How to set up automatic updates for Ubuntu Linux 18.04

How do I configure automatic updates for Ubuntu Linux 18.04 LTS “Bionic Beaver” server?

The Linux server security is indeed an essential task for sysadmins. One of the most fundamental ways to keep the server secure is by installing security updates on time to patch vulnerabilities. You need to install the unattended-upgrades package. It will automatically install software updated, including security updates. This page shows how to install security updates automatically when released by the Ubuntu security team.
Tutorial details
Difficulty level Easy
Root privileges Yes
Requirements Ubuntu Linux 18.04 LTS
Est. reading time 2 minutes

Automatic updates for Ubuntu Linux

  1. Update the server, run:
    sudo apt update && sudo apt upgrade
  2. Install unattended upgrades on Ubuntu. Type the following apt command sudo apt install unattended-upgrades apt-listchanges bsd-mailx
    Install automatic updates for Ubuntu Linux 18.04 LTS
  3. Turn on unattended security updates, run:
    sudo dpkg-reconfigure -plow unattended-upgrades
    Configure automatic updates
  4. Configure automatic updates, enter:
    sudo vi /etc/apt/apt.conf.d/50unattended-upgrades
    Set up alert email ID:
    Unattended-Upgrade::Mail "sysadmin@server1.cyberciti.biz";
    Automatically reboot Ubuntu box WITHOUT CONFIRMATION for kernel updates:
    Unattended-Upgrade::Automatic-Reboot "true";
    Finally edit the /etc/apt/listchanges.conf and set email ID:
    email_address=sysadmin@server1.cyberciti.biz
    Save and close the file.
  5. Verify that it is working by running the following command:
    sudo unattended-upgrades --dry-run
    How to Enable and Set up Automatic Unattended Security Updates on Ubuntu

Ubuntu automatic updates sample email alert

Configuring Unattended-Upgrade::Mail in 50unattended-upgrades file enables unattended-upgrades to email a sysadmin detailing any packages that need upgrading or have problems. The Ubuntu server sent an update report via email as follows:
Notifications

See automatic updates logs

Now that you set up automatic updates on Ubuntu Server 18.04 LTS. It is time to see logs. Hence, use the grep command or cat command or more command/egrep command:
sudo cat /var/log/unattended-upgrades/unattended-upgrades.log
sudo tail -f /var/log/unattended-upgrades/unattended-upgrades.log
sudo grep 'linux-image' /var/log/unattended-upgrades/unattended-upgrades.log

And you are done. I hope this helps you to keep the server or virtual machine running in cloud current with the latest security updates automatically.

Conclusion

You learned how to configure automatic unattended updates for your Ubuntu Linux based server up-to-date. It is a simple and easiest way to protect your server from vulnerabilities. This method is also beneficial when you administrate multiple servers. Manually updating the system and applying patches can be a very time-consuming process. However, for a large number of servers/VMs, I would recommend something like Ansible.


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 6 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
6 comments… add one
  • Anonymous Oct 3, 2020 @ 23:24

    very nice, mate 👍👍

  • Konstantin Tokar Jan 6, 2021 @ 8:48

    After long time autoupdates, old keernels used all inodes. Need to add purge – see https://www.cyberciti.biz/faq/ubuntu-18-04-remove-all-unused-old-kernels/

  • ddb Apr 3, 2021 @ 13:49

    Great tutorial. Easy to find, direct, and no errors!

  • mrbronz Apr 25, 2021 @ 9:33

    It don’t work

    After following your instructions I ran the test script checked the logs,”Nothing” was updated or upgraded.

    I ran the apt update and upgrade manually and it ran fine

    • 🐧 Vivek Gite Apr 25, 2021 @ 23:19

      It take 24 hours as it run in background. You need to wait.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum