Amazon Linux AMI update installed packages for security

last updated in Categories , ,

I would like to update installed packages for security on Amazon Linux AMI server running in the cloud. How can I update my Amazon Linux AMI system using yum command?

Keeping your system, kernel, and the installed application is an essential sysadmin task. An updated Amazon Linux AMI server means fewer security issues and increased system stability. Amazon Linux AMI is pretty user-friendly when it comes to applying updates and patches. This page shows how to update Amazon Linux system using the yum command.

Amazon Linux AMI update installed packages for security

The procedure to install updates on Amazon Linux EC2 is as follows:

  1. Open the terminal app.
  2. For remote server log in using the ssh command: ssh user@server-name-here.
  3. Show information about update advisories, run: sudo yum updateinfo
  4. Issue the command sudo yum update to refresh package database and install updates.
  5. Reboot the system if kernel was updated by typing sudo reboot command.

Let us see all commands and examples in details.

Find out info about available security-related updates

It is a good idea to find out if there any updates available for the box. Hence, run the following command:
sudo yum updateinfo
Sample outputs:

Loaded plugins: priorities, update-motd, upgrade-helper
amzn-main/latest                                                                                                                                      | 2.1 kB  00:00:00     
amzn-updates/latest                                                                                                                                   | 2.5 kB  00:00:00     
Updates Information Summary: updates
    10 Security notice(s)
         1 important Security notice(s)
         1 low Security notice(s)
         8 medium Security notice(s)
updateinfo summary done

Want to see a list of the updates on screen? Try the following command along with grep command:
sudo yum check-update
sudo yum check-update | more
sudo yum check-update | grep bash
sudo yum check-update

Check for Amazon Linux AMI software and security updates
Before you apply updates please note down Linux kernel version, run:
uname -mrs
Sample outputs:

Linux 4.14.123-86.109.amzn1.x86_64 x86_64

How to install updates via yum command line for Amazon Linux on EC2

Open up a terminal application or log in using ssh. Run the yum command to upgrade all installed packages on Amazon Linux cloud server:
sudo yum update
Amazon Linux AMI Applying Security Updates Using yum
One can only apply security related updates to the machines, run:
sudo yum --security update
Amazon Linux AMI update installed packages using yum

How do I update a single package?

Run the following command:
sudo yum update pkg_name
sudo yum update curl

It is also possible to install all updates except php73 and curl packages as follows:
sudo yum -x 'php73*' -x 'curl*' update
The -x option exclude packages specified given name. See “Force yum update Command To Exclude Certain Packages” for more info.

Reboot the Linux system

You must reboot system when kernel gets updated, run:
sudo reboot
Verify Linux kernel version and list updates:
uname -mrs
sudo yum updateinfo

Checking For and Updating Packages on Amazon Linux AMI
Checking For and Updating Packages on Amazon Linux AMI

Conclusion

You learned how to install the software update for all installed packages using the CLI methods on Amazon Linux AMI based systems running on AWS cloud EC2 or Lightsail server. See Amazon page for more information.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Start the discussion at www.nixcraft.com

Historical Comment Archive