Yum-Cron – Install Security Updates Automatically In AWS RHEL 7/CentOS 7 Machine

Yum-Cron – Install Security Updates Automatically In AWS RHEL 7/CentOS 7 Machine

February 25, 2021 / Nirav Shah

Automatically Install Security Updates in AWS RHEL 7/ CentOS 7 with Yum-Cron

The yum-cron is used to install security packages automatically in Linux systems so This provides an automatic upgrade to any yum based Linux operating system.

It allows a user to configure a cron job for the yum package manager.

So for that, you have to follow the OS-specific commands as given below:

  • Red Hat Enterprise Linux Server 7.x
  • Centos 7.x

So, how can we use it?

So It provides a proper way to check for updates, and download, and it applies security updates automatically.

The cron jobs for yum-cron package are active immediately after installing the package and there’s no extra configuration necessary. And The job will be run when daily at the time the cron jobs are set to run.

How to install yum-cron on an AWS CentOS 7/ RHEL7

To install the yum-cron package.

# yum -y install yum-cron
# chkconfig yum-cron on

Config automatic security updates

# vi /etc/yum/yum-cron.conf

By default, this is set to default. Now edit and set the value to ‘security’.

update_cmd = security

We will be using the unattended update command below:

# yum --security upgrade

Next, change the value of update_messages from ‘no’ to ‘yes’.

update_cmd = security
update_messages = yes
download_updates = yes
apply_updates = yes

Yum-cron – Install Security Updates Automatically In AWS RHEL 7/CentOS 7 Machine

Save and exit the config file.now start and enable the cron job,

#systemctl start yum-cron
# systemctl enable yum-cron
# systemctl status yum-cron

To exclude the packages follow below commands:

# vim /etc/yum/yum-cron.conf

[base]
exclude=kernel* mysql* php*

Yum-cron – Install Security Updates Automatically In AWS RHEL 7/CentOS 7 Machine

Restart the cron jobs and check the logs,

# systemctl restart yum-cron
# systemctl status yum-cron
# cat /var/log/yum.log | grep -i updated

Check the Automatic system updates that are controlled by a cron job service that runs daily and is stored in the /var/log/cron file.

# cat /var/log/cron | grep -i yum-daily

Now your redhat7 or CentOS 7 are fully configured for automatic security updates and there is no need for a manual method.

Talk to AWS Certified Consultant

    Spread Love By Sharing:

    Let’s Talk About Your Needed AWS Infrastructure Management Services

    Have queries about your project idea or concept? Please drop in your project details to discuss with our AWS Global Cloud Infrastructure service specialists and consultants.

    • Swift Hiring and Onboarding
    • Experienced and Trained AWS Team
    • Quality Consulting and Programming
    Let’s Connect and Discuss Your Project