Want more timely Centmin Mod News Updates?
Become a Member

Automatic nightly YUM updates with yum-cron for CentOS 7 Only

Discussion in 'System Administration' started by eva2000, Sep 28, 2014.

  1. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Recent Linux security vulnerabilities and updates such as the bash exploit (shellshock) have highlighted the need to keep your Linux operating system's packages up to date. So it's a good idea to have in place an automatic nightly cron job which runs YUM updates.

    You can do nightly YUM updates automatically with email notifications via a package called yum-cron.

    How to install yum-cron ?



    To install yum-cron and setup email notifications run in SSH window:
    Code:
    yum -y install yum-cron
    chkconfig yum-cron on
    Then edit /etc/sysconfig/yum-cron (CentOS 6) to set MAILTO= email address or /etc/yum/yum-cron.conf (CentOS 7) to set email_to= for email notifications. If you use pushover.net for notifications to your mobile or tablet device, you can set


    For CentOS 6
    Code:
    MAILTO=yourUSERkey+devicename+p1@api.pushover.net
    For CentOS 7
    Code:
    email_to=yourUSERkey+devicename+p1@api.pushover.net
    For CentOS 7 whether or not if updates are applied are controlled by 3 variables in /etc/yum/yum-cron.conf or /etc/yum/yum-cron-hourly.conf both have the 3 variables disabled = no by default. Need to change them to yes

    Code:
    # Whether a message should emitted when updates are available.
    update_messages = no
    
    # Whether updates should be downloaded when they are available. Note
    # that updates_messages must also be yes for updates to be downloaded.
    download_updates = no
    
    # Whether updates should be applied when they are available.  Note
    # that both update_messages and download_updates must also be yes for
    # the update to be applied
    apply_updates = no
    Also for CentOS 7,
    messages either go to stdio or email, default is stdio so for emails set emit_via = email
    Code:
    # How to send messages.  Valid options are stdio and email.  If
    # emit_via includes stdio, messages will be sent to stdout; this is useful
    # to have cron send the messages.  If emit_via includes email, this
    # program will send email itself according to the configured options.
    # If emit_via is None or left blank, no messages will be sent.
    emit_via = stdio
    
    For CentOS 7, using sed replacements to enable yum-cron settings. This sets daily updates for full yum upgrades and hourly to security only updates.

    Code:
        EMAIL=your@email.com
        sed -i "s|^email_to = root|email_to = ${EMAIL}|" /etc/yum/yum-cron.conf
        sed -i 's|^update_messages = no|update_messages = yes|' /etc/yum/yum-cron.conf
        sed -i 's|^download_updates = no|download_updates = yes|' /etc/yum/yum-cron.conf
        sed -i 's|^apply_updates = no|apply_updates = yes|' /etc/yum/yum-cron.conf
        sed -i 's|^emit_via = stdio|emit_via = email|' /etc/yum/yum-cron.conf
    
        sed -i "s|^email_to = root|email_to = ${EMAIL}|" /etc/yum/yum-cron-hourly.conf
        sed -i 's|^update_cmd = default|update_cmd = security|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^update_messages = no|update_messages = yes|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^download_updates = no|download_updates = yes|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^apply_updates = no|apply_updates = yes|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^emit_via = stdio|emit_via = email|' /etc/yum/yum-cron-hourly.conf   
    
        egrep '^email_to|^update_messages|^download_updates|^apply_updates|^emit_via' /etc/yum/yum-cron.conf
        egrep '^email_to|^update_cmd|^update_messages|^download_updates|^apply_updates|^emit_via' /etc/yum/yum-cron-hourly.conf
        service yum-cron restart
    
    For CentOS 7 also has an hourly configuration file at /etc/yum/yum-cron-hourly.conf

    Code:
    [commands]
    #  What kind of update to use:
    # default                            = yum upgrade
    # security                           = yum --security upgrade
    # security-severity:Critical         = yum --sec-severity=Critical upgrade
    # minimal                            = yum --bugfix upgrade-minimal
    # minimal-security                   = yum --security upgrade-minimal
    # minimal-security-severity:Critical =  --sec-severity=Critical upgrade-minimal
    update_cmd = default
    
    # Whether a message should emitted when updates are available.
    update_messages = no
    
    # Whether updates should be downloaded when they are available. Note
    # that updates_messages must also be yes for updates to be downloaded.
    download_updates = no
    
    # Whether updates should be applied when they are available.  Note
    # that both update_messages and download_updates must also be yes for
    # the update to be applied
    apply_updates = no
    
