Knowledgebase

  1. Portal Home
  2. Knowledgebase
  3. Operating Systems
  4. Linux Guides
  5. How to Setup Unattended Upgrades on Debian 9 (Stretch)

  Categories

23
Accounts
 16
App Platform
 8
Backups
 7
Billing
 4
Connectivity Troubleshooting
 148
Data Management
 1
Ddos
 197
Development
 13
DNS
 41
Game Servers
 5
Hosting Packages
 97
Infrastructure
 6
IPv6
 48
Kubernetes
 11
Load Balancers
 34
Machine Learning
 10
MongoDB
 1
Monitoring
 21
MySQL
 14
Networking
 1039
Operating Systems
 21
PostgreSQL
 1
Private Internet Guardian (VPN)
 1
Products
 7
Redis
 100
Reference Guides
 4
Resellers
 6
Reserved IPs
 86
Server
 322
Server Apps
 7
Site Management Tools
 1
SnapShooter
 16
Snapshots
 3
Spaces
 4
SSH Troubleshooting
 5
SSL
 2
Streaming and Broadcasting
 23
Support Plans FAQ
 2
Teams
 6
Third-Party Applications
 5
Volumes
 1
VPC
 2
Windows Security

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

How to Setup Unattended Upgrades on Debian 9 (Stretch) Print

  • 0

Introduction

If you purchase a Debian server, then you should always have the latest security patches and updates, whether you're asleep or not. This is pretty easy to do. Here's how.

1. Install the unattended-upgrades Package

Run this command to install the "unattended-upgrades" package, along with a package to identify the changes:

apt -y install unattended-upgrades apt-listchanges

2. Configuration

After that is installed, then edit the unattended-upgrade configuration:

nano /etc/apt/apt.conf.d/50unattended-upgrades

Paste the following into this file after emptying it, then modify items with ** **. Remember to remove the asterisks.

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade::Mail "**YOUR_EMAIL_HERE**";

// Automatically upgrade packages from these 
Unattended-Upgrade::Origins-Pattern {
      "o=Debian,a=stable";
      "o=Debian,a=stable-updates";
      "o=Debian,a=proposed-updates";
      "origin=Debian,codename=${distro_codename},label=Debian-Security";
};

// You can specify your own packages to NOT automatically upgrade here
Unattended-Upgrade::Package-Blacklist {
//      "vim";
//      "libc6";
//      "libc6-dev";
//      "libc6-i686";

};

Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Automatic-Reboot "false";

NOTE: To remove the original lines from the file you can hold ( ctrl + k )

NOTE: You can set Automatic-Reboot to true if you want your server to reboot when it's necessary.

Install "apticron" to manage automatic execution of APT updates:

apt -y install apticron

Open /etc/apticron/apticron.conf and set the EMAIL variable to your email address, so you can receive the list of changes.

EMAIL="**me@example.com**"
DIFF_ONLY="1"
LISTCHANGES_PROFILE="apticron"
SYSTEM="**HOSTNAME.OF.SERVER**"
NOTIFY_HOLDS="0"
NOTIFY_NO_UPDATES="0"

Open /etc/apt/listchanges.conf to configure APT to save the changes to a database:

[apt]
frontend=pager
email_address=**me@example**
confirm=0
save_seen=/var/lib/apt/listchanges.db
which=news

3. Test

You can run unattended-upgrade manually with debug mode to see if it works correctly:

unattended-upgrade -d
Introduction If you purchase a Debian server, then you should always have the latest security patches and updates, whether you're asleep or not. This is pretty easy to do. Here's how. 1. Install the unattended-upgrades Package Run this command to install the "unattended-upgrades" package, along with a package to identify the changes: apt -y install unattended-upgrades apt-listchanges 2. Configuration After that is installed, then edit the unattended-upgrade configuration: nano /etc/apt/apt.conf.d/50unattended-upgrades Paste the following into this file after emptying it, then modify items with ** **. Remember to remove the asterisks. APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "1"; APT::Periodic::AutocleanInterval "7"; APT::Periodic::Unattended-Upgrade "1"; Unattended-Upgrade::Mail "**YOUR_EMAIL_HERE**"; // Automatically upgrade packages from these Unattended-Upgrade::Origins-Pattern { "o=Debian,a=stable"; "o=Debian,a=stable-updates"; "o=Debian,a=proposed-updates"; "origin=Debian,codename=${distro_codename},label=Debian-Security"; }; // You can specify your own packages to NOT automatically upgrade here Unattended-Upgrade::Package-Blacklist { // "vim"; // "libc6"; // "libc6-dev"; // "libc6-i686"; }; Unattended-Upgrade::MailOnlyOnError "true"; Unattended-Upgrade::Automatic-Reboot "false"; NOTE: To remove the original lines from the file you can hold ( ctrl + k ) NOTE: You can set Automatic-Reboot to true if you want your server to reboot when it's necessary. Install "apticron" to manage automatic execution of APT updates: apt -y install apticron Open /etc/apticron/apticron.conf and set the EMAIL variable to your email address, so you can receive the list of changes. EMAIL="**me@example.com**" DIFF_ONLY="1" LISTCHANGES_PROFILE="apticron" SYSTEM="**HOSTNAME.OF.SERVER**" NOTIFY_HOLDS="0" NOTIFY_NO_UPDATES="0" Open /etc/apt/listchanges.conf to configure APT to save the changes to a database: [apt] frontend=pager email_address=**me@example** confirm=0 save_seen=/var/lib/apt/listchanges.db which=news 3. Test You can run unattended-upgrade manually with debug mode to see if it works correctly: unattended-upgrade -d
Was this answer helpful?

Related Articles

Install MongoDB on CentOS .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... How to Set Up SSH Keys on Ubuntu 20.04 .Markdown_markdown___3RCz pre.prefixed code ol { list-style: none; margin: 0;... Install Apache Maven on Ubuntu 18.04 .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... Setup Red5 Media Server on CentOS 7 Using a Different System?... How to Reset the Root Password on a RCS Cloud Server Introduction If you have lost access to the root account, you can...
Back

Powered by WHMCompleteSolution

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket