Running Unattended/Automatic Security Updates on Ubuntu 12.04 LTS Precise Pangolin

So a while back I wrote about – Running Unattended/Automatic Security Updates on Ubuntu 10.04 LTS Lucid, which was great and all.

But now Ubuntu 12.04 LTS is out, so I’m running all new installs on that (woohoo new 9.x versions of PostgreSQL, php-fpm in PHP core etc) and the previous update method I was using seems like it’s not totally reliable on all configs – and it’s a bit long winded = more opportunities to screw it up.

Anyway, I figured out a new way using a Ubuntu package instead of using a script and cron (which seems more sane to me).

This method seems to work 100% of the time, and when you log in via SSH to a 12.04 machine it gives you a nice update, which let’s me know it’s working at expected, e.g:

Ubuntu 12.04 Precise Pangolin Console

It should always say xx package(s) can be updated, but it should ALWAYS say “0 updates are security updates.” – if it’s working as expected (which so far it has been).

Anyway onto the install, it’s pretty simple – the first step is to install the required package:

sudo aptitude install unattended-upgrades

After the package is installed, all we need to do is configure it so:

sudo nano /etc/apt/apt.conf.d/10periodic

Delete everything inside and replace it with this:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

That’s it, you’re done!

By default it only upgrades security packages, but you can adjust it to upgrade everything available if you want and even block certain packages from being upgraded, you can do so here:

/etc/apt/apt.conf.d/50unattended-upgrades

Have fun, and be secure 😀

Comments

comments

Subscribe

You can subscribe via e-mail to get my posts in your Inbox, or stalk me on numerous other platforms.

, , , , , , , , ,


Comments are closed.
 
Keep up with me on Social Media by following me below - Thanks so much!