    # Maximum amout of time to randomly sleep, in minutes.  The program
    # will sleep for a random amount of time between 0 and random_sleep
    # minutes before running.  This is useful for e.g. staggering the
    # times that multiple systems will access update servers.  If
    # random_sleep is 0 or negative, the program will run immediately.
    random_sleep = 15
    
    
    [emitters]
    # Name to use for this system in messages that are emitted.  If
    # system_name is None, the hostname will be used.
    system_name = None
    
    # How to send messages.  Valid options are stdio and email.  If
    # emit_via includes stdio, messages will be sent to stdout; this is useful
    # to have cron send the messages.  If emit_via includes email, this
    # program will send email itself according to the configured options.
    # If emit_via is None or left blank, no messages will be sent.
    emit_via = stdio
    
    # The width, in characters, that messages that are emitted should be
    # formatted to.
    ouput_width = 80
    
    
    [email]
    # The address to send email messages from.
    email_from = root
    
    # List of addresses to send messages to.
    email_to = root
    
    # Name of the host to connect to to send email messages.
    email_host = localhost
    
    
    [groups]
    # List of groups to update
    group_list = None
    
    # The types of group packages to install
    group_package_types = mandatory, default
    
    [base]
    # This section overrides yum.conf
    
    # Use this to filter Yum core messages
    # -4: critical
    # -3: critical+errors
    # -2: critical+errors+warnings (default)
    debuglevel = -2
    
    # skip_broken = True
    mdpolicy = group:main
    
    # Uncomment to auto-import new gpg keys (dangerous)
    # assumeyes = True

    Then start the yum-cron service
    Code:
    service yum-cron start
    sample /etc/sysconfig/yum-cron where I have set MAILTO to my pushover.net email address - yourUSERkey+devicename+p1@api.pushover.net so I get notifications to my mobile and tablet devices (a tip that @Matt posted about that keeps on giving :D ) and set the system name different from actual hostname of the server so I can more easily identify it among my 25+ servers, SYSTEMNAME="vultrol65".

    This is for my Vulr 768MB VPS running Oracle Linux 6.5 and Centmin Mod .08 beta and which just got auto yum-cron updated to MariaDB 10.0.14 MySQL version along with other YUM package updates.
    Code:
    # Pass any given paramter to yum, as run in all the scripts invoked
    # by this package.  Be aware that this is global, and yum is invoked in
    # several modes by these scripts for which your own parameter might not
    # be appropriate
    YUM_PARAMETER=
    
    # Don't install, just check (valid: yes|no)
    CHECK_ONLY=no
    
    # Check to see if you can reach the repos before updating (valid: yes|no)
    CHECK_FIRST=no
    
    # Don't install, just check and download (valid: yes|no)
    # Implies CHECK_ONLY=yes (gotta check first to see what to download)
    DOWNLOAD_ONLY=no
    
    # Error level, practical range 0-10, 0 means print only critical errors which
    # you must be told, 1 means print all errors, even ones that are not important
    # Level 0 is the default
    # ERROR_LEVEL=0
    
    # Debug level, practical range 0-10, higher number means more output
    # Level 1 is a useful level if you want to see what's been done and
    # don't want to read /var/log/yum.log
    # Level 0 is the default
    # DEBUG_LEVEL=1
    
    # randomwait is used by yum to wait random time
    # default is 60 so yum waits random time from 1 to 60 minutes
    # the value must not be zero
    RANDOMWAIT="60"
    
    # if MAILTO is set and the mail command is available, the mail command
    # is used to deliver yum output
    
    # by default MAILTO is unset, so crond mails the output by itself
    # example:  MAILTO=root
    MAILTO=yourUSERkey+devicename+p1@api.pushover.net
    
    # you may set SYSTEMNAME if you want your yum emails tagged differently
    # default is output of hostname command
    # this variable is used only if MAILTO is set too
    SYSTEMNAME="vultrol65"
    
    # you may set DAYS_OF_WEEK to the days of the week you want to run
    # default is every day
    #DAYS_OF_WEEK="0123456"
    
    # which day should it do cleanup on?  defaults to 0 (Sunday).  If this day isn't in the
    # DAYS_OF_WEEK above, it'll never happen
    CLEANDAY="0"
    
    # set to yes to make the yum-cron service to wait for transactions to complete
    SERVICE_WAITS=yes
    
    # set maximum time period (in seconds) for the yum-cron service to wait for
    # transactions to complete.  The default is 300 seconds (5 minutes)
    SERVICE_WAIT_TIME=300
    Code:
    mysqladmin ver
    mysqladmin  Ver 9.1 Distrib 10.0.14-MariaDB, for Linux on x86_64
    Copyright (c) 2000, 2014, Oracle, SkySQL Ab and others.
    
