Debian Unattended Upgrades

From lathama
Jump to: navigation, search

Limited Method

Setting up unattened-upgrades on Debian Jessie (maybe others) to enable upgrade of all packages.

  1. apt-cache policy | grep release
  2. vim /etc/apt/apt.conf.d/50unattended-upgrades
    • // Archive or Suite based matching section
    • Match up to sections from apt-cache policy command above
    • note: the \ is important for escaping things like "o=Google\, Inc.,a=stable";
  3. tail -F /var/log/unattended-upgrades/unattended-upgrades.log
  4. manually start by running *unattended-upgrade* if desired

Fun Method

The matching for allowed repos can be simplified to allow all from Debian. The old method while correct is a lot of work to enable each repo.

sed -i '/Origins-Pattern/a  "o=Debian";' /etc/apt/apt.conf.d/50unattended-upgrades

Other Settings

Don't try to install one package at a time, normal updates should be small so keep the ball rolling

Unattended-Upgrade::MinimalSteps "false";

Install updates on shutdown. There could be reasons to do this or not, I would set it true for encrypted drives as the reboot would be an issue.

Unattended-Upgrade::InstallOnShutdown "true";

Clean up any packaging changes. Rare but clean is good

Unattended-Upgrade::Remove-Unused-Dependencies "true";

If un-encrypted drives, use this to move the reboot time to when ever.

Unattended-Upgrade::Automatic-Reboot-Time "02:00";

Sponsorship and Advertising space here. Please contact me if interested.