Debian Eyes Automatic Updates For New Installations
Debian developer Antoine Beaupré has written a lengthy blog post about their recent considerations for enabling automated upgrades. Spawning from the recent Debian Cloud sprint is the idea of enabling automated upgrades in order to provide a "secure" by default experience. This experience can be enabled right now if installing the unattended-upgrades package on Debian-based systems.
It's not clear yet if this proposal will go through given concerns about upgrades restarting important services like MySQL without notice, how/when to do automated kernel upgrades, whether Debian should pursue live-patching of kernels, and more.
Near the end of his blog post, Antoine wrote, "It appears that Debian will enable unattended-upgrades on the images built for the cloud by default. For regular installs, the consensus that has emerged points at the Debian installer prompting users to ask if they want to disable the feature as well. One reason why this was not enabled before is that unattended-upgrades had serious bugs in the past that made it less attractive. For example, it would simply fail to follow security updates, a major bug that was fortunately promptly fixed by the maintainer. In any case, it is important to distribute security and major upgrades on Debian machines in a timely manner."