What mechanism does Ubuntu have to silently install software

Ubuntu is designed for new and unskilled users who want a complete, feature-rich environment with sane defaults and automatic security updates.

As a Gentoo user, you’re not that target user: You are skilled and experienced. For you, it might be a matter of cultural difference and minor technical differences. Let’s not assume that minor technical differences equal nefarious intent.

In your particular case, you chose a minority path (Firefox Deb), and were surprised by a majority convenience (migrated to Firefox Snap). Surprise is understandable, but not nefarious. It’s a change that is easily (and permanently) reverted by the minority of users who wish to stick to the deb.

You got a result from a complex system that differed from your expectation. That’s not secret-cabal stuff. That’s just what happens occasionally in any complex system.

Are there more mechanisms in Ubuntu that could lead to silently (that is, without me explicity agreeing to it) changing my software- or configuration-setup.

Sure. Lots of them.

Any apt install, removal, source change, or upgrade has that potential. If you use other packaging methods or manual installs, those might offer surprises too.

However, such configuration changes are considered rude and outside Debian guidelines, and thus bugs when they are caused by a deb….

…except, of course, for the pain point you encountered. When Mozilla migrated from Deb to Snap, the choices were to help millions of users migrate, or to leave users to figure it out on their own. Ubuntu developers, after much public discussion, chose the former in keeping with the philosophy of safe-and-sane defaults, and it was very successful. Most users migrated from an Ubuntu-supported deb-provided safe-and-secure browser to a Mozilla-supported snap-provided safe-and-secure browser without a hiccup. Sorry that current left you unexpectedly on a shoal.

I suspect unattended-upgrades is explained in some handbook somewhere, so I should probably have read the Ubuntu manual, but wouldn’t it be desirable to obtain the users consent to automatic updates during the installation?

There’s very little to explain.

There’s nothing special about Unattended Upgrades. It simply runs apt in pretty much the same way that you would apt-update/apt-upgrade manually…but with a few sane defaults baked in as guardrails. (Example: The default setting includes only the -security repo. Not -updates, not -backports).

It’s active by default because that’s what the vast majority of users want: Automatic security updates that they don’t need to review, they don’t need to configure, they don’t need to tweak or faddle with.

You don’t want it? Great. You discovered that it can be turned off or removed. Now Ubuntu won’t automatically download and install security updates anymore.

It doesn’t matter whether a deb package upgrade is triggered manually (apt update/apt upgrade) or by Unattended Upgrades or by any other package manager frontend. The outcome will be identical in each case…with the limited exception that Unattended Upgrades, with fewer sources, will tell apt to upgrade fewer packages.

• You mentioned metered connections. If you mark a connection in Network Manager as "metered", unattended upgrades won’t use it. Nor will Snap refreshes. Both will wait until an unmetered connection becomes available.