How to Check For Updates At Login On Debian/Ubuntu?

How To Check For Updates At Login On Debian Ubuntu

In this module, we will learn how to check for updates at login on our Ubuntu/Debian machines using a self-made script that can be customized easily to fit our requirements.


For this program, we’ll need a terminal emulator. We will use xterm for our example but feel free to use the terminal emulator of your choice. Install the emulator of your choice with the apt command:

$ sudo apt install <package-name>

In our case it would be :

$ sudo apt install xterm

Script to Check For Updates At Login

Time to write a bash script! For our intent, we would write a little shell script and append it to the end of our .profile (or .bash_profile if it exists). Our code would look something like this:

if ! command -v xterm &>/dev/null
	sudo apt install -y xterm
(xterm -e sudo apt update 2>/dev/null)||(sudo apt install update)

Understanding the Code

First thing we need have is the if-else block :

if ! command -v xterm &>/dev/null
	sudo apt install -y xterm

Here we are first checking xterm is installed or not, and if it isn’t we install it. A common question which arises here is why use “commandinstead of the more traditional “which”? The answer here is efficiency: “which” besides being an external process, also gives a variable output depending on the system. Whereas “command” is POSIX compatible builtin and hence gives more accurate results much faster. However, this step is completely optional if you have xterm already installed.

Next up we have the most important line :

(xterm -e sudo apt update 2>/dev/null)||(sudo apt install update)

We’ll take this command in two parts:

  • xterm -e sudo apt update 2>/dev/null : This part of the command deals with Graphical Login. Whenever the user logs in, xterm would be launched with the “sudo apt update” command executing while redirecting stderr to /dev/null
Xterm Prompt To Enter Your Password
Xterm Prompt To Enter Your Password
Update At Login
Update At Login
  • sudo apt update: This is to update the system while logging in over ssh. Once logged in over ssh, you are prompted for your password for updating.
$ ssh user@IP
user@'s password: 
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-20-generic i686)

 * Documentation:
 * Management:
 * Support:

Last login: Tue Feb 16 00:25:32 2021 from
[sudo] password for user: 
Hit:1 bionic InRelease                                     
Get:2 bionic-updates InRelease [88.7 kB]                   
Get:3 bionic-backports InRelease [74.6 kB]                           
Get:4 bionic-updates/main i386 DEP-11 Metadata [295 kB]                         
Hit:5 bionic InRelease                               
Get:6 bionic-updates/universe i386 DEP-11 Metadata [289 kB]
Get:7 bionic-updates/multiverse i386 DEP-11 Metadata [2,468 B]
Get:8 bionic-backports/universe i386 DEP-11 Metadata [9,292 B]
Fetched 759 kB in 11s (68.4 kB/s)                                                                   
Reading package lists... Done
Building dependency tree       
Reading state information... Done
536 packages can be upgraded. Run 'apt list --upgradable' to see them.

These two methods are joined by a ‘||’ which enables us to deal with errors in case of a change in UI. If we are using a GUI, only the first part of the command is executed whereas if CLI is used, it fails and then the control moves over to the second command, which is compatible with our CLI.

Why Use This Method ?

The advantages of using this method over others are as follow :

  • You can always expand it’s functionality by editing the script
  • It works with all WMs and DEs
  • You can also selectively upgrade packages (like you may want to exclude some kernel upgrades)
  • Can specify different settings for different users as necessary
  • Works on all Debian/Ubuntu based distros


Thus we saw how we can very easily check for updates at login on Debian/Ubuntu. This method provides high flexibility and complete control over your machine and what packages you want to upgrade.

It is advisable not to upgrade certain kernel packages until after about a week after release due to possible bugs. This method is also vastly independent of any other environmental factors like PATH, DE, WM, UI, etc, which makes it very utilitarian.