How to set up automatic updates on Ubuntu Server 18.04, 20.04 or 22.04

Last updated on October 5, 2022

This guide explains how to configure automatic updates in Ubuntu Server 18.04 “Bionic Beaver”, Ubuntu 20.04 “Focal Fossa” or Ubuntu 22.04 “Jammy Jellyfish”

Step 1: package installation

Install the unattended-upgrades package:
sudo apt install unattended-upgrades

This package may already be installed on your server.

Step 2: configure automatic updates

Edit the configuration file (here with nano – replace with any other text editor):
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

The beginning of the configuration file should look like this:

Anything after a double slash “//” is a comment and has no effect. To “enable” a line, remove the double slash at the beginning of the line (replace with nothing or with spaces to keep alignment).

The most important: uncomment the “updates” line by deleting the two slashes at the beginning of it:
"${distro_id}:${distro_codename}-updates";

Recommended: remove unused kernel packages and dependencies and make sure the system automatically reboots if needed by uncommenting and adapting the following lines:
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
↑ Ubuntu Server 18.04: You may have to add a semicolon at the end of this line. Fixed in 20.04. ↑
Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "02:38";

To save your changes in nano, use Ctrl + O followed by Enter. To quit, use Ctrl + X.

How to get email notification after automatic updates

Uncomment and adapt the following lines to ensure you’ll be notified if an error happens:

Please note: your server needs to be able to send emails – which is mostly not the case by default! If you didn’t install and configure Postfix on your server, email notifications will NOT work.

Step 3: enable automatic updates

Enable automatic updates and set up update intervals by running:
sudo nano /etc/apt/apt.conf.d/20auto-upgrades

In most cases, the file will be empty. In Ubuntu 22.04, the file has only two lines by default. Change or insert the following lines:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";

The time interval is specified in days, feel free to change the values. Save changes and exit.

Step 4: check if it works

You can see if the auto-upgrades work by launching a dry run:
sudo unattended-upgrades --dry-run --debug

The dry-run may output something like this:

Unattended upgrades on Ubuntu Server 18.04 Bionic Beaver

Depending on your server configuration, the output may look less clean, which is OK:

Run automatic upgrades on Linux

Another way to check if automatic updates work is waiting a few days and checking the unattended upgrades logs:
cat /var/log/unattended-upgrades/unattended-upgrades.log

Done! Ubuntu Server 18.04 / 20.04 / 22.04 should now update itself once a day.

This tutorial is based on the following article:
Ubuntu.com » Community Help Wiki » AutomaticSecurityUpdates

By Johannes Eva, April 2018 – October 2022

Articles by categories

Most Read Articles

Comments

7 thoughts on “How to set up automatic updates on Ubuntu Server 18.04, 20.04 or 22.04”

  1. Pingback: LINUX SERVER MANAGE TIPS – CFC Studio

  2. Personally, I would not recommend to configure the auto reboot (step 2).
    One of the good things about linux is that nearly all updates do not require system reboot.
    This setting makes linux behave like windows, doesn’t it?

    1. It does need to reboot on kernel updates however. And this apparently checks whether a reboot is required before rebooting.

    2. Stu*** comment… you’re just saying it shouldn’t do it because it shouldn’t behave like Windows. Something is not wrong, just because has the same behaviour. Then Linux shouldn’t store data in files, because Windows does the same, it shouldn’t use SSDs, USB disks, ..

  3. Don’t uncomment ${distro_id}:${distro_codename}-updates unless you know what you’re doing. This will enable unattended NON-SECURITY updates, which may break your server configuration.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.