Skip to content

Auto Update Your Raspberry Pi

When using various Raspberry Pi’s for your projects, it’s important to keep them patched and up to date, whether these are security or application patches. Doing this manually is a simple process, it’s just a case of remembering to perform this task regularly, or better still why not automate the process, especially when you’re running Pi Projects 24 x 7.

I’ve created a simple script that can be issued on it’s own or as part of a cron job.

Modify these instructions specific to your environment. For this purpose, I am assuming you are running as pi and the home location is /home/pi

From the command line enter the following: –

cd ~
mkdir ~/Scripts
mkdir ~/Scripts/Data
mkdir ~/Scripts/Data/Logs

Next you’ll need the script which you can find the latest version at my Git Repository, https://github.com/muckypaws/Raspberry-Pi/tree/main/Scripts Note this is not Operationally Ready, only provided as reference code to make your own Operational Checks and Changes.

At the time of writing it looks like this, and you can cut and paste into your favourite editor, I use vi, however nano is proving particularly popular due to its user friendlier features, alternatively I recommend pro tools like UltraEdit or BBEdit :-

CheckUpdate.sh

#!/bin/bash

# Check for Patches and Updates 
# Via Cron job, if an update is found
# Apply it and reboot
# Created 11th February 2021 - Jason Brooks

MYOUTPUT=/home/pi/Scripts/Data/Logs

# Get Current System TimeStamp...
timestamp=`date '+%y-%m-%d'`

# Get updates
sudo apt update -y > $MYOUTPUT/Update_$timestamp.txt

# Get the list of upgradeable components
apt list --upgradeable > $MYOUTPUT/Avail_$timestamp.txt

# Check the number of lines in the output, assume > 1 line
# We have updates to Apply

if [ ! -f $MYOUTPUT/Avail_$timestamp.txt ]; then
	echo "File not Found!"
	exit
fi
	
count=`wc -l $MYOUTPUT/Avail_$timestamp.txt | cut -d' ' -f1`

if (( $count < 2 ))
then
	exit 
fi

# Apply the updates

sudo apt upgrade -y > $MYOUTPUT/Upgrade_$timestamp.txt
sudo apt full-upgrade -y >> $MYOUTPUT/Upgrade_$timestamp.txt
sudo apt autoremove -y >> $MYOUTPUT/Upgrade_$timestamp.txt
sudo apt clean -y >> $MYOUTPUT/Upgrade_$timestamp.txt

sudo reboot now

Save this file into /home/pi/Scripts/CheckUpdate.sh

From the command line: –

chmod +x ~/Scripts/CheckUpdate.sh

Since you’ll need to enable execute permissions on the Script.

You can execute the script manually using the following: –

. ~/Scripts/CheckUpdate.sh

The script creates up to three dated files, where timestamp is the current Pi timestamp.

Discover New Updates

/home/pi/Scripts/Data/Logs/Update_$timestamp.txt

List of available Upgrades

/home/pi/Scripts/Data/Logs/Avail_$timestamp.txt

Output of Upgrade Process

/home/pi/Scripts/Data/Logs/Upgrade_$timestamp.txt

If there are any issues with an update, the logs will provide the clues you need.

Automation

I promised automation or hands free updates of your Raspberry Pi, and so there’s only only more edit that needs to be made… Add a cron job entry to run the update script on a schedule of your choice. I chose a time where feed data was at a minimal and such that a minute outage wouldn’t be noticed.

crontab -e

Take care editing this file as there may already be entries, if in doubt don’t write the file, quit and reload.


00 01 * * * /home/pi/Scripts/CheckUpdate.sh 2>/dev/null &

In this example the cron schedule will execute daily at 1am, if you want to run this script every Sunday at 4:15pm the entry would be

15 16 * * SUN /home/pi/Scripts/CheckUpdate.sh 2>/dev/null &

If you want to know more about cron parameters, take a look at this useful resource. https://crontab.guru/examples.html

Warning

If you’re responsible for mission critical services, you may want to review and dial back the frequency of patches and updates, or even target specific updates for your environment. New software inevitably make changes to dependencies you’re relying on, so I would recommend this only in a development environment.

4 Comments »

  1. I don’t see anything in Data except Logs — why Data? Also, I get warnings from apt — would apt-get or is there a switch to turn off warnings? For that matter, why not apt-get?

    Like

    • Hey Joe, What great questions!

      There won’t be anything yet in Data, however I have other scripts that are run cron scheduled that do store data there. There’s no issue of changing the Logging Directory to one suitable for your environment. The code is for reference and isn’t production strength, please feel free to make adaptations that work better for your projects.

      As for apt/apt-get, apt-get has more to offer including lower level options and features over apt. The current distress recommend using apt which is basically a wrapper for apt-get to make the command more user friendly/easier.

      You can use either or, which ever you prefer.

      Take a look at this, which might explain some of the rationale behind the two.

      https://itsfoss.com/apt-vs-apt-get-difference/

      Kind Regards
      Jason

      Like

  2. I have this running daily but cannot find the cron entry to change it to weekly. I tried crontab -e and sudo crontab -e but my Pi keeps trying to create a new entry even though it is running daily.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: