I have two ppa added to my Ubuntu 16.04 installation and would like to freeze the current release that I have thoroughly tested.
add-apt-repository ppa:certbot/certbot
add-apt-repository ppa:freeradius/stable-3.0
Is there any way to freeze the current version, so that future unattended upgrades don't get the latest which may break the production system?
This is how I have setup my unattended upgrades.
sed -r \
-e 's|^//Unattended-Upgrade::MinimalSteps "true";$|Unattended-Upgrade::MinimalSteps "true";|' \
-e 's|^//Unattended-Upgrade::Mail "root";$|Unattended-Upgrade::Mail "root";|' \
-e 's|^//Unattended-Upgrade::Automatic-Reboot "false";$|Unattended-Upgrade::Automatic-Reboot "true";|' \
-e 's|^//Unattended-Upgrade::Remove-Unused-Dependencies "false";|Unattended-Upgrade::Remove-Unused-Dependencies "true";|' \
-e 's|^//Unattended-Upgrade::Automatic-Reboot-Time "02:00";$|Unattended-Upgrade::Automatic-Reboot-Time "03:00";|' \
-i /etc/apt/apt.conf.d/50unattended-upgrades
echo 'APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
' > /etc/apt/apt.conf.d/10periodic
service unattended-upgrades restart
Ideally, I could test this first on a test system, and when I'm sure that it all works, I could unfreeze the ppa on production to upgrade to the latest and then freeze it again.
Is this possible?
