Automatic security updates

From regional-training
Revision as of 20:23, 9 August 2022 by Ralph (talk | contribs) (Created page with "Security Updates can be applied via unattended-upgrades. =unattended upgrades installation= As root: * install apt install unattended-upgrades * configuration dpkg-reconfigure -plow unattended-upgrades * or configure to security updates only vi /etc/apt/apt.conf.d/50unattended-upgrades <pre> // Archive or Suite based matching: // Note that this will silently match a different release after // migration to the specified archive (e.g. testing...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Security Updates can be applied via unattended-upgrades.

unattended upgrades installation

As root:

  • install
apt install unattended-upgrades
  • configuration
 dpkg-reconfigure -plow unattended-upgrades
  • or configure to security updates only
vi /etc/apt/apt.conf.d/50unattended-upgrades

        // Archive or Suite based matching:
        // Note that this will silently match a different release after
        // migration to the specified archive (e.g. testing becomes the
        // new stable).
//      "o=Debian,a=stable";
//      "o=Debian,a=stable-updates";
//      "o=Debian,a=proposed-updates";
        "origin=Debian,codename=${distro_codename},label=Debian-Security";

unattended upgrades logging

The unattended upgrades logging is available in several places:

  • /var/log/unattended_upgrades/
    • unattended-upgrades.log - what happened
    • unattended-upgrades-shutdown.log - any shutdown on error
    • unattended-upgrades-dpkg.log - which packages were upgraded
  • /var/log/apt/history.log - which commands were executed and what changes were made
tail -2000 /var/log/unattended-upgrades/unattended-upgrades.log 
tail -2000 /var/log/apt/history.log
Retrieved from ‘https://regional-training.org:443/rt-dir/index.php?title=Automatic_security_updates&oldid=732