Automatic Updates are configured to keep the system up to date without any user’s intervention. The automatic updates can be set for system packages, security patches, repositories (official and third-party), etc. In contrast, manual updates take dedicated time for even updating the security patches or features.

Being an open-source OS, Ubuntu offers updates frequently. You have to update your system to get the latest security patches, packages, and features on your system.

Today, we will demonstrate various methods to set up automatic updates on Ubuntu 24.04, i.e., the latest LTS of Ubuntu codename NobleNumbat.

Outline:

• Impact of Automatic Updates on Your Ubuntu 24.04
  • Pros
  • Cons
  • Is It Recommended to Set Automatic Updates for the Whole System?
• How to Set Up Automatic Updates on Ubuntu 24.04
  • Method 1: Using the Terminal | For Ubuntu Server and Desktop
  • Method 2: Using the GUI | For Ubuntu Desktop
  • Method 3: Create a Shell Script for Update and Upgrade
• Tip: Advanced Configurations for Unattended-Upgrades
  • Set the Email Prompt For Updates
  • Automatically Reboot the System After the Upgrade
  • Remove Unused New Dependencies
  • Remove Unused Packages
  • Remove the Unused Kernel-Packages
• Bottom Line

Impact of Automatic Updates on Your Ubuntu 24.04

Automatic updates are productive when run on specific OS components. Let’s discuss some pros and cons when going with the automatic updates:

Pros

• Automatic Updates ensure an up-to-date system.
• A controlled update mechanism keeps your system out of bugs and compatibility issues.
• Time-saving as manual updates may be forgotten by the user.

Cons

• If updates are not controlled, the system may break down. For instance, the automatic “dist-upgrade” command may raise a kernel version conflict.
• Update scale has an impact on the network performance, i.e., bandwidth. The larger the update size the larger will be the bandwidth.
• Updates requiring instant reboot without confirmation may result in wasting your current session’s progress.

All these Cons are controllable, Let’s see in the below section:

Is It Recommended to Set Automatic Updates for the Whole System?

No, it is not necessary nor recommended to set automatic updates for the whole system. The operating system includes various key performing utilities such as Kernel, web servers, etc. These are configured with multiple other components. Thus, they must be updated separately to avoid any operational disruption.

It is recommended to set the automatic updates for the security patch or some independent packages installed on your system. This is called the “Controlled Update Mechanism”. Thus, you need to go for a controlled mechanism while enabling the automatic updates.

Now, let’s see how you can enable or set up automatic updates safely.

How to Set Up Automatic Updates on Ubuntu 24.04

Likewise, in other Linux systems, Ubuntu 24.04 is also equipped with effective command line support. You can easily configure the updates from the terminal. Moreover, Ubuntu Desktop has interactive GUI support and you can set the automatic updates from GUI as well. Let’s go through these methods:

Method 1: Using the Terminal | For Ubuntu Server and Desktop

Ubuntu and other Debian-based systems offer the “Unattended Upgrades” utility which can be configured for automatic updates and upgrades. Here’s how “unattended-upgrades” deals with the updates:

• Security patches for the installed packages are downloaded and installed automatically
• This does not require any manual assistance, i.e., end-user involvement, therefore the keyword is unattended.

Let’s go through the steps of how you can use “unattended-upgrades” to configure the automatic updates:

Step 1: Install the Unattended-Upgrades utility

The “unattended-upgrade” package is installed by default. If not, use the below command:

sudo apt install unattended-upgrades

Step 2: Enable the Unattended-Upgrades

The unattended-upgrades configuration file is located at, “/etc/apt/apt.conf.d/50unattended-upgrades”. All the configurations of the “unattended-upgrades” package are set through this file. Open it in any editor and you will see the security updates-related commands are already uncommented:

For Ubuntu 24.04:

The following two lines in the “unattended-upgrades” config file are enough for updating the security patches, i.e., the controlled update mechanism.

• “${distro_id}:${distro_codename}”; This fetches the distribution and the distribution code, i.e., Ubuntu 24.04.
• “${distro_id}:${distro_codename}-security”; Only update the security of that fetched release.

For Extended Support Maintenance (ESM) Supported Releases:

The ESM-supported release includes the Linux system or kernel release that has completed its standard maintenance period and is backed up by Ubuntu for an extended period for providing updates.

• “${distro_id}ESMApps:${distro_codename}-apps-security”; This refers to the “app’s security” provided through Extended Support Maintenance (ESM)
• “${distro_id}ESM:${distro_codename}-infra-security”; Update the infrastructural security of the overall system through the ESM mechanism.

Step 3: Set the Automatic Update and Upgrade

The automatic update and upgrade parameters can be configured in the file “/etc/apt/apt.conf.d/20auto-upgrades”. Open the file in any editor, you will find the following two lines by default:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

The “Update-Package-Lists” updates the packages list and “Unattended-Upgrade” installs the configured updates (the updates you configured in Step 2).

Keep the values of the following parameters to “1” to do the update and upgrade automatically.

Step 4: Restart the unattended-upgrades

Since the “unattended-upgrades” are backed by a system service. So, restart the service to apply the changes:

sudo systemctl restart unattended-upgrades

Also, do check the status:

sudo systemctl status unattended-upgrades

The service is actively running.

