Presumably, you have discovered this article because you are either searching for a way to automatically apply security upgrades to your Ubuntu servers or you have discovered a security package was upgraded without you knowing it. In my case, it was the latter. If you subscribe to a SOC (security operations center) in the cloud, you should keep an eye out for any security vulnerabilities they send your way and be ready to act accordingly. In some cases, the unattended-upgrades package in Ubuntu will save the day and act quicker than you as a sys admin may be able to.
This article is using Ubuntu 22.04.1 LTS (Jammy Jellyfish) for its examples.
In many server installs, by default, unattended-upgrades will be installed and configured for security patches. This can be extended to other upgrade types, modified to check any number of days, and turned off. For security upgrades, we recommend you leave them turned on. For all other upgrades, we will leave that to your discretion and personal requirements.
How to install unattended upgrades on Ubuntu
To install unattended upgrades if not already, run the following command:
sudo apt-get install unattended-upgrades -yThen configure the package to run at random times with the following command:
sudo dpkg-reconfigure -plow unattended-upgradesFor more fine tuning of what will be automatically upgraded, edit the following file.
sudo vi /etc/apt/apt.conf.d/50unattended-upgradesIn that file you will find a list of update types. Likely, the security updates will be already uncommented out. If you would like the other update types also commented out, just remove the leading // comment marks.
There is another configuration file that determines how often unattended upgrades should check for new updates.
sudo vi /etc/apt/apt.conf.d/20auto-upgradesThe default is 1 day but can be changed to any number of days you need it to.
Conclusion
In conclusion, this article has demonstrated how to manage Ubuntu with unattended upgrades. Check out our other posts for more detailed articles.
Leave a Reply