服务器与常用桌面环境不同,基本在部署好服务后就很少登录机器,除非有良好习惯才会经常上去检查更新。要想省心解决这个问题,可以设置系统自动检查安装更新。请注意,更新有风险
安装unattended-upgrades软件包
1
| sudo apt install unattended-upgrades
|
现在已经可以自动检查安全更新了,但我建议开启以下功能
自动移除不用的依赖
在配置文件/etc/apt/apt.conf.d/50unattended-upgrades中找到
1
| //Unattended-Upgrade::Remove-Unused-Dependencies "false"
|
并修改成
1
| Unattended-Upgrade::Remove-Unused-Dependencies "true"
|
即取消注释并将false改成true
也可以使用下面这条命令一键修改
1
| sudo sed -i "s#\/\/Unattended-Upgrade::Remove-Unused-Dependencies \"false\"#Unattended-Upgrade::Remove-Unused-Dependencies "true"#g" /etc/apt/apt.conf.d/50unattended-upgrades
|
启用自动重启
在配置文件/etc/apt/apt.conf.d/50unattended-upgrades中找到
1
| //Unattended-Upgrade::Automatic-Reboot "false"
|
并修改成
1
| Unattended-Upgrade::Automatic-Reboot "true"
|
即取消注释并将false改成true
也可以使用下面这条命令一键修改
1
| sudo sed -i "s#\/\/Unattended-Upgrade::Automatic-Reboot \"false\"#Unattended-Upgrade::Automatic-Reboot "true"#g" /etc/apt/apt.conf.d/50unattended-upgrades
|
特定时段的自动重启
在启用了自动重启的基础上,如果你想将重启时间设置在深夜,可以修改配置文件/etc/apt/apt.conf.d/50unattended-upgrades中的
1
| //Unattended-Upgrade::Automatic-Reboot-Time "02:00"
|
如修改成凌晨4:00重启
1
| Unattended-Upgrade::Automatic-Reboot-Time "04:00"
|
测试自动更新服务
完成上面设置后,建议运行一次更新命令测试更新服务是否正常。
1
| unattended-upgrade -v -d
|
再次声明:更新有风险,请谨慎使用该功能