Yum-Cron – Install Security Updates Automatically In AWS RHEL 7/CentOS 7 Machine

Yum-Cron – Install Security Updates Automatically In AWS RHEL 7/CentOS 7 Machine

February 25, 2021 / Eternal Team

The yum-cron is used to install security packages automatically in Linux systems so This provides an automatic upgrade to any yum based Linux operating system.

It allows a user to configure a cron job for the yum package manager.

So for that, you have to follow the OS-specific commands as given below:

  • Red Hat Enterprise Linux Server 7.x
  • Centos 7.x

So, how can we use it?

So It provides a proper way to check for updates, and download, and it applies security updates automatically.

The cron jobs for yum-cron package are active immediately after installing the package and there’s no extra configuration necessary. And The job will be run when daily at the time the cron jobs are set to run.

To install the yum-cron package.

# yum -y install yum-cron
# chkconfig yum-cron on

Config automatic security updates

# vi /etc/yum/yum-cron.conf

By default, this is set to default. Now edit and set the value to ‘security’.

update_cmd = security

We will be using the unattended update command below:

# yum --security upgrade

Next, change the value of update_messages from ‘no’ to ‘yes’.

update_cmd = security
update_messages = yes
download_updates = yes
apply_updates = yes

Yum-cron – Install Security Updates Automatically In AWS  RHEL 7/CentOS 7 Machine

Save and exit the config file.now start and enable the cron job,

#systemctl start yum-cron
# systemctl enable yum-cron
# systemctl status yum-cron

To exclude the packages follow below commands:

# vim /etc/yum/yum-cron.conf

[base]
exclude=kernel* mysql* php*

Yum-cron – Install Security Updates Automatically In AWS  RHEL 7/CentOS 7 Machine

Restart the cron jobs and check the logs,

# systemctl restart yum-cron
# systemctl status yum-cron
# cat /var/log/yum.log | grep -i updated

Check the Automatic system updates that are controlled by a cron job service that runs daily and is stored in the /var/log/cron file.

# cat /var/log/cron | grep -i yum-daily

Now your redhat7 or CentOS 7 are fully configured for automatic security updates and there is no need for a manual method.

AWS-Consulting-Partner

Talk to AWS Certified Consultant

    Want to start a project?

    It’s simple.

    Contact us