Unintended unattended upgrade in progress during shutdown, please don't turn off the computer

4 respostas [Última entrada]
amenex
Desconectado
Joined: 01/03/2015

After reinstalling etiona to bring my Thinkpad T420 back to life after a grub debacle, after installing Leafpad,
Mousepad and Featherpad, and after a successful script execution, during reboot I was brought to my senses by the
words that appeared across the top of the screen:
Unattended upgrade in progress during shutdown, please don't turn off the computer
The comma should have been a semicolon; might be malware; I didn't authorize any unattended upgrades; see attached screen grab.
Maybe unattended updates for reasons of security ... but upgrades ?
To what program or for what reason, I'd like to retain some say in the matter,

AnexoTamaño
Screenshot at 2022-05-05 10-41-43.png34.87 KB
Magic Banana

I am a member!

I am a translator!

Desconectado
Joined: 07/24/2010

Read the manual:
$ man unattended-upgrade

amenex
Desconectado
Joined: 01/03/2015

The unattended-upgrade manual hasn't much to say about usage, except that it points to/etc/apt/apt.conf.d/50unattended-upgradeswhere it's said:
// Install all unattended-upgrades when the machine is shutting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";
which isn't enabled but nevertheless appears to be the default.

It would appear that a conflict would ensue if I were to change the last line of the quoted text to:
Unattended-Upgrade::InstallOnShutdown "false";

Responding to the orange triangle that appears in the panel now & then ought to be a sufficient alternative that would
give me the option of choosing when to apply the needed security updates, though I would welcome upgrades to the
applications that I often rely upon if the upgrades don't materially alter the performance of scripts that I run.

If the four active lines in the quoted text below were commented out (with #'s to distinguish them from the originals)
Unattended-Upgrade::Allowed-Origins {
# "${distro_id}:${distro_codename}";
# "${distro_id}:${distro_codename}-security";
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
# "${distro_id}ESMApps:${distro_codename}-apps-security";
# "${distro_id}ESM:${distro_codename}-infra-security";
// "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
};

Would the security-alert orange triangle that otherwise reliably appears in the panel be deactivated ?

Magic Banana

I am a member!

I am a translator!

Desconectado
Joined: 07/24/2010

What you want can probably be achieved through the execution in a terminal of:
$ sudo dpkg-reconfigure unattended-upgrades

amenex
Desconectado
Joined: 01/03/2015

Following Magic Banana's suggestion, here's what happens:
│ Applying updates on a frequent basis is an important part of keeping systems secure. By default,
updates need to be applied manually using package management tools. Alternatively, you can │
│ choose to have this system automatically download and install importantupdates. │
│ │
│ Automatically download and install stable updates? │
│ │

After answering "no" by tapping right tab:
Replacing config file /etc/apt/apt.conf.d/20auto-upgrades with new version where it's said:
cat /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Unattended-Upgrade "0";

Oddly, on two other etiona operating systems which seem not to have performed an Unattended-upgrade on shutdown:
/etc/apt/apt.conf.d/20auto-upgrades:
APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Unattended-Upgrade "1";

On the first shutdown after changing the Unattended-upgrades preferences, the system performed a final
Unattended-upgrade but that one proceeded for six times the usual two-minute period, whereupon I chose
to shut down the 'puter manually. The next shutdown did not do that.