123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 |
- // Unattended-Upgrade::Origins-Pattern controls which packages are
- // upgraded.
- //
- // Lines below have the format format is "keyword=value,...". A
- // package will be upgraded only if the values in its metadata match
- // all the supplied keywords in a line. (In other words, omitted
- // keywords are wild cards.) The keywords originate from the Release
- // file, but several aliases are accepted. The accepted keywords are:
- // a,archive,suite (eg, "stable")
- // c,component (eg, "main", "crontrib", "non-free")
- // l,label (eg, "Debian", "Debian-Security")
- // o,origin (eg, "Debian", "Unofficial Multimedia Packages")
- // n,codename (eg, "jessie", "jessie-updates")
- // site (eg, "http.debian.net")
- // The available values on the system are printed by the command
- // "apt-cache policy", and can be debugged by running
- // "unattended-upgrades -d" and looking at the log file.
- //
- // Within lines unattended-upgrades allows 2 macros whose values are
- // derived from /etc/debian_version:
- // ${distro_id} Installed origin.
- // ${distro_codename} Installed codename (eg, "jessie")
- Unattended-Upgrade::Origins-Pattern {
- // Codename based matching:
- // This will follow the migration of a release through different
- // archives (e.g. from testing to stable and later oldstable).
- // "o=Debian,n=jessie";
- // "o=Debian,n=jessie-updates";
- // "o=Debian,n=jessie-proposed-updates";
- // "o=Debian,n=jessie,l=Debian-Security";
- // Archive or Suite based matching:
- // Note that this will silently match a different release after
- // migration to the specified archive (e.g. testing becomes the
- // new stable).
- // "o=Debian,a=stable";
- // "o=Debian,a=stable-updates";
- // "o=Debian,a=proposed-updates";
- "origin=Debian,codename=${distro_codename},label=Debian-Security";
- };
- // List of packages to not update (regexp are supported)
- Unattended-Upgrade::Package-Blacklist {
- // "vim";
- // "libc6";
- // "libc6-dev";
- // "libc6-i686";
- };
- // This option allows you to control if on a unclean dpkg exit
- // unattended-upgrades will automatically run
- // dpkg --force-confold --configure -a
- // The default is true, to ensure updates keep getting installed
- //Unattended-Upgrade::AutoFixInterruptedDpkg "false";
- // Split the upgrade into the smallest possible chunks so that
- // they can be interrupted with SIGUSR1. This makes the upgrade
- // a bit slower but it has the benefit that shutdown while a upgrade
- // is running is possible (with a small delay)
- //Unattended-Upgrade::MinimalSteps "true";
- // Install all unattended-upgrades when the machine is shuting down
- // instead of doing it in the background while the machine is running
- // This will (obviously) make shutdown slower
- //Unattended-Upgrade::InstallOnShutdown "true";
- // Send email to this address for problems or packages upgrades
- // If empty or unset then no email is sent, make sure that you
- // have a working mail setup on your system. A package that provides
- // 'mailx' must be installed. E.g. "user@example.com"
- Unattended-Upgrade::Mail "{{ unattended_upgrade_mail }}";
- // Set this value to "true" to get emails only on errors. Default
- // is to always send a mail if Unattended-Upgrade::Mail is set
- //Unattended-Upgrade::MailOnlyOnError "true";
- // Do automatic removal of new unused dependencies after the upgrade
- // (equivalent to apt-get autoremove)
- //Unattended-Upgrade::Remove-Unused-Dependencies "false";
- // Automatically reboot *WITHOUT CONFIRMATION* if
- // the file /var/run/reboot-required is found after the upgrade
- //Unattended-Upgrade::Automatic-Reboot "false";
- // If automatic reboot is enabled and needed, reboot at the specific
- // time instead of immediately
- // Default: "now"
- //Unattended-Upgrade::Automatic-Reboot-Time "02:00";
- // Use apt bandwidth limit feature, this example limits the download
- // speed to 70kb/sec
- //Acquire::http::Dl-Limit "70";
|