Home / ubuntu / Questions / 1142121
Accepted
Sqerstet
Asked: 2019-05-11 05:17:57 +0800 CST

Unattended upgrades finds nothing when run manually

  • 772

When run manually, sudo unattended-upgrade finds nothing to upgrade:

No packages found that can be upgraded unattended and no pending auto-removals

But doing sudo apt update beforehand miraculously changes the situation:

Packages that will be upgraded: ...
...
All upgrades installed

The config in /etc/apt/apt.conf.d/20auto-upgrades contains APT::Periodic::Update-Package-Lists "1"; as it should do. This is presumably only used by cron, which could explain the outdated package list.

Also, the manpage for unattended-upgrade says:

This script is the backend for the APT::Periodic::Unattended-Upgrade option and designed to be run from cron (e.g. via /etc/cron.daily/apt)

Is unattended-upgrades is entirely dependent on cron, and if so does that mean it should not be run from a script?

Edit: TLDR. Running unattended-upgrades outside cron, in a shell, does not upgrade anything, even though the config looks right. Apparently this is because a separate cron job is responsible for updating the packages list. Is this behavior correct?

apt cron unattended-upgrades

2 Answers

  1. Partially correct

    Unattended-upgrades in 16.04 and older did indeed rely upon cron to trigger the combined update/upgrade service.

    However, that changed: 18.04 uses systemd timers instead of cron. The timers for update and upgrade are independent, and may run many hours apart. This is the most likely (and expected) cause for packages miraculously appearing - they were likely uploaded/mirrored after the previous update.

    You can run the unattended-upgrades command from the a shell prompt, and it will do exactly the same job as if triggered by cron (16.04 and older) or systemd timer (18.04 and newer).

    Since it's all controlled by systemd, you can use any trigger you want to start daily update and upgrade - you're not restricted to using the built-in timers. You can, for example, start them 4 minutes after network-up, or set the timers to run at a standard time during lunch, or whatever you want that meets your needs.

    • 1
  2. Best Answer

    The answer seems to be that a successful unattended-upgrade is indeed dependent on a recent update of the package lists (equivalent to apt update). It relies on this being done either by cron (check /etc/cron.daily/, /etc/cron.d/) or more likely a systemd timer (do sudo systemctl list-timers).

    This package will not itself trigger the update, nor will it check that the package lists are up to date. If they are not, it will just write to its log that there is nothing to install.

    • 1