Short answer: both /etc/cron.daily/apt and /etc/cron.daily/aptitude are probably safe to leave enabled, and not causing you any unexpected upgrades.
Long answer:
/etc/cron.daily/aptitude on a default Hardy install just maintains a backup of your package state files in /var/backup as files named aptitude.pkgstates.0 through aptitude.pkgstates.6 (with files 1-6 being gzipped).
/etc/cron.daily/apt is more complex, and can do a variety of things based on your apt configuration settings, which are maintained in /etc/apt/apt.conf and the various include files under /etc/apt/apt.conf.d/
If you wonder if the daily apt script is performing unattended upgrades, check the output of this apt-config command. The following is default, and indicates that unattended upgrades are NOT being performed:
$ apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade
UnattendedUpgradeInterval='0'
For more information on the "unattended upgrade" process (which i would NOT recommend for a production system), see /usr/share/doc/unattended-upgrades/README -- if that file is not present, you probably don't have the package "unattended-upgrades" installed.
The daily apt script at /etc/cron.daily/apt is well commented, and by default it runs an "apt-get update" every day. This simply keeps the cache of available package files current. It does not install or remove packages.
You CAN configure it to download updated package files which you can then manually install later, and you can configure it to clean up the downloaded package files (which are not needed after being installed).
All of this behavior is configured via the configuration settings stored in /etc/apt/apt.conf.d/10periodic -- these settings default to:
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "0";
APT::Periodic::Unattended-Upgrade "0";
I'd recommend verifying those settings and reading through the scripts that are in place in /etc/cron.daily, but you probably do not currently have anything performing unattended and unexpected upgrades.
Aptitude can help you when you initially install the package:
aptitude install "zlib1g-dev&M"
Or, after your have installed the package:
aptitude markauto "zlib1g"
Edit: If you do not have aptitude, you can use
apt-mark auto zlib1g-dev
Best Answer
This answer is based on reading the following files:
which are part of packages (including
unattended-upgrades
andupdate-notifier-common
) included in the standard Ubuntu installation. There are other tools available from the distribution that could achieve the same ends, such asapticron
andcron-apt
.In the file
/etc/apt/apt.conf.d/10periodic
, add a lineThis configures Apt's periodic scripts to run an unattended upgrade every day. For a longer interval, increase the
1
to a larger number. A0
for this variable would mean 'disabled'.In tandem with this, the
autoclean
line should be enabled by replacing a0
there:By default, Ubuntu 8.04 only configures automatic unattended upgrades from the
hardy-security
archive. This will cover you against security vulnerabilities, but not for general bug-fix releases. For that, you need to enable thehardy-updates
archive in/etc/apt/apt.conf.d/50unattended-upgrades
:Ubuntu's spec for this feature appears on a wiki page. Note that Debian systems seem to have the same exact infrastructure, apparently from this feature migrating upstream.