Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I had to drop ubuntu because of their stance of having unattended upgrades enabled by default, this in turns translates to ansible failing every time when I first run it on a brand new server, because the first thing it does is installing updates.

It's really bad from an automation perspective



It's frustrating that the unattended upgrades apply to every package, but luckily you can blacklist things that cause problems. I've had problems with NVidia tools being upgraded before the driver is (since I rarely restart), and don't like upgrades that require restarts, so I do this first thing:

  sudoedit /etc/apt/apt.conf.d/50unattended-upgrades
In Unattended-Upgrade::Package-Blacklist, add

    "linux-";
    "nvidia-";
    "libnvidia-";
    "xserver-";
When I do a planned restart, I run apt dist-upgrade just before it to do the updates.


That's fine on a desktop machine, the problem on a server machine is that as soon as I start the server, I will probably be in automation mode and I definitely need to run `apt` for some reason. But APT is unavailable, so everything is blocked until unattended upgrades are done. So much for being "unattended", I have to attend to start the next script.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: