How to enable automatic updates in Linux (Fedora/Centos, Debian/Ubuntu and Arch)

Following the unix way, “everything is scriptable, whether the author intended it to be or not” and “anything should be possible to be automated” here is a way to automatically update a few Linus distros.

$ sudo yum install yum-cron

## el6
$ cat /etc/sysconfig/yum-cron
$ service start yum-cron
$ chkconfig yum-cron on

## el7
$ cat /etc/yum/yum-cron.conf
download_updates = yes
apply_updates = yes
emit_via = stdio
$ systemctl start yum-cron.service
$ systemctl enable yum-cron.service

$ tail -f /var/log/yum.log

from automatic-updates in centos6 and automatic-updates in centos7

$ sudo apt-get install unattended-upgrades

## using 20auto-upgrades
$ sudo dpkg-reconfigure -plow unattended-upgrades
$ cat /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

## or using 02periodic,10periodic
$ cat /etc/apt/apt.conf.d/02periodic
// Enable the update/upgrade script (0=disable)
APT::Periodic::Enable "1";
// Do "apt-get update" automatically every n-days (0=disable)
APT::Periodic::Update-Package-Lists "1";
// Do "apt-get upgrade --download-only" every n-days (0=disable)
APT::Periodic::Download-Upgradeable-Packages "1";
// Run the "unattended-upgrade" security upgrade script every n-days (0=disabled)
APT::Periodic::Unattended-Upgrade "1";
// Do "apt-get autoclean" every n-days (0=disable)
APT::Periodic::AutocleanInterval "5";

$ service unattended-upgrades start
$ tail -f /var/log/apt/history.log /var/log/unattended-upgrades/*

from automatic-updates in debian

  • pacman@arch doing automatic updates from cron is strongly discouraged. It is likely to leave your machine in a broken and unbootable state.
'-S, --sync' synchronize packages, they are installed directly from the remote repositories, including all dependencies
'-u, --sysupgrade' upgrades all packages that are out-of-date
'-y, --refresh' download fresh copy of package list
'-w, --downloadonly' retrieve all packages from the server, but do not install/upgrade anything
'-q, --quiet'

$ yes | pacman -Syuq
# or download only
$ yes | pacman -Syuwq

## in cron
$ cat /etc/cron.daily/pacman-update
yes | pacman -Syuwq

## in systemd timers 
$ cat /etc/systemd/system/pacman-update.service
Description=Pacman update
ExecStart=/usr/bin/yes | /usr/bin/pacman/pacman -Syuwq
$ cat /etc/systemd/system/pacman-update.timer
Description=Run pacman update daily

from Update packages from crontab@arch


