Installing security updates should just happen. It should not require me to initiate anything, or bother me with questions. Just do it.
For that to happen, I had to change the default configuration of dpkg (I should file a whishlist bug on dpkg for this).
////// Contents of file /etc/apt/apt.conf.d/50automatic-security-installs // Do default handling of changed conffiles (should be keep user changes) // If default is set to do nothing, then keep user changes Dpkg::Options {"--force-confold";}; //////////////// end of /etc/apt/apt.conf.d/50automatic-security-installs
# update the packages register at 16:00 every day. 0 16 * * */2 LANG=C sudo apt-get update # automatically install any new security updates at 16:30 every day. 30 16 * * */2 LANG=C sudo apt-get -y dist-upgrade