我有
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.15.0-24-generic x86_64)
15 packages can be updated.
7 updates are security updates.
我观察了好几个星期,尝试了很多方法修复它,但我无法让它运行。无人值守升级无法升级我的服务器。
我安装了
# apt-get install unattended-upgrades
Reading package lists... Done
Building dependency tree
Reading state information... Done
unattended-upgrades is already the newest version (0.90ubuntu0.9).
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.
# apt-get install apt-listchanges
Reading package lists... Done
Building dependency tree
Reading state information... Done
apt-listchanges is already the newest version (2.85.14ubuntu1).
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.
这是我的 /etc/apt/apt.conf.d/10periodic
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
这是我的 /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
"${distro_id}ESM:${distro_codename}";
"${distro_id}:${distro_codename}-updates";
};
Unattended-Upgrade::Package-Blacklist {
"open-vm-tools";
};
Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::InstallOnShutdown "true";
Unattended-Upgrade::Mail "root";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "07:00";
Acquire::http::Dl-Limit "0";
这是我在日志文件 /var/log/unattended-upgrades/unattended-upgrades.log 中的内容
INFO Initial blacklisted packages: open-vm-tools
INFO Initial whitelisted packages:
INFO Starting unattended upgrades script
INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security', 'o=UbuntuESM,a=xenial', 'o=Ubuntu,a=xenial-updates']
INFO Initial blacklisted packages: open-vm-tools
INFO Initial whitelisted packages:
INFO Starting unattended upgrades script
INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security', 'o=UbuntuESM,a=xenial', 'o=Ubuntu,a=xenial-updates']
有人知道哪里出了问题吗?
答案1
相反的是回答上面我的: ” /etc/apt/apt.conf.d/50unattended-upgrades”做过有:
Unattended-Upgrade::InstallOnShutdown "false";
然而我仍然看到:
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux [...] x86_64) [...] 29 packages can be updated. 0 updates are security updates.
那么为什么这 29 个软件包没有更新呢?
事实证明,“ /etc/apt/apt.conf.d/50unattended-upgrades”还包含这宣言:
Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESM:${distro_codename}"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; };
对我来说,解决问题的关键就是取消注释此行:
// "${distro_id}:${distro_codename}-updates";
答案2
如果按照以下步骤操作后仍无效这个答案由@cuedee,您可以尝试进行一次试运行,看看是否收到某种错误消息或警告。
sudo unattended-upgrades -v -d
在我的情况下,输出说明我的连接是计量的(来自手机热点),并且默认情况下无人值守升级不允许通过计量连接进行更新。我使用以下行对其进行了更改/etc/apt/apt.conf.d/50unattended-upgrades:
Unattended-Upgrade::Skip-Updates-On-Metered-Connections "false";
答案3
我找到了原因:
Unattended-Upgrade::InstallOnShutdown "true";
这意味着更新仅在关机前安装。由于这台机器是 24/7 服务器,因此从未发生过更新。
答案4
其他伟大的难以追踪的原因是您的/tmp或/var/目录是否按照任何常见的 CC 指南进行挂载noexec。这将导致安装后脚本失败,从而永久阻止更新。我不知道对此的安全解决方案,但怀疑有一种方法可以告诉 apt 在安装之前/之后更改挂载标志。