bionic";
};

// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};

// This option will controls whether the development release of Ubuntu will be
// upgraded automatically.
Unattended-Upgrade::DevRelease "false";

// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";

// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGTERM. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "false";

// Install all unattended-upgrades when the machine is shutting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";

// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";

// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";

// Remove unused automatically installed kernel-related packages
// (kernel images, kernel headers and kernel version locked tools).
//Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";

// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";

// Automatically reboot *WITHOUT CONFIRMATION*
//  if the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";

// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";

// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";

// Enable logging to syslog. Default is False
// Unattended-Upgrade::SyslogEnable "false";

// Specify syslog facility. Default is daemon
// Unattended-Upgrade::SyslogFacility "daemon";

// Download and install upgrades only on AC power
// (i.e. skip or gracefully stop updates on battery)
// Unattended-Upgrade::OnlyOnACPower "true";

// Download and install upgrades only on non-metered connection
// (i.e. skip or gracefully stop updates on a metered connection)
// Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true";
SAVE the file, and exit the text editor.

Next I'd do an unattended-upgrade dry-run with the debug option:
Code: [Select]
sudo unattended-upgrade --dry-run --debug
to check if there were any error.

if there were no errors, you should be good to go.
« Last Edit: January 20, 2019, 11:55:21 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #4 on: January 20, 2019, 03:01:06 pm »
First of all I should point out that unattended upgrades are NOT A GOOD IDEA .. I just want regular users to understand that there are risks, and this should not be undertaken lightly.

but if you still want to continue, keep reading.....



Okay, in reference to the above quote. Are updates and upgrades lumped together in this caution?
If I can, without risking the integrity of the system, just auto UPDATE (security patches and software updates), without auto UPGRADES?
I'll wait for a response before I proceed.
Thanks

Offline murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1913
  • Karma: 329
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8, 9
Re: Set updates to run automatically
« Reply #5 on: January 20, 2019, 04:39:24 pm »
In the apt context, update just means getting a list of available upgrades. It doesn't change anything on its own.

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 24789
  • Karma: 2732
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Set updates to run automatically
« Reply #6 on: January 21, 2019, 05:39:18 pm »
First of all I should point out that unattended upgrades are NOT A GOOD IDEA .. I just want regular users to understand that there are risks, and this should not be undertaken lightly.

but if you still want to continue, keep reading.....



Okay, in reference to the above quote. Are updates and upgrades lumped together in this caution?
If I can, without risking the integrity of the system, just auto UPDATE (security patches and software updates), without auto UPGRADES?
I'll wait for a response before I proceed.
Thanks

All I meant was that you should understand the implications .. you're not going to see what's being installed, from where, and any error messages unless you read the logs (which is more work than just accepting updates manually).

As far as security goes, you'd **generally** be safe on a home PC if you stick to the default repositories, but PPA's could pose a risk if you're not going to see what's being installed from them .. so I'd generally advise you NOT add those to unattended-upgrades, but not doing so (depending on what you've already installed from any PPA's **may** cause dependency issues.
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #7 on: January 22, 2019, 11:20:36 am »
I'm setting this box up to run a display for the output of a single program to a couple of TV's in the building so it is unattended and only runs one program. When trying to run it on Windoze, updates would regularly break the program and cause it to stop until I ran updates. The move to P9 is to save myself some headaches and have a stable, reliable OS to run a fairly simple program for the next couple of years (until the hardware fails or EOL for 18.04. I don't foresee any other software installs, in fact I did the minimal install of P9. I will update when I have time to work on this. Thanks
« Last Edit: January 31, 2019, 10:21:51 pm by MNFrozenfish »

Offline murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1913
  • Karma: 329
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8, 9
Re: Set updates to run automatically
« Reply #8 on: January 22, 2019, 12:42:48 pm »
Does it even need internet access then? Would that not be the best way of keeping it secure, only allowing it to connect to a local network if anything?

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #9 on: January 22, 2019, 12:54:42 pm »
Does it even need internet access then? Would that not be the best way of keeping it secure, only allowing it to connect to a local network if anything?
It does need to go out to a server in our DMZ to retrieve information, so it is "exposed", at least minimally.

