Ubuntu 16.04: Auto apt update and apt upgrade

This article will describe auto apt update and apt upgrade with unattended-upgrades.

There is a issue with freezing apt update.

 

1 Default settings

After installing Ubuntu 16.04, apt update and apt upgrade will run on boot and every day at 6:00 and 18:00 automatically.

And only security upgrade will be applied.

2 apt.systemd.daily

Framework for running apt automatically.

 

apt-daily.service Run at once when system boot
apt-daily.timer Timer run at 6:00 and 18:00

 

3 unattended-upgrades package

An unattended-upgrades will be called by apt.systemd.daily.

This will run apt update and apt upgrade.

Config files are /etc/apt/apt.conf.d/20auto-upgrades and /etc/apt/apt.conf.d/50unattended-upgrades.

4 /etc/apt/apt.conf.d/10periodic (disabled by default)

An unattended-upgrades does not use this file. This file is disabled by default.

This file is for system which does not install unattended-upgrades.

5 /etc/apt/apt.conf.d/20auto-upgrades

Config enable, disable and timing of unattended-upgrades.

 

APT::Periodic::Update-Package-Lists 0 = disable auto update
  other = days of auto update interval
APT::Periodic::Unattended-Upgrade 0 = disable auto upgrade
  1 = enable auto upgrade
APT::Periodic::Download-Upgradeable-Packages 0 = disable auto download package
  1 = enable auto download package
APT::Periodic::AutocleanInterval 0 = disable auto clean
  other = days of auto clean interval

 

Below means that auto update will be run every day, and auto upgrade will be run when there are update packages.

$ cat /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

5.1 CUI setting

dpkg-reconfigure provides CUI setting.

$ sudo dpkg-reconfigure --priority=low unattended-upgrades

CUI setting will display below string.

But this is not work because there is no replaced string in 50unattended-upgrades

Origins-Pattern that packages must match to be upgraded:
"origin=Debian,codename=${distro_codename},label=Debian-Security"

5.2 GUI setting (recommended)

"Software Update" provides GUI setting.

System settings -> Software & Updates -> Update

0001_GUI_en.png

Below 20auto-upgrades will be created.

APT::Periodic::Update-Package-Lists "14";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "0";
APT::Periodic::Unattended-Upgrade "1";

6 /etc/apt/apt.conf.d/50unattended-upgrades

Selecting upgrade package. Only security upgrade is selected by default.

If you want to select other upgrade, you need to erase comment '//'.

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}-security";
//      "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};
<snip>
// Automatically reboot *WITHOUT CONFIRMATION*
//  if the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";

// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";

 

Unattended-Upgrade::Allowed-Origins Selection upgrade package
Unattended-Upgrade::Automatic-Reboot true = enable reboot
Unattended-Upgrade::Automatic-Reboot-Time Reboot time

 

7 Disable auto update and upgrade

You can disable auto apt run with systemd.

But you need to run apt update and apt upgrade manually.

sudo systemctl disable apt-daily.service # disable run when system boot
sudo systemctl disable apt-daily.timer   # disable timer run

8 Auto reboot along a schedule

Reboot time is enabled by Unattended-Upgrade::Automatic-Reboot and Unattended-Upgrade::Automatic-Reboot-Time in 50unattended-upgrades.