Change unattended-upgrades from Depends to Recommends on ubuntu-server-minimal

Steve Langasek steve.langasek at ubuntu.com
Tue Dec 14 17:43:55 UTC 2021 

Hi Matthew,

On Tue, Dec 14, 2021 at 03:28:32PM +1300, Matthew Ruffell wrote:

> I was testing Jammy and happened to notice that unattended-upgrades
> Depends on ubuntu-server-minimal, and when removing unattended-upgrades,
> ubuntu-server-minimal is removed along with it:

> $ sudo apt remove unattended-upgrades
> ...
> The following packages will be REMOVED:
>   ubuntu-server-minimal unattended-upgrades
> 0 upgraded, 0 newly installed, 2 to remove and 0 not upgraded.
> 
> $ sudo apt rdepends unattended-upgrades
> unattended-upgrades
> Reverse Depends:
>   Recommends: python3-software-properties
>   Recommends: ubuntu-mate-desktop
>   Recommends: ubuntu-mate-core
>   Depends: freedombox
>   Recommends: fbx-all
>   Depends: ubuntu-server-minimal

> Should unattended-upgrades be changed from Depends to Recommends for
> ubuntu-server-minimal?

> It is very common for our larger users to remove unattended-upgrades so
> they can manage their systems patching manually.

It's not necessary to remove the unattended-upgrades package in order to
achieve this.  unattended-upgrades is configurable, and it's sufficient to
set 'APT::Periodic::Unattended-Upgrade "0";' in
/etc/apt/apt.conf.d/20auto-upgrades (or, in a separate file that sorts
lexically after, if that works better for the user's configuration
management system) to disable unattended-upgrades at runtime.

Therefore I do not think we should relax the dependency for this use case.

> I filed a bug against ubuntu-meta:
> 
> https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1954724
> 
> I was in the process of making a debdiff, and I happened to notice that
> unattended-upgrades is only in the server-minimal-$ARCH files only:
> 
> $ grep -Rin "unattended-upgrades" .
> ./server-minimal-armhf:23:unattended-upgrades
> ./server-minimal-riscv64:23:unattended-upgrades
> ./server-minimal-arm64:23:unattended-upgrades
> ./server-minimal-ppc64el:23:unattended-upgrades
> ./server-minimal-s390x:24:unattended-upgrades
> ./server-minimal-amd64:23:unattended-upgrades
> 
> When I also ran the ./update script in ubuntu-meta, it automatically repopulated
> server-minimal-$ARCH with unattended-upgrades again, so it seems I am missing
> something to do with dependency magic in the archive.

The dependencies from ubuntu-meta are generated from the seeds:

  git+ssh://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu

Cheers,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                   https://www.debian.org/
slangasek at ubuntu.com                                     vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20211214/3115c034/attachment.sig>

More information about the ubuntu-devel mailing list