How can I check if automatic updates are enabled?
There is a package that can be used to do this for you.
sudo apt-get install unattended-upgrades
or if unattended-upgrades already installed. Or you can checkout the Ubuntu docs
sudo dpkg-reconfigure -plow unattended-upgrades
That is the package you need to install. Once its installed edit the files
/etc/apt/apt.conf.d/10periodic
/etc/apt/apt.conf.d/20auto-upgrades
In that file you can set how often you want the server to update.
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
The file should look like that. The 1 means it will update every day. 7 is weekly.
/etc/apt/apt.conf.d/50unattended-upgrades
This files will let you chose what updates you want to make by choosing where apt can search for new updates and upgrades. ( My personal opinion on this is I would set it to security if this is a server )
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
// "${distro_id}:${distro_codename}-updates";
};
The variables ${distro_id}
and ${distro_codename}
are expanded automatically. I would comment out the updates entry and just leave security.
Check the logs at /var/log/unattended-upgrades/
to verify that your unattended upgrades are being applied.
(I made another answer, because my changes to LinuxBill's answer were rejected.)
There is a package that can be used to do enable automatic updates for you. It is called unattended-upgrades.
Use the following command to enable/disable automatic updates:
sudo dpkg-reconfigure -plow unattended-upgrades
That command will modify file /etc/apt/apt.conf.d/20auto-upgrades
and may also modify /etc/apt/apt.conf.d/10periodic
.
Alternatively you can enable automatic updates GUI way by software-properties-gtk
in the Updates tab by changing setting in "When there are security updates:". That will modify files /etc/apt/apt.conf.d/10periodic
and /etc/apt/apt.conf.d/20auto-upgrades
.
Alternatively you can modify the aforementioned file(s) manually. In that file you can set how often you want update be called:
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
The file should look like that. The 1 means it will update every day. 7 is weekly. Variable APT::Periodic::AutocleanInterval determines how often "apt-get autoclean" is executed automatically. 0 means disable for these variables.
You can change the way unattended upgrades work by editing file /etc/apt/apt.conf.d/50unattended-upgrades
. This file will let you choose what updates you want to make by choosing where apt can search for new updates and upgrades.
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
// "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
};
The variables ${distro_id}
and ${distro_codename}
are expanded automatically. In above only security updates are done automatically. You can extend automatic updates to any repository, see another question.
You may want to change
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
to
Unattended-Upgrade::Remove-Unused-Dependencies "true";
That will automatically remove e.g. excessive old kernels so that /boot does not become full.
There is more information in Ubuntu docs.