This site is now 100% read-only, and retired.

Keeping unstable machines up to date easily.

Posted by Steve on Tue 16 Nov 2004 at 14:46

If you're running the Debian Unstable distribution you will probably want to keep it fairly current, so that you have the latest and greatest packages available to use. Running automated upgrades could be dangerous, but there is a simple way to keep your machine ready for updating at all times.

Because updating systems is usually a simple matter of running two commands people can be tempted to automate this.

The two commands used are:

apt-get update
apt-get upgrade


The first updates your systems package lists, so that apt can determine which packages on your system may be upgraded. The second actually performs the update.

Adding these two commands to a cron job (something that can be scheduled to occur at regular intervals with cron) is a tempting idea.

However it is a dangerous one. As the upgrade happens blindly you might miss out on important notes and questions.

An ideal compromise is to download the package lists and the packages that are available - but not actually install them.

For those users on broadband it makes sense to do this overnight. Every day your machine will download the packages, and when you are ready you simply run:

apt-get upgrade


This will actually do the upgrade live for you, without needing to actually download anything. Any questions that are asked will be done in front of you, and any important notes will be immediately visible.

To do this is a simple matter of placing a script in the directory /etc/cron.daily. The scripts in this directory are run automatically once a day, so it's a perfect location for us.

Create a script /etc/cron.daily/update-apt with the following contents:
#!/bin/sh
#
# Update APT's local packages, making them ready for
# upgrading at a later date.
#

# Clean packages, and download the latest lists
/usr/bin/apt-get clean
/usr/bin/apt-get update

# Now download the packages, but don't install them.
/usr/bin/apt-get --download-only --yes upgrade


Don't forget to make the script executable by running:
chmod 755 /etc/cron.daily/update-apt


Now your system should be ready, and tomorrow you should find that running apt-get upgrade takes only a short amount of time, as all the pending packages have been downloaded already.

 

 


Re: Keeping unstable machines up to date easily.
Posted by Anonymous (127.0.xx.xx) on Tue 16 Nov 2004 at 15:40
this is probably what the package cron-apt does: Description: Automatic update of packages using apt
This package contains a tool that is run by a cron job
at regular intervals. By default it just updates the package list and
download new packages without installing. You can instruct it to run
anything that you can do with apt-get.
.
It also sends mail (configurable) to the system administrator on
errors.
.
Observe that this tool is a security risk, so you should not set it
to do more than necessary (automatic upgrade of all packages is NOT
recommended).

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Steve (127.0.xx.xx) on Tue 16 Nov 2004 at 15:52
[ View Weblogs ]
A good pointer, thanks. I've seen this tool and a few others but thought it might be useful to show how to do it by hand.

-- Steve.org.uk

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Anonymous (127.0.xx.xx) on Tue 16 Nov 2004 at 15:41
This is exactly what is supposed to do the package cron-apt.
Hope nobody will get really disappointed by this. ;)

[ Parent ]

use autoclean, not clean
Posted by Anonymous (203.10.xx.xx) on Thu 6 Jan 2005 at 09:52
You probably want:
  apt-get update && apt-get autoclean && apt-get -dy upgrade
Since with "clean", you'll delete any packages you downloaded last night and download them again if you had not run the manual "apt-get upgrade" step. "autoclean" will remove packages no longer listed in the Packages files. --bod

[ Parent ]

Re: use autoclean, not clean
Posted by gonad (203.118.xx.xx) on Sun 1 May 2005 at 04:07
It is worth holding on to packages in your local archive, incase you need to roll back to a previous version of a package.

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Anonymous (134.96.xx.xx) on Thu 5 May 2005 at 19:40
apt-get upgrade is not correct, it is only recommended for the stable distribution. If you're using testing or unstable do apt-get -du dist-upgrade or dselect-upgrade. Read the fabulous manual if you wonder why.


And don't even think about having automated upgrades.

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Anonymous (212.199.xx.xx) on Sat 22 Oct 2005 at 12:56
A preffered IMHO method would be to use the debina apt options : APT::Periodic::Update-Package-Lists, APT::Periodic::Download-Upgradeable-Packages and APT::Periodic::AutocleanInterval.

See comments in /etc/cron.daily/apt for more information.

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by ajt (85.211.xx.xx) on Wed 9 Apr 2008 at 18:58
[ View Weblogs ]
That looks much cleaner, how do I write the configuration file to do it though?

--
"It's Not Magic, It's Work"
Adam

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Anonymous (130.233.xx.xx) on Tue 13 May 2008 at 11:09
I have the following in /etc/apt/apt.conf.d/11periodic:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Elan (88.162.xx.xx) on Wed 17 Dec 2014 at 11:08

Easiest is to install unattended-upgrades.

echo 'unattended-upgrades unattended-upgrades/enable_auto_updates boolean true' |sudo debconf-set-selections
sudo apt-get install unattended-upgrades

[ Parent ]

Re: Keeping unstable machines up to date easily.
Posted by Steve (94.15.xx.xx) on Thu 18 Dec 2014 at 09:29
[ View Weblogs ]

Do remember this was originally posted in 2004, before unattended-upgrades was present..

Steve

[ Parent ]