Is it safe to set a cron job for apt-get upgrade?

Question

Is it a good idea to create a cron job for apt-get update; apt-get upgrade for my webserver?

So not apt-get dist-upgrade.

Why `apt-get update; apt-get upgrade` instead of `apt-get update && apt-get upgrade`? — Mateusz Piotrowski, Apr 03 '16 at 15:20
@MateuszPiotrowski So it runs the next command only on 0 return? Thanks for the info. Didn't know that. — The Quantum Physicist, Apr 03 '16 at 15:44

score 9 · Accepted Answer · answered Apr 03 '16 at 15:22

Yes, to a limited extent. But you don't have to. There's a package called unattended-upgrades that will do it for you.

Description-en: automatic installation of security upgrades
 This package can download and install security upgrades automatically
 and unattended, taking care to only install packages from the
 configured APT source, and checking for dpkg prompts about
 configuration file changes.
 .
 This script is the backend for the APT::Periodic::Unattended-Upgrade
 option.

This package is intended for use with security upgrades, as the description suggests. Automated installation of security upgrades is a reasonably safe option. Doing other kinds of unattended upgrades is riskier.

Thanks for the precious information! Unless I get something better, I'll check your answer as the one :) — The Quantum Physicist, Apr 03 '16 at 15:47

score 1 · Answer 2 · answered Apr 03 '16 at 15:20

It depends: this question will get different opinions. My experience is that following Debian testing requires frequent intervention to keep the upgrades from being blocked. Also, there are (not infrequent) breakages due to upgrades, including persistent problems with NFS and kernel upgrades.

More generally, system upgrades work better when you've time to set aside for recovering from occasional failures.

Is it safe to set a cron job for apt-get upgrade?

2 Answers2