Another Easy Way for CentOS Automatic Updates 5.x, 6.x, 7.x , 8.x

CentOS Automatic Updates

CentOS Automatic Updates tutorial.
This tutorial apply to Centos 5.x, 6.x and 7.x.

CentOS 5.x

The yum package supplied with CentOS 5.0 includes scripts to perform full system updates every day. To activate automatic daily updates, enter this command:

su -c '/sbin/chkconfig --level 345 yum on; /sbin/service yum start'

At the prompt, enter the password for the root account.

There is no separate yum service that runs on your system. The command given above enables the control script /etc/rc.d/init.d/yum. This control script activates the script /etc/cron.daily/yum.cron, which causes the cron service to perform the system update automatically at 4am each day.

CentOS 6.x

To get started, install yum-cron:

yum -y install yum-cron

By default, it’s configured to download all of the available updates and apply them immediately after downloading. Reports will be emailed to the root user on the system. To change these settings, just open /etc/sysconfig/yum-cron in your favorite text editor and adjust wherever setting you need to change:

The important settings to mention are:

# Don't install, just check (valid: yes|no)
CHECK_ONLY=no

# Don't install, just check and download (valid: yes|no)
# Implies CHECK_ONLY=yes (gotta check first to see what to download)
DOWNLOAD_ONLY=no
# if MAILTO is set and the mail command is available, the mail command is used to deliver yum output
# by default MAILTO is unset, so crond mails the output by itself
# example: MAILTO=root
MAILTO=
# you may set DAYS_OF_WEEK to the days of the week you want to run
# default is every day
#DAYS_OF_WEEK="0123456"

If you want to exclude some packages only from the automatic update you can edit the file /etc/sysconfig/yum-cron and set the option YUM_PARAMETER with -x packagename, you have to repeat the -x for every package that you want to exclude, such as:

YUM_PARAMETER="-x kernel* -x php*"

The cron jobs from the yum-cron package are active immediately after installing the package and there’s no extra configuration necessary. The job will be run when your normal daily cron jobs are set to run.

chkconig yum-cron on
service yum-cron start

CentOS 7.x

Although CentOS 6.x Instructions will work for CentOS 7.0, you could upgrade the installation process to be completely CentOS 7.0 compatible:

yum install yum-cron
systemctl enable yum-cron.service
systemctl start yum-cron.service

.conf file (Configuration) located at: /etc/yum/yum-cron.conf AND /etc/yum/yum-cron-hourly.conf.

Note that in contrast to CentOS 6.x, by default yum-cron only download updates once a day and doesn’t apply them. change to:

apply_updates = yes

In /etc/yum/yum-cron.conf if you wish to. make note that you can now define hourly updates in the /etc/yum/yum-cron-hourly.conf file.

CentOS 8.x

The first thing is to install the DNF-automatic RPM package. The package provides a DNF component that starts automatically. To install it, use the following command.

# dnf install dnf-automatic

More details on the package can be pulled with the rpm command.

# rpm -qi dnf-automatic
Name        : dnf-automatic
Version     : 4.0.9.2
Release     : 5.el8
Architecture: noarch
Install Date: Thu 26 Sep 2019 12:50:23 AM EAT
Group       : Unspecified
Size        : 46825
License     : GPLv2+ and GPLv2 and GPL
Signature   : RSA/SHA256, Tue 02 Jul 2019 12:14:36 AM EAT, Key ID 05b555b38483c65d
Source RPM  : dnf-4.0.9.2-5.el8.src.rpm
Build Date  : Mon 13 May 2019 10:35:13 PM EAT
Build Host  : ppc64le-01.mbox.centos.org
Relocations : (not relocatable)
Packager    : CentOS Buildsys <bugs@centos.org>
Vendor      : CentOS
URL         : https://github.com/rpm-software-management/dnf
Summary     : Package manager - automated upgrades
Description :
Systemd units that can periodically download package upgrades and apply them.

Configure dnf-automatic updates

Once the installation is complete, go to the /etc/dnf directory and edit the configuration automatic.conf.

# cd /etc/dnf/
vim automatic.conf

On the [commands] section, change the upgrade_type as you need. You can use default for upgrading all packages or use the security option to upgrade all packages related security.

[commands]
upgrade_type = default
download_updates = yes

On the [emitters] section, uncomment the system_name option and change the value with your hostname. Then change the emit_via option to motd, so you will be displayed about package updates on every login.

[emitters]
system_name = lintut-centos8
emit_via = motd

Other options for emit_via configuration are stdio which is default configuration and email for sending package updates information to your email.
Now go to the [email] section and change each configuration with your own.

[email]
email_from = root@server.com
email_to = root
email_host = localhost

Save and close.
Finally, you can now run dnf-automatic, execute the following command to schedule DNF automatic updates for your CentOS 8 machine.

# systemctl enable --now dnf-automatic.timer

The command executed will enable and start the systemd timer. To check the status of dnf-automatic service, run:

$ sudo systemctl list-timers *dnf-*
NEXT                         LEFT       LAST                         PASSED       UNIT                        ACTIVATES
Sat 2019-09-28 11:24:09 EAT  23min left Sat 2019-09-28 10:24:09 EAT  36min ago    dnf-makecache.timer         dnf-makecache.service
Sun 2019-09-29 06:01:45 EAT  19h left   Sat 2019-09-28 06:02:11 EAT  4h 58min ago dnf-automatic-install.timer dnf-automatic-install.service
Sun 2019-09-29 11:02:13 EAT  24h left   Sat 2019-09-28 10:59:02 EAT  1min 21s ago dnf-automatic.timer         dnf-automatic.service

3 timers listed.
Pass --all to see loaded but inactive timers, too.

Conclusion

The main advantage of enabling YUM|DNF automatic updates on RHEL 8 / CentOS 8 Linux is that your machines will get updated more uniformly, quickly and frequently as compared to manual updates.