This issue affects me directly. I have been using 16.04.x for about 1.5 years and for most of that time updates (security and otherwise) have been carried out just as I have directed. However, not long ago I discovered that updates were being carried out in the background with disregard for the options I have chosen. Unattended Updates has been enabled and working in the background. I had never heard of it and could not find an interface to affect it.
I discovered it a few weeks ago when firefox 55.0.2 was pushed out. Some one hadn't done enough beta testing and introduced a pretty severe bug to a very large community of users. I quickly rolled it back only to find it reinstalled the next day. And, again the next. Some one decided that FF needed to be updated every day, without permission and without notification. After some investigation I found that some in the Ubuntu community have openly supported this policy in order to "better serve" the community. Apparently, the sentiment is that the average user can not be trusted to keep their own computer updated and thereby exposing the community to risk. It is for the good of the community as a whole. The FF issue is a perfect example of a continuous distributed denial of service imposed by policy. The people who turned "on" the unattended upgrade policy are not listening to the feedback. As of today, FF 55.0.2 is still severely broken (on my platform) and is still being pushed out on any automatic or manual update unless unattended upgrades are disabled completely or FF eliminated from apt upgrades manually. Conclusion: I did not turn this tool on. In fact, I had selected to turn everything automatic "OFF". No one asked me for permission. No one notified me that a policy had been chosen for me that over rides MY CHOICE - did I say that loud enough?. I installed 16.10.x on a new laptop a month ago and I see that unattended updates is installed and active - overriding my choices by default. In Software and Updates, I have all automatics turned off and yet every night that system downloads and updates my computer. Who the hell are you people? Yes, of course there is a way to turn it off - before some one tries to tell me "all you have to do is...." That is not the issue! You turned it on! I sincerely urge you to back off your holly-er than thou point of view and honer end user choices. NO more secret policy changes! And, no more unintended consequences resulting from those policies. Should we not be able to trust you? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unattended-upgrades in Ubuntu. https://bugs.launchpad.net/bugs/1700930 Title: Default action policy for "Security Updates" changed between 14.04 and 16.04 Status in unattended-upgrades package in Ubuntu: Confirmed Bug description: In Ubuntu 14.04.5, the default policy under the "Updates" tab for "Security Updates" is set to "Display Immediately". In Ubuntu 16.04+, the default policy is now "Download and Install Immediately". I think this occurred due to the fix rolled out for bug #1554099. This has the following consequences: - Users may be denied apt lock when trying to install software because unattended-upgrades is running in the background. - If a shutdown is forced when the background update is running, users may be left with an unstable system - In case the update server is compromised and made to deliver malware, the blow to the userbase will be massive - From a PR standpoint, this moves away from the previous "your system won't ever do stuff without your permission" default policy. I'm of the opinion that the "Display Immediately" default should be rolled back. Failing that at least an official policy change announcement should be published so that users are made aware of this new default. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1700930/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
