Home » Categories » Linux

How to use yum-cron to automatically update RHEL/CentOS Linux 6.x / 7.x

Article Number: 458 | Rating: Unrated | Last Updated: Tue, Dec 4, 2018 9:24 PM

The yum command line tool is used to install and update software packages under RHEL / CentOS Linux server. I know how to apply updates using yum update command line, but I would like to use cron to update packages where appropriate manually. How do I configure yum to install software patches/updates automatically with cron?

You need to install yum-cron package. It provides files needed to run yum updates as a cron job. Install this package if you want auto yum updates nightly via cron.

 

 

 

How to install yum cron on a CentOS/RHEL 6.x/7.x

Type the following yum command on:
$ sudo yum install yum-cron
How to install yum-cron on CentOS RHEL server
Turn on service using systemctl command on CentOS/RHEL 7.x:
$ sudo systemctl enable yum-cron.service
$ sudo systemctl start yum-cron.service
$ sudo systemctl status yum-cron.service
If you are using CentOS/RHEL 6.x, run:
$ sudo chkconfig yum-cron on
$ sudo service yum-cron start
How to turn on yum-cron-service on CentOS or RHEL server
yum-cron is an alternate interface to yum. Very convenient way to call yum from cron. It provides methods to keep repository metadata up to date, and to check for, download, and apply updates. Rather than accepting many different command line arguments, the different functions of yum-cron can be accessed through config files.

How to configure yum-cron to automatically update RHEL/CentOS Linux

You need to edit /etc/yum/yum-cron.conf and /etc/yum/yum-cron-hourly.conf files using a text editor such as vi command:
$ sudo vi /etc/yum/yum-cron.conf
Make sure updates should be applied when they are available
apply_updates = yes
You can set the address to send email messages from. Please note that ‘localhost’ will be replaced with the value of system_name.
email_from = root@localhost
List of addresses to send messages to.
email_to = your-it-support@some-domain-name
Name of the host to connect to to send email messages.
email_host = localhost
If you do not want to update kernel package add the following on CentOS/RHEL 7.x:
exclude=kernel*
For RHEL/CentOS 6.x add the following to exclude kernel package from updating:
YUM_PARAMETER=kernel*
Save and close the file in vi/vim. You also need to update /etc/yum/yum-cron-hourly.conf file if you want to apply update hourly. Otherwise /etc/yum/yum-cron.conf will run on daily using the following cron job (us cat command:
$ cat /etc/cron.daily/0yum-daily.cron
Sample outputs:

#!/bin/bash
 
# Only run if this flag is set. The flag is created by the yum-cron init
# script when the service is started -- this allows one to use chkconfig and
# the standard "service stop|start" commands to enable or disable yum-cron.
if [[ ! -f /var/lock/subsys/yum-cron ]]; then
  exit 0
fi
 
# Action!
exec /usr/sbin/yum-cron /etc/yum/yum-cron-hourly.conf
[root@centos7-box yum]# cat /etc/cron.daily/0yum-daily.cron
#!/bin/bash
 
# Only run if this flag is set. The flag is created by the yum-cron init
# script when the service is started -- this allows one to use chkconfig and
# the standard "service stop|start" commands to enable or disable yum-cron.
if [[ ! -f /var/lock/subsys/yum-cron ]]; then
  exit 0
fi
 
# Action!
exec /usr/sbin/yum-cron

That is all. Now your system will update automatically everyday using yum-cron. See man page of yum-cron for more details:
$ man yum-cron

 

 

#!/bin/bash
LAST_KERNEL=$(rpm -q --last kernel | perl -pe 's/^kernel-(\S+).*/$1/' | head -1)
CURRENT_KERNEL=$(uname -r)

test $LAST_KERNEL = $CURRENT_KERNEL || shutdown -r

Taken from this thread https://serverfault.com/questions/122178/how-can-i-check-from-the-command-line-if-a-reboot-is-required-on-rhel-or-centos/311733#311733

Don't forget that you might need to reboot because of core library updates, at least if it is glibc. (And also, services may need to be restarted after updates).

 

If you install the yum-utils package, you can use a command called needs-restarting.

 

You can use it both for checking if a full reboot is required because of kernel or core libraries updates (using the -r option), or what services need to be restarted (using the -s option.

 

needs-restarting -r returns 0 if reboot is not needed, and 1 if it is, so it is perfect to use in a script.

 

An example:

 

Raw
root@server1:~> needs-restarting  -r ; echo $?
Core libraries or services have been updated:
  openssl-libs -> 1:1.0.1e-60.el7_3.1
  systemd -> 219-30.el7_3.9

Reboot is required to ensure that your system benefits from these updates.

More information:
https://access.redhat.com/solutions/27943
1

https://access.redhat.com/solutions/10021

 
Posted - Tue, Dec 4, 2018 9:00 PM. This article has been viewed 5134 times.
Filed Under: Linux
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Using Kerberos security with Server for NFS
Viewed 9824 times since Wed, Jun 27, 2018
RHEL: Adding a boot entry to GRUB/GRUB2 configuration
Viewed 4752 times since Sun, May 27, 2018
How to recover error - Audit error: dispatch err (pipe full) event lost
Viewed 25986 times since Tue, Aug 6, 2019
Setup SSL Tunnel Using Stunnel on Ubuntu
Viewed 2712 times since Fri, Sep 28, 2018
Watchdog script to keep an application running
Viewed 18739 times since Tue, Jul 31, 2018
Jak znaleźć najszybszy publiczny serwer DNS w Polsce?
Viewed 3169 times since Mon, May 21, 2018
OEL 7 – How to disable IPv6 on Oracle Linux 7
Viewed 20537 times since Fri, Aug 3, 2018
RHEL: Back-up/Replicate a partition table
Viewed 3497 times since Sun, May 27, 2018
UUIDs and Linux: Everything you ever need to know [Update]
Viewed 5008 times since Tue, Jul 17, 2018
How to use yum command on CentOS/RHEL
Viewed 11085 times since Wed, Oct 17, 2018