> From: wool...@eeg.ccf.org > To: debian-user@lists.debian.org > On Fri, Jun 30, 2017 at 06:34:49PM +0200, Dejan Jocic wrote: >> If you want to >> prevent automatic upgrades and disable them, because you want to do it >> manually like you are used to, you should edit file >> /etc/apt/apt.conf.d/20auto-upgrades and change it from this: >> >> APT::Periodic::Update-Package-Lists "1"; >> APT::Periodic::Unattended-Upgrade "1"; >> >> to this: >> >> APT::Periodic::Update-Package-Lists "0"; >> APT::Periodic::Unattended-Upgrade "0"; > Or you can just remove the unattended-upgrades package, right?
If someone installed Stretch from scratch last week got the unattended-upgrades package but those who were running stretch for a while before it became stable did not get it and have to install it. Would this be correct, because I've had several updated packages since then. I'm writing this from a different system so I can not go back and actually check but I am wondering how it works security wise. I assume it runs as a timed service through systemd and has admin privileges. The question that sticks to mind, if the above assumptions are correct, is how did this got to stable without really being advertised properly through those running testing. I was under the impression that for anything other than security-bug-fixes everything goes through the unstable and testing first. This seems as something that appeared behind us. An update of apt/synaptics/aptitude could have included the option to consciously choose between auto or manual updates.
