In a world of emerging and ever-evolving cyber threats and breaches, applying security updates will go a long way in safeguarding your system against potential threats. And what a joy it would be if the application of these updates is done automatically without your intervention!
This means that you would worry less about manually updating your system and focus on other system administration tasks.
Recommended Read: dnf-automatic – Install Security Updates Automatically in CentOS 8
In this tutorial, you will learn how to use yum-cron to install and configure security updates automatically on your CentOS 7system.
So what is Yum-Cron?
Step 1: Installing Yum-cron Utility in CentOS 7
The Yum-cron comes preinstalled on CentOS 7, but if for whatever reason it is not present, you can install it by running the command.
# yum install yum-cron
# rpm -qa | grep yum-cron
After the successful installation of the yum-cron utility, you need to configure it to automatically retrieve security updates and update your system. There are 2 kinds of updates: the default update which is initialized using the
yum update command, minimal update and finally the security update.
Sometimes, you may need to maintain the version of packages and not update them due to compatibility issues that may arise with other applications that depend on the package. Sometimes, this may even include the kernel itself.
To achieve this, head back to the
yum-cron.conf configuration file. At the bottom, in the
[base] section, append a line with the
‘exclude’ parameter and define the packages you want to exclude from updating.
# cat /var/log/yum.log | grep -i updated
Automatic system updates are controlled by a cron job that runs daily and is stored in the
/var/log/cron file. To check the logs for the daily cron job run.
# cat /var/log/cron | grep -i yum-daily
Your CentOS 7 system is now fully configured for automatic security updates and you won’t have to stress over manually updating your system.