Unattended-upgrades prompts for user/password

Deleted member 131998 · Jul 28, 2014

Hello to all of you !

I'm working with Debian wheezy and KDE 4.8.4 and installed unattended-upgrades by following this tutorial.

But for each update I get a prompt where I have to select a user with administrative privileges (not the kdesu-prompt) and enter an password.
After entering user/password the update-job terminates properly with installing all updates.

Do I have to add a special "update-group" or "update-user" to avoid entering user/password ?

Thank you for your advice.

Mark

srijan · Jul 29, 2014

Please paste your

vi /etc/apt/apt.conf.d/02periodic
Click to expand...

Deleted member 131998 · Jul 29, 2014

Hi Srijan, thank you for your reply,

APT:eriodic::Enable "1";
// - Enable the update/upgrade script (0=disable)

APT:eriodic::Unattended-Upgrade "1";
// - Run the "unattended-upgrade" security upgrade script
// every n-days (0=disabled)
// Requires the package "unattended-upgrades" and will write
// a log in /var/log/unattended-upgrades

APT:eriodic::Update-Package-Lists "1";
// - Do "apt-get update" automatically every n-days (0=disable)

APT:eriodic:ownload-Upgradeable-Packages "1";
// - Do "apt-get upgrade --download-only" every n-days (0=disable)

APT:eriodic::AutocleanInterval "7";
// - Do "apt-get autoclean" every n-days (0=disable)

APT:eriodic::Verbose "1";
// - Send report mail to root
// 0: no report (or null string)
// 1: progress report (actually any string)
// 2: + command outputs (remove -qq, remove 2>/dev/null, add -d)
// 3: + trace on

APT:eriodic::RandomSleep "0";
Click to expand...

Upps... at this moment the update starts again.
I checked the caller-PID:
polkit.subject-pid= 4317 (apper-sentinel)
polkit.caller-pid= 4344 (packagekitd)

In .kde/share/config/apper is

autoConfirm=true
Click to expand...

srijan · Jul 30, 2014

Hi

Please run the command & check the debug report.

sudo unattended-upgrades --dry-run --debug
Click to expand...

--dry-run will run an unattended upgrades cycle except it will not really install the upgrades, only check and verify that everything is ok.

--debug will enable verbose mode.

You can always check the logs for unattended-upgrades at /var/log/unattended-upgrades/unattended-upgrades.log.

Deleted member 131998 · Jul 30, 2014

Hi Srijan, thank you for helping me.

user@pc:~$ sudo unattended-upgrades --dry-run --debug
[sudo] password for user:
Initial blacklisted packages:
Starting unattended upgrades script
Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
pkgs that look like they should be upgraded:
Fetched 0 B in 0s (0 B/s)
fetch.run() result: 0
blacklist: [ ]
InstCount=0 DelCount=0 BrokenCout=0
No packages found that can be upgraded unattended
user@pc:~$
Click to expand...

