Disable unattended upgrades which are enabled by default in 16.04 (see #73)

[tknerr]

That's my minimal attempt to fix #73

Have not tested it yet, but will trigger a packer build as soon as I have a stable internet connection

Btw: does this also run in some kind of internal CI build / test harness on your side? :)

[tknerr]

Tested with a local packer build. Box works, and issue in #73 is fixed by this

UPDATE: for some reason it did not work. The apt-daily.service and apt-daily.timer were still enabled once the box booted. Have to dig a bit deeper...

[tknerr]

Right after booting up the freshly built box:

vagrant@localhost:~$ systemctl status apt-daily.service
* apt-daily.service - Daily apt activities
   Loaded: loaded (/lib/systemd/system/apt-daily.service; static; vendor preset: enabled)
   Active: activating (start) since Tue 2016-07-12 07:02:08 UTC; 17s ago
     Docs: man:apt(8)
 Main PID: 599 (apt.systemd.dai)
    Tasks: 2 (limit: 512)
   CGroup: /system.slice/apt-daily.service
           |- 599 /bin/sh /usr/lib/apt/apt.systemd.daily
           `-2230 /usr/bin/python3 /usr/bin/unattended-upgrade

Jul 12 07:02:08 localhost systemd[1]: Starting Daily apt activities...

vagrant@localhost:~$ systemctl status apt-daily.timer
* apt-daily.timer - Daily apt activities
   Loaded: loaded (/lib/systemd/system/apt-daily.timer; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2016-07-12 07:02:08 UTC; 48s ago

Jul 12 07:02:08 localhost systemd[1]: apt-daily.timer: Adding 4h 40min 2.409903s random time.
Jul 12 07:02:08 localhost systemd[1]: Started Daily apt activities.

Looks like the disabled setting got somehow reverted back to vendor defaults during the packaging process :-/

[tknerr]

Instead of mangling with the apt-service units, it might be better to leave them enabled as per the vendor preset and rather adapt the apt config instead.

Currently periodic updates and unattended upgrades are enabled:

vagrant@localhost:~$ grep -R Periodic /etc/apt/apt.conf.d/
/etc/apt/apt.conf.d/10periodic:APT::Periodic::Update-Package-Lists "1";
/etc/apt/apt.conf.d/10periodic:APT::Periodic::Download-Upgradeable-Packages "0";
/etc/apt/apt.conf.d/10periodic:APT::Periodic::AutocleanInterval "0";
/etc/apt/apt.conf.d/20auto-upgrades:APT::Periodic::Update-Package-Lists "1";
/etc/apt/apt.conf.d/20auto-upgrades:APT::Periodic::Unattended-Upgrade "1";

[tknerr]

I was an idiot, and the Ubuntu 16.04 specific part in update.sh was actually never run. c507198 fixes this and effectively disables the unattended upgrades.

[tknerr]

While the current approach (with /etc/apt/apt.conf.d/51disable-unattended-upgrades) is working, I am considering to edit the existing config files (/etc/apt/apt.conf.d/10periodic and /etc/apt/apt.conf.d/20auto-upgrades) in place instead. This would not introduce an additional override config that is not present in stock ubuntu otherwise.

@annawake what do you think?

[annawake]

A better approach is to handle this in the preseed per chef/bento@51e33c5 - using this change instead and/or systemctl where appropriate

[xahare]

Glad you fixed it! could you release that fix to atlas?

[tknerr]

@annawake yes the chef/bento@51e33c5 approach looks better, but looks like it does not help for the desktop variant of the ubuntu box.

1. the problem occurred only with the desktop box
2. the desktop box had that preseed config already set as of 2.0.18: https://github.com/boxcutter/ubuntu/blob/2.0.18/http/preseed-desktop.cfg#L47