    Server version          10.0.14-MariaDB
    Protocol version        10
    Connection              Localhost via UNIX socket
    UNIX socket             /var/lib/mysql/mysql.sock
    Uptime:                 1 hour 48 min 10 sec
    Code:
    tail -50 /var/log/yum.log | grep 'Sep 27'; date
    
    Sep 27 05:21:26 Updated: nss-util-3.16.1-2.el6_5.x86_64
    Sep 27 05:21:26 Updated: nss-softokn-freebl-3.14.3-12.el6_5.x86_64
    Sep 27 05:21:26 Updated: nss-softokn-3.14.3-12.el6_5.x86_64
    Sep 27 05:21:26 Updated: nss-3.16.1-7.0.1.el6_5.x86_64
    Sep 27 05:21:26 Updated: nss-sysinit-3.16.1-7.0.1.el6_5.x86_64
    Sep 27 05:21:26 Updated: MariaDB-common-10.0.14-1.el6.x86_64
    Sep 27 05:21:27 Updated: MariaDB-compat-10.0.14-1.el6.x86_64
    Sep 27 05:21:28 Updated: MariaDB-client-10.0.14-1.el6.x86_64
    Sep 27 05:21:35 Updated: MariaDB-server-10.0.14-1.el6.x86_64
    Sep 27 05:21:35 Updated: MariaDB-shared-10.0.14-1.el6.x86_64
    Sep 27 05:21:37 Updated: MariaDB-devel-10.0.14-1.el6.x86_64
    Sep 27 05:21:37 Updated: nss-tools-3.16.1-7.0.1.el6_5.x86_64
    Sat Sep 27 07:13:26 PDT 2014
    Code:
    yum list installed MariaDB* -q
    Installed Packages
    MariaDB-client.x86_64                                                           10.0.14-1.el6                                                           @mariadb
    MariaDB-common.x86_64                                                           10.0.14-1.el6                                                           @mariadb
    MariaDB-compat.x86_64                                                           10.0.14-1.el6                                                           @mariadb
    MariaDB-devel.x86_64                                                            10.0.14-1.el6                                                           @mariadb
    MariaDB-server.x86_64                                                           10.0.14-1.el6                                                           @mariadb
    MariaDB-shared.x86_64                                                           10.0.14-1.el6                                                           @mariadb
    Screenshots from my Pushover client on mobile. As you can see I use pushover.net notifications for my forum's automatic backup script for forum files, database (schema, data and grants) which backups up every 8 hours + Linode's daily backups as well for Linux Malware Detect (maldet) + ClamAV scanner notifications and for yum-cron notifications for all my servers now including my new SoYouStart server :)

    yumcron_pushover_00.png
    yumcron_pushover_01.png

    Verifying yum-cron is working



    You can check your cron log at /var/log/cron to see if it ran

    Code:
    grep yum.cron /var/log/cron | tail -10
    Sep 29 03:24:01 vultr run-parts(/etc/cron.daily)[21165]: starting 0yum.cron
    Sep 29 03:28:39 vultr run-parts(/etc/cron.daily)[21235]: finished 0yum.cron
    Sep 30 04:45:01 vultr run-parts(/etc/cron.daily)[26324]: starting 0yum.cron
    Sep 30 04:54:00 vultr run-parts(/etc/cron.daily)[26403]: finished 0yum.cron
    Oct  1 03:39:01 vultr run-parts(/etc/cron.daily)[31068]: starting 0yum.cron
    Oct  1 04:29:19 vultr run-parts(/etc/cron.daily)[31314]: finished 0yum.cron
    and check yum log when it does notify of updates
    Code:
    tail -10 /var/log/yum.log
    Sep 27 04:08:45 Updated: nss-util-3.16.1-2.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-softokn-freebl-3.14.3-12.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-softokn-3.14.3-12.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-sysinit-3.16.1-7.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-3.16.1-7.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-tools-3.16.1-7.el6_5.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-libs-5.5-49.el6_5.4.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-5.5-49.el6_5.4.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-utils-5.5-49.el6_5.4.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-devel-5.5-49.el6_5.4.x86_64
     
    Last edited: Sep 29, 2015
  2. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    4:17 AM
    1.5.15
    MariaDB 10.2
    I've always had this set up to only check, and e-mail me if there is something that needs updating, so I can review what needs to be done and how it could possible impact the system (how we do it at work as well)

    upload_2014-9-27_16-42-24.png
     
  3. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yeah I haven't really experienced any YUM updates which would negatively impact a system much at all

    maybe could exclude some packages from update i.e. kernel

    Code:
    YUM_PARAMETER="-x kernel*" 
     
