Automate your Ubuntu updates with a simple command.

Nov 17

One of the very annoying things about having multiple Linux systems (or virtual machines) in the house is that you constantly need to keep them patched and updated. Sure, they are not as vulnerable as some Windows systems but it is still good practice to keep your systems nicely patched. So instead of doing sudo apt-get upgrade every time (or worse , getting a popup from the update manager while you are just in the middle of watching your favorite Youtube video about bunnies ) .. lets schedule this.

Scheduling things is not bad , but you have to be careful just WHAT you want those systems to do. You don’t want to wake up one morning and see that your LTS (long term support) workstation has just done a make-over and rolled onto the cutting edge version of the new release of your operating system. So kernel and distro upgrades should not be a part of your schedule.

The command we choose to use is Aptitude. With the following string you can do an update and upgrade on the same line.

/usr/bin/aptitude -y update && /usr/bin/aptitude -y safe-upgrade

So what does it do ?

“-y” makes sure that you don’t have to type YES at the end of the command.

” safe-upgrade” means that kernell or distro upgrades are a “nono”

“&&” links the commands together.

How to schedule it.

Simple. Log in as a user with root access and type “crontab -e”

next ad the following line to your cron

0 1 * * * /usr/bin/aptitude -y update && /usr/bin/aptitude -y safe-upgrade

Thats it. Now the the upgrade is executed every single night at 1 am. 

source. Kevin van Zonnevelds blog.


Related Posts


  1. What an excellent find! Sometimes the simplest things are the most helpful.

    An additional note:
    “&&” links two commands together, but will not execute the second if the first one failed.

    I didn’t know that last part. Very useful.

    I’d recommend readers also look at the link to Kevin van Zonnevelds blog. He includes a way to log the results. That’s good if something goes wrong.

  2. nice tip which with minor alterations will work on most Linux distros. But this is something which should be used carefully. don’t use it in a business setting where updates should be tested before being rolled out

  3. Knightwise… Have you actually tried this? I have tried it “as written”, with and without the log file suggested by Zonnevelds. I have found that aptitude fails to run, and no log file is generated. I suspect that it’s because aptitude needs to run a root. How have you got it working?

  4. Knightwise, and everyone:

    I re-read the post and found that I had missed a critical sentence:

    “Log in as a user with root access and type ‘crontab -e'”

    The critical word I missed was “root”

  5. knightwise

    Correct , if you run crontab -e (and you are logged in as the root user) all the cronjobs will be preformed with root-privileges.

  6. Robert Wooden

    This is a great idea. I took it one step farther . . . well maybe two. My corntab line looks like this: “45 23 * * * logger “ran update script”;/usr/bin/aptitude -y update && /usr/bin/aptitude -y safe-upgrade && /usr/bin/aptitude -y autoclean”

    This sends an entry to my log file. Does your auto upgrade script and then I added ‘autoclean’ to delete old packages that have just been upgraded. Thanks for the idea. I do enjoy your podcast style.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.