Hello
Is there any way to target only primary OS related packages ?
apt:
name: “*”
state: latest
At times 3rd Party packages are added to /etc/apt/sources.list
So what is best way to just patch the OS & not the app…
Any suggestions to handle this on scale …
Thanks
I am thinking like below
cat /etc/apt/sources.list |grep -v “#”
deb http://us.archive.ubuntu.com/ubuntu/ bionic main restricted
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
deb http://us.archive.ubuntu.com/ubuntu/ bionic universe
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates universe
deb http://us.archive.ubuntu.com/ubuntu/ bionic multiverse
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates multiverse
deb http://us.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse
Hello,
If you are trying to avoid certain known packages to be upgraded, you could try to pin them:
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/dpkg_selections_module.html
Nuno Jordão