Linux Tactic

Automate CentOS 7 Updates with Yum-Cron: Boost Security & Save Time

Updating your CentOS system is crucial to its performance and security. In this article, we will guide you on how to configure automatic updates on CentOS 7.

We will also discuss the importance of updating your system, the vulnerabilities of an outdated system, and the time-saving benefits of automatic updates.

Configuring Automatic Updates on CentOS 7

Installing yum-cron Package

The yum-cron package is a great tool for automating updates on CentOS. To install yum-cron package, first, you should have sudo privileges on your CentOS system, after which you can use the following command to install the package:

sudo yum install yum-cron

This command installs yum-cron and its dependencies on your CentOS system.

Configuring yum-cron

Once you have installed yum-cron on your CentOS system, the next step is to configure it. There are two main configuration files for yum-cron – yum-cron-hourly.conf and yum-cron.conf.

These files can be found in the /etc directory. You can use any text editor to edit these files, but we recommend using the nano editor.

To configure the yum-cron-hourly.conf file, type the following command in your terminal:

sudo nano /etc/yum/yum-cron-hourly.conf

This opens the yum-cron-hourly.conf file in the nano editor. In this file, you can set the frequency of updates and the type of updates to install.

By default, the file is configured to check for updates every hour. You can change this by modifying the “update_messages = yes” line and setting it to “no” if you want to disable the messages.

To configure the yum-cron.conf file, type the following command in your terminal:

sudo nano /etc/yum/yum-cron.conf

This opens the yum-cron.conf file in the nano editor. In this file, you can set the frequency of updates and which packages to update.

By default, the file is configured to check for updates every day at 4 AM. You can change this by modifying the “apply_updates = yes” line and setting it to “no” if you want to disable the updates.

To view the logs generated by yum-cron, type the following command in your terminal:

sudo grep yum-cron /var/log/cron

This command will show you the logs generated by yum-cron in the cron jobs executed.

Importance of Updating CentOS System

Vulnerabilities of an Outdated System

An outdated CentOS system is vulnerable to attacks. Hackers can find vulnerabilities in the old system and use them to penetrate and take control of your system.

Installing security patches is the most critical aspect of keeping your system secure from attackers.

Time-saving Benefits of Automatic Updates

If you have multiple CentOS machines, manually updating them can be time-consuming, especially if you overlook updates regularly. With automatic updates, you can save a lot of time, and you do not have to worry about missing important updates.

Automatic updates can be a lifesaver, primarily when dealing with many CentOS machines.

Prerequisites

To configure automatic updates on CentOS 7, you should have sudo privileges. Sudo users are users with administrative privileges.

If you are not a sudo user, you need to ask your system administrator to grant you the privileges.

Conclusion

Updating your CentOS system is not optional; it is necessary for its performance and security. With the instructions provided above, you can configure automatic updates on your CentOS system easily.

Additionally, understanding the importance of updating your system, the vulnerabilities of outdated systems, and the time-saving benefits of automatic updates can help you keep your system secure and up-to-date. Always keep your CentOS system updated for maximum functionality and security.

3) Installing and Enabling yum-cron Package

If you want to automate updates on your CentOS 7 system, you can use the yum-cron package, which helps install updates automatically on your server. To install yum-cron, follow these steps:

Checking if Package is Already Installed

Before you install the yum-cron package, you should check if it is already installed on your system. You can do this by running the following command:

“`

yum info yum-cron

“`

If yum-cron is already installed on your system, this command will display information about the package, including its version and size. If yum-cron is not installed, you can proceed with the installation.

Enabling and Starting the Service

Once you have confirmed that the yum-cron package is not installed on your system, you can install it by running the following command:

“`

yum install -y yum-cron

“`

After installing yum-cron, you should enable and start the service to make it run automatically. To enable the service, use the following command:

“`

systemctl enable yum-cron.service

“`

This command will enable the yum-cron service and make it run automatically on startup.

Once you have enabled the service, start it by running the following command:

“`

systemctl start yum-cron.service

“`

This command will start the yum-cron service immediately.

Verifying the Status

To verify the status of the yum-cron service, run the following command:

“`

systemctl status yum-cron.service

“`

This command will show you the current status of the yum-cron service, including whether it is running or stopped. 4)

Configuring yum-cron and its Configuration Files

yum-cron comes with two configuration files that you can use to customize the behavior of the package.

