Auto Updates with YUM on RHEL/CENTOS All versions

You can install or check updates on RHEL or CentOS servers automatically with following guides!

CentOS/RHEL5 <Daily>

# yum install yum-security
# yum install yum-updatesd
# vi /etc/yum/yum-updatesd.conf

 [main]
 # how often to check for new updates (in seconds)
 run_interval = 3600
 # how often to allow checking on request (in seconds)
 updaterefresh = 600

 # how to send notifications (valid: dbus, email, syslog)
 emit_via = email
 # should we listen via dbus to give out update information/check for
 # new updates
 # dbus_listener = yes

 # email config
 email_to = kursad.cokyaman@domain.com
 email_from = yum-updates-msg@domain.com
 smtp_server = smtpserver.domain.com

 # automatically install updates
 do_update = no
 # automatically download updates
 do_download = no
 # automatically download deps of updates
 do_download_deps = no

# chkconfig yum-updatesd on
# service yum-updatesd restart

CentOS/RHEL6 <Daily>

# yum install yum-plugin-security
# yum install yum-crond
# vi /etc/sysconfig/yum-cron

 # Pass any given paramter to yum, as run in all the scripts invoked
 # by this package. Be aware that this is global, and yum is invoked in
 # several modes by these scripts for which your own parameter might not
 # be appropriate
 YUM_PARAMETER=

 # Don't install, just check (valid: yes|no)
 CHECK_ONLY=yes

 # Check to see if you can reach the repos before updating (valid: yes|no)
 CHECK_FIRST=no

 # Don't install, just check and download (valid: yes|no)
 # Implies CHECK_ONLY=yes (gotta check first to see what to download)
 DOWNLOAD_ONLY=no

 # Error level, practical range 0-10, 0 means print only critical errors which
 # you must be told, 1 means print all errors, even ones that are not important
 # Level 0 is the default
 # ERROR_LEVEL=0

 # Debug level, practical range 0-10, higher number means more output
 # Level 1 is a useful level if you want to see what's been done and
 # don't want to read /var/log/yum.log
 # Level 0 is the default
 # DEBUG_LEVEL=1

 # randomwait is used by yum to wait random time
 # default is 60 so yum waits random time from 1 to 60 minutes
 # the value must not be zero
 RANDOMWAIT="60"

 # if MAILTO is set and the mail command is available, the mail command
 # is used to deliver yum output

 # by default MAILTO is unset, so crond mails the output by itself
 # example: MAILTO=root
 MAILTO=kursad.cokyaman@domain.com

 # you may set SYSTEMNAME if you want your yum emails tagged differently
 # default is output of hostname command
 # this variable is used only if MAILTO is set too
 #SYSTEMNAME=""

 # you may set DAYS_OF_WEEK to the days of the week you want to run
 # default is every day
 #DAYS_OF_WEEK="0123456"

 # which day should it do cleanup on? defaults to 0 (Sunday). If this day isn't in the
 # DAYS_OF_WEEK above, it'll never happen
 CLEANDAY="0"

 # set to yes to make the yum-cron service to wait for transactions to complete
 SERVICE_WAITS=yes

 # set maximum time period (in seconds) for the yum-cron service to wait for
 # transactions to complete. The default is 300 seconds (5 minutes)
 SERVICE_WAIT_TIME=300

# vi /etc/cron.daily/0yum.cron

 #add this line to 7th line
 MAIL_FROM = "YUM Updates<yum-update-msg@domain.com"
 .
 .
 #change this line
 [ -s "$YUMTMP" ] && mail -r MAIL_FROM -s "System update: $SYSTEMNAME" $MAILTO < $YUMTMP

# chkconfig yum-cron on
# service yum-cron start

CentOS/RHEL7 <Daily>

# yum install yum-cron
# vi /etc/yum/yum-cron.conf ##you can edit yum-cron-hourly for hourly updates

 [commands]
 # What kind of update to use:
 # default = yum upgrade
 # security = yum --security upgrade
 # security-severity:Critical = yum --sec-severity=Critical upgrade
 # minimal = yum --bugfix upgrade-minimal
 # minimal-security = yum --security upgrade-minimal
 # minimal-security-severity:Critical = --sec-severity=Critical upgrade-minimal
 update_cmd = default

 # Whether a message should be emitted when updates are available,
 # were downloaded, or applied.
 update_messages = yes

 # Whether updates should be downloaded when they are available.
 download_updates = no

 # Whether updates should be applied when they are available. Note
 # that download_updates must also be yes for the update to be applied.
 apply_updates = no

 # Maximum amout of time to randomly sleep, in minutes. The program
 # will sleep for a random amount of time between 0 and random_sleep
 # minutes before running. This is useful for e.g. staggering the
 # times that multiple systems will access update servers. If
 # random_sleep is 0 or negative, the program will run immediately.
 # 6*60 = 360
 random_sleep = 360


 [emitters]
 # Name to use for this system in messages that are emitted. If
 # system_name is None, the hostname will be used.
 system_name = None

 # How to send messages. Valid options are stdio and email. If
 # emit_via includes stdio, messages will be sent to stdout; this is useful
 # to have cron send the messages. If emit_via includes email, this
 # program will send email itself according to the configured options.
 # If emit_via is None or left blank, no messages will be sent.
 emit_via = email

 # The width, in characters, that messages that are emitted should be
 # formatted to.
 ouput_width = 80


 [email]
 # The address to send email messages from.
 email_from = yum-update-msg@domain.com

 # List of addresses to send messages to.
 email_to = kursad.cokyaman@domain.com

 # Name of the host to connect to to send email messages.
 email_host = smtpserver.domain.com


 [groups]
 # NOTE: This only works when group_command != objects, which is now the default
 # List of groups to update
 group_list = None

 # The types of group packages to install
 group_package_types = mandatory, default

 [base]
 # This section overrides yum.conf

 # Use this to filter Yum core messages
 # -4: critical
 # -3: critical+errors
 # -2: critical+errors+warnings (default)
 debuglevel = -2

 # skip_broken = True
 mdpolicy = group:main

 # Uncomment to auto-import new gpg keys (dangerous)
 # assumeyes = True

# chkconfig yum-cron on
# service yum-cron start

Advertisements
About

System Engineer @ATOS, vExpert2015, VCP5, RHCSA, Specialized Linux,Storage and Virtualization.

Tagged with: , , ,
Posted in Linux

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: