Automatically Update Arch Linux with Systemd


Automatically update Arch Linux packages if the updates are available. It is important to keep the packages up-to-date to provide an improvement including security fixes, stability, performance, features, and more.

To keep the installed packages up-to-date, we can create Systemd service and timer scheduler to automatically check and update available packages. It help to protect against zero-day attacks and vulnerabilities.

Information: During the upgrade process, the autoupdate.service below can't automatically resolve package conflict, it will skip or cancel the update process if a conflict is detected.

To resolve package conflict, run "pacman -Syu" command manually.

Create autoupdate service

Create a systemd service (autoupdate.service) using a text editor such as nano: 
sudo nano /etc/systemd/system/autoupdate.service
Add following to the autoupdate.service:
[Unit]
 Description=Automatic Update
 After=network-online.target 

[Service]
 Type=simple
 ExecStart=/usr/bin/pacman -Syuq --noconfirm
 TimeoutStopSec=180
 KillMode=process
 KillSignal=SIGINT

[Install]
 WantedBy=multi-user.target
The autoupdate.service (autoupdate timer's dependency unit) require the network is up.

On service stop, systemd autoupdate.service will send an interrupt signal (SIGINT) then wait the process (pacman) to stop or complete the update process, after 180 seconds (timeout) systemd.kill will force terminate process using SIGTERM signal.

While installing a package, pacman will not immediately end the process after receive the interrupt signal (SIGINT), instead, pacman will continue upgrading the package until complete, then quit the process to avoid the package to be broken or corrupted.

Create autoupdate timer

Create a systemd timer (autoupdate.timer) using a text editor such as nano, to run the automatic updates service periodically (e.g. every 45 minutes): 
sudo nano /etc/systemd/system/autoupdate.timer
Add following to the autoupdate.timer:
[Unit]
 Description=Automatic Update when booted up after 5 minutes then check the system for updates every 60 minutes

[Timer]
 OnBootSec=5min
 OnUnitActiveSec=60min
 Unit=autoupdate.service

[Install]
 WantedBy=multi-user.target
Enable the autoupdate.timer to automatically run at startup:
sudo systemctl enable /etc/systemd/system/autoupdate.timer

Troubleshooting

Package was broken and corrupted after interrupted install/update

If the automatic update were running when installing a package but interrupted by power failure or system crash, then you receive an error when running pacman (e.g. error: target not found: package name). 

Try to force reinstall the broken/corrupted package, then uninstall the package using the following commands: 
sudo pacman -S --force package && sudo pacman -R package

If you're encountered a file issue conflict while upgrading package i.e "package: /path/file/ exists in filesystem" you can force pacman to upgrade the package: 
sudo pacman -Syu --force

 Note: Use the "--force" command to force package to be removed or upgraded, but use carefully. If the above steps doesn't work you can try another method from ArchWiki pacman's guide

References

  1. pacman - ArchWiki
  2. systemd - ArchWiki
  3. Image by dxiri / CC-BY 2.0

Comments

  1. xjApril 19, 2017 at 1:57 PM

    It is always recommended to read the Arch news feed BEFORE doing an upgrade.
    There are important information e.g. changed behavior or known issues!!

    The way described above is not recommended and may making more problems then solving.

    ... but anyways.. I will try it ! LOL :D
    thx for sharing !

    ReplyDelete
  2. xjApril 19, 2017 at 5:04 PM

    I "enhanced" the service to also update from AUR by using pacaur instead of just pacman:

    ExecStart=/usr/bin/pacaur -Syuq --noconfirm --needed --noprogressbar --noedit --silent

    pacaur updates both: your normal repos and AUR packages.

    I have also added the noconfirm, noedit etc options to be able to install for AUR packages automatically as well.

    btw: and I just want to mention that IgnorePkg is respected by pacaur as well.

    I will activate that all today on my laptop so thumbs pressed for the next months.. ;)

    ... and last but not least I modified it to not start after 5 min after boot. Instead I adjusted it to start after 8 hours which means this will be the last task of my work day ;)

    ReplyDelete
    Replies
    1. UnknownMay 5, 2017 at 8:02 PM

      hmm... this doesn't work as pacaur refuses to run as root [which makes sense]

      Delete
  3. UnknownMay 4, 2017 at 7:15 PM

    almost 2 years with this now. 3 issues so far all easily resolved by looking at arch update news at that time. this works so.. so well.

    ReplyDelete
  4. sfXMay 4, 2017 at 7:30 PM

    I currently created a package for this which also respects the Arch News for each package which needs to be upgraded plus AUR comments ;)

    I will publish the full guide when ready but until then I'm working on this (still a WIP!):

    https://github.com/steadfasterX/arch_uau-pkg

    ReplyDelete
    Replies
    1. UnknownMay 5, 2017 at 8:03 PM

      nice. i woulse install this on every machine i manage

      Delete
  5. Alberto Salvia NovellaFebruary 15, 2021 at 10:16 AM

    As a package:
    https://aur.archlinux.org/packages/pacman-auto-update

    ReplyDelete
  6. sfXFebruary 15, 2021 at 12:50 PM

    Thx to the above i remembered that I forgot to mention that my package (see my above comment from 2017) is in the AUR since a while. Check it out :) using it since almost 4 years now without any issues: https://aur.archlinux.org/packages/uau/

    ReplyDelete

Post a Comment