Browse Source
Add conditional checking on ubuntu kernel unattended_upgrades disabling (#11479)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
pull/11486/head
Lihai Tu
2 months ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with
10 additions and
1 deletions
-
roles/bootstrap-os/tasks/debian.yml
|
|
|
@ -63,9 +63,17 @@ |
|
|
|
- '"value from" in bootstrap_update_apt_result.stdout' |
|
|
|
ignore_errors: true |
|
|
|
|
|
|
|
- name: Check unattended-upgrades file exist |
|
|
|
stat: |
|
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades |
|
|
|
register: unattended_upgrades_file_stat |
|
|
|
when: |
|
|
|
- os_release_dict['ID'] == 'ubuntu' |
|
|
|
- ubuntu_kernel_unattended_upgrades_disabled |
|
|
|
|
|
|
|
- name: Disable kernel unattended-upgrades |
|
|
|
lineinfile: |
|
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades |
|
|
|
path: "{{ unattended_upgrades_file_stat.stat.path }}" |
|
|
|
insertafter: "Unattended-Upgrade::Package-Blacklist" |
|
|
|
line: '"linux-";' |
|
|
|
state: present |
|
|
|
@ -73,3 +81,4 @@ |
|
|
|
when: |
|
|
|
- os_release_dict['ID'] == 'ubuntu' |
|
|
|
- ubuntu_kernel_unattended_upgrades_disabled |
|
|
|
- unattended_upgrades_file_stat.stat.exists |
