If you have a number of Linux servers in your environment, whether these are in production environments or in the home lab, you want to keep your Linux servers up-to-date with security patches across the board. Manually logging in and running the package management utilities to do this is one way to accomplish keeping your Linux servers updated if you have one or two Linux servers. However, this doesn’t scale very well. Using the Unattended-Upgrades functionality in Ubuntu, let’s see how we can automatically keep our Ubuntu servers up-to-date, and also look at apt periodic autoclean interval to perform housekeeping on our downloads.
Enabling Unattended Upgrades for Ubuntu
The process to enable Unattended Upgrades for your Ubuntu servers is extremely easy. You can use the following commands to configure the automatic upgrades so these are performed automatically:
sudo apt install unattended-upgrades sudo dpkg-reconfigure --priority=low unattended-upgrades
After you verify you have the unattended-upgrades module installed, you will run the dpkg command that will launch the configuration screen you see afterward.
Select Yes to enable the automatic downloading and installation of stable updates.
You can customize the configuration for your unattended-upgrades process on your Ubuntu Server by editing the configuration file:
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
In this file, you will see the configuration for:
- Email alerts
- Automatic rebooting behavior
- Bandwidth limitations
- Logging, etc
Editing this file is not mandatory, but there are a lot of really great features and configurations that you may want to tweak to align with the notification and updates needs of your organization.
Apt Periodic Autoclean Interval
There is another file associated with the unattended-upgrades operation that you can customize that provides options to control the apt periodic autoclean interval among others. The file you will want to customize for this is the following:
sudo nano /etc/apt/apt.conf.d/20auto-upgrades
In this file, you can add the following. The first two lines will most likely already exist by default. To add the apt periodic autoclean interval, add the last line listed below. The directive as configured below will direct the system to clear the download archive every 7 days, keeping things tidy.
APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::AutocleanInterval "7";
You can test the configuration for your unattended-upgrades using the following command:
sudo unattended-upgrades --dry-run --debug
This will perform a dry run of the configuration as you have it configured and allow you to flush out any issues with your configuration.
Apt Periodic Autoclean Interval FAQs
- What is unattended-ugprades in Ubuntu? The unattended-upgrades module allows automatically installing stable upgrades to your Ubuntu server and helps to automate the process of keeping your system up-to-date with patches and upgrades.
- What is the apt periodic autoclean interval? The apt periodic autoclean interval is a configuration you can set as part of the unattended-upgrades configuration that allows the system to get rid of archived downloaded after a specified interval. This is easily configured in the configuration file.
- Why automate your upgrades and security patches? Automating security patches is a great way to bolster your security posture and keep your environment protected from security vulnerabilities that result from old software and system code.
Hopefully this quick tutorial on the apt periodic autoclean interval and unattended-upgrades will be useful for those who have home labs as well as manage production environments with large numbers of Linux servers.