diff --git a/config/Debian_50unattended-upgrades b/config/Debian_50unattended-upgrades index 8d8eccb..62736e3 100644 --- a/config/Debian_50unattended-upgrades +++ b/config/Debian_50unattended-upgrades @@ -28,7 +28,7 @@ Unattended-Upgrade::Origins-Pattern { // but the Debian release itself will not be automatically upgraded. // "origin=Debian,codename=${distro_codename}-updates"; // "origin=Debian,codename=${distro_codename}-proposed-updates"; - "origin=Debian,codename=${distro_codename},label=Debian"; +// "origin=Debian,codename=${distro_codename},label=Debian"; "origin=Debian,codename=${distro_codename},label=Debian-Security"; // Archive or Suite based matching: @@ -48,9 +48,10 @@ Unattended-Upgrade::Package-Blacklist { // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. -// "libc6$"; -// "libc6-dev$"; -// "libc6-i686$"; + "libc6$"; + "libc6-dev$"; + "libc6-i686$"; + "mysql$"; // Special characters need escaping // "libstdc\+\+6$"; @@ -67,13 +68,13 @@ Unattended-Upgrade::Package-Blacklist { // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed -//Unattended-Upgrade::AutoFixInterruptedDpkg "true"; +Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) -//Unattended-Upgrade::MinimalSteps "true"; +Unattended-Upgrade::MinimalSteps "false"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. @@ -84,7 +85,7 @@ Unattended-Upgrade::Package-Blacklist { // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. -//Unattended-Upgrade::InstallOnShutdown "false"; +Unattended-Upgrade::InstallOnShutdown "true"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you @@ -98,34 +99,34 @@ Unattended-Upgrade::Package-Blacklist { // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). -//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; +Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) -//Unattended-Upgrade::Remove-Unused-Dependencies "false"; +Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade -//Unattended-Upgrade::Automatic-Reboot "false"; +Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true -//Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; +Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" -//Unattended-Upgrade::Automatic-Reboot-Time "02:00"; +Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False -// Unattended-Upgrade::SyslogEnable "false"; +Unattended-Upgrade::SyslogEnable "true"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon";