|
|
| Zeile 1: |
Zeile 1: |
| Um den Raspberry automatisch zu aktualisieren, was aus sicherheitstechnischen Gründen ratsam ist, müsst Ihr das Paket '''unattended-upgrades''' installieren. Dieses installiert Ihr über
| | Das Tutorial wurde auf Gargi.org verschoben: https://www.gargi.org/index.php?title=Automatische_Updates |
| | |
| <code><pre>apt-get install unattended-upgrades</pre></code>
| |
| | |
| Danach passt Ihr unter '''/etc/apt/apt.conf.d/''' die Datei '''50unattended-upgrades''' Euren Bedürfnissen an. In der Regel sollte es nur die Ziel E-Mail Adresse sein, ich habe die Archive einwenig erweitert, da ich nicht nur die Securityupdates ziehen wollte. Der Rest ist schön in der Datei kommentiert:
| |
| | |
| <code><pre>// Automatically upgrade packages from these origin patterns
| |
| Unattended-Upgrade::Origins-Pattern {
| |
| // Archive or Suite based matching:
| |
| // Note that this will silently match a different release after
| |
| // migration to the specified archive (e.g. testing becomes the
| |
| // new stable).
| |
| // "o=Raspbian,a=stable";
| |
| // "o=Raspbian,a=stable-updates";
| |
| // "o=Raspbian,a=proposed-updates";
| |
| // "origin=Raspbian,archive=stable,label=Raspbian-Security";
| |
| "origin=Raspbian,archive=stable";
| |
| "origin=Raspbian,archive=oldstable";
| |
| };
| |
| | |
| // List of packages to not update
| |
| Unattended-Upgrade::Package-Blacklist {
| |
| // "vim";
| |
| // "libc6";
| |
| // "libc6-dev";
| |
| // "libc6-i686";
| |
| };
| |
| | |
| // This option allows you to control if on a unclean dpkg exit
| |
| // unattended-upgrades will automatically run
| |
| // dpkg --force-confold --configure -a
| |
| // The default is true, to ensure updates keep getting installed
| |
| //Unattended-Upgrade::AutoFixInterruptedDpkg "false";
| |
| | |
| // Split the upgrade into the smallest possible chunks so that
| |
| // they can be interrupted with SIGUSR1. This makes the upgrade
| |
| // a bit slower but it has the benefit that shutdown while a upgrade
| |
| // is running is possible (with a small delay)
| |
| //Unattended-Upgrade::MinimalSteps "true";
| |
| | |
| // Install all unattended-upgrades when the machine is shuting down
| |
| // instead of doing it in the background while the machine is running
| |
| // This will (obviously) make shutdown slower
| |
| //Unattended-Upgrade::InstallOnShutdown "true";
| |
| | |
| // Send email to this address for problems or packages upgrades
| |
| // If empty or unset then no email is sent, make sure that you
| |
| // have a working mail setup on your system. A package that provides
| |
| // 'mailx' must be installed. E.g. "user@example.com"
| |
| Unattended-Upgrade::Mail "meine@e.mail";
| |
| | |
| // Set this value to "true" to get emails only on errors. Default
| |
| // is to always send a mail if Unattended-Upgrade::Mail is set
| |
| //Unattended-Upgrade::MailOnlyOnError "true";
| |
| | |
| // Do automatic removal of new unused dependencies after the upgrade
| |
| // (equivalent to apt-get autoremove)
| |
| Unattended-Upgrade::Remove-Unused-Dependencies "true";
| |
| | |
| // Automatically reboot *WITHOUT CONFIRMATION* if a
| |
| // the file /var/run/reboot-required is found after the upgrade
| |
| //Unattended-Upgrade::Automatic-Reboot "false";
| |
| | |
| | |
| // Use apt bandwidth limit feature, this example limits the download
| |
| // speed to 70kb/sec
| |
| //Acquire::http::Dl-Limit "70";</pre></code>
| |
| | |
| Danach legt eine neue Datei im gleichen Verzeichnis an:
| |
| | |
| <code><pre>nano 02periodic</pre></code>
| |
| | |
| Die füllt Ihr mit folgendem Inhalt um die Zeitsteuerung festzulegen:
| |
| | |
| <code><pre>// Enable the update/upgrade script (0=disable)
| |
| APT::Periodic::Enable "1";
| |
| | |
| // Do "apt-get update" automatically every n-days (0=disable)
| |
| APT::Periodic::Update-Package-Lists "1";
| |
| | |
| // Do "apt-get upgrade --download-only" every n-days (0=disable)
| |
| APT::Periodic::Download-Upgradeable-Packages "1";
| |
| | |
| // Run the "unattended-upgrade" security upgrade script
| |
| // every n-days (0=disabled)
| |
| // Requires the package "unattended-upgrades" and will write
| |
| // a log in /var/log/unattended-upgrades
| |
| APT::Periodic::Unattended-Upgrade "1";
| |
| | |
| // Do "apt-get autoclean" every n-days (0=disable)
| |
| APT::Periodic::AutocleanInterval "7";</pre></code>
| |
| | |
| Ab dann wird automatisch auf Updates geprüft und installiert, sollten welche vorhanden sein.
| |