Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Linux / Enable Automatic Package Updates on RHEL/CentOS

May 31, 2021 CentOSLinuxQuestions and AnswersRHEL

Enable Automatic Package Updates on RHEL/CentOS

On CentOS, RedHat and Fedora you can configure automatic installation of security updates as soon as they appear in the repositories. In this article we will tell how to use the yum-cron or dnf-automatic to regularly check and automatically install security updates on CentOS and RHEL Linux.

Configuring Automatic Updates with Yum-cron on CentOS 7/ RHEL 7

To automatically update CentOS 7 or RHEL 7, you can use the yum-cron tool, which can be installed using the yum package manager:

# yum install -y yum-cron

install yum-cron on linux centos 7 or RedHat 7

After you have installed the package, edit the configuration file:

# nano /etc/yum/yum-cron.conf

And make the following changes:

update_cmd = security
update_messages = yes
download_updates = yes
apply_updates = yes

Enabling Automatic Package Updates on linux

These parameters mean that the security updates must be automatically downloaded and installed. All other updates are ignored, and you can install them manually.

You can also use these options:

security-severity:Critical – install only critical security updates;

minimal-security – install bug fixes and security updates;

minimal-security-severity:Critical – install bug fixes and critical updates only.

If a mail transfer agent (MTA) is configured on your server, you can enable automatic email notifications to the email address you specify in the configuration file:

emit_via = email
email_from = server32@localhost
email_to = update_alerts@woshub.com
email_host = smtpgw.woshub.com

e-mail notifications

You can exclude some packages from the automatic update installation task. Add the package names in the exclude field of the [base] section, for example:

exclude= mysql* kernel* php*

Save the changes in the configuration file, start the yum-cron service add it to startup:

# systemctl start yum-cron
# systemctl enable yum-cron

start yum-cron daemon on linux centos

You will get the information about security updates installation by email or you check the log file /var/log/yum.log. In order the time is displayed in the logs correctly, make sure that time on your Linux device is synchronized with a reliable NTP host.

The yum-security tool may be missing in your Linux instance. In this case, you may receive the following error when you try to run the command:
# yum upgrade –security

Command line error: no such option: —security

The problem is solved by installing the appropriate package:

# yum install -y yum-security

Automatic Security Updates with Dnf-automatic on CentOS 8 or RHEL 8

On CentOS 8 and RHEL 8, the yum package manager was replaced by dnf, and it is recommended to use dnf to install/update/remove packages (however, yum is still working as a symbolic link to dnf). To configure automatic installation of security updates, install the dnf-automatic:

# dnf install -y dnf-automatic

After running this command, dnf-automatic will be installed and some packages will be updated.

dnf-automatic install

The dnf-automatic configuration file is /etc/dnf/automatic.conf:

# nano /etc/dnf/automatic.conf

You need to change some options in the config file:

upgrade_type = security
download_updates = yes
apply_updates = yes
emit_via = email
email_from = server2@localhost

To get e-mail notifications, enter your smtp address.

Run the dnf-automatic service:

# systemctl start dnf-automatic.timer
# systemctl enable dnf-automatic.timer

run dnf-automatic.timer

You can view your automatic update tasks using this command:

# systemctl list-timers *dnf*

dnf timers

You can get the update log by email or check the local log file /var/log/dnf.rpm.log.

Automatic updates installation allows to enhance security and protection of your Linux server in the Internet by installing security updates and bug fixes for your software as soon as possible. In most cases, automatic update installation on production servers without the administrator control is a poor solution. But in some cases, automatic update is critical or security risks outweigh the risks of temporary service unavailability.

0 comment
0
Facebook Twitter Google + Pinterest
previous post
PowerShell: Check Free Disk Space and Disk Usage
next post
Manage KVM Virtual Machines from CLI with Virsh

Related Reading

Can’t Remove Language Keyboard Layout in Windows 10

April 14, 2022

Installing an Open Source KMS Server (Vlmcsd) on...

March 16, 2022

Installing PowerShell Core on Linux Distros

February 28, 2022

How to Disable Microsoft Teams Auto Startup?

December 23, 2021

Configuring NFS Server and Client on Linux CentOS/RHEL

November 11, 2021

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows 7
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • PowerShell
  • VMWare
  • Hyper-V
  • MS Office

Recent Posts

  • Create Organizational Units (OU) Structure in Active Directory with PowerShell

    May 17, 2022
  • Windows Security Won’t Open or Shows a Blank Screen on Windows 10/ 11

    May 17, 2022
  • How to Manually Install Windows Updates from CAB and MSU Files?

    May 16, 2022
  • RDS and RemoteApp Performance Issues on Windows Server 2019/2016

    May 16, 2022
  • Deploying Software (MSI Packages) Using Group Policy

    May 12, 2022
  • Updating VMware ESXi Host from the Command Line

    May 11, 2022
  • Enable or Disable MFA for Users in Azure/Microsoft 365

    April 27, 2022
  • Fix: You’ll Need a New App to Open This Windows Defender Link

    April 27, 2022
  • How to Reset an Active Directory User Password with PowerShell and ADUC?

    April 27, 2022
  • How to Completely Uninstall Previous Versions of Office with Removal Scripts?

    April 26, 2022

Follow us

woshub.com

ad

  • Facebook
  • Twitter
  • RSS
Popular Posts
  • How to Configure MariaDB Master-Master/Slave Replication?
  • Using iPerf to Test Network Speed and Bandwidth (Throughput)
  • How to Mount Google Drive or OneDrive in Linux?
  • KVM: How to Expand or Shrink a Virtual Machine Disk Size?
  • Adding VLAN Interface in CentOS/Fedora/RHEL
  • Configuring High Performance NGINX and PHP-FPM Web Server
  • Install and Configure SNMP on RHEL/CentOS/Fedor
Footer Logo

@2014 - 2018 - Windows OS Hub. All about operating systems for sysadmins


Back To Top