Q: How can I enable automatic software updates on CentOS 8 / RHEL 8 Linux machine?. This post describes the process of planning and configuring the way security and other system updates are installed automatically without manual intervention on a CentOS 8 / RHEL 8 system. Automatic updates are not recommended for a critical server, for which unplanned downtime of a service on the machine can not be tolerated.
We’ll configure our RHEL 8 / CentOS 8 Linux to apply all updates on a daily schedule. But it is up to you as System Administrator to decide whether automatic updates are desirable or not for a particular machine.
Here is how easy it can be to enable automatic DNF updates on CentOS 8 / RHEL 8.
Step 1: Install dnf-automatic RPM package
We need to install the dnf-automatic RPM package which provides a DNF component started automatically.
sudo dnf install -y vim dnf-automaticMore details on the package can be pulled with the rpm command.
$ rpm -qi dnf-automatic
Name : dnf-automatic
Version : 4.7.0
Release : 16.el8_8
Architecture: noarch
Install Date: Mon 05 Jun 2023 11:37:01 PM UTC
Group : Unspecified
Size : 52591
License : GPLv2+
Signature : RSA/SHA256, Tue 16 May 2023 08:35:43 AM UTC, Key ID 15af5dac6d745a60
Source RPM : dnf-4.7.0-16.el8_8.src.rpm
Build Date : Tue 16 May 2023 08:26:45 AM UTC
Build Host : ord1-prod-a64build001.svc.aws.rockylinux.org
Relocations : (not relocatable)
Packager : [email protected]
Vendor : Rocky
URL : https://github.com/rpm-software-management/dnf
Summary : Package manager - automated upgrades
....
Step 2: Configure dnf-automatic updates
The configuration file is /etc/dnf/automatic.conf. Set required values correctly to fit your software requirements.
sudo vi /etc/dnf/automatic.confHere is a sample configuration file.
[commands]
upgrade_type = default
random_sleep = 0
download_updates = yes
apply_updates = yes
[emitters]
emit_via = motd
[email]
email_from = [email protected]
email_to = root
email_host = localhost
[base]
debuglevel = 1
dnf-automatic can be set to only download new updates and alert your via email, or motd of available updates which you could then install manually. To set this, disable apply_updates.
apply_updates = noAnd set correct alert method.
Step 3: Running dnf-automatic
Once you are finished with configuration, execute the following command to schedule DNF automatic updates for RHEL 8 / CentOS 8 machine.
sudo systemctl enable --now dnf-automatic.timerThe command executed will enable and start the systemd timer. To check the status of dnf-automatic service, run:
$ systemctl list-timers *dnf-*
EXT LEFT LAST PASSED UNIT ACTIVATES
Wed 2023-08-16 22:30:31 UTC 26min left - - dnf-makecache.timer dnf-makecache.service
Thu 2023-08-17 06:09:21 UTC 8h left - - dnf-automatic.timer dnf-automatic.service
2 timers listed.
Pass --all to see loaded but inactive timers, too.
Conclusion
The main advantage of enabling YUM|DNF automatic updates on RHEL 8 / CentOS 8 Linux is that your machines will get updated more uniformly, quickly and frequently as compared to manual updates. This will give you more points against internet attacks.
Recommended Linux Books to read:
- Best Linux Books for Beginners & Experts
- Best Linux Kernel Programming Books
- Best Linux Bash Scripting Books
Similar guides:
Install and Configure DHCP Server & Client on CentOS 8 / RHEL 8
How To Join CentOS 8 / RHEL 8 System to Active Directory (AD) domain
How To Manage CentOS 8 With Cockpit Web Admin Console
