Yum-cron installing and configuring

yum-cron is an alternate interface to yum that is optimised to be convenient to call from cron. It provides methods to keep repository metadata up to date, and to check for, download, and apply updates. Rather than accepting many different command line arguments, the different functions of yum cron can be accessed through config files.

Installing

yum install yum-cron

The next thing to do is to add the service to the available services:

systemctl enable yum-cron.service

or

chkconfig yum-cron on
yum-cron

Configuring

Configuring yum-cron involves open /etc/yum/yum-cron.conf in your editor of choice. In centos 7 there are 3 settings that you will need to change:

# Whether a message should emitted when updates are available.
update_messages = yes

# Whether updates should be downloaded when they are available. Note
# that updates_messages must also be yes for updates to be downloaded.
download_updates = yes

# Whether updates should be applied when they are available.  Note
# that both update_messages and download_updates must also be yes for
# the update to be applied
apply_updates = yes

CentOS 7 also has an hourly configuration file at /etc/yum/yum-cron-hourly.conf

There are 4 lines to change inside this file

What kind of update to use:
default = yum upgrade
security = yum –security upgrade
security-severity:Critical = yum –sec-severity=Critical upgrade
minimal = yum –bugfix update-minimal
minimal-security = yum –security update-minimal
minimal-security-severity:Critical = –sec-severity=Critical update-minimal

update_cmd = security

Whether a message should emitted when updates are available.

update_messages = yes

Whether updates should be downloaded when they are available. Note that updates_messages must also be yes for updates to be downloaded.

download_updates = yes

Whether updates should be applied when they are available. Note that both update_messages and download_updates must also be yes for the update to be applied

apply_updates = yes

You will now have hourly security updates and daily updates for everything else. The updates will download and apply automatically :D

The last thing you need to do is to turn on the yum cron service:

service yum-cron start

or

systemctl start yum-cron.service

Background

I have a virtual machine on my esxi box [Its since been changed to a proxmox box, but still a machine running a lot of vm’s] running centos 7. I don’t log in all that much, as most of the operations that are run are automatic (eg polling my github repo and executing builds)

Manually logging in and running a yum update isnt that much of a hastle, but there is a way to automate it (there are a few ways, but this way is easy)

Install yum-cron and add the service to your system

yum install yum-cron
chkconfig yum-cron on

then you can edit its cron task and set an email address of you like:

vi /etc/yum/yum-cron.conf 

# paste this line in the top of the file
email_to=user@domain

then start the yum-cron service

service yum-cron start

#there is also a way to start this with systemd, but the above command is much easier to remember

References:
this helpful guide: https://community.centminmod.com/threads/automatic-nightly-yum-updates-with-yum-cron.1507/
yum-cron man page: http://man7.org/linux/man-pages/man8/yum-cron.8.html

Sources: Fedora Project

Leave a Reply