Closed RogerSik closed 2 years ago
Thanks for the report. According to the package's readme, both Origins-Pattern and Allowed-Origins should be still supported, but Allowed-Origins is used only in Ubuntu configuration file.
I'll check if I can reproduce that in CI.
@RogerSik I couldn't reproduce this issue on CI, could you please show me the role configuration and the contents of your /etc/apt/apt.conf.d/50unattended-upgrades
file?
@jnv strange.
root@X:/etc/apt/apt.conf.d# cat /etc/apt/apt.conf.d/50unattended-upgrades
// Unattended-Upgrade::Origins-Pattern controls which packages are
// upgraded.
Unattended-Upgrade::Origins-Pattern {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
"${distro_id}ESM:${distro_codename}";
"${distro_id}:${distro_codename}-updates";
"${distro_id}:${distro_codename}-proposed";
"${distro_id}:${distro_codename}-backports";
"ubuntu icinga-${distro_codename}:icinga-${distro_codename}";
"Docker:${distro_codename}";
};
// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
};
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
Unattended-Upgrade::Remove-Unused-Dependencies "true";
// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
Unattended-Upgrade::Automatic-Reboot "true";
// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
// Default: "now"
Unattended-Upgrade::Automatic-Reboot-Time "05:00";
unattended-upgrade runs in issue.
root@X:/etc/apt/apt.conf.d# unattended-upgrade -v --dry-run
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: Ubuntu:bionic, Ubuntu:bionic-security, UbuntuESM:bionic, Ubuntu:bionic-updates, Ubuntu:bionic-proposed, Ubuntu:bionic-backports, ubuntu icinga-bionic:icinga-bionic, Docker:bionic
Traceback (most recent call last):
File "/usr/bin/unattended-upgrade", line 1993, in <module>
sys.exit(main(options))
File "/usr/bin/unattended-upgrade", line 1649, in main
cache, options, allowed_origins, blacklisted_pkgs, whitelisted_pkgs)
File "/usr/bin/unattended-upgrade", line 1340, in calculate_upgradable_pkgs
ver_in_allowed_origin(pkg, allowed_origins)
File "/usr/bin/unattended-upgrade", line 685, in ver_in_allowed_origin
if is_allowed_origin(ver, allowed_origins):
File "/usr/bin/unattended-upgrade", line 669, in is_allowed_origin
if match_whitelist_string(allowed, origin):
File "/usr/bin/unattended-upgrade", line 490, in match_whitelist_string
for s in token.split("=")]
ValueError: not enough values to unpack (expected 2, got 1)
root@X:/etc/apt/apt.conf.d#
After changing Unattended-Upgrade::Origins-Pattern to Unattended-Upgrade::Allowed-Origins
root@X:/etc/apt/apt.conf.d# cat /etc/apt/apt.conf.d/50unattended-upgrades
// Unattended-Upgrade::Origins-Pattern controls which packages are
// upgraded.
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
"${distro_id}ESM:${distro_codename}";
"${distro_id}:${distro_codename}-updates";
"${distro_id}:${distro_codename}-proposed";
"${distro_id}:${distro_codename}-backports";
"ubuntu icinga-${distro_codename}:icinga-${distro_codename}";
"Docker:${distro_codename}";
};
// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
};
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
Unattended-Upgrade::Remove-Unused-Dependencies "true";
// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
Unattended-Upgrade::Automatic-Reboot "true";
// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
// Default: "now"
Unattended-Upgrade::Automatic-Reboot-Time "05:00";
unattended-upgrade is then working.
unattended-upgrade -v --dry-run
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic, o=Ubuntu,a=bionic-updates, o=Ubuntu,a=bionic-proposed, o=Ubuntu,a=bionic-backports, o=ubuntu icinga-bionic,a=icinga-bionic, o=Docker,a=bionic
Option --dry-run given, *not* performing real actions
Packages that will be upgraded: base-files console-setup console-setup-linux grub-common grub-pc grub-pc-bin grub2-common icinga2 icinga2-bin icinga2-common icinga2-doc keyboard-configuration libicinga2 liblxc-common liblxc1 libnss-systemd libpam-systemd libperl5.26 libsystemd0 libudev1 linux-aws linux-headers-aws linux-image-aws lshw mdadm perl perl-base perl-modules-5.26 python3-software-properties python3-update-manager screen snapd software-properties-common systemd systemd-sysv udev unattended-upgrades update-manager-core x11-common
Writing dpkg log to /var/log/unattended-upgrades/unattended-upgrades-dpkg.log
If its helping the used playbook of this host.
---
- hosts: X
become: yes
tasks:
- import_role:
name: jnv-unattended-upgrades
vars:
unattended_origins_patterns:
- "${distro_id}:${distro_codename}"
- "${distro_id}:${distro_codename}-security"
- "${distro_id}ESM:${distro_codename}"
- "${distro_id}:${distro_codename}-updates"
- "${distro_id}:${distro_codename}-proposed"
- "${distro_id}:${distro_codename}-backports"
- "ubuntu icinga-${distro_codename}:icinga-${distro_codename}"
- "Docker:${distro_codename}"
unattended_remove_unused_dependencies: true
unattended_automatic_reboot: true
unattended_automatic_reboot_time: 05:00
@RogerSik Thanks, I see that you use Allowed-Origins syntax in Origins-Pattern, which is unfortunately not compatible. However, Allowed-Origins can be easily rewritten to origin patterns, since it just a compact way to write origin:archive
. For example the equivalent of ${distro_id}:${distro_codename}
should be o=${distro_id},a=${distro_codename}
.
I'm happy to add Allowed-Origins support as long it is backwards compatible (i.e. it won't be used with older versions of unattended-upgrades).
Think this pull request solves this: https://github.com/jnv/ansible-role-unattended-upgrades/pull/59
Okay, I will take a look at it during Holiday.
Reproducing my comment from #59:
Origins-Pattern
is the "new" option: https://github.com/mvo5/unattended-upgrades/commit/f29c8f9
I'm not saying I disagree with having this option; I'm merely pointing out that this would be an enhancement to add further backwards compatibility rather than to future-proof. The already implemented option is viable for any version of unattended-upgrades since 2011.
A README update might solve the confusion just as well.
I am closing this issue since this role has been deprecated. Feel free to suggest alternatives in #98.
With Ubuntu 18.04 the variable in /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Origins-Pattern
changed toUnattended-Upgrade:Allowed-Origins
Otherwise this error appears:
Traceback (most recent call last): File "/usr/bin/unattended-upgrade", line 1993, in <module> sys.exit(main(options)) File "/usr/bin/unattended-upgrade", line 1649, in main cache, options, allowed_origins, blacklisted_pkgs, whitelisted_pkgs) File "/usr/bin/unattended-upgrade", line 1340, in calculate_upgradable_pkgs ver_in_allowed_origin(pkg, allowed_origins) File "/usr/bin/unattended-upgrade", line 685, in ver_in_allowed_origin if is_allowed_origin(ver, allowed_origins): File "/usr/bin/unattended-upgrade", line 669, in is_allowed_origin if match_whitelist_string(allowed, origin): File "/usr/bin/unattended-upgrade", line 490, in match_whitelist_string for s in token.split("=")] ValueError: not enough values to unpack (expected 2, got 1)