firstboot improvement - if secupdates are installed and reboot required, re-run confconsole on next login #1493
Description
I'm not clear on the best way of doing it, but I've just noticed that our current config doesn't quite work like I think it should when secupdates require a reboot.
Even though the service reboots, the confconsole starts anyway (but then it exited because the server reboots). But because it will only run once, it won't start again on first login.
Also somewhat related, the MOTD notes to run confconsole, but on AWSMP instances, ideally it should note that sudo is required...