How can I check if automatic updates are enabled?

There is a package that can be used to do this for you.

sudo apt-get install unattended-upgrades

or if unattended-upgrades already installed. Or you can checkout the Ubuntu docs

sudo dpkg-reconfigure -plow unattended-upgrades

That is the package you need to install. Once its installed edit the files

/etc/apt/apt.conf.d/10periodic
/etc/apt/apt.conf.d/20auto-upgrades

In that file you can set how often you want the server to update.

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

The file should look like that. The 1 means it will update every day. 7 is weekly.

/etc/apt/apt.conf.d/50unattended-upgrades

This files will let you chose what updates you want to make by choosing where apt can search for new updates and upgrades. ( My personal opinion on this is I would set it to security if this is a server )

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}-security";
//      "${distro_id}:${distro_codename}-updates";

};

The variables ${distro_id} and ${distro_codename} are expanded automatically. I would comment out the updates entry and just leave security.


Check the logs at /var/log/unattended-upgrades/ to verify that your unattended upgrades are being applied.


(I made another answer, because my changes to LinuxBill's answer were rejected.)

There is a package that can be used to do enable automatic updates for you. It is called unattended-upgrades.

Use the following command to enable/disable automatic updates:

sudo dpkg-reconfigure -plow unattended-upgrades

That command will modify file /etc/apt/apt.conf.d/20auto-upgrades and may also modify /etc/apt/apt.conf.d/10periodic.

Alternatively you can enable automatic updates GUI way by software-properties-gtk in the Updates tab by changing setting in "When there are security updates:". That will modify files /etc/apt/apt.conf.d/10periodic and /etc/apt/apt.conf.d/20auto-upgrades.

Alternatively you can modify the aforementioned file(s) manually. In that file you can set how often you want update be called:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

The file should look like that. The 1 means it will update every day. 7 is weekly. Variable APT::Periodic::AutocleanInterval determines how often "apt-get autoclean" is executed automatically. 0 means disable for these variables.

You can change the way unattended upgrades work by editing file /etc/apt/apt.conf.d/50unattended-upgrades. This file will let you choose what updates you want to make by choosing where apt can search for new updates and upgrades.

Unattended-Upgrade::Allowed-Origins {
      "${distro_id}:${distro_codename}-security";
//      "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};

The variables ${distro_id} and ${distro_codename} are expanded automatically. In above only security updates are done automatically. You can extend automatic updates to any repository, see another question.

You may want to change

//Unattended-Upgrade::Remove-Unused-Dependencies "false";

to

Unattended-Upgrade::Remove-Unused-Dependencies "true";

That will automatically remove e.g. excessive old kernels so that /boot does not become full.

There is more information in Ubuntu docs.

Tags:

Server

Updates