Auto-updates should be enabled by default
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unattended-upgrades (Debian) |
Fix Released
|
Unknown
|
|||
unattended-upgrades (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
situation:
minimal ubuntu server image, installation of this package done manually with "aptitude install unattended-
problem:
unattended-upgrades actually do not happen, because I have to edit config files before - but the system does not give me any hint about this - so I just install this package and think "great feature, can sleep now very good" - evil guys are just waiting for the first remote exploit and they know that I am sleeping well while my system gets more vulnarable with every missed security update...
[Additionally, the documentation about "Automatic updates" - btw, why the irritating change of terminology here? - is flawed, see bug filed there by me today.]
I do not understand why unattended-upgrades do not just happen after I install this package. This looks like a design error to me and should be corrected - this security related feature should be as easy as possible to get working. This package should just start working with reasonable defaults without any need for the user to edit config files.
And if there is a need to edit config files after installation, the user should be informed about this fact right after installation - from what I see from doing tests with 12.04 this feature does not just start working ootb, but needs manual config file editing after installation.
It would be even better if the installation process will not end successfully, if it just installs this package without proper config - there is no sense in having an installed package named "unattended-
My observations may be wrong. I hope so.
Thank you very much for your attention!
Changed in unattended-upgrades (Debian): | |
status: | Unknown → Fix Released |
Thanks for your bugreport and for sharing your concern.
The package has a "debconf" prompt with the priority "medium" that asks if the feature should be automatically upgrades- core and unattended-upgrades
be enabled. I agree though that its not ideal, I wonder what do to make it more obvious, maybe a text displayed
after install if no config is setup? Or split the package into unattended-
and the -core package contains the code the unattended-upgrades the implementation.
Ideas welcome.