Automatic upgrades in Debian

Last edited on 2024-01-14 Tagged under  #debian   #linux   #homeServer 

On my daily use desktop, I like to keep the system updated manually. However, on servers, especially once you get into several devices, upgrading can quickly get repetitive and timely security updates may be put off.

I use unattended-upgrades to automate the process.

Let's go!

Install ...

$ sudo apt install unattended-upgrades apt-listchanges


Default configuration file is /etc/apt/apt.conf.d/50unattended-upgrades, and I make a few changes.

Default is only to apply security updates. Change to auto-update all packages ...

Unattended-Upgrade::Origins-Pattern {
        "o=Debian Backports,a=${distro_codename}-backports,l=Debian Backports";

Send email to root concerning any problems or packages upgrades ...

Unattended-Upgrade::Mail "root";

Remove unused packages after the upgrade (equivalent to apt-get autoremove) ...

Unattended-Upgrade::Remove-Unused-Dependencies "true";

Automatically reboot if an upgrade requires it to complete an upgrade ...

Unattended-Upgrade::Automatic-Reboot "true";

Automatically reboot (if required) at a specified time instead of immediately ...

Unattended-Upgrade::Automatic-Reboot-Time "05:00";


Enable by running ...

$ sudo dpkg-reconfigure -plow unattended-upgrades

... and selecting Yes to Automatically download and install stable updates?. This creates /etc/apt/apt.conf.d/20auto-upgrades with (0=disabled, 1=enabled) ...

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";


Confirm running ...

$ systemctl status unattended-upgrades.service

Test ...

$ sudo unattended-upgrades --dry-run --debug

You can like, share, or comment on this post on Mastodon 💬

Thanks for reading! Read other posts?

» Next: Install FreeBSD 14.0 (Short and Sweet Version)

« Previous: Roll your own Linux desktop using Sway