Home » Categories » Linux

YUM CRON RHEL7: Configure automatic updates.

Article Number: 419 | Rating: Unrated | Last Updated: Fri, Oct 26, 2018 3:24 PM

Presentation

The yum-cron package provides a convenient way to check for, download and apply updates automatically.

Installation procedure

Install the yum-cron package:

# yum install -y yum-cron

Start the yum-cron service:

# systemctl start yum-cron

By default, the configuration of the yum-cron service is done through two files following exactly the same syntax:

  • /etc/yum/yum-cron.conf defines what is done once every day,
  • /etc/yum/yum-cron-hourly.conf defines what is done once every hour.

Still by default, no action in defined in the /etc/yum/yum-cron-hourly.conf file. Conversely, in the /etc/yum/yum-cron.conf file associated with daily actions, instructions are given to send a message on stdio (which means written into the /var/log/cron file) when any update is available (see update categories below), to download it without applying it.

Configuration syntax

In any of the two configuration files, configuration is defined through the following directives:

  • update_cmd = value specifies the category of upgrade where value can take:
    • default for yum upgrade,
    • security for yum –security upgrade,
    • security-severity:Critical for yum –sec-severity=Critical upgrade,
    • minimal for yum –bugfix upgrade-minimal,
    • minimal-security for yum –security upgrade-minimal,
    • minimal-security-severity:Critical for yum –sec-severity=Critical upgrade-minimal.
  • update_messages = yes/no defines whether a mail is sent when updates from the previously specified category are available.
  • download_updates = yes/no specifies whether these available updates need to be downloaded.
  • apply_updates = yes/no defines whether these available updates need to be applied.
  • random_sleep = 15 specifies the maximum time in minutes to randomly sleep preserving bandwidth and avoiding download storms.
  • emit_via = stdio/email/none defines what kind of message is used: stdio means written into the /var/log/cron file, email causes a mail to be sent, none doesn’t do anything.
  • email_from = root@localhost, email_to = root, email_host = localhost defines respectively when the message is a mail the originator’s email address, the recipient’s email address and the host to which the mail is sent.

Note: As the official CentOS repositories don’t provide any security metadata, update_cmd = default is the only option that works (see here for details). To get these security metadata, you will have to get them through this website. It is also possible to get CentOS security updates through the procedure provided by Casey Labs.

Source: Linuxaria’s website.
Posted - Fri, Oct 26, 2018 3:24 PM. This article has been viewed 2091 times.
Filed Under: Linux
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
RHEL: Change system’s hostname
Viewed 3683 times since Sun, May 27, 2018
20 Practical Examples of RPM Commands in Linux rpm
Viewed 8161 times since Mon, Feb 18, 2019
Enabling automatic updates in Centos 7 and RHEL 7
Viewed 2624 times since Wed, Oct 17, 2018
A tcpdump Tutorial and Primer with Examples
Viewed 5464 times since Sun, Jun 17, 2018
linux ssh How to Hide the OpenSSH Version Details when Telnet to Port 22
Viewed 5523 times since Wed, Apr 22, 2020
How to Migrate from RHEL 8 to CentOS 8
Viewed 3224 times since Fri, May 15, 2020
Szybkie sprawdzenie zewnętrznego adresu IP i hosta
Viewed 3512 times since Thu, May 24, 2018
BIND for the Small LAN
Viewed 3551 times since Sun, May 20, 2018
VMWare tools free
Viewed 9201 times since Mon, Jul 16, 2018
RHCS6: Luci - the cluster management console
Viewed 3352 times since Sun, Jun 3, 2018