New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I run it via cron daily.
Depends;
a.) KernelCare
b.) Run it in cron on servers that aren't extremely important
c.) Run it manually once in a while, only immediately for security updates
Daily
install unattended-upgrades and it will do that automatically for you.
I do it via cron daily. So I don't forget it.
Cron - Update & reboot hourly.
Don't you guys call that "Task Scheduler"?
lol, love you too!
Means you restart daily?
Daily
There is a bug in ubuntu which results in
"update-rc.d warning that start and stop actions are no longer supported"
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1606600
You what? You guys do run apt-get upgrade via Cron? Doesn't that break everything you run once in a while?
It says that on the console only the stable updates are used.
After using this command which installs the "unattended-upgrades" package in the system to auto updates the packages.
sudo apt-get install unattended-upgrades
Use this to configure "unattended-upgrades" package to instruct.
sudo dpkg-reconfigure unattended-upgrades
Then it says this implying only the stable updates are installed.
I didn't test to see this works, because I started using my first vps a couple of days ago.
The repos' cache is updated daily. If a security advisory hits the cache, then such update is applied immediately and related services are reloaded. Any and all other updates are manually reviewed, I would never let a cron job accept any and all updates (unless you're running debian oldstable; I'm not running debian oldstable)
As I read now. It's better to install just security patches and leave the packages to manual update, and then use apticron to inform about new updates and changes of the packages after updating. Additionally use /etc/apt/apt.conf.d/50unattended-upgrades to get informed about the packages that need updates and have problems.
Should be done manualy, every day after the server backup is finished.
Depends on how often I expect stuff to get broken.
Thanks for the insights!
For my Centmin Mod LEMP stack servers
Do not upgrade from Ubuntu 14 to 16, there are some serious bugs at this time that may lock you out of your vps permanently.
I want for stability, so only when there is a big vulnerability on the news or if my software/service crashes and I'd need to restart stuff anyway.
never, if it's not broke, don't fix it
Mostly manually and everytime I login to a machine that doesn't host any mission critical stuff.
On productive machines I do it about once a month and look through the updates before upgrading.
I never apt-get, I always yum update. Well, that's cause I got a box with a centos all over it. But that's what I do when I want to do it, which I did just now.
That's the thing about kernels, man. Your distribution just keeps getting older, but they stay the same age.
Once a week unless there is a security vulnerability.
Weekly, unless there is a burning security issue. And manually, cause I don't trust any auto-update system. I prefer to be there to deal with any issues associated with updates as they occur.
Most importantly security updates daily via Unattended-upgrades or equivalent.
OoOoooOoo what's the IP on that poor box?
There's a bug in ubuntu where you have to use a program called "systemctl" to do everything...
You can clean out that centos crap pretty easily.
I know you're joking, but there's really two answers here:
(1) sysadmins, security dicks: "Every day."
(2) everyone else: "When I need to".
Software doesn't rust, really...it's just that people find new flaws. I watch my Internet-exposed systems a lot more than I do stuff buried behind the firewall. I know, I know...but the only one who might go rogue is me.