Geek Rewind

How to Enable Automatic Updates in Ubuntu

Richard

·

This tutorial highlights the process of enabling automatic updates on Ubuntu servers for security reasons. It recommends installing the Ubuntu Auto Upgrade Package using specific commands. After installation, users are directed to adjust settings in the 50unattended-upgrades file, manage unwanted packages, and further configure parameters. Completion of the process results in Ubuntu installing updates automatically.

This brief tutorial shows students and new users how to enable automatic updates in Ubuntu.

Setting up a Ubuntu server to update automatically sounds good. The question is, how does one accomplish it?

To keep your data and server secure, it’s recommended that you routinely update your servers. Ubuntu is no different. You leave your servers open to hackers and intruders without installing security patches or software updates.

If you don’t install these updates, your system may be vulnerable to hackers and intruders. Manually updating your Ubuntu server can be time-consuming and tedious.

Therefore, enabling automatic updates ensures that your system stays up-to-date with the latest security patches and software updates without you having to worry about it.

Install the Ubuntu Auto Upgrade Package

You must install its upgrade/update package to configure Ubuntu to update automatically. To do that, run the commands below.

sudo apt-get update
sudo apt-get install unattended-upgrades

Configure Ubuntu to automatically update

After installing the package above, please navigate to the file below and open it with your favorite editor.

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Then, look for the lines below and adjust them according to your needs. Uncomment (//) lines from which you want to update packages automatically.

// Automatically upgrade packages from these (origin:archive) pairs
//
// Note that in Ubuntu security updates may pull in new dependencies
// from non-security sources (e.g. chromium). By allowing the release
// pocket these get automatically pulled in.
Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        // Extended Security Maintenance; doesn't necessarily exist for
        // every release and this system may not have it installed, but if
        // available, the policy for updates is such that unattended-upgrades
        // should also install from here by default.
        "${distro_id}ESMApps:${distro_codename}-apps-security";
        "${distro_id}ESM:${distro_codename}-infra-security";
//      "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};

Save the file and exit.

Disable specific package updates

If you wish to block other packages from updating automatically, you can configure the section in the file that looks like the one below.

Uncomment (//) lines of files you do not want to update. Add additional package to the list to avoid updating automatically.

// Python regular expressions, matching packages to exclude from upgrading
Unattended-Upgrade::Package-Blacklist {
    // The following matches all packages starting with linux-
//  "linux-";

    // Use $ to explicitely define the end of a package name. Without
    // the $, "libc6" would match all of them.
//  "libc6$";
//  "libc6-dev$";
//  "libc6-i686$";

    // Special characters need escaping
//  "libstdc\+\+6$";

    // The following matches packages like xen-system-amd64, xen-utils-4.1,
    // xenstore-utils and libxenstore3.0
//  "(lib)?xen(store)?";

    // For more information about Python regular expressions, see
    // https://docs.python.org/3/howto/regex.html
};

You can configure other parameters, like automatically rebooting the server after installing. Remove the double slashes // on each line to enable a particular setting.

Save the file when you’re done.

Next, navigate to the file below and open it with your favorite editor.

sudo nano /etc/apt/apt.conf.d/10periodic

Then, edit the lines as shown below. Change the value from 1 to 0 to disable automatic updates. To enable, change the value to 1.

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "0";

Save the file, and you’re done.

That should do it!

Conclusion

In summary, enabling automatic updates on your Ubuntu server is a straightforward process that enhances the security and stability of your system. Here are the key points to remember:

  • Importance of Updates: Regular updates protect your server from vulnerabilities and threats.
  • Ease of Configuration: The installation of the unattended-upgrades package allows for simple configuration.
  • Customizable Settings: You can tailor which updates and packages can upgrade automatically based on your needs.
  • Scheduled Maintenance: Set your server to check for updates regularly without manual intervention.
  • Peace of Mind: With automatic updates enabled, you can focus on other tasks, knowing your server is secure.

Implementing these steps will help ensure your Ubuntu server remains up-to-date and protected.

Richard Avatar
Richard
Richard, the owner and lead writer at Geek Rewind, is a tech enthusiast passionate about simplifying complex IT topics. His years of hands-on experience in system administration and enterprise IT operations have honed his ability to provide practical insights and solutions. Richard aims to make technology more accessible and actionable. He’s deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions. He enjoys watching football, cheering for the Minnesota Vikings, and spending time with his family when he’s not writing or managing Geek Rewind.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


Exit mobile version