You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It seems that the way that apt and unattendedupgrades handle the config file parsing, Unattended-Upgrade::Origins-Pattern will be evaluated cumulatively and cannot be overwritten in a "higher-ranking" config file (neither on buster, bullseye or bookworm).
While this won't pose a problem for "additional" origins, it is currently impossible to limit the allowed origins to only those given in the playbook (or the role's defaults). I don't have an idea for a solution just yet, but I think this limitation is at least something that should be mentioned in the Readme until it's solved
How to test: note the allowed origins in /etc/apt/apt.conf.d/50unattended-upgrades and those in 90-ansible-unattended-upgrades, then run unattended-upgrades --dry-run -v and note the list of allowed origins containing all entries of both files
The text was updated successfully, but these errors were encountered:
v2.0.1 pulled from Ansible Galaxy on May 02nd, 2023
Edit: Just noticed that there is an updated version available, upgraded and the issue now seems to be solved. The "#clear" statements in the 90-ansible-unattended-upgrades.conf did the trick. Issue may be closed
It seems that the way that apt and unattendedupgrades handle the config file parsing, Unattended-Upgrade::Origins-Pattern will be evaluated cumulatively and cannot be overwritten in a "higher-ranking" config file (neither on buster, bullseye or bookworm).
While this won't pose a problem for "additional" origins, it is currently impossible to limit the allowed origins to only those given in the playbook (or the role's defaults). I don't have an idea for a solution just yet, but I think this limitation is at least something that should be mentioned in the Readme until it's solved
How to test: note the allowed origins in /etc/apt/apt.conf.d/50unattended-upgrades and those in 90-ansible-unattended-upgrades, then run
unattended-upgrades --dry-run -v
and note the list of allowed origins containing all entries of both filesThe text was updated successfully, but these errors were encountered: