I have configured unattended-upgrades according to this guide.
Configuration files are as follows:
/etc/apt/apt.conf.d/50unattended-upgrades
// Automatically upgrade packages from these (origin:archive) pairs
//
// Note that in Ubuntu security updates may pull in new dependencies
// from non-security sources (e.g. chromium). By allowing the release
// pocket these get automatically pulled in.
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}";
"${distro_id}:${distro_codename}-updates"; // uncommented 27/06/2019
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
};
/etc/apt/apt.conf.d/20auto-upgrades
:
// APT::Periodic::Update-Package-Lists "1";
// APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "30";
APT::Periodic::Unattended-Upgrade "1";
Allowed origins are (from: /var/log/unattended-upgrades/unattended-upgrades.log
):
2019-07-12 09:59:34,126 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic, o=Ubuntu,a=bionic-updates
However, Software Updater keeps asking me for confirmation of some software updates. As shown here:
I thought that unattended-upgrades
would take care of these updates, too.
Is there a configuration that I am still missing for the updates that requires confirmation via gui?
There are several possible reasons. Happily, none indicate a real problem.
Firstly for most folks, Unattended Upgrades draws from a limited number of repositories that are whitelisted in /etc/apt/apt.conf.d/50unattended-upgrades. Any software from other repositories, PPAs, other sources, or Snaps, is ignored by Unattended Upgrades, and will show up in the desktop's Software Updater notification.
(In your case, you have already added another repository to the whitelist. Well done!)
Second, the desktop Software Updater tool and Unattended Upgrades are not coordinated - each runs at a different time daily. It's likely that the case you have shown us is simply a day when Software Updater happened to run first.
For most folks, the simplest answer to avoid confusion is to change the Software Updater frequency in your Software & Updates control panel. Look for the 'Updates' tab, then the "When there are other updates" option. Reduce the frequency.