How to enable silent automatic updates for any repository?
First, install gksu:
sudo apt-get install gksu
The easiest of enabling unattended updates for your system is to edit the file 50unattended-upgrades inside /etc/apt/apt.conf.d/ with your favourite text editor, for example:
gksu gedit /etc/apt/apt.conf.d/50unattended-upgrades
In it you need to comment out the commented sections of the Allowed Origins block
Change
Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
// "${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";
};
to
Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
"${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";
};
For software that is not on the Ubuntu repos that you would like to update you need to add a origin and archive to the file. To find what those are for your PPAs open the folder /var/lib/apt/lists/, that is the storage area for state information for each package resource. What you are looking for is the files that end with Release in the name.
Open one with your text editor, ie for Google Chrome:
gedit /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_Release
Origin: Google, Inc.
Label: Google
Suite: stable
Codename: stable
Version: 1.0
Date: Thu, 17 Nov 2011 19:09:01 +0000
Architectures: i386 amd64
Components: main
Description: Google chrome-linux repository.
The origin is obvious (Origin: Google, Inc.) and the archive will be whatever is under the line Suite (Suite: stable).
If either Origin or Suite is missing then they will be the empty string. But note that if both are missing then probably it will not be possible to use that source with unattended upgrades without including other sources with the same issue.
After you noted those 2 lines you need to edit the 50unattended-upgrades file and add the lines using this format "<origin>:<archive>"; of for this examples sake "Google\, Inc.:stable";.
Google Chrome's origin is kinda tricky because it has a space a end point and a comma in it but most Release files will be easy to read.
As another example, Node JS source specifies an origin (Node Source) but not an archive; so you can match it with "Node Source:";.
Allowed Origins is matched using shell-style wildcards (more specifically, with Python's fnmatch()). If you're careful enough to not include conflicting sources it's possible to write things like "Node *:*";.
Do not forget to make a backup of your 50unattended-upgrades file before editing it, do that with sudo cp /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/50unattended-upgrades.bak.
To test the changes done on the file you can use sudo unattended-upgrades with the parameters --dry-run and --debug.
--dry-run will run an unattended upgrades cycle except it will not really install the upgrades, only check and verify that everything is ok.
--debug will enable verbose mode.
You can always check the logs for unattended-upgrades at /var/log/unattended-upgrades/unattended-upgrades.log.
You can change the configuration of the unattended upgrades by editing the file /etc/apt/apt.conf.d/10periodic, options for the configuration are in the /etc/cron.daily/apt script header. Read them to configure the frequency of the unattended upgrades.
Automated approach for @Bruno Pereira's answer: (Please consider starring the github repo if you find the answer useful.)
Code Link: https://github.com/abhigenie92/unattended_upgrades_repos
Check repositories to add:
$ python automatic_upgrade.py Add repos: "Ubuntu:xenial"; "LP-PPA-kubuntu-ppa-backports:xenial"; "LP-PPA-tuxonice:xenial"; "LP-PPA-webupd8team-sublime-text-3:xenial"; Skipping files due to not present origin or suite. Or origin being a url.: packagecloud.io_slacktechnologies_slack_debian_dists_jessie_InRelease tiliado.eu_nuvolaplayer_repository_deb_dists_xenial_InReleaseNow edit
/etc/apt/apt.conf.d/50unattended-upgradesto include them:// Automatically upgrade packages from these (origin:archive) pairs Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}-security"; "${distro_id}:${distro_codename}-updates"; "${distro_id}:${distro_codename}-proposed"; "${distro_id}:${distro_codename}-backports"; "Ubuntu:xenial"; "LP-PPA-kubuntu-ppa-backports:xenial"; "LP-PPA-tuxonice:xenial"; "LP-PPA-webupd8team-sublime-text-3:xenial"; }; .... ....Check to see if they are included:
$ sudo unattended-upgrade --dry-run --debug Initial blacklisted packages: Initial whitelisted packages: Starting unattended upgrades script Allowed origins are: ['o=Ubuntu,a=xenial-security', 'o=Ubuntu,a=xenial-updates', 'o=Ubuntu,a=xenial-proposed', 'o=Ubuntu,a=xenial-backports', 'o=Ubuntu,a=xenial', 'o=LP-PPA-kubuntu-ppa-backports,a=xenial', 'o=LP-PPA-tuxonice,a=xenial', 'o=LP-PPA-webupd8team-sublime-text-3,a=xenial'] pkgs that look like they should be upgraded: Fetched 0 B in 0s (0 B/s) fetch.run() result: 0 blacklist: [] whitelist: [] No packages found that can be upgraded unattended and no pending auto-removals
Editing /etc/apt/apt.conf.d/50unattended-upgrades, add the following:
Unattended-Upgrade::Origins-Pattern {
"origin=*";
};
This will allow unattended upgrades for all packages.