These files are:

– `/etc/yum/yum-cron-hourly.conf`

– `/etc/yum/yum-cron.conf`

Overview of Configuration Files

The `yum-cron-hourly.conf` file controls how frequently the `yum-cron` package should check for updates. By default, it is configured to check for updates every hour.

The other file, `yum-cron.conf`, controls which updates the `yum-cron` package should install.

Customizing Package Updates

You can customize package updates by modifying the `yum-cron.conf` file. In the `[commands]` section, you can add the `update_cmd` parameter to specify the update command that `yum-cron` should use.

To update only security updates, set the `update_cmd` parameter to `security`. You can also enable unattended updates by setting the `apply_updates` parameter to `yes`.

Sending Messages

`yum-cron` can be configured to send messages when updates are available or installed. You can set the `emit_via` parameter in the `yum-cron.conf` file to control how `yum-cron` should send messages.

For example, you can set `emit_via=stdio` to send messages to the standard output, or you can set `emit_via=email` to send messages by email. If you set `emit_via=email`, you will need to specify the sender email address and the receiver email address by setting the `email_from` and `email_to` parameters in the `yum-cron.conf` file.

Overriding Settings and Excluding Packages

You can override settings in the `yum-cron` configuration files by modifying the `/etc/yum.conf` file. For example, if you want to exclude a specific package from being updated, create a section in the `/etc/yum.conf` file with the name of the package followed by a list of parameters you want to configure for that package.

For example, to exclude the `mongodb` package, add the following lines to the `/etc/yum.conf` file:

“`

[base]

exclude=mongodb

“`

These lines will exclude the `mongodb` package from being updated by `yum-cron`.

Conclusion

Configuring `yum-cron` on your CentOS 7 system is straightforward. You can use the two configuration files provided by `yum-cron` to customize how the package behaves on your system.

By following the steps outlined in this article, you can automate updates on your server and keep it secure and up-to-date with the latest security patches. Updating a CentOS system regularly is essential to maintaining its security and functionality.

With the automatic updates feature in CentOS 7, you can automate the update process, which saves you time and ensures that your system is up-to-date with the latest security patches and software updates. In this article, we have looked at how to configure automatic updates on CentOS 7 using the `yum-cron` package.

We have covered installing and enabling the `yum-cron` package, configuring `yum-cron`, its configuration files, and how to customize package updates, send messages, and exclude packages. Keeping your CentOS system up-to-date is crucial to its performance and security.

With automatic updates, you do not have to worry about manually updating your system regularly, especially if you have many CentOS machines to manage. Additionally, automatic updates help you to avoid missing critical updates, including security patches, which can leave your system vulnerable to attacks.

With `yum-cron`, you can install updates automatically and configure the package to meet your system’s specific needs. By modifying the configuration files, you can customize how the package behaves, including specifying the frequency of updates, which updates to install, and how to notify you when updates are available.

Configuring `yum-cron` is easy, and you do not need advanced technical skills to get it up and running. By following the steps outlined in this article, you can configure automatic updates on your CentOS 7 system and keep it secure and up-to-date with the latest security patches and software updates.

Installing and configuring `yum-cron` is one of the most important steps you can take to ensure that your system is secure. Regular updates are critical to protecting your system from attacks and vulnerabilities resulting from outdated software.

By enabling automatic updates via `yum-cron`, you take a significant step towards securing your CentOS 7 system. With automatic updates, you ensure that your system is always up-to-date with the latest security patches and software updates, making it less vulnerable to attacks.

In summary, simply allowing your CentOS system to go un-updated could cause chaos. Vulnerabilities and outdated software could lead to hackers accessing sensitive data or income loss due to servers being unusable.

Ensure that you have sudo privileges, then proceed with installing and customizing your `yum-cron` package to update your CentOS server automatically and keep it secure. In conclusion, configuring automatic updates via the `yum-cron` package on your CentOS 7 system is crucial to its performance and security.

It saves you time, ensures your system is up-to-date with the latest security patches, and customizing its behavior is easy. Regular updates are necessary to keep your system protected from vulnerabilities and attacks resulting from outdated software.

With the steps outlined in this article, you can configure automatic updates, keep your system secure, and avoid the chaos that comes with an un-updated system. It’s an essential step in safeguarding your system, and the security of your data should never be overlooked.

Popular Posts