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #10 on: January 31, 2019, 10:38:42 pm »
Here is the output from another machine that is easier to work on. just wanted to test before taking the target machine out of service.
I think something went a bit sideways because this is the output

Code: [Select]
todd@todd-ThinkPad-Helix ~ $ sudo chmod +x ~/unattended-upgrades_repos.py
todd@todd-ThinkPad-Helix ~ $ ~/unattended-upgrades_repos.py
Traceback (most recent call last):
  File "/home/todd/unattended-upgrades_repos.py", line 40, in <module>
    with open('/etc/apt/apt.conf.d/50unattended-upgrades', 'r') as f:
IOError: [Errno 2] No such file or directory: '/etc/apt/apt.conf.d/50unattended-upgrades'
todd@todd-ThinkPad-Helix ~ $
:-\ :-\  Thanks
« Last Edit: February 01, 2019, 12:02:25 am by AndyInMokum, Reason: encapsulating with [/code] »

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 24789
  • Karma: 2732
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Set updates to run automatically
« Reply #11 on: February 01, 2019, 04:44:16 am »
At a guess -- you haven't installed unatttended-upgrades ;)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #12 on: February 01, 2019, 09:11:45 am »
 :o  :-[
You are correct, I got a little ahead of myself with the Helix. I had to put the other box into service and wanted to minimize downtime by doing all the testing and setup on the Helix laptop. I was testing on the Dell and here is the output from that laptop
Spoiler (click here to view / hide)
todd@P9-Latitude-E6540 ~ $ ~/unattended-upgrades_repos.py
Add repos:
"Ubuntu:bionic-security";
"LP-PPA-peppermintos-p9-release:bionic";
"Ubuntu:bionic-updates";
"Ubuntu:bionic";
"LP-PPA-peppermintos-p9-respin:bionic";
"TeamViewer GmbH:stable";
"Ubuntu:bionic-backports";
No repos were skipped.
todd@P9-Latitude-E6540 ~ $

[close]
I don't have plans to add any more programs to the other machine, thanks.

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 24789
  • Karma: 2732
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Set updates to run automatically
« Reply #13 on: February 01, 2019, 12:02:46 pm »
edit:
Code: [Select]
gksudo xed /etc/apt/apt.conf.d/50unattended-upgrades
and make it read
Code: [Select]
// Automatically upgrade packages from these (origin:archive) pairs
//
// Note that in Ubuntu security updates may pull in new dependencies
// from non-security sources (e.g. chromium). By allowing the release
// pocket these get automatically pulled in.
Unattended-Upgrade::Allowed-Origins {
"Ubuntu:bionic-security";
"LP-PPA-peppermintos-p9-release:bionic";
"Ubuntu:bionic-updates";
"Ubuntu:bionic";
"LP-PPA-peppermintos-p9-respin:bionic";
"TeamViewer GmbH:stable";
"Ubuntu:bionic-backports";
};

// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};

// This option will controls whether the development release of Ubuntu will be
// upgraded automatically.
Unattended-Upgrade::DevRelease "false";

// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";

// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGTERM. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "false";

// Install all unattended-upgrades when the machine is shutting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";

// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";

// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";

// Remove unused automatically installed kernel-related packages
// (kernel images, kernel headers and kernel version locked tools).
//Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";

// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";

// Automatically reboot *WITHOUT CONFIRMATION*
//  if the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";

// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";

// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";

// Enable logging to syslog. Default is False
// Unattended-Upgrade::SyslogEnable "false";

// Specify syslog facility. Default is daemon
// Unattended-Upgrade::SyslogFacility "daemon";

// Download and install upgrades only on AC power
// (i.e. skip or gracefully stop updates on battery)
// Unattended-Upgrade::OnlyOnACPower "true";

// Download and install upgrades only on non-metered connection
// (i.e. skip or gracefully stop updates on a metered connection)
// Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true";
SAVE the file, and exit the text editor.

