CentOS / RHEL Configure Yum Automatic Update Retrieval and Installation

by on May 18, 2009 · 13 comments· LAST UPDATED May 18, 2009

in , ,

The yum command line tool is used to install and update software packages under RHEL / CentOS Linux server. I know how to apply updates using yum update command line, but I'd like to use cron to manually update packages where appropriate. How do I configure yum to install software patches / updates automatically with cron?

You can use yum-updatesd service provided with CentOS / RHEL servers. However, this service provides a few overheads. You can create daily or weekly updates with the following shell script. Create

  • /etc/cron.daily/yumupdate.sh to apply updates one a day.
  • /etc/cron.weekly/yumupdate.sh to apply updates once a week.

Sample shell script to update system

A shell script that instructs yum to update any packages it finds via cron:

#!/bin/bash
YUM=/usr/bin/yum
$YUM -y -R 120 -d 0 -e 0 update yum
$YUM -y -R 10 -e 0 -d 0 update
 

(Code listing -01: /etc/cron.daily/yumupdate.sh)

Where,

  1. First command will update yum itself and next will apply system updates.
  2. -R 120 : Sets the maximum amount of time yum will wait before performing a command
  3. -e 0 : Sets the error level to 0 (range 0 - 10). 0 means print only critical errors about which you must be told.
  4. -d 0 : Sets the debugging level to 0 - turns up or down the amount of things that are printed. (range: 0 - 10).
  5. -y : Assume yes; assume that the answer to any question which would be asked is yes.

Make sure you setup executable permission:
# chmod +x /etc/cron.daily/yumupdate.sh

Recommend readings:

  1. yum man page
  2. yum command: Update / Install Packages under Redhat Enterprise / CentOS Linux Version 5.x
  3. How do I add jobs to cron under Linux or UNIX oses?
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 13 comments… read them below or add one }

1 cod3fr3ak May 19, 2009 at 2:38 pm

Good info. Thanks!

Reply

2 Marcus Moeller May 19, 2009 at 4:29 pm

This is where yum-updatesd is for. Please take a look at:

/etc/yum/yum-updatesd.conf

for configuration parameters. Updates will automatically be applied with:

do_update = yes

Best Regards
Marcus

Reply

3 Patrick May 19, 2009 at 7:22 pm

As Marcus said, yum-updatesd already does this !
And as it’s not yet clearly said, auto updating is not recommended at all on production servers !!!
Only do this on test or dev servers… or your linux desktop.
Best regards
Patrick

Reply

4 yum-check May 25, 2009 at 6:20 am

I use script called yum-check from CentOS wiki. It works great, its called from cron.daily and if there is a updates, send a mail to me. You can set only notify, download or direct download and install updates.

http://wiki.centos.org/YumCheckOrInstallUpdates

Reply

5 sys01admin September 13, 2010 at 6:47 pm

True, yum-updatesd already does handle ad hoc updates defined by the run_interval and updaterefresh intervals. My question is how do you define a specific time for updates. e.g. in production you want all servers to update say Friday, 3:00am, or nightly at 2:00am. Apart from cron how is that done?

Reply

6 nixCraft September 13, 2010 at 7:22 pm

You have three options:
1) Write your own tool and push updates on all hosts using custome programming and cron jobs.
2) Use patch managment software such as PatchLink Update Server, Novell ZENworks Linux Management, RHEL satellite/Spacewalk etc.
3) Use other open source system management tools such as Chef, Puppet, and, Cfengine.

Reply

7 sys01admin September 15, 2010 at 1:23 pm

Thanks Vivek, very helpful!

Reply

8 Antonio September 8, 2011 at 10:43 am

Why -R is equal to 120? Why yum will wait 120 minutes to start ?
thanks

Reply

9 Mykolas OK November 9, 2011 at 5:36 pm

Patric says: updating is not recommended at all on production servers

I would like to make critical updates (bug fixes) on my production servers daily.
Is it not good idea?

How to organize it without updating packages to new versions?

Thank you for comments.

Reply

10 Annegret February 7, 2012 at 3:26 pm

Bravo!!! You have taken a farufel task and made it come out smooth. WELL DONE TUTORIAL!

Reply

11 Christian April 2, 2012 at 6:59 am

Nice tutorial. BTW, why isn’t it recommended to auto-update? I can choose the repos and sources I want to install, and if I have a server for which security is critical – why not keep it up to date?
Of course, external sources/repos and Alpha/Beta/RC software isn’t a good idea on those – but if I stick to the original repos, then what is in the way of having a cron job do the work.
BTW, I think the -R 120 option is for having yum wait in case that it cannot perform its job right away. But feel free to correct me, if I am wrong.

Reply

12 guest007 March 7, 2013 at 2:05 am

Updating automatically is not recommended on production servers because you do not know if it will break anything in your application, there are many instances where due to a patch you might need to update your application.

As to how do organizations do it, you have a patching cycle where you would apply updates to QA/test environment and have QA regress to make sure there are no issues. Next you apply same updates to staging and perform QA. Lastly you go through change control and apply updates to production (usually do half the farm), and QA. After half the production farm is updated and performing without issues, go ahead and patch the remaining servers. At least this is how it is done in 24x7x365 environments.

Reply

13 kubrick April 24, 2013 at 9:39 am

If you want automatic updates in CentOS 6, install this package:
yum install yum-cron

Regards.

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , ,

Previous Faq:

Next Faq: