Question

14

Best practices for keeping EC2 Ubuntu machines updated

rated 0 times [ 14] [ 0] / answers: 1 / hits: 10364 / 2 Years ago, thu, april 14, 2022, 12:39:10

Following the recent heartbleed vulnerability of OpenSSL, I would like to keep my EC2 machines updated on a regular basis. The naive approach would be setting an hourly cron job for security updates (sudo apt-get update && sudo unattended-upgrade).

Are there any risks of doing that? Is there a recommended update mechanism for EC2 machines?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

odenanno

Add To Favorites

Follow

Total Points: 207

Total Questions: 113

Total Answers: 94

Location: South Korea

Member since Sat, Oct 2, 2021

3 Years ago

odenanno questions

1 Startup script not executing

Mon, Jun 6, 22, 17:37, 2 Years ago

1 apt-get is inconsistent on cluster, can't always find package (libmysqlclient21)

Sat, Jan 15, 22, 15:56, 2 Years ago

1 How do I get rid of all of these duplicates?

Fri, Dec 30, 22, 10:54, 1 Year ago

1 How to install Cozy Audiobook Player in Ubuntu 20.04 without Flatpak

Mon, Dec 12, 22, 06:53, 1 Year ago

1 What is the difference of installing ffmpeg through snap and apt-get?

Sat, Dec 10, 22, 21:10, 1 Year ago

View All

answered 2 Years ago finatch · Accepted Answer

The unattended-upgrades package is the standard way to automatically apply important bug fixes and security patches in Ubuntu.

I recommend installing this on every Ubuntu system:

sudo apt-get update &&

sudo apt-get install unattended-upgrades

You don't need to create your own cron job. The package installs one for you.

You can edit the default configuration if you'd like to alter its behavior:
https://help.ubuntu.com/lts/serverguide/automatic-updates.html