Now do an unattended-upgrade dry-run with the debug option:
Code: [Select]
sudo unattended-upgrade --dry-run --debug
to check if there are any errors.

if there are no errors, you're good to go.
« Last Edit: February 01, 2019, 12:05:39 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline MNFrozenfish

  • Jr. Member
  • **
  • Posts: 96
  • Karma: 16
  • Smile! - It makes people wonder what you're up to.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin-64 bit / P10
Re: Set updates to run automatically
« Reply #14 on: February 01, 2019, 12:14:23 pm »
Spoiler (click here to view / hide)
todd@P9-Latitude-E6540 ~ $ sudo unattended-upgrade --dry-run --debug
[sudo] password for todd:
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic-security, o=LP-PPA-peppermintos-p9-release,a=bionic, o=Ubuntu,a=bionic-updates, o=Ubuntu,a=bionic, o=LP-PPA-peppermintos-p9-respin,a=bionic, o=TeamViewer GmbH,a=stable, o=Ubuntu,a=bionic-backports
Using (^linux-image|^linux-headers|^linux-image-extra|^linux-modules|^linux-modules-extra|^linux-signed-image|^kfreebsd-image|^kfreebsd-headers|^gnumach-image|^.*-modules|^.*-kernel|^linux-backports-modules-.*|^linux-modules-.*|^linux-tools|^linux-cloud-tools) regexp to find kernel packages
Using (^linux-image.*4.15.0-45-generic|^linux-headers.*4.15.0-45-generic|^linux-image-extra.*4.15.0-45-generic|^linux-modules.*4.15.0-45-generic|^linux-modules-extra.*4.15.0-45-generic|^linux-signed-image.*4.15.0-45-generic|^kfreebsd-image.*4.15.0-45-generic|^kfreebsd-headers.*4.15.0-45-generic|^gnumach-image.*4.15.0-45-generic|4.15.0-45-generic.*-modules|4.15.0-45-generic.*-kernel|^linux-backports-modules-.*.*4.15.0-45-generic|^linux-modules-.*.*4.15.0-45-generic|^linux-tools.*4.15.0-45-generic|^linux-cloud-tools.*4.15.0-45-generic) regexp to find running kernel packages
Checking: teamviewer ([<Origin component:'main' archive:'stable' origin:'TeamViewer GmbH' label:'TeamViewer' site:'linux.teamviewer.com' isTrusted:True>])
pkgs that look like they should be upgraded: teamviewer
Get:1 http://linux.teamviewer.com/deb stable/main amd64 teamviewer amd64 14.1.9025 [12.8 MB]
Fetched 12.8 MB in 0s (0 B/s)                                                       
fetch.run() result: 0
<apt_pkg.AcquireItem object:Status: 2 Complete: 1 Local: 0 IsTrusted: 1 FileSize: 12772836 DestFile:'/var/cache/apt/archives/teamviewer_14.1.9025_amd64.deb' DescURI: 'http://linux.teamviewer.com/deb/pool/teamviewer_14.1.9025_amd64.deb' ID:1 ErrorText: ''>
check_conffile_prompt(/var/cache/apt/archives/teamviewer_14.1.9025_amd64.deb)
found pkg: teamviewer
conffile line: /etc/apt/sources.list.d/teamviewer.list 125226c9bcc26de8a2b2a7c584a3e11e
current md5: 125226c9bcc26de8a2b2a7c584a3e11e
blacklist: []
whitelist: []
Option --dry-run given, *not* performing real actions
Packages that will be upgraded: teamviewer
Writing dpkg log to /var/log/unattended-upgrades/unattended-upgrades-dpkg.log
applying set ['teamviewer']
/usr/bin/dpkg --status-fd 9 --no-triggers --unpack --auto-deconfigure /var/cache/apt/archives/teamviewer_14.1.9025_amd64.deb
/usr/bin/dpkg --status-fd 9 --configure --pending
left to upgrade set()
All upgrades installed
InstCount=0 DelCount=0 BrokenCount=0
todd@P9-Latitude-E6540 ~ $
[close]

Looks good to me.  8)
Thank you again sir.

One more thing, if I uninstall unattended upgrades on the test machine, will that clean everything up?  :-\