Ubuntu: Unattended Upgrades for security patches

ubuntuIf you are running an Ubuntu server for any extended period of time, security issues will arise that affect the kernel, distribution, or packages installed on that host.

While there are always minimal risks associated with automatically applying security fixes, I feel those are dwarfed by the risks of running hosts that have known security flaws.  For example, a media frenzy over the OpenSSL vulnerability Heartbleed may have forced administrators the world over to go out and manually patch their fleet of Linux hosts, but the truth is there is a constant stream of public vulnerabilities.

Expecting system administrators to manually patch each of these (in addition to their other daily tasks) is unrealistic, and therefore Ubuntu provides a simple way of scheduling unattended security updates.

First, install the unattended-upgrades package:

> sudo apt install unattended-upgrades

Continue reading “Ubuntu: Unattended Upgrades for security patches”