How to automatically apt-get?

Derek Broughton news at pointerstop.ca
Tue Sep 25 17:00:29 UTC 2007 

Matt Morgan wrote:

> On 9/25/07, Derek Broughton <news at pointerstop.ca> wrote:
>> Josef Wolf wrote:
>>
>> > Hello,
>> >
>> > I'd like to automatically "apt-get update" and the like.  I've tried
>> > the following:
>> >
>> >   #!/bin/sh
>> >   export DEBIAN_FRONTEND=noninteractive
>> >   apt-get --yes --force-yes -q update
>> >   apt-get --yes --force-yes -q upgrade
>>
>> Besides Mario's good point about the danger of doing this, it's the hard
>> way.
>>
>> Apt is _designed_ to do automatic updates.  You should have
>> a /etc/cron.daily/apt, which does the "apt-get update".  Then you need to
>> have the following lines in a file somewhere in /etc/apt/apt.conf.d/:
>>
>> APT::Periodic::Update-Package-Lists "1";
>> APT::Periodic::Download-Upgradeable-Packages "1";
>>
>> The first says to get the updates, the second says to download them.  At
>> this point they're still not installed, just downloaded.
>>
>> To actually do unattended upgrades (Ack!!!) you need to set some
>> parameters regarding unattended upgrades - see the Apt howto, I don't
>> know how that's
> 
> What problems have arisen in the recent past (I'm looking for
> examples) with unattended upgrades in Ubuntu? I have very successfully
> done unattended upgrades with other OSes in the past (but am new to
> Ubuntu).

None that I know of.  For a decade (!) I've been having apt do the update
automatically but doing the actual install myself.  There have only ever
been problems when I've been playing with the latest unstable versions.

> On Debian, for example, on servers at work I'd usually set up my
> sources.list to upgrade only from the security repos, so that I'd get
> security updates right away (important) but not feature changes
> (important to avoid on a server, usually). In 2+ years I never had
> serious trouble with automatically applying security updates in
> Debian.

If I only did that, I'm sure I could have managed with unattended upgrades
(except that I'd need to ensure it only happened when I was on the T1
line).

> Would you guys recommend doing the same thing (ie automatically
> upgrading from the security repos only) with Ubuntu, or not? 

It wouldn't scare me :-)
-- 
derek

More information about the ubuntu-users mailing list