Applying software updates can be time-consuming, and your time is often better spent on just about anything else. Except that you also has to stay on top of security and stability updates. Here is how you can find equilibrium by having Fedora Workstation or Server to automatically download, and optionally install, updates as they become available.
Automated updates keep your system up to date with the latest security, stability, and feature updates for all your software that have been installed from a Fedora Linux repository. When configured, it allows you as the system administrator to spend your time doing other things than constantly having to update all the systems you maintain.
If you’re using any repositories other than the default repositories, including RPM Fusion, then you’ll want to read this companion article before proceeding. Updates maybe more complicated if your system differs too much from the Fedora Linux project’s expectations.
Fedora Linux’s automatic updates work very similarly unattended-upgrades in Ubuntu. Automated updates in Fedora Linux are part of the DNF package manager but the necessary components not installed by default in Fedora Workstation nor Server editions.
DNF offers similar automatic update features to the unattended-upgrades system in Ubuntu and Debian. Both systems share the limitation that they won’t automatically reboot the system to complete any updates.
To configure automatic updates, you’ll first need to install the dnf-automatic package:
dnf install dnf-automaticNext, you need to review the configuration file stored at /etc/dnf/automatic.conf. Here you’ll need to make some decisions about the level of automation you want for your system. The file has good inline documentation, and there are three important options you need to review:
- Do you want to update everything or just security updates? This is controlled by the
upgrade_typeoption which accepts two values:securityordefault(everything). - Do you want to download updates to the local package cache for faster manual installations? or do you want for updates to also be installed automatically? You control this by setting either the
download_updatesorapply_updatesoption toyes. (Setting the later toyesimplies the former is also set). - How do you want to be notified of updates? Fedora Linux’s default behavior is to log automated installations to the systemd journal. You can change this to send you logs to email or custom scripts by changing the
emit_viaoption.
Depending on the level of automation you’ve chosen (download or install), you need to start the corresponding systemd unit timer. Start and enable either dnf-automatic-download.timer or the dnf-automatic-install.timer using the following command:
systemctl enable --now dnf-automatic-install.timerThese services were called dnf-automatic.timer prior to DNF version 2.0. You should only start and enable one of the two services at a time. The install service will also download, while the download service only prefetches updates.
You should still manually verify that updates are applied from time to time. Keep in mind that you’ll need to reboot the system occasionally to apply all updates. Set up a monthly reoccurring reminder to check that your systems are up to date, and verify the systemd journal from previous automatic update cycles at the same time.
You may also want to configure DNF to use less bandwidth for system upgrades. (It uses more processor time instead.)