Table of Contents
A security best practice is to run the latest version of the software package. The OVH Securing a VPS guides lists updating your system as the first security recommendation. There are several methods that you can use to configure automatic package upgrades.
You should configure one of these two methods:
apt-getas a cronjob
Any command that you run on the VPS that does not require user input can be run as an unintended cronjob. An easy way to perform regular and automatic updates is to create a cronjob.
This method of automatically updating your system is riskier than other methods because there are:
no configuration options
no safeguards if something goes wrong during an upgrade.
You’ve previously used the APT package manage to refresh, update, and install packages. Let’s review these commands.
- apt-get update
Retrieves a new lists of packages from the defined sources in
- apt-get upgrade
Performs an upgrade on packages that have a newer version.
-yflag automatically answers yes to all prompts and runs non-interactively.
We can run manually update the VPS using
apt-get update and
Previously, we combined these commands to run non-interactively in a single line.
apt-get update && apt-get upgrade -y
We can modify this line and then add it to a cronjob directly. We have to specify the full path of apt-get.
This command will run apt-get to update and upgrade the system on the first and third day of the week at 05:55. It then writes the upgrade status to the file specified.
55 5 * * 0,3 /usr/bin/apt-get update && /usr/bin/apt-get upgrade -y >> /var/log/apt/auto-updates.log
unattended-upgrades package is a safer approach.
Post Setup Automatic Security Updates On Ubuntu 18.04 LTS Server offers simple instructions on how to set up the package.
Here are the Ubuntu Server Guides: