Amazon Linux AMI update installed packages for security

I would like to update installed packages for security on Amazon Linux AMI server running in the cloud. How can I update my Amazon Linux AMI system using yum command?

Keeping your system, kernel, and the installed application is an essential sysadmin task. An updated Amazon Linux AMI server means fewer security issues and increased system stability. Amazon Linux AMI is pretty user-friendly when it comes to applying updates and patches. This page shows how to update Amazon Linux system using the yum command.

Amazon Linux AMI update installed packages for security

The procedure to install updates on Amazon Linux EC2 is as follows:

Open the terminal app.
For remote server log in using the ssh command: ssh user@server-name-here.
Show information about update advisories, run: sudo yum updateinfo
Issue the command sudo yum update to refresh package database and install updates.
Reboot the system if kernel was updated by typing sudo reboot command.

Let us see all commands and examples in details.

Find out info about available security-related updates

It is a good idea to find out if there any updates available for the box. Hence, run the following command:
sudo yum updateinfo
Sample outputs:

Loaded plugins: priorities, update-motd, upgrade-helper
amzn-main/latest                                                                                                                                      | 2.1 kB  00:00:00     
amzn-updates/latest                                                                                                                                   | 2.5 kB  00:00:00     
Updates Information Summary: updates
    10 Security notice(s)
         1 important Security notice(s)
         1 low Security notice(s)
         8 medium Security notice(s)
updateinfo summary done

Want to see a list of the updates on screen? Try the following command along with grep command:
sudo yum check-update sudo yum check-update | more sudo yum check-update | grep bash sudo yum check-update

Before you apply updates please note down Linux kernel version, run:
uname -mrs
Sample outputs:

Linux 4.14.123-86.109.amzn1.x86_64 x86_64

How to install updates via yum command line for Amazon Linux on EC2

Open up a terminal application or log in using ssh. Run the yum command to upgrade all installed packages on Amazon Linux cloud server:
sudo yum update

One can only apply security related updates to the machines, run:
sudo yum --security update

How do I update a single package?

Run the following command:
sudo yum update pkg_name sudo yum update curl
It is also possible to install all updates except php73 and curl packages as follows:
sudo yum -x 'php73*' -x 'curl*' update
The -x option exclude packages specified given name. See “Force yum update Command To Exclude Certain Packages” for more info.

Reboot the Linux system

You must reboot system when kernel gets updated, run:
sudo reboot
Verify Linux kernel version and list updates:
uname -mrs sudo yum updateinfo

Checking For and Updating Packages on Amazon Linux AMI

Conclusion

You learned how to install the software update for all installed packages using the CLI methods on Amazon Linux AMI based systems running on AWS cloud EC2 or Lightsail server. See Amazon page for more information.

This entry is 3 of 6 in the How to keep your Linux system up-to-date Tutorial series. Keep reading the rest of the series:

RHEL 8 update installed packages for security
FreeBSD Applying Security Updates Using pkg/freebsd-update
Amazon Linux AMI update installed packages for security
SUSE 15 update installed packages for security
CentOS 8 update installed packages for security
Ubuntu 20.04 LTS update installed packages for security

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.