This answer is based on reading the following files:
/etc/cron.daily/apt
/etc/apt/apt.conf.d/10periodic
/etc/apt/apt.conf.d/50unattended-upgrades
/usr/share/doc/unattended-upgrades/README
which are part of packages (including unattended-upgrades
and update-notifier-common
) included in the standard Ubuntu installation. There are other tools available from the distribution that could achieve the same ends, such as apticron
and cron-apt
.
In the file /etc/apt/apt.conf.d/10periodic
, add a line
APT::Periodic::Unattended-Upgrade "1";
This configures Apt's periodic scripts to run an unattended upgrade every day. For a longer interval, increase the 1
to a larger number. A 0
for this variable would mean 'disabled'.
In tandem with this, the autoclean
line should be enabled by replacing a 0
there:
APT::Periodic::AutocleanInterval "1";
By default, Ubuntu 8.04 only configures automatic unattended upgrades
from the hardy-security
archive. This will cover you against security vulnerabilities, but not for general bug-fix releases. For that, you need to enable the hardy-updates
archive in /etc/apt/apt.conf.d/50unattended-upgrades
:
// Uncomment the line that reads as follows:
"Ubuntu hardy-updates";
Ubuntu's spec for this feature appears on a wiki page.
Note that Debian systems seem to have the same exact infrastructure, apparently from this feature migrating upstream.
You can do a couple of things for avoiding this. Setting the DEBIAN_FRONTEND
variable to noninteractive
and using -y
flag. For example:
export DEBIAN_FRONTEND=noninteractive
apt-get -yq install [packagename]
If you need to install it via sudo, use:
sudo DEBIAN_FRONTEND=noninteractive apt-get -yq install [packagename]
Best Answer
You don't need a cron job to install security update.
unattended-upgrade
do it for you, automatically. From its description in pkg on Ubuntu 12.04you just need install it, then
then, choose "YES" and let it do its jobs.