Security updates are not getting installed automatically on Trisquel 11 Aramo
For some weeks I have been clicking on the update notification icon and installing whatever security updates were available, but I am now wondering why they are not getting installed automatically. The option currently selected in "Software and Updates" is "download and install automatically".
Is there maybe a configuration file to edit in order to get the expected behavior? I tried updating "Software and Updates" itself through selecting the "all updates" option, to no avail.
I decided to trust various anonymous sources and ran: sudo dpkg-reconfigure unattended-upgrades
We shall see.
EDIT: I am visiting /var/log/apt/history.log from time to time, to check for recently installed updates. Is it the proper place to go? Last date shown is June 16, which sounds OK for security updates.
I am visiting /var/log/apt/history.log from time to time, to check for recently installed updates. Is it the proper place to go?
Yes.
Thx.
I just got the notification icon for the latest security updates. Is that the expected behavior when "Download and install automatically" is selected?
I thought unattended-upgrades would download and install them in the background. IIRC, that was the case in previous versions (at least Trisquel 9).
I am a translator!
> I just got the notification icon for the latest security updates. Is that the expected behavior when "Download and install automatically" is selected?
I can't confirm that behaviour because my settings are to "Notify immediately" but I would indeed expect the updates to be downloaded and installed in the background.
Could it be that there is something preventing download because it (erroneously?) thinks that you have a metered connection?
> Could it be that there is something preventing download
The security updates do get downloaded automatically, but not installed.
I am beginning to suspect a coordination gap: update-notifier may simply be running before unattended-upgrades. Both being set to run every day at different times, unattended-upgrades never had a chance to run before I get notified and manually install the available updates.
I shall abstain from clicking on the update notification icon next time it shows, and see whether they eventually get automatically installed. If so, I may simply need to set no-show-notifications to 'true'.
IIRC the next ISO set release will fix this issue.
I'll ask more about on the next devel meeting, opening a ticket will be a good idea to don't lose track of this subject.
Regards.
Thank you very much, I'll keep poking the various options and report the issue if nothing helps.
Since these processes have some randomness in their daily running time, it may take days to check and compare behavior. Today I can confirm that the unattended-upgrade service responsible for running apt upgrade (there is another one responsible for apt update, with its own randomized timer) did its job as expected and the update notification icon is gone.
I unchecked the "show notifications" box under the notification icon. We shall see.
Make a cron job? sudo apt update && sudo apt upgrade
Thanks, that would most probably do it, but setting cron jobs is not for every beginner. I am holding off for the moment because I would like to get to the bottom of the current situation. Clearly the downloaded upgrades eventually get installed, but the notification icon showing all along may be confusing.
"If you give it a couple days, it's likely to start working as all the required pieces hit their timers and fall into place," says the poet in https://askubuntu.com/questions/1271585/unattended-upgrades-not-starting-to-update-at-shutdown.
> I unchecked the "show notifications" box under the notification icon.
This had no effect, the notification icon keeps showing and calling the user for action whenever apt update is run (manually or as a scheduled job).
Today I installed all available upgrades, now waiting for the next security upgrades.
UPDATE: I can confirm that it is safe *not* to click on the notification icon, all security updates will eventually get installed by unattended-upgrades. The behavior is still somewhat confusing, since the user is prompted for action while in fact no action is required on their part, as suggested by choosing "Download and install automatically".
I'll be taking a closer look for this today, would you mind update the gitlab issue open.
Regards.
Yes, I did so. Thanks!
This solution is working for me, thank you very much for the suggestion:
https://gitlab.trisquel.org/trisquel/package-helpers/-/issues/88#note_9922