As a DevOps engineer juggling virtual machines across AWS and Azure, one thing I’ve learned the hard way is this: manual updates don’t scale. Especially when you’re managing fleets of Red Hat, Oracle Linux, or even Ubuntu machines that spin up and tear down like clockwork.

So today, I’m sharing a simple but powerful script to set up automatic system updates at VM boot, making your infrastructure leaner, safer, and way more hands-off.

How I used to practice when I was learning Linux (not a recommended approach to your production).

🚨 Why Bother With Automatic Updates?

Here’s the short version: security, stability, and sanity.

• Security patches often fix vulnerabilities that can be exploited within hours of discovery.

• Reliability improves when machines are kept current with tested packages and fixes.

• Time-saving: Automation removes the need for manual intervention across dozens — or hundreds — of machines.

In cloud environments like AWS EC2 or Azure Virtual Machines, updates are often forgotten in the rush of spinning up test environments, containers, and quick-fix servers. This script makes sure updates aren’t an afterthought.

🔧 The Script

Add this to your cloud-init file, a startup script, or your VM provisioning pipeline:

sudo dnf install -y dnf-automatic
sudo systemctl enable --now dnf-automatic-install.timer

Let’s break that down:

Line 1: Installing the Automation Tool

sudo dnf install -y dnf-automatic

• dnf: The modern package manager used on Red Hat and Oracle Linux.

• install dnf-automatic: Brings in the tool responsible for checking and applying updates automatically.

• -y: Says “yes” to all prompts so it runs unattended.

Line 2: Enabling the Auto-Update Timer

sudo systemctl enable --now dnf-automatic-install.timer

• systemctl: Talks to systemd, the service manager.

• enable: Ensures the timer runs at every boot.

• --now: Starts it immediately without needing a reboot.

• dnf-automatic-install.timer: The unit that kicks off periodic update checks and installations, typically daily.

🔁 Making It Boot-Ready

If you’re deploying a VM using infrastructure-as-code (Terraform, Ansible, etc.), or using cloud-init in AWS or Azure, drop this script in a user-data block or a startup script to automatically activate updates on first boot. It’s a one-time setup with long-term payoff.

📈 The Benefits in Practice

• Less patching overhead: Keeps test, dev, and staging VMs from falling behind.

• Improved security posture: Mitigates zero-day risk without waiting on manual patching.

• Consistent environments: Eliminates version drift across your infrastructure.

💬 Share Your Setup

I’d love to see how other teams automate updates. Got a better script? Using unattended-upgrades on Ubuntu instead? Share your tips or forks on this GitHub discussion thread—it’s open to suggestions and improvements.