Install Security Updates Only on CentOS 8 / RHEL 8

The CentOS Linux provides information about security flaws that affect the operating system components and services in the form of security advisories. Keeping the system updated and ensuring no security flaws is an OKR of any Linux Sysadmin.

In this article we will look at how you can update installed packages on your CentOS system for security. This is necessary if you have critical applications running in production and have fears on application breaking as a result of dependencies upgrade.

You can list the security updates available for your CentOS 8 Linux machine with the following command:

sudo yum updateinfo list updates security

Install Security updates only on CentOS 8 / RHEL 8

If you want to display the list of security updates which have been installed on the system use this command:

sudo yum updateinfo list security installed

To install all security updates, use the command:

sudo yum update --security

Please Note that without the --security parameter, the yum command will install all updates that include bug fixes and enhancements.

Confirm the installation by pressing the y key:

.......
Transaction Summary
===========================================
Upgrade  ... Packages

Total download size: ... M
Is this ok [y/d/N]: y

You can confirm if a restart is required by any processes after installing the updated packages:

sudo yum needs-restarting

If you want to lock updates to a specific release of CentOS Linux, set release first:

sudo subscription-manager release --list
sudo subscription-manager release --set=<release>

You can then conform the updates were successful and enjoy running CentOS Linux with the latest security updates.

Recommended Security Books to read:

• Best Penetration Testing Books
• Best Cybersecurity Books To Read
• Best CompTIA Security+ (SY0-601) Certification Books
• Best Books To Learn Data Security & Encryption
• Top Certified Information Security Manager (CISM) study books