158

Update Manager is constantly offering me updates (e.g. security fixes, updates from PPAs).

How can I tell my Ubuntu installation to automatically download and install updates whenever they become available?

Seth
  • 58,122
David Siegel
  • 8,932

5 Answers5

183

Although it is not wrong or dangerous (see comments to this answer), using apt-get upgrade -y is not the best way to achieve this.

unattended-upgrades is one of the best practices of having automatic updates, especially for headless machines or servers!

You can set up unattended-upgrades pretty easily by typing this in a terminal:

sudo apt-get install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades

From the description:

 This package can download and install security upgrades automatically
 and unattended, taking care to only install packages from the
 configured APT source, and checking for dpkg prompts about
 configuration file changes.
Weboide
  • 10,493
  • Although I agree that those crontabs entries are not the way to go: apt-get upgrade -y is not that bad. From the man page for -y: "If an undesirable situation, such as changing a held package, trying to install a unauthenticated package or removing an essential package occurs then apt-get will abort." – Marcel Stimberg Jul 30 '10 at 16:27
  • 2
    But an important package for your server, web application, etc might not be an "essential" package and could potentially get removed. – Weboide Jul 31 '10 at 00:50
  • 1
    unattended-upgrades is preferable but apt-get -y upgrade is not wrong or dangerous at all. sudo apt-get upgrade will never (with or with out y, with or without explicit user approval) install any new package or uninstall any installed package. (From man apt-get: "under no circumstances are currently installed packages removed, or packages not already installed retrieved and installed.") Remember, the -y flag can be used with other, potentially more dangerous commands than upgrade, such as dist-upgrade. – Eliah Kagan Jun 19 '12 at 04:12
  • 17
    This is lacking the info that you have to set APT::Periodic::Download-Upgradeable-Packages "0"; to 1 and should also set APT::Periodic::AutocleanInterval "0"; to something in days in /etc/apt/apt.conf.d/10periodic or not? Also you would not be do this instead of the GUI way if you would only security updates so you also have to uncomment // "${distro_id}:${distro_codename}-updates"; in /etc/apt/apt.conf.d/50unattended-upgrades to really have automatic upgrades for all code packages. This can then be extended to update even more. – redanimalwar May 02 '14 at 03:07
  • 1
    How often will the update run now, after I set this up? – Karel Bílek Nov 11 '15 at 00:43
  • daily, according to /etc/cron.daily/apt – Weboide Nov 11 '15 at 20:39
  • 4
    What happens with updates that require a server reboot? – Diskdrive Dec 16 '15 at 23:32
  • 1
    A file will be created by the system (/var/run/reboot-required) to let you know that a reboot is required. But no actions are taken by unattended-upgrades to restart the system though, it's up to you to restart it. – Weboide Jan 28 '16 at 16:40
  • 5
    official docs talk about enabling notifications as well (via email), which i think is good for those who wish to know. https://help.ubuntu.com/lts/serverguide/automatic-updates.html –  Sep 16 '16 at 18:44
  • 1
    How can I do this without needing to interact with the prompt? – fredley Jan 12 '17 at 10:10
  • Does this also update my LTS version from 18 to 20? – Harsha Nov 03 '20 at 18:58
  • The official docs appear to have moved here: https://ubuntu.com/server/docs/package-management#heading--automatic-updates – daviewales Feb 16 '22 at 02:53
41

In the Update Manager click the Settings button. This dialog will show up:

screenshot of Download and install automatically security updates

Select the "Download and install automatically". This will automatically install security updates. If you want to set this up for them remotely via, you can do this:

sudo apt-get install unattended-upgrades

If the package is installed already you can do:

sudo dpkg-reconfigure unattended-upgrades

to change it's behavior. Follow the prompts to enable the feature once you run the command. There's currently no graphical method to just set the entire system to update unattended for everything (you want to play it safe when it comes to automatic upgrades), but setting security updates automatically is a good idea.

Check out the pages for more information if you want to automate getting -updates and -backports:

Community
  • 1
Jorge Castro
  • 71,754
29

You can do this easily for security updates.

From System Settings open Update Manager. Click the 'Settings...' button, then on the 'Updates' tab, select the radio button 'Install security updates without confirmation.'

To automatically install all updates, see the answer below.

Merlijn Sebrechts
  • 7,394
  • 1
  • 42
  • 70
thisfred
  • 706
  • 34
    -1 Disappointing this has selected since this is not answering the question correctly and is showing a thing everybody who know Ubuntu a little bit and pays attention in dialogs knows this already. The most upvoted answer is the right one. – redanimalwar May 02 '14 at 02:17
24

Go to terminal, and enter:

sudo dpkg-reconfigure unattended-upgrades

Say "yes" to the prompt. You'll still be notified about "normal" updates, such as those that contain bugfixes, but security updates will be installed automatically.

lfaraone
  • 4,697
10

I use apticron to get informed by mail if an update needs to be done.

In your case, I would use cron-apt or unattended-upgrades to do the job of automagically updating your machines.

rubo77
  • 32,486
ddeimeke
  • 3,089