Wulf's Various Things

User Tools

Site Tools

Trace: Unattended Updates
linux:unattended-updates

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:unattended-updates [2018/07/23 12:28] Wulf Rajeklinux:unattended-updates [2023/06/05 14:05] (current) – [Initial installation and configuration] Wulf Rajek
Line 1: Line 1:
 ====== Unattended Updates ====== ====== Unattended Updates ======
 +
 +In order to install updates automatically, the unattended-upgrades package needs to be installed and configured. It can install only security updates or updates from any branch or repository that's desired. It can reboot automatically or not at all and it can exclude specific packages.
 +
 +===== Initial installation and configuration =====
  
 <code> <code>
Line 9: Line 13:
 #uncomment the desired origin. For only security updates, comment out everything else #uncomment the desired origin. For only security updates, comment out everything else
 Unattended-Upgrade::Origins-Pattern { Unattended-Upgrade::Origins-Pattern {
-      "o=Debian,n=stretch"; +      "o=Debian,n=bullseye"; 
-      "o=Debian,n=stretch-updates"; +      "o=Debian,n=bullseye-updates"; 
-      "o=Debian,n=stretch-proposed-updates"; +      "o=Debian,n=bullseye-proposed-updates"; 
-      "o=Debian,n=stretch,l=Debian-Security";+      "o=Debian,n=bullseye-security"; 
 +      "o=Debian,n=bullseye,l=Debian-Security"; 
 + 
 +//To enable ALL updates, use this:       
 +//      "site=*";
 }; };
  
Line 28: Line 36:
 #Don't force updates #Don't force updates
 Unattended-Upgrade::AutoFixInterruptedDpkg "false"; Unattended-Upgrade::AutoFixInterruptedDpkg "false";
- 
  
 #set mail to whoever should receive it and make sure bsd-mailx or sendmail  #set mail to whoever should receive it and make sure bsd-mailx or sendmail 
Line 36: Line 43:
 #configure reboot if desired. #configure reboot if desired.
 Unattended-Upgrade::Automatic-Reboot "false"; Unattended-Upgrade::Automatic-Reboot "false";
- 
 </code> </code>
  
Line 52: Line 58:
 <code> <code>
 vi /etc/cron.d/unattended-upgrade  vi /etc/cron.d/unattended-upgrade 
-0 */4 * * * root sleep $(( $RANDOM \% 14400 ));PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin unattended-upgrade+0 */4 * * * root sleep $(( 1$(date +\%N) \% 14400 ));PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin unattended-upgrade
 </code> </code>
  
 +Test the configuration using:
 +<code>sudo unattended-upgrades --dry-run
 +
 +tail /var/log/unattended-upgrades/unattended-upgrades.log
 +</code>
 +
 +===== Additional Repositories =====
  
 To include additional repositories, the origin and suite (archive) names need to be identified first: To include additional repositories, the origin and suite (archive) names need to be identified first:
Line 80: Line 93:
 </code> </code>
  
-Test the configuration using: 
-<code>sudo unattended-upgrades --dry-run 
  
-tail /var/log/unattended-upgrades/unattended-upgrades.log+ 
 +===== Notify required reboot on login ===== 
 +<code> 
 +vi /root/.profile 
 +</code> 
 +add after the .bashrc call, but before the mesg line: 
 +<code> 
 +-/var/run/reboot-required ] && echo -e "\n*** System restart required ***\n"
 </code> </code>
  
-To allow unattended upgrades for all packagesuse:+===== Running on battery ===== 
 + 
 +For unattended-upgrades to skip upgrades when the system is running on batterythe following package needs to be installed:
 <code> <code>
-Unattended-Upgrade::Origins-Pattern { +apt-get install powermgmt-base
-        "site=*"; +
-};+
 </code> </code>
  
linux/unattended-updates.1532345333.txt.gz · Last modified: (external edit)