From e8c0500b5f493cb47d311f89b00ae7fcb1223e8a Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 15 Dec 2012 12:38:43 +0100 Subject: Replaced fallback file for unattended-upgrades with a decent one for wheezy onwards. The main syntax shouldn't change, hopefully, from now on. It's a very basic generic one, that uses variables for Distribution/Codename and should apply to all coming distributions. Removed from the default 50unattended-upgrades ---------------------------------------------- - APT::Periodic::Update-Package-Lists "1"; - APT::Periodic::Unattended-Upgrade "1"; cause this is not something the unattended upgrades class should set by default. - APT::UnattendedUpgrades::LogDir "/var/log/"; - APT::UnattendedUpgrades::LogFile "unattended_upgrades.log"; Because we shouldn't change the default logdest by default, which is /var/log/unattended_upgrades/*. - Blacklist for linux-image*, because this we shouldn't blacklist packages by default. --- files/50unattended-upgrades | 56 ++++----------------------------------------- 1 file changed, 5 insertions(+), 51 deletions(-) (limited to 'files/50unattended-upgrades') diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index 46fc0dc..a6f22ab 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -1,58 +1,12 @@ // this file is managed by puppet ! -// -//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature. -// allowed (origin, archive) pairs -Unattended-Upgrade::Allowed-Origins { - "Debian stable"; - "Debian-Security stable"; -// "Debian testing"; +Unattended-Upgrade::Origins-Pattern { + "o=${distro_id},n=${distro_codename}"; + "o=${distro_id},n=${distro_codename}-updates"; + "o=${distro_id},n=${distro_codename}-proposed-updates"; + "o=${distro_id},n=${distro_codename},l=Debian-security"; }; -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Unattended-Upgrade "1"; Unattended-Upgrade::Mail "root"; Unattended-Upgrade::MailOnlyOnError "true"; -APT::UnattendedUpgrades::LogDir "/var/log/"; -APT::UnattendedUpgrades::LogFile "unattended_upgrades.log"; - -Unattended-Upgrade::Package-Blacklist { - // we don't want the kernel to be updated so nagios still can give a warning if there is - // a manual update (and reboot) left - - "linux-image-*"; - - // unfortunately there seems to be a bug in unattended-upgrades <= 0.62 that wildcards aren't recognized: - //2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-* - //2009-12-11 13:41:43,267 INFO Starting unattended upgrades script - //2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"] - //2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64 - //2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log' - //2009-12-11 13:42:11,988 INFO All upgrades installed - - // lenny - "linux-image-2.6.26-1-686"; - "linux-image-2.6.26-1-amd64"; - "linux-image-2.6.26-1-xen-686"; - "linux-image-2.6.26-1-xen-amd64"; - "linux-image-2.6.26-1-vserver-686"; - "linux-image-2.6.26-1-vserver-amd64"; - - "linux-image-2.6.26-2-686"; - "linux-image-2.6.26-2-amd64"; - "linux-image-2.6.26-2-xen-686"; - "linux-image-2.6.26-2-xen-amd64"; - "linux-image-2.6.26-2-vserver-686"; - "linux-image-2.6.26-2-vserver-amd64"; - - // squeeze - "linux-image-2.6.32-5-686"; - "linux-image-2.6.32-5-amd64"; - "linux-image-2.6.32-5-xen-686"; - "linux-image-2.6.32-5-xen-amd64"; - "linux-image-2.6.32-5-vserver-686"; - "linux-image-2.6.32-5-vserver-amd64"; - -}; - -- cgit v1.2.3 From 2fa22c2268b34173ee39fcfd4525192fd8707ef2 Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 16 Dec 2012 10:35:59 +0100 Subject: refactor 50unattended-upgrades default file The syntax is valid from v0.70 on (Debian Wheezy, Ubuntu Oneiric and later). It includes Unattended-Upgrade::Origins-Patterns both for Debian and Ubuntu, which even work on systems with both package sources enables. On Debian- or Ubuntu-only systems it doesn't hurt to have both Patterns included. --- files/50unattended-upgrades | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'files/50unattended-upgrades') diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index a6f22ab..7d4835c 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -1,12 +1,19 @@ // this file is managed by puppet ! Unattended-Upgrade::Origins-Pattern { - "o=${distro_id},n=${distro_codename}"; - "o=${distro_id},n=${distro_codename}-updates"; - "o=${distro_id},n=${distro_codename}-proposed-updates"; - "o=${distro_id},n=${distro_codename},l=Debian-security"; + // Debian + "o=${distro_id},a=${distro_codename}"; + "o=${distro_id},a=${distro_codename},l=Debian-security"; + "o=${distro_id} Backports,a=${distro_codename}-backports"; + // Ubuntu specific + "o=${distro_id},a=${distro_codename}-security"; + "o=${distro_id},a=${distro_codename}-backports"; + "o=${distro_id},a=${distro_codename}-proposed"; }; +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + Unattended-Upgrade::Mail "root"; Unattended-Upgrade::MailOnlyOnError "true"; - -- cgit v1.2.3 From 0d5311b1a9fa82e4e423a9e7ce7f5eb919bab40d Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 16 Dec 2012 11:12:15 +0100 Subject: use codename instead of archive variable for Debian --- files/50unattended-upgrades | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'files/50unattended-upgrades') diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index 7d4835c..36c1f54 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -2,9 +2,9 @@ Unattended-Upgrade::Origins-Pattern { // Debian - "o=${distro_id},a=${distro_codename}"; - "o=${distro_id},a=${distro_codename},l=Debian-security"; - "o=${distro_id} Backports,a=${distro_codename}-backports"; + "o=${distro_id},n=${distro_codename}"; + "o=${distro_id},n=${distro_codename},l=Debian-security"; + "o=${distro_id} Backports,n=${distro_codename}-backports"; // Ubuntu specific "o=${distro_id},a=${distro_codename}-security"; "o=${distro_id},a=${distro_codename}-backports"; -- cgit v1.2.3 From f3daf58b9eb14aba385c20abb73191c0c408f367 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 2 Jan 2013 17:29:05 +0100 Subject: forgot ${distro_codename}-updates in 50unattended-upgrades fallback --- files/50unattended-upgrades | 1 + 1 file changed, 1 insertion(+) (limited to 'files/50unattended-upgrades') diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index 36c1f54..ebf9f49 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -3,6 +3,7 @@ Unattended-Upgrade::Origins-Pattern { // Debian "o=${distro_id},n=${distro_codename}"; + "o=${distro_id},n=${distro_codename}-updates"; "o=${distro_id},n=${distro_codename},l=Debian-security"; "o=${distro_id} Backports,n=${distro_codename}-backports"; // Ubuntu specific -- cgit v1.2.3