Step 5: Run the unattended-upgrades

To test the functioning of the “unattended-upgrades”, you can run (or better dry run) the “unattended-upgrades” in “debug” mode to check for any errors/detailed output:

sudo unattended-upgrades --debug

Note: You can use the “–dry-run” flag instead of “–debug”. Both have the same purpose.

That’s how you can configure the automatic updates on Ubuntu 24.04.

Method 2: Using the GUI | For Ubuntu Desktop

The Software & Updates application in the GNOME-based Ubuntu handles the updates from the front end. Open the “Software & Updates” application and navigate to the “Updates” tab. Here, you need to set the value of “when there are security updates” to “Download and install automatically”:

Method 3: Create a Shell Script for Update and Upgrade

Apart from these “unattended-upgrades”, you can create an automated script and integrate that script into the “Startup Applications”. The “Startup Applications” manages the applications that are run on the system start-up. Let’s see how it works:

Step 1: Create a Shell Script

First, create a shell script with any name, and make it executable:

touch ~/autoupd.sh;sudo chmod +x ~/autoupd.sh

Step 2: Configure (Add Commands) the Shell Script

Now, you need to add the appropriate commands that you want to use. For instance:

• sudo apt update: To update the core libraries (packages list).
• sudo apt upgrade: To install all the loaded updates.
• sudo snap refresh: To update the installed snaps.
• flatpak update: Update the flatpak installed packages.

We have used the following three commands in the script:

Similarly, you can opt for any other update/upgrade-related command.

Step 3: Add the Script

Launch the “Startup Applications” in the applications menu:

The list of startup programs will appear. Click on the “Add” to add a new program:

Next, “Name” the Startup Program and provide the path of the script by clicking on the “Browse” button. Lastly, click on the “Add” button to add it as a “Startup Program”:

Here you can see the “Startup Program” has been added:

Tip: Advanced Configurations for Unattended-Upgrades

We have set up the automatic updates with the default settings. However, the “50unattended-upgrades” configuration file can be optimized to get the updates as per your requirements. Here we will list all those advanced-level configurations that enhance your overall experience with the updates:

Set the Email Prompt For Updates

The unattended-upgrades (automatic security patches update) can be linked with your email. For that,

you have to configure/map your email inside the unattended-upgrades configuration file.

Go to the email part of the file and uncomment the following line:

Unattended-Upgrade::Mail "";

And put your email inside the double quotes:

Now, you need to choose when you should get the email. You have three options:

• “always”: Emails you whenever an update is encountered, i.e., it does not matter whether the update is installed or not.
• “on-change”: Email is sent only when a change has occurred because of the update.
• “only-on-error”: Get the email only when an error is encountered while updating.

Uncomment the following line:

Unattended-Upgrade::MailReport "on-change";

Choose the value from any of the three, i.e., “always”, “on-change”, and “only-on-error”:

Note: After any change, you need to restart the “unattended-upgrades” service to apply the configurations.

sudo systemctl restart unattended-upgrades

Automatically Reboot the System After the Upgrade

Some updates are implemented after the system encounters a reboot. The unattended-upgrades allow

you can set the reboot functionality whenever the update is performed. Let’s see how it works:

• Reboot Automatically Without Confirmation

If any update requires a reboot, a temp file “/var/run/reboot-required” is generated. To reboot the system in such a case, uncomment the following line:

Unattended-Upgrade::Automatic-Reboot "true";

Keep its value “true”:

Note: To stop rebooting automatically, you can change the value from “true” to “false”.

• Reboot Even When Multiple Users are Logged In

Sometimes, the reboot process is halted if multiple users are logged in. To avoid such an occurrence, you need to uncomment the following parameter and set its value to “true”:

Unattended-Upgrade::Automatic-Reboot-WithUsers "true";

• Reboot After a Specific Interval

Since the reboot functionality set in the “Automatic-Reboot” parameter reboots the system instantly. However, you can set a specific time interval for the reboot process. Scroll down to the following line:

Unattended-Upgrade::Automatic-Reboot-Time "02:00";

And set its value to a specific time interval, i.e., 2:00 means 2 minutes after the reboot is required:

Remove Unused New Dependencies

If any new dependencies are installed with the upgrades and are useless, you can automatically remove

it. Open the “50unattended-upgrades” configuration file and uncomment this line:

Unattended-Upgrade::Remove-New-Unused-Dependencies "true";

Keep its value “true”:

Remove Unused Packages

Likewise dependencies, you can remove the unused old packages with each update. Uncomment the

following line in the configuration file:

Unattended-Upgrade::Remove-Unused-Dependencies "true";

Remove the Unused Kernel-Packages

The Kernel packages (Kernel Images, Kernel Headers, and tools for Kernel Version Lock) that were automatically installed with the updates can be removed by uncommenting the following line:

Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"

Remember to keep its value to “true”:

Similarly, you can navigate through the other parts of this file and configure the parameters as per your requirements.

Bottom Line

The automatic updates can be configured on Ubuntu 24.04 through the unattended-upgrades utility, the “Software & Updates” application, or the automated script as a Startup Up program. The safest way to set up automatic updates is by using the “unattended-upgrades”.

This post has demonstrated the possible ways to set up automatic updates on Ubuntu 24.04.