Cronning Security Updates

[jcohen]

If you're running hoary all updates will either be critical bug fixes or security updates so it should be safe to just setup cron-apt to install updates for you. If you have unofficial sources like Backports enabled, you'll want to use the method I outline below. If you don't have any unofficial repositories you don't need to uncomment "# OPTIONS="-q -o Dir::Etc::SourceList=/etc/apt/security.sources.list" and you don't need to create security.sources.list.

This actually isn't that difficult to do. I've done the same thing on Debian Sarge. You'll first need to install cron-apt:

sudo apt-get install cron-apt

Then, you'll need to edit /etc/apt/cron-apt/config

sudo gedit /etc/apt/cron-apt/config

If you want to receive emails of the upgrades on your regular email account chnage

# MAILTO="root" to
MAILTO="myemailaddress@myisp.com"

Change #MAILON="error" to
MAILON="upgrade"

Now, this is the important part. Find this line
# OPTIONS="-q -o Dir::Etc::SourceList=/etc/apt/security.sources.list" and change it to:

OPTIONS="-q -o Dir::Etc::SourceList=/etc/apt/security.sources.list"

Then you'll need to create the new security.sources.list

sudo gedit /etc/apt/security.sources.list

Add these lines to the new file:

deb http://security.ubuntu.com/ubuntu/ hoary-security main restricted universe multiverse

If you're just using main & restricted, remove multiverse and universe.

Now you'll need to edit /etc/cron-apt/action.d/3-download so that cron-apt downloads & installs upgrades. Otherwise it'll just download the updates and you'll need to install them yourself

sudo gedit /etc/cron-apt/action.d/3-download

Change "dist-upgrade -d -u -y" to
upgrade -u -y

Then run "sudo apt-get update" Cron-apt will run every morning at 4 am. you can change this setting by editing /etc/cron.d/cron-apt.

This is my setting which runs cron-apt and 12 noon and 6 PM every day.

0 12,18 * * * root test -x /usr/sbin/cron-apt