I have used unattended upgrades on various distros since 2013, normally no problems
In order to keep things under control when Debian releases change I use the codename option. That keeps it contained to a specific version.
However, with Sparky:-
Operating System: SparkyLinux 5.12 (Nibiru)
Kernel: Linux 4.19.0-9-amd64
Architecture: x86-64
I have found a bit of a problem.
/etc/lsb-release shows
DISTRIB_ID=Sparky
DISTRIB_RELEASE=5.12
DISTRIB_CODENAME=Nibiru
DISTRIB_DESCRIPTION="SparkyLinux"
If I run lsb-release -a I get
No LSB modules are available.
Distributor ID: Sparky
Description: SparkyLinux 5.12 (Nibiru)
Release: 5.12
Codename: sid
If I run unattended upgrades using codename all the origins come back as sid
sudo unattended-upgrades --verbose --dry-run
Initial blacklist :
Initial whitelist:
Starting unattended upgrades script
Allowed origins are: origin=Debian,codename=sid-updates, origin=Debian,codename=sid-proposed-updates, origin=Debian,codename=sid,label=Debian, origin=Debian,codename=sid,label=Debian-Security
But then I run
$ cat /etc/debian_version
buster/sid
So, that's my puzzle.
Is this some carryover from the development process when 5.xx actually was based on sid?
OK - just to square the circle this is the relevant section from 50unattended-upgrades that actually works OK on niburu
The core line was unusual - normally don't need both n and a values.
NOTE the grub exclusion following the recent silliness with UA and grub breaking boot process.
Unattended-Upgrade::Origins-Pattern {
// Codename based matching:
// This will follow the migration of a release through different
// archives (e.g. from testing to stable and later oldstable).
// Software will be the latest available for the named release,
// but the Debian release itself will not be automatically upgraded.
// "origin=Debian,codename=${distro_codename}-updates";
// "origin=Debian,codename=${distro_codename}-proposed-updates";
// "origin=Debian,codename=${distro_codename},label=Debian";
// "origin=Debian,codename=${distro_codename},label=Debian-Security";
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
"o=Debian,n=buster";
"o=Debian,n=buster-updates";
"o=Debian,n=buster,l=Debian-Security";
"o=SparkyLinux,n=nibiru";
"o=SparkyLinux,n=core,a=core";
"o=Unofficial Multimedia Packages,n=buster";
// ****"o=Google LLC,a=stable"; - not yet used check
// ****"o=Debian Backports,a=buster-backports"; - not yet used check
};
// Python regular expressions, matching packages to exclude from upgrading
Unattended-Upgrade::Package-Blacklist {
// The following matches all packages starting with linux-
// "linux-";
"grub";
"grub-";
// Use $ to explicitely define the end of a package name. Without
// the $, "libc6" would match all of them.
// "libc6$";
// "libc6-dev$";
// "libc6-i686$";