Packages not auto-updating

andrew · February 18, 2023, 10:50pm

Hi, are other people seeing long lists of packages that are not being auto-updated?

I don’t think it’s a MIAB problem. And it’s not the packages-being-held-back-by-Ubuntu problem. Is Ubuntu’s latest game now playing around with categorizing updates?

This was my status recently, only a few days after manually upgrading everything. A couple of these lines are new update items, and I can understand that unattended upgrades of grub or firmware are frowned upon. But all those php updates!

There are 31 software packages that can be updated.

motd-news-config (12ubuntu4.3)
base-files (12ubuntu4.3)
python-apt-common (2.4.0ubuntu1)
python3-apt (2.4.0ubuntu1)
update-notifier-common (3.192.54.5)
ubuntu-release-upgrader-core (1:22.04.16)
python3-distupgrade (1:22.04.16)
firmware-sof-signed (2.0-1ubuntu4.1)
fwupd-signed (1.51~22.04.1+1.2-3ubuntu0.2)
grub-efi-amd64 (2.06-2ubuntu14.1)
grub-efi-amd64-signed (1.187.3~22.04.1+2.06-2ubuntu14.1)
grub-efi-amd64-bin (2.06-2ubuntu14.1)
php8.0-bcmath (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-zip (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-xml (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-sqlite3 (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-soap (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-readline (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-pspell (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-opcache (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-mbstring (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-intl (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-imap (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-gmp (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-gd (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-dev (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-curl (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-fpm (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-cli (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0-common (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)
php8.0 (1:8.0.28-1+ubuntu22.04.1+deb.sury.org+1)

eXTric · February 19, 2023, 8:57am

Same issue here. Based on forum posts I understood that the unattended upgrades would take care of it. Seems there is an issue somewhere.

andrew · February 19, 2023, 9:42am

Yes. The unattended upgrades used to work fine - the only things they’d skip were must-be-supervised things like kernel upgrades! I think unattended upgrades now does just “security” changes. I’ll see what people think, and maybe look at having it also do more routine things.

miabuser · February 19, 2023, 3:00pm

This can be configured in /etc/apt/apt.conf.d/50unattended-upgrades But yes, the default configuration on a standard Ubuntu installation doesn’t include all repos…

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        // Extended Security Maintenance; doesn't necessarily exist for
        // every release and this system may not have it installed, but if
        // available, the policy for updates is such that unattended-upgrades
        // should also install from here by default.
        "${distro_id}ESM:${distro_codename}";
//      "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};

If you want to get unattended upgrades for all sources, you have to uncomment (removing the double slashes) from the remaining lines.

But, this does still not cover PHP, because it’s coming from a third-party repo. So you need to take additional steps and add it manually:

wheresalice · February 24, 2023, 12:09pm

This raises the question of how safe it is to be upgrading these PHP packages, and whether mailinabox should configure these additional automatic upgrades.

I have been upgrading them, but I now have multiple versions of PHP installed, and I’m not sure which one is actually being used.