Making sure your system is up to date is a key attribute to it's security. Furthermore Ubuntu releases updates pretty often and you probably don't want to miss out on added stability and features. You could run updated manually, but why not schedule the updates in the background to make sure you are always running the latest stable versions, without ever having to worry about it.
Update
This article was written before Ubuntu's unattended-upgrades existed. Consider using that instead.
Crontab
The crontab command, found in Unix and Unix-like operating systems, is used to schedule commands to be executed periodically. To see what crontabs are currently running on your system, you can open a terminal and run:
$ sudo crontab -lTo edit the list of cronjobs you can run:
$ sudo crontab -eThis wil open a the default editor (could be vi or nano, if you want you can change the default editor) to let us manipulate the crontab. If you save and exit the editor, all your cronjobs are saved into crontab. Cronjobs are written in the following format:
* * * * * /bin/execute/this/script.shIf you want to know more about crontab, I've written another article: Schedule tasks on Linux using crontab
Updating With Aptitude
I always used apt-get to update systems but I found out that aptitude has better dependency solving capabilities. So lets also use aptitude for this, it comes preinstalled. Normally I would run something like this from a terminal:
$ aptitude update # gets information on the latest packages
$ aptitude dist-upgrade # upgrades every package (kernel too)Making It Cron-Ready
We need to make some adjustments to the aptitude command to make it suitable to run in the background:
- It should not have to wait on user confirmation, because it isn't getting any ; )
- It should not automatically update kernels (this is still something you should do manually)
- It should log to a file so you can keep track of it li>
- It should not proceed with an `upgrade* if the *update* failed
- It should be prefixed with a full path. Because cron often works without environment variables
The following command takes on all of these above challenges, in just one line:
(/usr/bin/aptitude -y update && /usr/bin/aptitude -y safe-upgrade) 2>&1 >> /var/log/auto_update.logExplained
-yanswers yes to all questions so that takes care of the user confirmation- changing
dist-upgradetosafe-upgradewill skip kernel updates 2>&1 >> /var/log/auto_update.logforwards all messages (errors (2), and standard (1)) to a logfile&&links two commands together, but will not execute the second if the first one failed.
Combined: An Aptitude Cronjob
We'll link everything together now. Open your crontab editor:
$ sudo crontab -eAnd to execute our upgrade every night at 1AM type:
0 1 * * * (/usr/bin/aptitude -y update && /usr/bin/aptitude -y safe-upgrade) 2>&1 >> /var/log/auto_update.logSave and exit your editor, and you are all set! You could check the logfile: /var/log/auto_update.log every once in a while to see if everything is still running smoothly.