14 Apr 2009

Auto updating security packages with Ubuntu (Debian) system

It's a bit hard to maintain manually a lot of servers but it's really important to keep them updated. It's why I looked for an automatic solution and it has been pretty easy to find a good and simple one.

I propose to you to use an utility called apt-cron.

installing it on our system:
sudo apt-get install apt-cron

creating a new security list:
sudo nano  /etc/apt/sources.list.d/security.sources.list

deb http://archive.ubuntu.com/ubuntu hardy-security maindeb http://archive.ubuntu.com/ubuntu hardy-security universe


setuping APT actions:
sudo nano /etc/cron-apt/action.d/5-install 

autoclean -q -ydist-upgrade -q -y -o APT::Get::Show-Upgraded=true -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list -o Dir::Etc::sourceparts=nonexistent -o DPkg::Options::=--force-confdef -o DPkg::Options::=--force-confold


adding a cron task:
sudo crontab -e

5 0    *   *   *  test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt


To test the auto update process:
sudo /usr/sbin/cron-apt

To check the log:
sudo cat /var/log/cron-apt/log


idea / source from http://www.turnkeylinux.org/