On Tue, Feb 07, 2017 at 06:21:30PM -0500, Chris Laprise wrote: > On 02/06/2017 09:25 PM, Unman wrote: > >On Mon, Feb 06, 2017 at 01:19:00PM +0000, Patrick Schleizer wrote: > >>The unattended-upgrades was not installed on my Debian jessie system. > >>After upgrading to Debian stretch, the package unattended-upgrades got > >>installed. 'reverse-depends unattended-upgrades' [1] did not make me any > >>wiser. There must be a gap of my apt knowledge. Can anyone shed light on > >>this please? > >> > >>Best regards, > >>Patrick > >> > >>[1] > >>Reverse-Recommends > >>================== > >>* education-common > >>* python3-software-properties > >> > >>Reverse-Depends > >>=============== > >>* parl-desktop > >>* plinth > >> > >>Packages without architectures listed are reverse-dependencies in: > >>amd64, arm64, armel, armhf, hurd-i386, i386, kfreebsd-amd64, > >>kfreebsd-i386, mips, mips64el, mipsel, powerpc, ppc64el, s390x > >> > >I remember a thread last year saying that unattended-upgrades should be > >installed by default, and enabled. I guess that is what you're seeing > >here Patrick. > >This was on debian-devel - I thought it related to d-i but it may be > >brought in as default package on dist-upgrade. > > > >have a look here: > >https://lists.debian.org/debian-devel/2016/11/msg00262.html > > > > Unfortunately it clashes with template usage patterns... and probably not > great for template-based VMs either. > > Automatic updates would be better initiated from dom0, since the templates > don't run on a regular basis and there are VM maintenance issues as well. > > Chris
See my later email on this - it's a package that users have chosen to install, because it's pulled in as a recommend. It's not currently installed and enabled by default in Stretch. I'm not sure if it does clash with Template usage - if you can start the Template and have it automatically pull in security fixes that may become part of standard usage. What's certainly true is that it would be disastrous in a TemplateBasedVM, (and pointless). But that's a generic problem with any Debian based system now, that many services start automatically once installed. We don't have a sensible way of controlling this in Qubes at the moment, although there is a long standing issue on this. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170209024505.GB29750%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
