How To Automatically Install Security Updates In Ubuntu
Having a system to date is all well and good, but for the lazy, you can automate the process of installing security updates on our Ubuntu. This article will show you a simple tutorial that teaches you how to configure the system to install security updates automatically. But remember that it is always recommended to have supervision from the user before installing something, at least you’re sure of what you are doing and what’s going to be updated!
The first thing to do is open the terminal and type:
sudo apt-get install unattended-upgrades
Now you must create the file / etc/apt/apt.conf.d/10periodic:
sudo gedit / etc/apt/apt.conf.d/10periodic
and paste into the following code:
APT::Periodic::Enable "1";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "5";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::RandomSleep "1800";
Now create the file / etc/apt/apt.conf.d/50unattended-upgrades:
sudo gedit / etc/apt/apt.conf.d/50unattended-upgrades
with the following contents inside:
// Automatically upgrade packages from these (origin, archive) pairs
Unattended-Upgrade::Allowed-Origins {
// ${distro_id} and ${distro_codename} will be automatically expanded
"${distro_id} stable";
"${distro_id} ${distro_codename}-security";
"${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed-updates";
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working email setup on your system. The package 'mailx'
// must be installed or anything that provides /usr/bin/mail.
//Unattended-Upgrade::Mail "root@localhost";
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";
The last step is to feed a file to cron to run updates. Open the terminal and type:
sudo gedit / etc / cron.weekly / apt-security-updates
and paste inside the following code:
echo "**************" >> /var/log/apt-security-updates
date >> /var/log/apt-security-updates
aptitude update >> /var/log/apt-security-updates
aptitude safe-upgrade -o Aptitude::Delete-Unused=false --assume-yes --target-release 'lsb_release -cs'-security >> /var/log/apt-security-updates
echo "Security updates (if any) installed"
Make all executable by typing:
sudo chmod +x /etc/cron.weekly/apt-security-updates
And that’s it! From this moment on security updates are automatically installed without the need of your clicks, or your “hand”:)
Incoming search terms:
- apt::periodic::randomsleep
- 10periodic ubuntu
- apt 10periodic
- sudo apt unattended-upgrade
- ubuntu automatically install security packages
- ubuntu howto security update
- ubuntu unattended upgrades autostart
- /etc/apt/apt conf d/ periodic
- ubuntu unattended-upgrades 10periodic
- ubuntu unattended-upgrades autostart
