Hi
Is it best practice to have automatic updates on?
Can having automatic updates causes any issues with breaking software etc… or are updates fairly stable?
Thanks for any input here, this is where experience comes in handy.
Depends on how often you’re in the system. Ideally, you’d pay attention when updates are installed, as updates can break things (though they rarely do). I use automatic updates on systems that I won’t be logging into often, but I usually use the system-provided automatic updates tool rather than the one in Webmin (you can just install unattended-upgrades on Debian/Ubuntu, for example: UnattendedUpgrades - Debian Wiki or dnf-automatic on RHEL and derivatives: Chapter 7. Automating software updates in RHEL 9 Red Hat Enterprise Linux 9 | Red Hat Customer Portal).
For systems I am logging into regularly, or that are critical, I run the updates manually, and I make sure I pay attention to security-related updates for packages I’m using, so that I intentionally visit all my non-automatically updating systems to update when major issues arise.
In short: If you will make it a practice to become aware of security updates (subscribe to the necessary mailing list(s) for your OS, for instance), then the safest option is to upgrade manually, watch the log of packages to make sure there are no errors, and test immediately after upgrades to be sure everything is happy. But, because it is very dangerous to run unpatched systems, automatic updates are the better choice if you won’t be proactive about updates and becoming aware of security issues in the wild when they come up.
Daily is reasonable.
Perfect answer, thanks.
This would make an excellent FAQ article.
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.