Skip to content

switch to unattended-upgrades for (non critical) package upgrades

A way to mitigate the icinga apt notification spam, and also a way to reduce tedious sysadm work, is to let unattended-upgrades do its magic. We just need to be careful on which packages are potentially dangerous for upgrades and that we do not want to be upgraded unattended — postgres comes to mind, but there might be others.

(IIRC upgrades that requires interaction, e.g., conffile changes, are blacklisted by default by unattended-upgrades, but this requires double-checking.)

Migrated from T756 (view on Phabricator)