it seems that Symbiosis now silently applies Debian package upgrades. This is great for most security fixes, but when a kernel fix is downloaded and installed, I need to know this has happened so that I can remember to reboot the VM to apply the fix.
The older versions used to send me an email whenever packages were updated. Can this behaviour be mimicked in the current Symbiosis?
I've only just noticed /var/log/unattended-upgrades/unattended-upgrades-dpkg.log thanks to your post:
Log started: 2016-10-09 06:45:17
FATAL -> Failed to fork.
debconf: apt-extracttemplates failed: No such file or directory
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 54015 files and directories currently installed.)
Preparing to unpack .../php5-xmlrpc_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-xmlrpc (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Preparing to unpack .../php5-sqlite_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-sqlite (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Preparing to unpack .../php5-readline_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-readline (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Preparing to unpack .../php5-cli_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-cli (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Preparing to unpack .../php5-pspell_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-pspell (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Preparing to unpack .../php5-mysql_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-mysql (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Preparing to unpack .../php5-mcrypt_5.6.26+dfsg-0+deb8u1_amd64.deb ...
Unpacking php5-mcrypt (5.6.26+dfsg-0+deb8u1) over (5.6.24+dfsg-0+deb8u1) ...
Error in function:
Log ended: 2016-10-09 06:48:31
(It looks like the box ran out of memory). A suitable email was sent to root but I need to get much better at monitoring these messages. Pulling them into my main email client would be a good start and setting a flag for anything with "error/fatal/fail/paniclog..." might do the job.
I don't think the email is sent on a successful upgrade, hence my original post.
Yup, it's a good idea - especially when it impacts security.
Anyone involved in Symbiosis comment on this? Anything that can be done?
I'm not sure exactly but it looks to me like this is initiated through /etc/cron.daily/apt which looks like a Debian thing rather than a Symbiosis thing. It might be the case that APT::Periodic::Unattended-Upgrade is disabled by default in stock Debian and enabled by default in Symbiosis. If there isn't any resources on how to do this already in Debian I'm sure you could jury rig something by either adding some extra code to /etc/cron.d/apt or checking the logs it leaves for kernel updates in another cron job.
Looking into the Mail and Verbose options to see if I can at least get it to mail me when something changes.
Untested, unchartered waters (here) but /etc/apt/apt.conf.d/50unattended-upgrades might also be worth a look;
... with /etc/apt/apt.conf.d/90-symbiosis-updates ...
Thanks, just tried setting the 'error only' to false. Hopefully that won't send me an email every day saying there was nothing to do!
On a fairly small sample, this seems to do what I want. It sends me an email when an update is applied, but (assuming it's checking every day) hasn't been sending them when there is nothing to do.
Is this a Debian change to the defaults, or Symbiosis? I'm pretty sure my first VM sent email, but when I created a new one to update to the latest Debian, they stopped.
Yes. I assume it's symbo-jessie moving from symbiosis-updater to unattended-upgrades.
That sounds plausible.
Does a Symbiosis install currently make any changes to 'standard' Debian config files? If so, it sounds like changing the defaults to send an email when something is installed would be a good thing to do (not least because it's what the previous update handling code did).
Ok, my change seems to be working as I want. Nearly two weeks later, I've had no emails except for one last night, when the vim updates were applied.
Any chance this could be made the default in Symbiosis?