It is all too easy to deploy your app, and keep doing your day job, only to log onto your server and notice that 124 packages are out of date. As Trump would say: Bad. Make sure part of your ongoing server maintenance procedures includes keeping an active eye on updates and applying these ASAP.
Automatic Updates
If you can talk your client into automatic updates, you can configure the unattended-updates to be run by cron and have all security patches automatically applied.
Manual Updates
To see the count of security packages that can should applied:
sudo /usr/lib/update-notifier/apt-check 2>&1 | cut -d ';' -f 2
To see the list of security packages that can be applied:
sudo unattended-upgrade --dry-run -d | grep 'Checking' | grep security | awk '{ print $2 }'
To apply updates
sudo apt-get update
sudo apt-get upgrade
If a reboot is required or desired for testing
sudo shutdown -r now
Share this
