Hi, I’m Eric. I’m technical director @enginsightcom with deep interest in it security.
Eric Range

Automatic Updates on Linux

Eric Range
Eric Range
Dec 15, 2019
Hi, I’m Eric. I’m technical director @enginsightcom with deep interest in it security.

Copy&Paste…

CentOS 8

sudo yum install dnf-automatic
{
  echo '[commands]'
  echo 'upgrade_type = default'

  echo 'network_online_timeout = 60'
  echo 'download_updates = yes'
  echo 'apply_updates = yes'

  echo '[base]'
  echo 'debuglevel = 1'
  
} > /etc/dnf/automatic.conf
sudo systemctl enable --now dnf-automatic.timer
sudo service dnf-automatic.timer status
Redirecting to /bin/systemctl status dnf-automatic.timer
● dnf-automatic.timer - dnf-automatic timer
   Loaded: loaded (/usr/lib/systemd/system/dnf-automatic.timer; enabled; vendor preset: disabled)
   Active: active (waiting) since Sat 2021-11-13 13:56:46 UTC; 32s ago
  Trigger: Sun 2021-11-14 06:17:20 UTC; 16h left

...systemd[1]: Started dnf-automatic timer.

Debian / Ubuntu

sudo apt-get -y install unattended-upgrades
{
  echo 'Unattended-Upgrade::Allowed-Origins {'
  echo '  "${distro_id}:${distro_codename}-security";'
  echo '  // "${distro_id}:${distro_codename}-updates";'
  echo '  // "${distro_id}:${distro_codename}-proposed";'
  echo '  // "${distro_id}:${distro_codename}-backports";'
  echo '};'
  echo 'Unattended-Upgrade::Package-Blacklist {'
  echo '  // "vim";'
  echo '  // "libc6";'
  echo '  // "libc6-dev";'
  echo '  // "libc6-i686";'
  echo '};'

} > /etc/apt/apt.conf.d/50unattended-upgrades
sudo cat <<EOT > /etc/apt/apt.conf.d/10periodic
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
EOT
sudo service unattended-upgrades status
● unattended-upgrades.service - Unattended Upgrades Shutdown
   Loaded: loaded (/lib/systemd/system/unattended-upgrades.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2019-11-11 18:30:55 CET; 10min ago
     Docs: man:unattended-upgrade(8)
 Main PID: 18330 (unattended-upgr)
    Tasks: 2 (limit: 2301)
   Memory: 10.1M
   CGroup: /system.slice/unattended-upgrades.service
           └─18330 /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown