Here’s how to configure automatic security updates on your Debian 12 system. It's like giving your server a little robot butler to keep it safe!
Install Unattended Upgrades:
- First, install the
unattended-upgradespackage usingapt. This also installsapt-listchanges, which helpfully shows you what's changed in each package update.
sudo apt update sudo apt install unattended-upgrades apt-listchanges- First, install the
Configure Unattended Upgrades:
- Now, tweak the configuration file at
/etc/apt/apt.conf.d/50unattended-upgrades.
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades- Make sure it includes the following lines to enable automatic updates from the security repository and set up a nightly reboot (if needed):
Unattended-Upgrade::Allowed-Origins { “${distro_id}:${distro_codename}-security”; }; Unattended-Upgrade::Automatic-Reboot "true"; Unattended-Upgrade::Automatic-Reboot-Time "02:00";- This setup ensures your system automatically installs security updates and reboots at 2 AM if required.
- Now, tweak the configuration file at
Enable Automatic Updates:
- Edit the
20auto-upgradesfile to enable the automatic updates feature.
sudo nano /etc/apt/apt.conf.d/20auto-upgrades- Add these lines to make sure the package list is updated and the unattended upgrade runs daily:
APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Unattended-Upgrade "1";- Edit the
Test Unattended Upgrades:
- Test your setup to ensure everything is working correctly. Use the following command to simulate an unattended upgrade:
sudo unattended-upgrades --dry-run --debug- This command shows you what would happen during a real unattended upgrade, without actually installing anything.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.