Wulf's Various Things

User Tools

Site Tools

Trace: Unattended Updates
linux:unattended-updates

This is an old revision of the document!

Unattended Updates

apt-get install unattended-upgrades
vi /etc/apt/apt.conf.d/50unattended-upgrades
#uncomment the desired origin. For only security updates, comment out everything else
#blacklist packages as required (mysql-server,mysql-client,apache,php etc)
#set mail to whoever should receive it and make sure bsd-mailx or sendmail is installed and able to send mails
#configure reboot

to enable the automatic updates: 

vi /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "3";
APT::Periodic::Unattended-Upgrade "1";

To increase the frequency from daily to every 4 hours, this can be entered into cron.d. This will override the time period configured in /etc/apt/apt.conf.d (note, in Ubuntu systems the timer daily cron timer is triggered via the systemd apt-daily.timer: 

vi /etc/cron.d/unattended-upgrade 
0 */4 * * * root sleep $(( $RANDOM % 14400 ));PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin unattended-upgrade

To include additional repositories, the origin and suite (archive) names need to be identified first: 

grep "Origin:" /var/lib/apt/lists/*Release
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-backports_InRelease:Origin: Ubuntu
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic_InRelease:Origin: Ubuntu
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-updates_InRelease:Origin: Ubuntu
/var/lib/apt/lists/ppa.launchpad.net_team-xbmc_xbmc-nightly_ubuntu_dists_bionic_InRelease:Origin: LP-PPA-team-xbmc-xbmc-nightly
/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_InRelease:Origin: Ubuntu

grep "Suite:" /var/lib/apt/lists/*Release
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-backports_InRelease:Suite: bionic-backports
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic_InRelease:Suite: bionic
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-updates_InRelease:Suite: bionic-updates
/var/lib/apt/lists/ppa.launchpad.net_team-xbmc_xbmc-nightly_ubuntu_dists_bionic_InRelease:Suite: bionic
/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_InRelease:Suite: bionic-security

These details are needed to edit the 50unattended-upgrades file and add the lines using this format “<origin>:<archive>”; of for this examples sake “Google\, Inc.:stable”;.
Example for Kodi on ubuntu: 

        //Kodi Nightly
        "LP-PPA-team-xbmc-xbmc-nightly:${distro_codename}";

Test the configuration using: 

sudo unattended-upgrades --dry-run

tail /var/log/unattended-upgrades/unattended-upgrades.log

To allow unattended upgrades for all packages, use: 

Unattended-Upgrade::Origins-Pattern {
        "site=*";
};
linux/unattended-updates.1532270854.txt.gz · Last modified: (external edit)