Lucid screwed some users after upgrade/unsolicited update

[Alvin]

On Wednesday 02 June 2010 22:37:34 Steve Morris wrote:
> I used the alternate cd to upgrade from Karmic to Lucid and yesterday
> morning kpackagekit did a package update without telling me it was doing
> it, even though on Karmic I had explicitly disabled this. A second of
> the 5 users defined to my system tried to logon yesterday and had all
> sorts of problems.
> First they were required to change their password, even though in Karmic
> password changing was disabled, why?
> Secondly, for the user who tried to logon her home directory ownership
> had been changed to root, plus her's and 2 other users uid had been
> changed or ownership had been stuffed such that, her home directory
> contents were owned by a second user, the second users home directory
> and contents were owned by a third user and, the third users home
> directory and contents were owned by the first user. The environment for
> the other 2 users was unchanged. What is happening here and why?
> Also, I suspect this was caused by yesterday mornings unsolicited
> update, Konsole will now no longer run complaining of an issue with
> /bin/bash. What caused this and how do I remedy this (I assume its a
> case of uninstalling/reinstalling its package, but which one)?
> The other question this raises is, how do I prevent this from happening
> again in the future?

I have no idea about what happened to you. Did you find something out in the 
meantime?

Aside from security updates, when unattended-upgrades is installed, there 
should be no automatic updates.
I'm using aptitude instead of kpackagekit, but kpackagekit is installed and I 
have never known it to do anything without permission.