FixPedia
Linux

Managing Ubuntu Updates: Configuring Automatic and Manual Updates

This guide explains how to manage system updates in Ubuntu: configure automatic updates, install updates manually, and defer them. Suitable for Ubuntu 20.04, 22.04, and 24.04.

Updated at February 16, 2026
10-15 min
Medium
FixPedia Team
Применимо к:Ubuntu 20.04 LTSUbuntu 22.04 LTSUbuntu 24.04 LTS

Introduction / Why This Matters

Managing updates in Ubuntu is a critical task for maintaining system security, stability, and currency. Regular updates patch vulnerabilities, fix bugs, and add new features. However, automatic updates can sometimes disrupt services or require reboots at inconvenient times. This guide will help you configure updates to suit your needs: enable automatic installation of security updates only, disable automation completely, or manage updates manually via the terminal. You will also learn how to temporarily hold specific packages to avoid unwanted changes.

Prerequisites / Preparation

Before you begin, ensure that:

  • You have Ubuntu 20.04 LTS, 22.04 LTS, or 24.04 LTS installed.
  • You have terminal access (Ctrl+Alt+T) and superuser privileges (sudo).
  • Your system is connected to the internet to download updates.

Step 1: Checking Available Updates

Before installing anything, always check the list of available updates. This gives you an understanding of which packages will change and allows you to assess the impact on your system.

# Update package cache (information about latest versions)
sudo apt update

# Show list of packages ready for upgrade
apt list --upgradable

The output of apt list --upgradable will look something like this:

libc6/jammy-updates 2.35-0ubuntu3.2 amd64 [upgradable from: 2.35-0ubuntu3.1]
openssl/jammy-updates 3.0.2-0ubuntu1.10 amd64 [upgradable from: 3.0.2-0ubuntu1.9]
...

Step 2: Installing Updates Manually

If you are ready to update, install the packages. The basic option is apt upgrade, which upgrades packages without removing existing ones. For a more comprehensive upgrade (e.g., when dependencies change), use apt full-upgrade.

# Install all available updates (without removing packages)
sudo apt upgrade

# Alternative: upgrade with possible package removal to resolve dependencies
sudo apt full-upgrade

💡 Tip: Add the -y flag for automatic confirmation (e.g., sudo apt upgrade -y), but be cautious—you won't see the list of changes before installation.

Step 3: Configuring Automatic Updates (unattended-upgrades)

The unattended-upgrades package is used for automatic installation of updates (especially security ones) in the background. It is installed by default on many Ubuntu versions but may be disabled.

Installation and Basic Configuration

# Install the package (if not installed)
sudo apt install unattended-upgrades

# Enable automatic updates
sudo dpkg-reconfigure --priority=low unattended-upgrades

In the interactive menu, select Yes for automatic installation of security updates.

Detailed Configuration

The main configuration file is /etc/apt/apt.conf.d/50unattended-upgrades. Edit it to specify exactly which updates to install automatically.

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Find the Unattended-Upgrade::Allowed-Origins section and uncomment the lines that match your needs. For example, to automatically install only security updates:

Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}-security";
    // Comment out other lines if you want only security updates
    // "${distro_id}:${distro_codename}-updates";
    // "${distro_id}:${distro_codename}-proposed";
    // "${distro_id}:${distro_codename}-backports";
};

You can also configure automatic reboots when necessary (e.g., after a kernel update):

Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "02:00";

Status Check

After configuration, verify that the service is active:

sudo systemctl status unattended-upgrades

Logs for automatic updates are stored in /var/log/unattended-upgrades/.

Step 4: Disabling Automatic Updates

If you prefer full control over the update process, disable unattended-upgrades.

# Stop the service
sudo systemctl stop unattended-upgrades

# Disable autostart on system boot
sudo systemctl disable unattended-upgrades

⚠️ Important: Only disable automatic updates if you have an alternative control mechanism (e.g., regular manual checks). This leaves the system vulnerable to missing security updates.

Step 5: Managing Individual Packages (Holding and Unholding)

Sometimes you need to temporarily prevent a specific package from updating (e.g., if it causes conflicts). Use apt-mark to hold (freeze) and unhold packages.

# Hold a package (e.g., nginx)
sudo apt-mark hold nginx

# Check list of held packages
apt-mark showhold

# Unhold a package
sudo apt-mark unhold nginx

After holding a package, it will not be updated even during apt upgrade. To update a held package, unhold it first.

Step 6: Graphical Interface (Update Manager)

For users who prefer a GUI, Ubuntu includes Update Manager (the update-manager program). It is accessible from the applications menu or via the command:

update-manager

In Update Manager settings (click the Settings button), you can:

  • Choose the frequency of update checks.
  • Specify which updates to install automatically (security only or all).
  • Configure notifications.

The graphical interface uses the same repositories and mechanisms as apt, so it does not conflict with the command line.

Verification

After configuration, ensure everything works as expected:

  1. For automatic updates: check logs in /var/log/unattended-upgrades/ or run sudo unattended-upgrade --dry-run for a test run.
  2. For manual updates: ensure apt list --upgradable does not show packages you have held.
  3. For holding: check apt-mark showhold—your package should be listed.
  4. After installing updates: check for the existence of the /var/run/reboot-required file. If present, reboot the system.

Common Issues

Dependency or Package Breakage Errors

If apt upgrade or apt full-upgrade fails with errors, try fixing dependencies:

sudo apt --fix-broken install
sudo dpkg --configure -a

Insufficient Disk Space

Updates require free space for download and installation. Free up space by removing old packages:

sudo apt autoremove  # Remove unnecessary dependencies
sudo apt clean       # Clean package cache

Conflicts When Holding Packages

Holding a package may prevent installation of security updates if that package is part of a security repository. Regularly check held packages and unhold them if critical updates are available.

unattended-upgrades Not Running

Ensure the service is active (systemctl status unattended-upgrades) and that repositories are correctly specified in the config. Check logs for errors.

Reboot After Updates

Some updates (especially kernels) require a reboot. You can automate this in unattended-upgrades or use the needrestart utility to check:

sudo apt install needrestart
sudo needrestart -r

💡 Tip: Always back up important data before major updates, especially on servers.

F.A.Q.

How to disable automatic updates in Ubuntu?
How to install only security updates in Ubuntu?
How to defer updates for a specific package in Ubuntu?
Where to see the list of available updates?

Hints

Check Available Updates
Install Updates Manually
Configure Automatic Updates
Disable Automatic Updates
Defer Updates (Hold Packages)

Did this article help you solve the problem?

FixPedia

Free encyclopedia for fixing errors. Step-by-step guides for Windows, Linux, macOS and more.

© 2026 FixPedia. All materials are available for free.

Made with for the community