Linux Patch Management: Keeping Linux Systems Up To Date

Linux Patch Management: Keeping Linux Systems Up To Date

Being a system administrator, we always need to keep our systems up to date with latest packages. Its difficult to go to server daily and check for available packages. For the same we can use yum-updatesd service to get email notifications to our mailbox or we can also configure this service to update any packages automatically when available.

Yum-updatesd can be configured with few easy steps given below. You may also need to install top yum repositories provided latest packages.

Step 1: Install/Update yum-updatesd Package

By default this package installed on system installation time. So should just update this package before configure it.

# yum update yum-updatesd

Step 2: Configure yum-updatesd

Change configuration file as per your requirements. Edit file in your favorite editor, for example i use vim.

# vim /etc/yum/yum-updatesd.conf
[main]
# how often to check for new updates (in seconds)
run_interval = 3600
# how often to allow checking on request (in seconds)
updaterefresh = 600

# how to send notifications (valid: dbus, email, syslog)
emit_via = email

# Put your mail address
email_to = admin@linuxmasterswiki.com
# who send the notifications
email_from = support@linuxmasterswiki.com

# should we listen via dbus to give out update information/check for
# new updates
dbus_listener = yes

# automatically install updates
do_update = no
# automatically download updates
do_download = no
# automatically download deps of updates
do_download_deps = no

Configuration Details:

run_interval:

    • Number of seconds to rechecks for available updates.

updaterefresh:

    • Minimum number of seconds between update information refreshes.

emit_via:

    • Ways to emit update notification. Valid values are ’email’, ‘dbus’ and ‘syslog’.

do_update:

    • ‘yes’ for auto update packages, ‘no’ for not to auto update ( preferred ‘no’ )

do_download:

    • ‘yes’ for auto download packages, ‘no’ for not to download updates ( preferred ‘no’ )

do_download_deps:

    • yes’ for auto download packages dependencies also, ‘no’ for not to download dependencies ( preferred ‘no’ )

email_to:

    • Email addresses to send update notification to.

email_from:

    Email address for update notifications to be from.

Step 3: Exclude Some Packages from Auto Update

Few of packages we don’t need to auto update until more specific reason, for eg PHP and MySQL. To do it editpen /etc/yum.conf file.

# vi /etc/yum.conf

And add the following line under [main] section.

 exclude=php* kernel* mysql* httpd*

Step 4: Restart yum-updatesd Service

Use following command to restart yum-updatesd service and enable auto start on system boot.

# /etc/init.d/yum-updatesd restart
# chkconfig yum-updatesd on

You will get email to your mailbox like below

Hi,
This is the automatic update system on linuxmasterswiki.com.

There are 12 package updates available. Please run the system updater.

Packages available for update:

    mutt
    initscripts
    gnutls
    gnupg
    talk
    nss_db
    at
    gd
    avahi
    gettext
    samba
    rsh

Thank You,
Your Computer

Thanks for reading this post. I hope this post will help you for keep up to date your system.

Was this Tutorial helpful? Help others share on Facebook, Twitter, and Google Plus!

 
Enjoyed this video?
Linux Patch Management: Keeping Linux Systems Up To Date
"No Thanks. Please Close This Box!"