Method 2 – Use shell scripts How to install yum cron on a CentOS/RHEL 6.x/7.x -

Method 2 – Use shell scripts

Warning: The following method is outdated. Do not use it on RHEL/CentOS 6.x/7.x. I kept it below for historical reasons only when I used it on CentOS/RHEL version 4.x/5.x.

Let us see how to configure CentOS/RHEL for yum automatic update retrieval and installation of security packages. You can use yum-updatesd service provided with CentOS / RHEL servers. However, this service provides a few overheads. You can create daily or weekly updates with the following shell script. Create

/etc/cron.daily/yumupdate.sh to apply updates one a day.
/etc/cron.weekly/yumupdate.sh to apply updates once a week.

Sample shell script to update system

A shell script that instructs yum to update any packages it finds via cron:

#!/bin/bash
YUM=/usr/bin/yum
$YUM -y -R 120 -d 0 -e 0 update yum
$YUM -y -R 10 -e 0 -d 0 update

(Code listing -01: /etc/cron.daily/yumupdate.sh)

Where,

First command will update yum itself and next will apply system updates.
-R 120 : Sets the maximum amount of time yum will wait before performing a command
-e 0 : Sets the error level to 0 (range 0 – 10). 0 means print only critical errors about which you must be told.

-d 0 : Sets the debugging level to 0 – turns up or down the amount of things that are printed. (range: 0 – 10).

-y : Assume yes; assume that the answer to any question which would be asked is yes.

Make sure you setup executable permission:
# chmod +x /etc/cron.daily/yumupdate.sh

The main script is /usr/bin/yum-check . The script that runs the cronjob is /etc/cron.daily/yum.cron . The two scripts pull options from the file /etc/sysconfig/yum-check .

/usr/bin/yum-check:

#!/bin/sh
#
# Name:         yum-check
# Author:       Michael Heiming - 2005-03-11
# Function:     Run from cron to check for yum updates
#               and mail results
# Version:      0.7 (initial)
# 2005-03-12    0.8 randomize startup (cron only)
# Config:       /etc/sysconfig/yum

# Pull in sysconfig settings

. /etc/sysconfig/yum-check

maila=${MAILTO:=root}
yumdat="/tmp/yum-check-update.$$"
yumb="/usr/bin/yum"

#  wait a random interval if there is not a controlling terminal, 
#  for load management
if ! [ -t ]
then
         num=$RANDOM
         let "num %= ${RANGE:=1}"
         sleep $num
fi

rm -f ${yumdat%%[0-9]*}*

$yumb check-update >& $yumdat

yumstatus="$?"

case $yumstatus in
         100)
                  cat $yumdat |\
                  mail -s "Alert ${HOSTNAME} updates available!" $maila
                  exit 0
;;
         0)
                 # Only send mail if debug is turned on
                 if [ ${CHECKWRK} = "yes" ];then
                 cat $yumdat |\
                 mail -s "Yum check succeeded ${HOSTNAME} zero patches
available." $maila
                 fi
                 exit 0
;;
         *)
                 # Unexpected yum return status
                 (echo "Undefined, yum return status: ${yumstatus}" && \
                 [ -e "${yumdat}" ] && cat "${yumdat}" )|\
                 mail -s "Alert ${HOSTNAME} problems running yum." $maila
esac

[ -e "${yumdat}" ] && rm ${yumdat}

/etc/cron.daily/yum.cron:

#!/bin/sh

# Pull in sysconfig settings

. /etc/sysconfig/yum-check


if [ -f /var/lock/subsys/yum ]; then

         if [ ${CHECKONLY} = "yes" ];then

                /usr/bin/yum-check
         fi
         else
                /usr/bin/yum -R 10 -e 0 -d 0 -y update yum
                /usr/bin/yum -R 120 -e 0 -d 0 -y update
fi

/etc/sysconfig/yum-check:

# yes sets yum to check for updates and mail only if patches are available
# no does enable autoupdate if /var/lock/subsys/yum is available
CHECKONLY="yes"
# defaults to root, leave empty if .forward/alias in place for root
MAILTO=""
# Set to yes for debugging only! You'll get a mail for each run!
CHECKWRK="no"
# Seconds to randomize startup, if running from cron to balance load
RANGE="3600"