I wanted to update my hardy servers automatically, so I could spend a little less time each week working on my servers. I've searched through the ubuntu wiki/documentation and I think using the unattended-upgrade package is the nicest alternative.
I installed two packages:
CODE:
-
apt-get install unattended-upgrades update-notifier-common
And then edited two files:
/etc/apt/apt.conf.d/50unattended-upgrades
CODE:
-
// Automaticall upgrade packages from these (origin, archive) pairs
-
Unattended-Upgrade::Allowed-Origins {
-
"Ubuntu hardy-security";
-
"Ubuntu hardy-updates";
-
};
/etc/apt/apt.conf.d/10periodic
CODE:
-
APT::Periodic::Update-Package-Lists "1";
-
APT::Periodic::Download-Upgradeable-Packages "1";
-
APT::Periodic::AutocleanInterval "1";
-
APT::Periodic::Unattended-Upgrade "1";
Now every day the server gets upgraded via /etc/cron.daily/apt
7 comments ↓
Very helpful!
Everyone recommends not doing this, but I want the convenience.
Thank you.
I believe automatic updating is now even the default on Intrepid Ibex server.
How do you specify a time to check for updates?
Also will the server automatically reboot if it needs to?
The script that needs to be run is /etc/cron.daily/apt. You can move the file to /etc/cron.d and specifiy a time with the command crontab -e (as root) or you can edit “/etc/crontab” and adjust the time of the “daily” routine.
The server will not automatically reboot. You have to do that manually or wait for Canonical to come up with a solution.
I notice that 8.10 has an option in the alternate CD to “install security updatess automatically”.
How does that differ from unattended-upgrades? Is either one more flexible than the other?
Dave, they are one and the same.
@Dave: Nope. Canonical has simply provided a partial front-end to unattended-upgrades. The only allow you to install security updates automatically though, so if you want to have ordinary updates installed too, you’ll have to edit the file by hand.
Leave a Comment