raspbian configuration file fails and is not used anyways

[anarcat]

Hi,

I am trying to work on bug LP#1375919 (Raspbian: unattended-upgrades does not work in default installation) and I noticed that the config file shipped here does not match the one shipped by raspbian.

Therefore, this creates problems when upgrading raspbian. Even if the files would match, neither file properly allows unattended-upgrades to actually work correctly. The LP bug report mentions the following line work:

"origin=Raspbian,codename=jessie,component=main";

I can confirm that works. However, it also says that removing the line should allow upgrades, but I wasn't able to confirm that.

It would be nice to have better consistency here, so I figured I would file an issue here as well to bring your attention to this more obscure platform.

[anarcat]

Here's the default policy config on raspbian-lite, btw:

 500 http://archive.raspberrypi.org/debian/ jessie/ui armhf Packages
     release o=Raspberry Pi Foundation,a=stable,n=jessie,l=Raspberry Pi Foundation,c=ui
     origin archive.raspberrypi.org
 500 http://archive.raspberrypi.org/debian/ jessie/main armhf Packages
     release o=Raspberry Pi Foundation,a=stable,n=jessie,l=Raspberry Pi Foundation,c=main
     origin archive.raspberrypi.org
 500 http://mirrordirector.raspbian.org/raspbian/ jessie/rpi armhf Packages
     release o=Raspbian,a=stable,n=jessie,l=Raspbian,c=rpi
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ jessie/non-free armhf Packages
     release o=Raspbian,a=stable,n=jessie,l=Raspbian,c=non-free
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ jessie/contrib armhf Packages
     release o=Raspbian,a=stable,n=jessie,l=Raspbian,c=contrib
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ jessie/main armhf Packages
     release o=Raspbian,a=stable,n=jessie,l=Raspbian,c=main
     origin mirrordirector.raspbian.org

[rbalint]

Stretch based RPI now ships 0.93.1+nmu1 without delta thus I assume this is fixed.

[anarcat]

hmm... this is odd because this file here still doesn't include the -security label:

https://github.com/mvo5/unattended-upgrades/blob/master/data/50unattended-upgrades.Raspbian

[patricktokeeffe]

I don't think this is fixed quite yet. I've just upgraded from Jessie to Stretch and accepted clean configuration files whenever there were conflicts. The 50unattended-upgrades file I received matches this Debian version, not the Raspbian version I would expect it to.

pi@kegerator:/etc/apt/apt.conf.d $ diff 50unattended-upgrades 50unattended-upgrades.ucf-old 
10,12c10,12
< //   c,component     (eg, "main", "contrib", "non-free")
< //   l,label         (eg, "Debian", "Debian-Security")
< //   o,origin        (eg, "Debian", "Unofficial Multimedia Packages")
---
> //   c,component     (eg, "main", "crontrib", "non-free")
> //   l,label         (eg, "Raspbian", "Raspbian-Security")
> //   o,origin        (eg, "Raspbian", "Unofficial Multimedia Packages")
14c14
< //     site          (eg, "http.debian.net")
---
> //     site          (eg, "http.Raspbian.net")
20c20
< // derived from /etc/debian_version:
---
> // derived from /etc/Raspbian_version:
27,30c27
< //      "o=Debian,n=jessie";
< //      "o=Debian,n=jessie-updates";
< //      "o=Debian,n=jessie-proposed-updates";
< //      "o=Debian,n=jessie,l=Debian-Security";
---
> //      "o=Raspbian,n=jessie";
36,39c33,34
< //      "o=Debian,a=stable";
< //      "o=Debian,a=stable-updates";
< //      "o=Debian,a=proposed-updates";
<         "origin=Debian,codename=${distro_codename},label=Debian-Security";
---
> //      "o=Raspbian,a=stable";
> 
85,87d79
< // Automatically reboot even if there are users currently logged in.
< //Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
< 
96,102d87
< 
< // Enable logging to syslog. Default is False
< // Unattended-Upgrade::SyslogEnable "false";
< 
< // Specify syslog facility. Default is daemon
< // Unattended-Upgrade::SyslogFacility "daemon";
< 
pi@kegerator:/etc/apt/apt.conf.d $ apt-cache policy unattended-upgrades 
unattended-upgrades:
  Installed: 0.93.1+nmu1
  Candidate: 0.93.1+nmu1
  Version table:
 *** 0.93.1+nmu1 0
        500 http://mirrordirector.raspbian.org/raspbian/ stretch/main armhf Packages
        100 /var/lib/dpkg/status
N: Ignoring file '50unattended-upgrades.ucf-old' in directory '/etc/apt/apt.conf.d/' as it has an invalid filename extension
N: Ignoring file '50unattended-upgrades.ucftmp' in directory '/etc/apt/apt.conf.d/' as it has an invalid filename extension
pi@kegerator:/etc/apt/apt.conf.d $ lsb_release -i -s
Raspbian 

Manually running produces no results (though I did update only yesterday):

pi@kegerator:/etc/apt/apt.conf.d $ sudo unattended-upgrade -d
Initial blacklisted packages: 
Initial whitelisted packages: 
Starting unattended upgrades script
Allowed origins are: ['origin=Debian,codename=n/a,label=Debian-Security']
Checking: alsa-utils ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: apt ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: apt-listchanges ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: apt-transport-https ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: apt-utils ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: aptitude ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: aptitude-common ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])

...<snip>...

Checking: vim-tiny ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: wget ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
Checking: wpasupplicant ([<Origin component:'main' archive:'stable' origin:'Raspbian' label:'Raspbian' site:'mirrordirector.raspbian.org' isTrusted:True>])
pkgs that look like they should be upgraded: 
Fetched 0 B in 0s (0 B/s)                                                                                                                                    
fetch.run() result: 0
blacklist: []
whitelist: []
No packages found that can be upgraded unattended and no pending auto-removals

[rbalint]

Building the package on RPi should result in the package shipping the .Raspbian config file:
https://github.com/mvo5/unattended-upgrades/blob/master/debian/rules#L11

IMO the problem should be solved on Raspbian's side but I would happily take upstreamed patches from them if this trick in d/rules is not enough.

[pyllyukko]

I had to add to the following line to /etc/apt/apt.conf.d/50unattended-upgrades in my Raspi to get things going with unattended-upgrades:

"origin=Raspberry Pi Foundation,codename=${distro_codename},label=Raspberry Pi Foundation";

[a-detiste]

Hi,

I found out why the correct template is not used: the Debian package is simply never rebuilt at all and imported as-is. I did "apt-get download unattended-upgrades" on a Debian & RaspBian system and both files have identical md5.

[rbalint]

@a-detiste Thanks, this seems to be a process problem on Raspbian's side. Derivatives are expected to rebuild all packages instead of taking them as binaries.

[rbalint]

With merging the commits referencing this issue I consider the issue resolved and RPi devs should rebuild the package to get the proper config file installed.