Status of system updates for Nextbox

NextBox
1

Hello,
I’m starting to wonder whether my Nextbox (which runs very fine otherwise) has some problem regarding unattended-upgrades. When I check for pending updates, sudo apt list --upgradable now yields:

bluez/oldstable 5.50-1.2~deb10u3+rpt1 arm64 [upgradable from: 5.50-1.2~deb10u3]
docker.io/oldstable 18.09.1+dfsg1-7.1+rpi1+rpt1+deb10u3 arm64 [upgradable from: 18.09.1+dfsg1-7.1+rpi1+rpt1]
firmware-atheros/oldstable,oldstable 1:20190114+really20220913-0+deb10u1+rpt1 all [upgradable from: 1:20190114-2+rpt4]
firmware-brcm80211/oldstable,oldstable 1:20190114+really20220913-0+deb10u1+rpt1 all [upgradable from: 1:20190114-2+rpt4]
firmware-libertas/oldstable,oldstable 1:20190114+really20220913-0+deb10u1+rpt1 all [upgradable from: 1:20190114-2+rpt4]
firmware-misc-nonfree/oldstable,oldstable 1:20190114+really20220913-0+deb10u1+rpt1 all [upgradable from: 1:20190114-2+rpt4]
firmware-realtek/oldstable,oldstable 1:20190114+really20220913-0+deb10u1+rpt1 all [upgradable from: 1:20190114-2+rpt4]
libc-bin/oldstable 2.28-10+rpt2+rpi1+deb10u2 arm64 [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
libc-dev-bin/oldstable 2.28-10+rpt2+rpi1+deb10u2 arm64 [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
libc-l10n/oldstable,oldstable 2.28-10+rpt2+rpi1+deb10u2 all [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
libc6-dbg/oldstable 2.28-10+rpt2+rpi1+deb10u2 arm64 [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
libc6-dev/oldstable 2.28-10+rpt2+rpi1+deb10u2 arm64 [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
libc6/oldstable 2.28-10+rpt2+rpi1+deb10u2 arm64 [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
linux-libc-dev/oldstable 1:1.20230509~buster-1 arm64 [upgradable from: 1:1.20220308~buster-1]
locales/oldstable,oldstable 2.28-10+rpt2+rpi1+deb10u2 all [upgradable from: 2.28-10+rpt2+rpi1+deb10u1]
raspberrypi-bootloader/oldstable 1:1.20230509~buster-1 arm64 [upgradable from: 1:1.20220308~buster-1]
raspberrypi-kernel/oldstable 1:1.20230509~buster-1 arm64 [upgradable from: 1:1.20220308~buster-1]
rpi-eeprom/oldstable 16.0-1~buster arm64 [upgradable from: 13.12-1~buster]

There is a log file unattended-upgrades.log with daily entries; at least the last 3 months only contain repeating entries like this:

2023-05-02 12:20:40,577 INFO Checking if system is running on battery is skipped. Please install powermgmt-base package to check power status and skip installing updates when the system is running on battery.
2023-05-02 12:20:40,590 INFO Initial blacklist :
2023-05-02 12:20:40,591 INFO Initial whitelist:
2023-05-02 12:20:40,592 INFO Starting unattended upgrades script
2023-05-02 12:20:40,592 INFO Allowed origins are: o=Debian,a=buster-security, o=Debian,a=buster-updates, o=Debian,a=buster-proposed, o=Debian,a=buster-backports, o=LP-PPA-nitrokey-nextbox,a=groovy, o=LP-PPA-nitrokey-nextbox,a=focal, origin=Debian,codename=buster,label=Debian, origin=Debian,codename=buster,label=Debian-Security, o=LP-PPA-nitrokey-nextbox, l=Nextbox, a=groovy, c=main, site=ppa.launchpad.net, n=groovy, o=LP-PPA-nitrokey-nextbox, l=Nextbox, a=focal, c=main, site=ppa.launchpad.net, n=focal
2023-05-02 12:20:51,566 INFO Packages that will be upgraded:

I am hesitant to run apt upgrade manually, mainly because of the docker.io package – don’t want to create problems when everything else is fine.
Please advise, thank you!

2

Hey @lothar,

generally the default configuration for unattended-upgrades is to upgrade only security patches, this is why you see many upgradables. This is intended like that because unattended-upgrades shall have no impact for the running system despite increased security (by closing bugs using the debian security patches).

I would strongly advise to not run apt-get upgrade because this might easily break the system without further manual fixes and or even nextbox-daemon changes might be needed.

We are currently working on a dist-upgrade for the NextBox, once this is available the system will be essentially be updated too package-wise.

best

2 Likes
3

Thanks, I’ll just wait and see then. I was just curious as it seems that there had been no (security or other) updates at all for about a quarter of a year or more. But maybe I just misunderstand the entries in the log file.