CentOS / RHEL : Configure yum automatic updates with yum-cron service

yum-cron is an optional package starting from Red Hat Enterprise Linux 6, this is a plugin for yum. From man page of yum-cron :

The yum-cron package provides a convenient way to check for, download and apply updates automatically. The cron jobs from the yum-cron package are active immediately after installing the package and there’s no extra configuration necessary. The job will be run when your normal daily cron jobs are set to run.

Installation

To install yum-cron package

# yum -y install yum-cron
# chkconfig yum-cron on

Configuration for RHEL 6

Then edit /etc/sysconfig/yum-cron to set MAILTO=[email address] for email notifications.

MAILTO=sys@example.com

To exclude packages using yum-cron edit the /etc/sysconfig/yum-cron to have the packeges to be excluded in the automatic uodate :

YUM_PARAMETER=kernel* mysql*

To start yum-cron service after editing configuration file.

# service yum-cron start

Configuration for RHEL 7

Then edit /etc/yum/yum-cron.conf to set email_to=[email address] for email notifications.

email_to=sys@example.com

To exclude packages using yum-cron edit the /etc/yum/yum-cron.conf to have the packeges to be excluded in the automatic uodate :

exclude=kernel* mysql*

In RHEL 7 you can use following options in yum-cron configuration file, to install security updates.

[commands]
#  What kind of update to use:
# default                            = yum upgrade
# security                           = yum --security upgrade
# security-severity:Critical         = yum --sec-severity=Critical upgrade
# minimal                            = yum --bugfix upgrade-minimal
# minimal-security                   = yum --security upgrade-minimal
# minimal-security-severity:Critical =  --sec-severity=Critical upgrade-minimal
update_cmd = default

To start yum-cron service after editing configuration file.

# systemctl start yum-cron