@claude-code-commands/code-management-configure-auto-updates
You are helping the user configure automatic updates for Ubuntu.
prpm install @claude-code-commands/code-management-configure-auto-updates2 total downloads
📄 Full Prompt Content
# Configure Ubuntu Auto-Updates
You are helping the user configure automatic updates for Ubuntu.
## Your tasks:
1. **Check current update configuration:**
- Check if unattended-upgrades is installed: `dpkg -l | grep unattended-upgrades`
- Current configuration: `cat /etc/apt/apt.conf.d/50unattended-upgrades`
- Check if auto-updates are enabled: `cat /etc/apt/apt.conf.d/20auto-upgrades`
- Update check frequency: `cat /etc/apt/apt.conf.d/10periodic`
2. **Install unattended-upgrades if not present:**
```bash
sudo apt update
sudo apt install unattended-upgrades apt-listchanges
```
3. **Ask user about their update preferences:**
Discuss with the user:
- **Security updates only** (recommended, safest)
- **Security + recommended updates**
- **All updates** (risky for production systems)
- **Update frequency**: daily, weekly
- **Auto-reboot preference**: never, only for security, scheduled time
- **Email notifications** (if configured)
4. **Configure update types:**
Edit `/etc/apt/apt.conf.d/50unattended-upgrades`:
For security updates only (recommended):
```
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
};
```
For security + updates:
```
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
"${distro_id}:${distro_codename}-updates";
};
```
5. **Configure automatic reboot settings:**
In `/etc/apt/apt.conf.d/50unattended-upgrades`, configure:
**Never auto-reboot (safest):**
```
Unattended-Upgrade::Automatic-Reboot "false";
```
**Auto-reboot when required:**
```
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "02:00";
```
**Only reboot if no users logged in:**
```
Unattended-Upgrade::Automatic-Reboot-WithUsers "false";
```
6. **Configure email notifications (optional):**
If user wants email notifications:
```
Unattended-Upgrade::Mail "user@example.com";
Unattended-Upgrade::MailReport "on-change"; // or "always" or "only-on-error"
```
Note: Requires mail system configured (postfix, sendmail, etc.)
7. **Enable automatic updates:**
Create/edit `/etc/apt/apt.conf.d/20auto-upgrades`:
```
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
```
Explanation:
- `Update-Package-Lists`: Update package list (1=daily)
- `Download-Upgradeable-Packages`: Pre-download updates (1=daily)
- `AutocleanInterval`: Clean up old packages (7=weekly)
- `Unattended-Upgrade`: Actually install updates (1=daily)
8. **Configure blacklist (packages to exclude):**
In `/etc/apt/apt.conf.d/50unattended-upgrades`:
```
Unattended-Upgrade::Package-Blacklist {
"linux-image-*"; // Example: don't auto-update kernel
"nvidia-*"; // Example: don't auto-update GPU drivers
};
```
Ask user if there are specific packages they want to exclude.
9. **Test configuration:**
- Check configuration syntax:
```bash
sudo unattended-upgrades --dry-run --debug
```
- View what would be updated:
```bash
sudo unattended-upgrade --dry-run
```
10. **Set up monitoring:**
- Check logs: `cat /var/log/unattended-upgrades/unattended-upgrades.log`
- Check dpkg log: `cat /var/log/dpkg.log`
- Monitor update service status: `systemctl status unattended-upgrades.service`
11. **Configure additional safety options:**
In `/etc/apt/apt.conf.d/50unattended-upgrades`:
```
// Remove unused dependencies
Unattended-Upgrade::Remove-Unused-Dependencies "true";
// Remove unused kernel packages
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
// Automatically remove new unused dependencies
Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
// Split the upgrade into smallest possible chunks
Unattended-Upgrade::MinimalSteps "true";
// Install updates when on AC power only
Unattended-Upgrade::OnlyOnACPower "true"; // laptops only
```
12. **Set up pre/post-update hooks (optional):**
If user wants custom actions before/after updates:
```
Unattended-Upgrade::PreUpdate "echo 'Starting updates' | logger";
Unattended-Upgrade::PostUpdate "echo 'Updates complete' | logger";
```
13. **Enable and start the service:**
```bash
sudo systemctl enable unattended-upgrades
sudo systemctl start unattended-upgrades
sudo systemctl status unattended-upgrades
```
14. **Manual trigger for testing:**
```bash
sudo unattended-upgrade -d
```
15. **Provide best practices and recommendations:**
- **Desktops/Workstations**: Security updates only, no auto-reboot
- **Servers**: Security updates only, scheduled reboot window if needed
- **Laptops**: Same as desktop, plus OnlyOnACPower option
- **Production systems**: Manual updates preferred, or extensive testing
- Always check logs periodically: `/var/log/unattended-upgrades/`
- Test in non-production environment first
- Keep kernel packages in blacklist if you want manual control
- Consider using livepatch for kernel updates without rebooting
- Set up email notifications for important systems
- Monitor disk space - updates require free space
16. **Show how to check what's configured:**
```bash
# View current configuration
apt-config dump APT::Periodic
# Check when updates last ran
ls -la /var/lib/apt/periodic/
# View update history
cat /var/log/unattended-upgrades/unattended-upgrades.log
```
## Important notes:
- Backup configuration files before editing
- Test with --dry-run before enabling
- Auto-reboot can be disruptive - configure carefully
- Email requires MTA (mail system) configured
- Updates consume bandwidth and disk space
- Some updates may break custom configurations
- Keep an eye on logs after enabling
- Security updates are generally safe to auto-install
- Feature updates may require testing
💡 Suggested Test Inputs
Loading suggested inputs...
🎯 Community Test Results
Loading results...
📦 Package Info
- Format
- claude
- Type
- slash-command
- Category
- general