Ubuntu – How to enable silent automatic updates for any repository


I read here how to enable silent automatic updates for Google Chrome. However, I have other repositories like spotify, docky and others for which I would like to enable silent updates.

I am trying to do this in my Ubuntu 10.04 system. But this question applies to all Ubuntu versions. I have the unattended-upgrades package installed.

How can I do this?

Best Answer

First, install gksu:

sudo apt-get install gksu

The easiest of enabling unattended updates for your system is to edit the file 50unattended-upgrades inside /etc/apt/apt.conf.d/ with your favourite text editor, for example:

gksu gedit /etc/apt/apt.conf.d/50unattended-upgrades

In it you need to comment out the commented sections of the Allowed Origins block


Unattended-Upgrade::Allowed-Origins {
        "${distro_id} ${distro_codename}-security";
//      "${distro_id} ${distro_codename}-updates";
//      "${distro_id} ${distro_codename}-proposed";
//      "${distro_id} ${distro_codename}-backports";


Unattended-Upgrade::Allowed-Origins {
        "${distro_id} ${distro_codename}-security";
        "${distro_id} ${distro_codename}-updates";
//      "${distro_id} ${distro_codename}-proposed";
//      "${distro_id} ${distro_codename}-backports";

For software that is not on the Ubuntu repos that you would like to update you need to add a origin and archive to the file. To find what those are for your PPAs open the folder /var/lib/apt/lists/, that is the storage area for state information for each package resource. What you are looking for is the files that end with Release in the name.

Open one with your text editor, ie for Google Chrome:

gedit /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_Release

Origin: Google, Inc.
Label: Google
Suite: stable
Codename: stable
Version: 1.0
Date: Thu, 17 Nov 2011 19:09:01 +0000
Architectures: i386 amd64
Components: main
Description: Google chrome-linux repository.

The origin is obvious (Origin: Google, Inc.) and the archive will be whatever is under the line Suite (Suite: stable).

If either Origin or Suite is missing then they will be the empty string. But note that if both are missing then probably it will not be possible to use that source with unattended upgrades without including other sources with the same issue.

After you noted those 2 lines you need to edit the 50unattended-upgrades file and add the lines using this format "<origin>:<archive>"; of for this examples sake "Google\, Inc.:stable";.

Google Chrome's origin is kinda tricky because it has a space a end point and a comma in it but most Release files will be easy to read.

As another example, Node JS source specifies an origin (Node Source) but not an archive; so you can match it with "Node Source:";.

Allowed Origins is matched using shell-style wildcards (more specifically, with Python's fnmatch()). If you're careful enough to not include conflicting sources it's possible to write things like "Node *:*";.

Do not forget to make a backup of your 50unattended-upgrades file before editing it, do that with sudo cp /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/50unattended-upgrades.bak.

To test the changes done on the file you can use sudo unattended-upgrades with the parameters --dry-run and --debug.

--dry-run will run an unattended upgrades cycle except it will not really install the upgrades, only check and verify that everything is ok.

--debug will enable verbose mode.

You can always check the logs for unattended-upgrades at /var/log/unattended-upgrades/unattended-upgrades.log.

You can change the configuration of the unattended upgrades by editing the file /etc/apt/apt.conf.d/10periodic, options for the configuration are in the /etc/cron.daily/apt script header. Read them to configure the frequency of the unattended upgrades.

Related Question