I am running Debian 7 stable with unattended-upgrades (every morning at 6 AM) to make sure I am always fully updated. I have
the following config:
$ cat /etc/apt/apt.conf.d/50unattended-upgrades
// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to
the specified archive (e.g. testing becomes
the
// new stable).
"o=Debian,a=stable";
"o=Debian,a=stable-updates";
// "o=Debian,a=proposed-updates";
"origin=Debian,archive=stable,label=Debian-Security";
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
// dpkg --force-confold --configure -a
//
The default is
true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
// Split
the upgrade into
the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes
the upgrade
// a bit slower but it has
the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "
true";
// Install all unattended-upgrades when
the machine is shuting down
// instead of doing it in
the background while
the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "
true";
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "
[email protected]"
Unattended-Upgrade::Mail "root";
// Set this value to "
true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
Unattended-Upgrade::MailOnlyOnError "
true";
// Do automatic removal of new unused dependencies after
the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
// Automatically reboot *WITHOUT CONFIRMATION* if a
//
the file /var/run/reboot-required is found after
the upgrade
Unattended-Upgrade::Automatic-Reboot "
true";
// Use apt bandwidth limit feature, this example limits
the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";
As you can see Automatic-Reboot is
true and thus
the server should automaticly reboot. Last time I checked
the server was online for over 100 days, which means that
the update from Debian 7.1 to Debian 7.2 has happened while
the server was up (and indeed, all updates were installed), but this involves kernel updates, which means that
the server should reboot. It did not.
The server was running very slow, so I rebooted which fixed that.
I did some research and found out that unattended-upgrades responds to
the reboot-required file in /var/run/. I touched this file and waited one week,
the file still exists and
the server did not reboot. So I think that unattended-uppgrades ignores
the auto-reboot part. So, am I doing somthing wrong here? Why did
the server not restart?
The upgrade part works perfect by
the way, its just
the reboot part that does not seem to work as it should.
