New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update docs to include instructions for unattended-upgrades under Ubuntu Focal #146
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM based on visual review. I left one small comment but it's not a showstopper. Thanks @emkll :)
(Making a mental note: reviewing this PR made me re-read the "Partitioning the disks" section of the install docs, and maybe we should simplify that section just to say "don't enable FDE." The way we currently word it, introduce FDE, and then strongly recommend not to use it is a bit confusing. If others agree, I'll open an issue. However, I think that's out of scope for this PR).
docs/admin.rst
Outdated
and you are using SSH-over-Tor), your SSH connection may be interrupted, and you | ||
SecureDrop will update and reboot once per day. However, once a SecureDrop | ||
update `is announced`_ , you can opt to fetch the update immediately. Depending | ||
on the nature of the update (e.g., if the ``tor`` package is upgraded and you are |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Nit) for clarity's sake, I would move the "Depending on the nature of the update, ..." sentence to the very end of these instructions (current line 451), optionally in a note
. But I don't think it's worth doing unless other people request other changes as well.
Starting with Ubuntu 20.04, we plan on using unattended-upgrades instead of cron-apt.
7afb939
to
fba36b5
Compare
freedomofpress/securedrop#5684 has been merged, rebased on latest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Did not test on a Focal instance but matches documented behavior of the unattended-upgrades
tool. Made two small tweaks - lower-cased the version IDs as in the os-release
file, and moved the note per Ro's comment.
Status
Ready for review
Description of Changes
Testing
Instructions are logical and manual upgrade logic works in both Xenial (cron-apt) and Focal (unattended-upgrades)
Release
Checklist (Optional)
make docs-lint
) passed locallymake docs-linkcheck
) passedmake docs
) docs at http://localhost:8000