Docs / Server Management / How to Set Up Automatic Security Updates on Ubuntu

How to Set Up Automatic Security Updates on Ubuntu

By Admin · Feb 25, 2026 · Updated Apr 23, 2026 · 103 views · 1 min read

Why Automatic Updates?

Security vulnerabilities are discovered constantly. Automatic updates ensure your server gets critical patches without manual intervention, reducing the window of exposure.

Install Unattended Upgrades

sudo apt install -y unattended-upgrades apt-listchanges

Configure Automatic Updates

Edit /etc/apt/apt.conf.d/50unattended-upgrades:

Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}";
    "${distro_id}:${distro_codename}-security";
    "${distro_id}ESMApps:${distro_codename}-apps-security";
    "${distro_id}ESM:${distro_codename}-infra-security";
};

// Auto-remove unused dependencies
Unattended-Upgrade::Remove-Unused-Dependencies "true";

// Auto-reboot if required (at 3 AM)
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "03:00";

// Email notification
Unattended-Upgrade::Mail "admin@example.com";
Unattended-Upgrade::MailReport "on-change";

Enable the Update Timer

Edit /etc/apt/apt.conf.d/20auto-upgrades:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::AutocleanInterval "7";

Verify Configuration

# Dry run to test
sudo unattended-upgrades --dry-run --debug

# Check the log
cat /var/log/unattended-upgrades/unattended-upgrades.log

For Rocky/Alma Linux

sudo dnf install -y dnf-automatic

# Edit /etc/dnf/automatic.conf
# Set: apply_updates = yes

sudo systemctl enable --now dnf-automatic.timer

Was this article helpful?

Related Articles