Debian

How to Configure Automated Security Updates on Debian 11

Debian is a widely used Distro of Linux and updating the system and packages are important to protect the privacy and security of the system. In Debian, there is a feature known as unattended upgrades that allows you to upgrade the system automatically. This feature enables the automatic downloading, installing, and configuration of security updates, ensuring that the system is always up-to-date and secure.

In this article, we will discuss how to configure the automatic security updates on Debian using unattended upgrades.

Configure Automated Security Updates on Debian

The configuration of unattended upgrades on Debian 11 is a straightforward process and can easily be done via the terminal. However, before installing, ensure the system is up to date, and for that run the following command:

sudo apt update && sudo apt upgrade

Next, execute the following command in the terminal to install or confirm the installation of the unattended upgrades on the Debian system:

sudo apt install unattended-upgrades

By default, it’s already installed on Debian system.

Now enter the following command in the terminal to confirm whether the unattended upgrades are working properly or not:

sudo unattended-upgrades --dry-run --debug

To check the status of the unattended upgrades on Debian, use the systemctl command:

sudo systemctl status unattended-upgrades.service

Modify the Configuration File of the Unattended Upgrades

You can use any text editor to modify the configuration file. Here we are using the nano to open the configuration file of the unattended upgrades:

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Once the file is opened, you can make changes to it, and remove the // to make that function active.

In the file you will notice a section that looks like this, remove the // marks from the lines to enable the updates:

"origin=Debian,codename=${distro_codename}-updates";

"origin=Debian,codename=${distro_codename}-proposed-updates";

"origin=Debian,codename=${distro_codename},label=Debian";

"origin=Debian,codename=${distro_codename},label=Debian-Security";

Save the file using “CTRL+X”, add “Y” and press Enter.

Enable Unattended Upgrades on Debian 11

To enable the unattended upgrades on your system, you will need to configure the file. Enter the following command in the terminal and hit Enter:

sudo dpkg-reconfigure --priority=low unattended-upgrades

A pop-up will appear on your screen, choose Yes to enable the unattended upgrades on Debian.

Note: It’s better to reboot the system to apply the automatic changes to Debian.

Disable Unattended Upgrades on Debian 11

Although the unattended upgrades are useful, you can disable them anytime by executing the following command again.

sudo dpkg-reconfigure --priority=low unattended-upgrades

The following pop-up will appear, select the No to disable them:

Bottom Line

Configuring the unattended upgrades is an effective feature in the Debian system that automates the process of installing the updates on the system. This will help them keep your system up to date. It’s already installed on Debian; however, you need to configure it and then enable its service to ensure installing the automatic update on the system.

About the author

Zainab Rehman

I'm an author by profession. My interest in the internet world motivates me to write for Linux Hint and I'm here to share my knowledge with others.