We have the unattended-upgrades package upgrading our servers with security upgrades every Monday and it works great. Today though, it upgraded all of our servers with a new version of PHP5. Because we have moved the default PHP5-FPM configuration file, apt complains that the file has been moved, and what would we like to do (Install new version, keep old version, show differences, start shell) about it. Since unattended-upgrades didn't know how to deal with this, it just aborted and we were left with dozens of machines down until PHP5-FPM was restarted by monitoring.
So the question is – How can we make sure unattended-upgrades can handle this situation when it happens next time? We'd like to keep our currently installed version always. I tried googling but came up empty.
Best Answer
I also want to keep original config files while doing automatic updates. You can add the following to /etc/apt/apt.conf.d/50unattended-upgrades
See here for a good explanation of the options: http://raphaelhertzog.com/2010/09/21/debian-conffile-configuration-file-managed-by-dpkg/