50unattended-upgrades.Debian.jessie 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
  1. //
  2. // Unattended Upgrades Configuration (Salt managed)
  3. //
  4. // Automatically upgrade packages from these origin patterns
  5. Unattended-Upgrade::Origins-Pattern {
  6. // Archive or Suite based matching:
  7. // Note that this will silently match a different release after
  8. // migration to the specified archive (e.g. testing becomes the
  9. // new stable).
  10. "o=Debian,n=jessie";\n'
  11. "o=Debian,n=jessie,a=stable-updates";
  12. "o=Debian,n=jessie,a=proposed-updates";
  13. "o=Debian,n=jessie,l=Debian-Security";\n'
  14. "o=Debian Backports,n=jessie-backports,l=Debian Backports";\n'
  15. "origin=Debian,archive=stable,label=Debian-Security";
  16. "origin=Debian,archive=oldstable,label=Debian-Security";
  17. };
  18. // List of packages to not update
  19. Unattended-Upgrade::Package-Blacklist {
  20. "libc6";
  21. "libc6-dev";
  22. "libc6-i686";
  23. "bird";
  24. "fastd";
  25. "batman-adv-dkms";
  26. };
  27. // This option allows you to control if on a unclean dpkg exit
  28. // unattended-upgrades will automatically run
  29. // dpkg --force-confold --configure -a
  30. // The default is true, to ensure updates keep getting installed
  31. //Unattended-Upgrade::AutoFixInterruptedDpkg "false";
  32. // Split the upgrade into the smallest possible chunks so that
  33. // they can be interrupted with SIGUSR1. This makes the upgrade
  34. // a bit slower but it has the benefit that shutdown while a upgrade
  35. // is running is possible (with a small delay)
  36. //Unattended-Upgrade::MinimalSteps "true";
  37. // Install all unattended-upgrades when the machine is shuting down
  38. // instead of doing it in the background while the machine is running
  39. // This will (obviously) make shutdown slower
  40. //Unattended-Upgrade::InstallOnShutdown "true";
  41. // Send email to this address for problems or packages upgrades
  42. // If empty or unset then no email is sent, make sure that you
  43. // have a working mail setup on your system. A package that provides
  44. // 'mailx' must be installed. E.g. "user@example.com"
  45. Unattended-Upgrade::Mail "root";
  46. // Set this value to "true" to get emails only on errors. Default
  47. // is to always send a mail if Unattended-Upgrade::Mail is set
  48. //Unattended-Upgrade::MailOnlyOnError "true";
  49. // Do automatic removal of new unused dependencies after the upgrade
  50. // (equivalent to apt-get autoremove)
  51. Unattended-Upgrade::Remove-Unused-Dependencies "false";
  52. // Automatically reboot *WITHOUT CONFIRMATION* if a
  53. // the file /var/run/reboot-required is found after the upgrade
  54. Unattended-Upgrade::Automatic-Reboot "false";
  55. // Use apt bandwidth limit feature, this example limits the download
  56. // speed to 70kb/sec
  57. //Acquire::http::Dl-Limit "70";
  58. // Force dpkg to keep any existing configuration file regardless of
  59. // what the package might bring
  60. DPkg::Options:: "--force-confold";