Ubuntu – Disable automatic updates ubuntu 18.04

updates

I'm running an Ubuntu 18.04 server and was trying to disable every update and upgrade there is but am still not quite sure on what exactly to do.
Ignoring the security aspect that comes with it, how do I disable automatic updates for Ubuntu 18.04, MySQL, Apache and PHP via command line?

As far as I know, MySQL Apache and PHP should not automatically update when I disable automatic updates / package list updating on Ubuntu, is that correct?

For Ubuntu, the only things I found were in /etc/apt/apt.conf.d/10periodic :

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "0";

which I would set to 0.

APT::Periodic::Update-Package-Lists "1"; set to 0 basically makes it impossible for any package / software e.g. MySQL Apache and PHP to update, right?

And in /etc/apt/apt.conf.d/50unattended-upgrades :

Unattended-Upgrade::Allowed-Origins {
          "${distro_id}:${distro_codename}";
          "${distro_id}:${distro_codename}-security";
          "${distro_id}ESM:${distro_codename}";
//        "${distro_id}:${distro_codename}-updates";
//        "${distro_id}:${distro_codename}-proposed";
//        "${distro_id}:${distro_codename}-backports";
};

In there, I would just comment out line 2-4.

Anything else I would need to do or are all automatic updates / upgrades disabled after this?

Best Answer

According to the docs it says to update the settings in /etc/apt/apt.conf.d/20auto-upgrades. So I would update these settings to "0" as well:

APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Unattended-Upgrade "0";

But to be super sure you could still edit /etc/apt/apt.conf.d/10periodic and update the following settings to "0":

APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "0";

Once you have made the updates above none of the packages managed by APT will be automatically updated including MySQL, Apache and PHP.

It's fine to also set APT::Periodic::Update-Package-Lists to "0" as you can still manually update the package lists when you like with sudo apt update and manually update your packages with sudo apt upgrade.

You shouldn't need to make any updates to /etc/apt/apt.conf.d/50unattended-upgrades.

You may also want to disable snap packages from auto-updating however MySQL, Apache and PHP are usually managed by APT so this shouldn't be necessary if you are only really concerned with those packages not being automatically updated.

Important: Disabling automatic updates also means you won't be receiving important security updates for your system so unless you are in the habit of regularly updating your software packages it's probably best to leave automatic updates enabled.

Best Answer

Related Solutions

Ubuntu – unattended-upgrades error: “/etc/cron.daily/apt: DB Update failed, database locked”

Ubuntu – Effects on applications caused by security updates

Related Question