Possible to validate unattended-upgrades configuration?

I edited the /etc/apt/apt.conf.d/50unattended-upgrades file (on Ubuntu 22.04.3) and intentionally introduced an error:

Unattended-Upgrade::Automatic-Reboot-WithUsers "Falsed";  // instead of "false"

When I restart the service it shows as running:

systemctl restart unattended-upgrades.service
systemctl status unattended-upgrades.service  # shows "Active: active (running)"

If I run unattended-upgrades --dry-run it exits without error.

How do I have confidence that the configuration file is correct and will be used? With nginx there is the nginx -t command. Is there anything similar for unattended-upgrades?

Asked By: AJP

||

The APT configuration format is essentially a hierarchical tree-value store, and is lenient on both the keys and values. It has to be as far as keys are concerned — there’s no central registry of allowed keys. As far a values are concerned, in the current implementation for boolean values, the strings “no”, “false”, “without”, “off”, and “disable” are interpreted as false, the strings “yes”, “true”, “with”, “on“, and “enable” are interpreted as true. Any other value found when the configuration parser is asked for a boolean results in the default value being returned (not an error). For the setting evoked in your question, that default is true.

As a result of the above, as long as all the configuration files involved in APT’s configuration are syntactically valid, errors in the same vein as your example will go undetected.

It is possible to see how the current configuration files are interpreted:

apt-config dump

reads all the configuration files and dumps all the keys found there and the associated values.

Answered By: Stephen Kitt