Unattended upgrades on a Ubuntu Hardy server

June 9th, 2008 | Linux

I wanted to update my hardy servers automatically, so I could spend a little less time each week working on my servers. I've searched through the ubuntu wiki/documentation and I think using the unattended-upgrade package is the nicest alternative.

I installed two packages:

PLAIN TEXT
CODE:
  1. apt-get install unattended-upgrades update-notifier-common

And then edited two files:

/etc/apt/apt.conf.d/50unattended-upgrades

PLAIN TEXT
CODE:
  1. // Automaticall upgrade packages from these (origin, archive) pairs
  2. Unattended-Upgrade::Allowed-Origins {
  3. "Ubuntu hardy-security";
  4. "Ubuntu hardy-updates";
  5. };

/etc/apt/apt.conf.d/10periodic

PLAIN TEXT
CODE:
  1. APT::Periodic::Update-Package-Lists "1";
  2. APT::Periodic::Download-Upgradeable-Packages "1";
  3. APT::Periodic::AutocleanInterval "1";
  4. APT::Periodic::Unattended-Upgrade "1";

Now every day the server gets upgraded via /etc/cron.daily/apt

5 comments ↓

#1 Dave on 12.21.08 at 04:40

Very helpful!

Everyone recommends not doing this, but I want the convenience.

Thank you.

#2 LeonB on 12.21.08 at 14:48

I believe automatic updating is now even the default on Intrepid Ibex server.

#3 Mike on 02.07.09 at 10:15

How do you specify a time to check for updates?

Also will the server automatically reboot if it needs to?

#4 LeonB on 02.07.09 at 14:55

The script that needs to be run is /etc/cron.daily/apt. You can move the file to /etc/cron.d and specifiy a time with the command crontab -e (as root) or you can edit “/etc/crontab” and adjust the time of the “daily” routine.

The server will not automatically reboot. You have to do that manually or wait for Canonical to come up with a solution.

#5 Dave on 02.25.09 at 23:26

I notice that 8.10 has an option in the alternate CD to “install security updatess automatically”.

How does that differ from unattended-upgrades? Is either one more flexible than the other?

Leave a Comment