Steve McIntyre <st...@einval.com> writes: > To solve the issue and provide security updates by default, I'm > proposing that we should switch to installing unattended-upgrades by > default (and enabling it too) *unless* something else in the > installation is already expected to deal with security updates.
Sounds like a good idea. At the minimum the image should ask (how?) the user if they want to enable automatic updates. I've seen many admins who don't even know about the unattended-upgrades package so we should be advertising it more. On my virtual machines I usually configure automatic updates and automatic reboot daily or weekly to ensure that I don't have any run-time configuration that would be break after e.g. a power outage. -Timo