I am trying to set the Unattended-Upgrade::Allowed-Origins
so that it only is allowed for security updates. I would like to do this in a later config in the apt.conf.d
leaving the default 50unattended-upgrades
config as the default and just overriding.
In my 99-unattended-upgrades
I am setting the following:
// Only allow security origin
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
};
However, this seems to be merged with the existing config (rather than just nuking it completely) as when I do an apt-config dump
I can see the default settings in there.
I also tried setting it with the following:
Unattended-Upgrade::Allowed-Origins "${distro_id}:${distro_codename}-security";
Also did not work.
I could simply comment out the lines in 50unattended-updates
, but, I'd really like to leave the original files pristine if I can.
Best Answer
After a bit of digging in apt source code and then in apt-conf manual page it turns out that there is a way
So this would get you what you want:
https://manpages.debian.org/testing/apt/apt.conf.5.en.html