VPS Tutorials
Tutorials for Virutal Private Servers and VPS Hosting

How to Setup cron-apt

Published on Aug 27, 2017

Keeping your server up-to-date with the latest patches is important, but if your VPS is only used for your hobby projects, it can become difficult to remember to always check for updates and keep the server up-to-date. Lucky for you, a program called “cron-apt” exists. Cron-apt by default runs daily and will check for what packages need to be updated by using APT (Advanced Package Tool). Further configuration of cron-apt allows for the results to be e-mailed directly to you.

Before installing cron-apt, it’s important to know that the software will not install new packages automatically. The program will only notify you and download new packages automatically and will not install the latest changes. The lack of automatic installation may seem like a disadvantage to some, but in reality it’s good practice to not automatically install updates since updates may require further configuration during the installation process or a new package may be incompatible with custom software on the server.

Since you’re interested in cron-apt and automatic notifications of new packages that are available for your system, our post about “Linux Mailing Lists” might interest you.

Installation and Configuration

We need to introduce our server to cron-apt. Since cron-apt uses APT you have to use a Linux distribution that uses APT, such as Debian or Ubuntu. This tutorial will use Debian 9 (Stretch) but should also work well with other versions and distributions. To install cron-apt we run the following command. It will most likely install a few dependencies and requires a MTA to be installed if one isn’t already installed.

$ apt install cron-apt

Once cron-apt is installed, it’s time for configuration. All of the configuration files for cron-apt are located in the directory “/etc/cron-apt/” and the default crontab entry is located at “/etc/cron.d/cron-apt.” To change the frequency in which cron-apt checks for updates you will need to edit the crontab entry.

To configure cron-apt to send e-mail notifications, open the file “/etc/cron-apt/config” and adjust the following variables. Don’t worry if the configuration file is empty, most default installations of cron-apt will have an empty configuration file. The two variables related to e-mail alerts are MAILON and MAILTO. For the MAILTO variable, you will want to set this to your e-mail address. By default it’s set to the “root” user of the system. The MAILON variable sets when e-mails should be sent and can have the value of error, upgrade, changes, output, always, and never. By default the MAILON variable is set to “error,” which isn’t useful to stay alerted about new updates.

# Configuration for cron-apt. For further information about the possible
# configuration settings see /usr/share/doc/cron-apt/README.gz.

MAILON="always"
MAILTO="sysadmin@example.com"

There are further configuration options, but the majority of the settings are seldom used and for highly specific environments. For more configuration details you can decompress the file “/usr/share/doc/cron-apt/README.gz” and read it’s contents. For your convenience the cron-apt README file is also available on our website.

Testing cron-apt

Once you have everything configured you want to make sure your setup and changes work without having to wait until 4AM when the cron job is scheduled to run. You can manually run the program and check your inbox, mail logs, and cron-apt logs to verify that the software is running smoothly.

$ /usr/sbin/cron-apt

If you are running into issues, be sure to check the logs. Looking at /var/log/syslog, /var/log/cron-apt, and /var/exim4/mainlog will usually yield the information to properly debug any issues you may run into.

Alternatives to cron-apt

There are many alternatives to cron-apt, but depending on your requirements finding a perfect match may be difficult. If you’re knowledgeable with shell scripting, writing your own script shouldn’t take long. In addition, with the new apt list --upgradable command, the output will be a lot clearer and you can easily see what packages need to be upgraded after running apt upate.

Other than creating your own shell script, APT actually can be configured to check for updates automatically with a fair bit of additional work than cron-tab takes to get setup. In addition, looking into “apt-listchanges” and “UnattendUpdates” could also work to install and notify you of updates automatically.

Get the latest deals, tutorials and fresh VPS information to your inbox monthly.