I see that the GUI configuration for update-manager has a maximum check interval of once per day. I'm sure Canonical thought about this carefully, but these days I don't want to be without a potentially important update for as long as 24 hours.
How can I set up my desktop system so that it:
- Automatically applies security updates
- Checks for security updates more frequently than once per day (if this can be done via push notifications rather than checking regularly, perhaps better)
- Promptly graphically prompts for reboot if necessary (for bonus points: UI should explain why the reboot is needed, e.g. reference to updated package changelogs / CVEs)
Should I use unattended-upgrades, or run update-manager from a crontab, or something else? How can I configure these tools to achieve what I want?
Here you can find information about how to make a cronjob. Make one with the timing you want and this command:
This will open the graphic update manager which then searches for updates.
If you like graphical applications, you can just install a graphical cronjob manager with this command:
Its called "Scheduled tasks" in the dash. If will easily allow you to have this command run for example once an hour.
However, please don't use the default setting of every full hour but instead choose a random minute different from 59, 0, 1, 2 and 3, so the servers don't get queries from an awful lot of people every full hour.
I'm working on this too. Perhaps a possible direction for the push notifications is to have something monitor the RSS feeds on http://www.ubuntu.com/usn/ and then trigger the update process a few minutes after a new item is added to the feed? I notice that there is now a way for servers to push changes of RSS Feeds to clients through https://en.wikipedia.org/wiki/PubSubHubbub