Here are the last three days of unattended-upgrades.log

2014-07-28 17:26:28,080 INFO Initial blacklisted packages:
2014-07-28 17:26:28,091 INFO Starting unattended upgrades script.
2014-07-28 17:26:28,091 INFO Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
2014-07-28 17:26:33,306 INFO Packages that are upgraded: cups cups-bsd cups-client cups-common cups-ppdc libcups2 libcupscgi1 libcupsdriver1 libcupsimage2 libcupsmime1 libcupsppdc1
2014-07-28 17:26:33,307 INFO Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg_2014-07-28_17:26:33.306819.log'
2014-07-28 17:27:08,764 INFO All upgrades installed
2014-07-29 17:20:18,241 INFO Initial blacklisted packages:
2014-07-29 17:20:18,252 INFO Starting unattended upgrades script
2014-07-29 17:20:18,252 INFO Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
2014-07-29 17:20:20,832 INFO Packages that are upgraded: linux-headers-3.2.0-4-amd64 linux-headers-3.2.0-4-common linux-image-3.2.0-4-amd64 linux-libc-dev
2014-07-29 17:20:20,833 INFO Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg_2014-07-29_17:20:20.833009.log'
2014-07-29 17:20:59,148 INFO All upgrades installed
2014-07-30 18:45:48,808 INFO Initial blacklisted packages:
2014-07-30 18:45:48,819 INFO Starting unattended upgrades script
2014-07-30 18:45:48,820 INFO Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
2014-07-30 18:45:50,996 DEBUG pkgs that look like they should be upgraded:
2014-07-30 18:45:51,099 DEBUG fetch.run() result: 0
2014-07-30 18:45:51,099 DEBUG blacklist: [ ]
2014-07-30 18:45:51,099 DEBUG InstCount=0 DelCount=0 BrokenCout=0
2014-07-30 18:45:51,100 INFO No packages found that can be upgraded unattended
2014-07-30 18:48:34,233 INFO Initial blacklisted packages:
2014-07-30 18:48:34,234 INFO Starting unattended upgrades script
2014-07-30 18:48:34,234 INFO Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
2014-07-30 18:48:35,373 INFO No packages found that can be upgraded unattended
2014-07-30 18:52:52,596 INFO Initial blacklisted packages:
2014-07-30 18:52:52,596 INFO Starting unattended upgrades script
2014-07-30 18:52:52,596 INFO Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
2014-07-30 18:52:53,734 DEBUG pkgs that look like they should be upgraded:
2014-07-30 18:52:53,737 DEBUG fetch.run() result: 0
2014-07-30 18:52:53,738 DEBUG blacklist: [ ]
2014-07-30 18:52:53,738 DEBUG InstCount=0 DelCount=0 BrokenCout=0
2014-07-30 18:52:53,738 INFO No packages found that can be upgraded unattended
2014-07-30 18:59:38,497 INFO Initial blacklisted packages:
2014-07-30 18:59:38,497 INFO Starting unattended upgrades script
2014-07-30 18:59:38,497 INFO Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 'origin=Debian,archive=stable,label=Debian-Security']
2014-07-30 18:59:39,653 DEBUG pkgs that look like they should be upgraded:
2014-07-30 18:59:39,657 DEBUG fetch.run() result: 0
2014-07-30 18:59:39,657 DEBUG blacklist: [ ]
2014-07-30 18:59:39,657 DEBUG InstCount=0 DelCount=0 BrokenCout=0
2014-07-30 18:59:39,657 INFO No packages found that can be upgraded unattended
Click to expand...

srijan · Jul 31, 2014

Is the user in sudo list, please check it in /etc/sudoers. You can specify the allowed commands with sudo, you don't have to allow unlimited access, e.g.

username ALL = NOPASSWD : /usr/bin/apt-get , /usr/bin/aptitude
Click to expand...

Deleted member 131998 · Jul 31, 2014

srijan said: ↑

Is the user in sudo list, please check it in /etc/sudoers.
Click to expand...

No, but the user is member of the group sudo.
Do you think it is necessary to add the user especially to /etc/sudoers ?
I previously thought, to be a member of the group sudo works as well.

Here is my /etc/sudoers:

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults<------>env_reset
Defaults<------>mail_badpass
Defaults<------>secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root<-->ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo<->ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d
Click to expand...

srijan · Aug 1, 2014

Check your sudoers file, my working debiansystem had this configuration

#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d
Click to expand...

otherwise manual name addition in file /etc/sudoers will also work

Deleted member 131998 · Aug 1, 2014

Thanks for your hint, Srijan.

The /etc/sudoers files look the same for me.
I'll add the user to /etc/sudoers and check the updates for the next week.
After that I'll give you a feedback.

Have a good time

Mark

Deleted member 131998 · Aug 26, 2014

[SOLVED] Unattended-upgrades prompts for user/password

Hi Srijan,

I'm late - sorry, please forgive me....

Good news - problem solved. It was caused by the local PolicyKit definitions.
Changing the /etc/sudoers file has brought no effect.

During searching the www I stumbled over this two sites containing the solution:

http://www.nux.ro/archive/2011/03/Allow_the_local_user_to_install_and_update_software_without_root_password.html

http://unix.stackexchange.com/questions/34664/how-to-disable-password-prompting-for-automatic-updates-on-red-hat

After adding the two .pkla files the system works perfect for me.

Again, thank you for your help.

Mark

Log in or Sign up

Unattended-upgrades prompts for user/password

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

Deleted member 131998 Guest

Share This Page

Log in or Sign up

Unattended-upgrades prompts for user/password

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

srijan New Member HowtoForge Supporter

Deleted member 131998 Guest

Deleted member 131998 Guest

Share This Page

Useful Searches