Auto Update Your Raspberry Pi
When using various Raspberry Pi’s for your projects, it’s important to keep them patched and up to date, whether these are security or application patches. Doing this manually is a simple process, it’s just a case of remembering to perform this task regularly, or better still why not automate the process, especially when you’re running Pi Projects 24 x 7.
I’ve created a simple script that can be issued on it’s own or as part of a cron job.
Modify these instructions specific to your environment. For this purpose, I am assuming you are running as pi and the home location is /home/pi
From the command line enter the following: –
cd ~ mkdir ~/Scripts mkdir ~/Scripts/Data mkdir ~/Scripts/Data/Logs
Next you’ll need the script which you can find the latest version at my Git Repository, https://github.com/muckypaws/Raspberry-Pi/tree/main/Scripts Note this is not Operationally Ready, only provided as reference code to make your own Operational Checks and Changes.
At the time of writing it looks like this, and you can cut and paste into your favourite editor, I use vi, however nano is proving particularly popular due to its user friendlier features, alternatively I recommend pro tools like UltraEdit or BBEdit :-
#!/bin/bash # Check for Patches and Updates # Via Cron job, if an update is found # Apply it and reboot # Created 11th February 2021 - Jason Brooks MYOUTPUT=/home/pi/Scripts/Data/Logs # Get Current System TimeStamp... timestamp=`date '+%y-%m-%d'` # Get updates sudo apt update -y > $MYOUTPUT/Update_$timestamp.txt # Get the list of upgradeable components apt list --upgradeable > $MYOUTPUT/Avail_$timestamp.txt # Check the number of lines in the output, assume > 1 line # We have updates to Apply if [ ! -f $MYOUTPUT/Avail_$timestamp.txt ]; then echo "File not Found!" exit fi count=`wc -l $MYOUTPUT/Avail_$timestamp.txt | cut -d' ' -f1` if (( $count < 2 )) then exit fi # Apply the updates sudo apt upgrade -y > $MYOUTPUT/Upgrade_$timestamp.txt sudo apt full-upgrade -y >> $MYOUTPUT/Upgrade_$timestamp.txt sudo apt autoremove -y >> $MYOUTPUT/Upgrade_$timestamp.txt sudo apt clean -y >> $MYOUTPUT/Upgrade_$timestamp.txt sudo reboot now
Save this file into /home/pi/Scripts/CheckUpdate.sh
From the command line: –
chmod +x ~/Scripts/CheckUpdate.sh
Since you’ll need to enable execute permissions on the Script.
You can execute the script manually using the following: –
The script creates up to three dated files, where timestamp is the current Pi timestamp.
Discover New Updates
List of available Upgrades
Output of Upgrade Process
If there are any issues with an update, the logs will provide the clues you need.
I promised automation or hands free updates of your Raspberry Pi, and so there’s only only more edit that needs to be made… Add a cron job entry to run the update script on a schedule of your choice. I chose a time where feed data was at a minimal and such that a minute outage wouldn’t be noticed.
Take care editing this file as there may already be entries, if in doubt don’t write the file, quit and reload.
00 01 * * * /home/pi/Scripts/CheckUpdate.sh 2>/dev/null &
In this example the cron schedule will execute daily at 1am, if you want to run this script every Sunday at 4:15pm the entry would be
15 16 * * SUN /home/pi/Scripts/CheckUpdate.sh 2>/dev/null &
If you want to know more about cron parameters, take a look at this useful resource. https://crontab.guru/examples.html
If you’re responsible for mission critical services, you may want to review and dial back the frequency of patches and updates, or even target specific updates for your environment. New software inevitably make changes to dependencies you’re relying on, so I would recommend this only in a development environment.
I don’t see anything in Data except Logs — why Data? Also, I get warnings from apt — would apt-get or is there a switch to turn off warnings? For that matter, why not apt-get?
Hey Joe, What great questions!
There won’t be anything yet in Data, however I have other scripts that are run cron scheduled that do store data there. There’s no issue of changing the Logging Directory to one suitable for your environment. The code is for reference and isn’t production strength, please feel free to make adaptations that work better for your projects.
As for apt/apt-get, apt-get has more to offer including lower level options and features over apt. The current distress recommend using apt which is basically a wrapper for apt-get to make the command more user friendly/easier.
You can use either or, which ever you prefer.
Take a look at this, which might explain some of the rationale behind the two.
I have this running daily but cannot find the cron entry to change it to weekly. I tried crontab -e and sudo crontab -e but my Pi keeps trying to create a new entry even though it is running daily.
I think I know what happened — the default for crontab is to delete the file. I can re-create it since I see that the daily job is gone.