Your first step is to run:
# strace -efile,network -f apt-get update
And see what happens when it dies.
This answer is based on reading the following files:
/etc/cron.daily/apt
/etc/apt/apt.conf.d/10periodic
/etc/apt/apt.conf.d/50unattended-upgrades
/usr/share/doc/unattended-upgrades/README
which are part of packages (including unattended-upgrades
and update-notifier-common
) included in the standard Ubuntu installation. There are other tools available from the distribution that could achieve the same ends, such as apticron
and cron-apt
.
In the file /etc/apt/apt.conf.d/10periodic
, add a line
APT::Periodic::Unattended-Upgrade "1";
This configures Apt's periodic scripts to run an unattended upgrade every day. For a longer interval, increase the 1
to a larger number. A 0
for this variable would mean 'disabled'.
In tandem with this, the autoclean
line should be enabled by replacing a 0
there:
APT::Periodic::AutocleanInterval "1";
By default, Ubuntu 8.04 only configures automatic unattended upgrades
from the hardy-security
archive. This will cover you against security vulnerabilities, but not for general bug-fix releases. For that, you need to enable the hardy-updates
archive in /etc/apt/apt.conf.d/50unattended-upgrades
:
// Uncomment the line that reads as follows:
"Ubuntu hardy-updates";
Ubuntu's spec for this feature appears on a wiki page.
Note that Debian systems seem to have the same exact infrastructure, apparently from this feature migrating upstream.
Best Answer
Short answer: both /etc/cron.daily/apt and /etc/cron.daily/aptitude are probably safe to leave enabled, and not causing you any unexpected upgrades.
Long answer:
/etc/cron.daily/aptitude on a default Hardy install just maintains a backup of your package state files in /var/backup as files named aptitude.pkgstates.0 through aptitude.pkgstates.6 (with files 1-6 being gzipped).
/etc/cron.daily/apt is more complex, and can do a variety of things based on your apt configuration settings, which are maintained in /etc/apt/apt.conf and the various include files under /etc/apt/apt.conf.d/
If you wonder if the daily apt script is performing unattended upgrades, check the output of this apt-config command. The following is default, and indicates that unattended upgrades are NOT being performed:
For more information on the "unattended upgrade" process (which i would NOT recommend for a production system), see /usr/share/doc/unattended-upgrades/README -- if that file is not present, you probably don't have the package "unattended-upgrades" installed.
The daily apt script at /etc/cron.daily/apt is well commented, and by default it runs an "apt-get update" every day. This simply keeps the cache of available package files current. It does not install or remove packages.
You CAN configure it to download updated package files which you can then manually install later, and you can configure it to clean up the downloaded package files (which are not needed after being installed).
All of this behavior is configured via the configuration settings stored in /etc/apt/apt.conf.d/10periodic -- these settings default to:
I'd recommend verifying those settings and reading through the scripts that are in place in /etc/cron.daily, but you probably do not currently have anything performing unattended and unexpected upgrades.