How do I configure automatic unattended updates for Ubuntu Linux 20.04 LTS “Focal Fossa” server?
The Linux server security is indeed an essential task for sysadmins. One of the most fundamental ways to keep the Ubuntu server secure is by installing security updates on time to patch vulnerabilities. By default, the unattended-upgrades package installed, but you still need to configure a few options. It will automatically install software updates, including security updates. This page shows how to configure security updates automatically when released by the Ubuntu security team using an unattended-upgrades package.
ADVERTISEMENTS
Automatic unattended updates for Ubuntu 20.04 LTS
-
Update the Ubuntu 20.04 LTS server for security patches, run:
-
[admin@aws-ec2-007]$ ``sudo apt update && sudo apt upgrade -
Install unattended upgrades on Ubuntu if not installed. Type the following apt command
-
[admin@aws-ec2-007]$ ``sudo apt install unattended-upgrades apt-listchanges bsd-mailx -
Turn on unattended security updates, run:
-
[admin@aws-ec2-007]$ ``sudo dpkg-reconfigure -plow unattended-upgrades -
-
Configure automatic unattended updates, enter:
-
[admin@aws-ec2-007]$ ``sudo vi /etc/apt/apt.conf.d/50unattended-upgrades -
Set up alert email ID:
-
Unattended-Upgrade::Mail "vivek@server1.cyberciti.biz"; -
Automatically reboot Ubuntu box WITHOUT CONFIRMATION for kernel updates:
-
Unattended-Upgrade::Automatic-Reboot "true"; -
Finally edit the /etc/apt/listchanges.conf and set email ID:
-
email_address=vivek@server1.cyberciti.biz -
Save and close the file.It would be best if you have a working email server to get an alert. You can always use AWS SES with Postfix MTA to route email safely.
-
Verify that it is working by running the following command:
-
[admin@aws-ec2-007]$ ``sudo unattended-upgrades --dry-run -
#[object object] #[object object] #[object object] #[object object] #[object object] #ubuntu