Install the package unattended-upgrades:
sudo apt-get install unattended-upgrades
This will create the file /etc/apt/apt.conf.d/50unattended-upgrades
You may edit this file. Lines starting with // are comments.
You can comment out some lines, specifically:
You can list a package not to be updated:
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
"my-blacklisted-package";
};
You can send an email when updates are available:
Unattended-Upgrade::Mail "root@localhost";
P.S. I don't think unattended-upgrades will download the update if it's not going to be installed. You can do that by editing /etc/apt/apt.conf.d/10periodic.
You can read the apt.conf example file (DO NOT USE this file as a whole, only bits of it): /usr/share/doc/apt/examples/configure-index.gz
Update-Package-Lists "0";
// - Do "apt-get update" automatically every n-days (0=disable)
//
Download-Upgradeable-Packages "0";
// - Do "apt-get upgrade --download-only" every n-days (0=disable)
//
Unattended-Upgrade "0";
// - Run the "unattended-upgrade" security upgrade script
// every n-days (0=disabled)
// Requires the package "unattended-upgrades" and will write
// a log in /var/log/unattended-upgrades
//
P.P.S. You must set Unattended-Upgrade "1"; in /etc/apt/apt.conf.d/10periodic in order for unattended-upgrades to be enabled.
how do we find out what our options are for upgrades via backports?
Run apt-get with the --default-release or -t switch:
sudo apt-get -t precise-backports upgrade
Is the same as apt-get install ipython/precise-backports just that you don't have to insert the precise-backports part.
I'm surprised that even if I ask for status, e.g. via wajig status ipython it doesn't tell me there is a new version available.
For that I use apt-cache policy:
apt-cache policy iceweasel
iceweasel:
Installed: 25.0~a2+20130816004007-1~bpo70+1
Candidate: 25.0~a2+20130816004007-1~bpo70+1
Package pin: 25.0~a2+20130816004007-1~bpo70+1
Version table:
*** 25.0~a2+20130816004007-1~bpo70+1 1990
1990 http://mozilla.debian.net/ wheezy-backports/iceweasel-aurora i386 Packages
100 /var/lib/dpkg/status
23.0-2 1990
-1 http://ftp.us.debian.org/debian/ experimental/main i386 Packages
17.0.8esr-2 1990
990 http://ftp.utexas.edu/debian/ testing/main i386 Packages
-1 http://ftp.de.debian.org/debian/ sid/main i386 Packages
Next, how do I avoid losing existing packages just because I upgrade via a backport?
If the packages you want to upgrade break previous dependencies, then you should decide if upgrading or leaving things as they are. Or you just force things down and break your installation, is all up to you.
How do I say I want the latest backported ipython, as well as any other packages for which updates are available that depend on it, without manually figuring them all out and installing them also?
Same as above.
But if a user asks for one package to be updated, wouldn't it be natural to update all the dependencies, like you'd get from a ppa?
If there is no update candidates, no. This happens a lot on rolling releases distributions, some packages depend of others that are yet no available in the repositories, so apt decides no to upgrade since it breaks dependencies.
For the case of ipython that you mention on comments:
Following the package dependencies page ipython-notebook=0.13.2-1~ubuntu12.04.1 depends to ipython=0.13.2-1~ubuntu12.04.1, but if you try to upgrade ipython alone, apt will take your actions as priority and fulfill them at any cost. Since you are only telling apt to install ipython from backports, he understand:
Fulfill only this condition at any cost
So, the only way to do this is removing/downgrading any package that gets it dependencies broken due this operation (ipython-notebook) and install ipython from backports. The correct way to do this is, either:
sudo apt-get -t precise-backports install ipython-notebook ipython
or
sudo apt-get -t precise-backports upgrade
The first one will tell apt-get to install ipython-notebook and ipython from backports, the second will tell apt to upgrade any installed package that has upgrades in the precise-backports repository.
Best Answer
From a previous post. you can run security upgrades via command line with.
I checked it out and you can also use the command line option
To download but not install updates.
When running the program I am not getting any output, I think this is because I have my system set to auto-update. If you can get output from this just figure out what the updated vs. pending updates look like and write a shell script to send you an email containing of the output of the pending updates.
Then run this script as a cron job.
Note: use crontab -e to run jobs as root.