  4. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    4:17 AM
    1.5.15
    MariaDB 10.2
    It's more force of habbit for me, because at work a lot of stuff is custom compiled, so it's only checked on the 1st of the month as well.
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Custom compilled RPM packages ? or you mean source compiled ? if it's custom RPM packages via a repo, couldn't you just define --disablerepo=customreponame in YUM_PARAMETER ? Guess it would be nice if yum-cron could do multiple profiles for different yum repos.
     
  6. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    4:17 AM
    1.5.15
    MariaDB 10.2
    from source, and placed in different directories, to be run as different users
    Code:
    [inocapps@air-inocapps2 build]$ ls -hl
    total 15M
    drwxr-xr-x  6 inocapps inocapps 4.0K Nov  8  2013 htop-1.0.2
    -rw-rw-r--  1 inocapps inocapps 380K Nov  6  2012 htop-1.0.2.tar.gz
    drwxr-xr-x 18 inocapps inocapps 4.0K Nov  6  2013 php-5.4.21
    -rw-rw-r--  1 inocapps inocapps  15M Oct 18  2013 php-5.4.21.tar.gz
    [inocapps@air-inocapps2 build]$ pwd
    /opt/inocapps/apps/build
    [inocapps@air-inocapps2 build]$
    They are then built into approot
    Code:
    [inocapps@air-inocapps2 approot]$ ls
    bin  etc  include  lib  php  share
    [inocapps@air-inocapps2 approot]$ pwd
    /opt/inocapps/apps/approot
    [inocapps@air-inocapps2 approot]$ 
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yum excludes for htop and php would be easier then :)

    ah yum-cron is just a shell script at /etc/cron.daily/0yum.cron - could play with it :D

    i.e. create a second config file using a copy of /etc/sysconfig/yum-cron and second cronjob copy of /etc/cron.daily/0yum.cron for a different yum-cron profile ? So main yum-cron could have some packages excluded for updates and second yum-cron profile would have it for download or is available update notifications.

    Looks like you'd need separate copy of /etc/init.d/yum-cron startup script and for
    Code:
    LOCKDIR=/var/lock/yum-cron.lock
    LOCKFILE=$LOCKDIR/pidfile
    TSLOCK=$LOCKDIR/ts.lock
    Code:
    #!/bin/bash
    
    # Only run if this flag file is set (by /etc/rc.d/init.d/yum-cron)
    if [ ! -f /var/lock/subsys/yum-cron ]; then
      exit 0
    fi
    
    DAILYSCRIPT=/etc/yum/yum-daily.yum
    WEEKLYSCRIPT=/etc/yum/yum-weekly.yum
    LOCKDIR=/var/lock/yum-cron.lock
    LOCKFILE=$LOCKDIR/pidfile
    TSLOCK=$LOCKDIR/ts.lock
    
    # Grab config settings
    if [ -f /etc/sysconfig/yum-cron ]; then
      source /etc/sysconfig/yum-cron
    fi
    # set default for SYSTEMNAME
    [ -z "$SYSTEMNAME" ]  && SYSTEMNAME=$(hostname)
    
    # Only run on certain days of the week
    dow=`date +%w`
    DAYS_OF_WEEK=${DAYS_OF_WEEK:-0123456}
    if [ "${DAYS_OF_WEEK/$dow/}" == "${DAYS_OF_WEEK}" ]; then
      exit 0
    fi
    
    # if DOWNLOAD_ONLY is set then we force CHECK_ONLY too.
    # Gotta check before one can download!
    if [ "$DOWNLOAD_ONLY" == "yes" ]; then
      CHECK_ONLY=yes
    fi
    
    YUMTMP=$(mktemp /var/run/yum-cron.XXXXXX)
    touch $YUMTMP
    [ -x /sbin/restorecon ] && /sbin/restorecon $YUMTMP
    
    # Random wait function
    random_wait() {
      sleep $(( $RANDOM % ($RANDOMWAIT * 60) + 1 ))
    }
    
    # Note - the lockfile code doesn't try and use YUMTMP to email messages nicely.
    # Too many ways to die, this gets handled by normal cron error mailing.
    # Try mkdir for the lockfile, will test for and make it in one atomic action
    if mkdir $LOCKDIR 2>/dev/null; then
      # store the current process ID in there so we can check for staleness later
      echo "$$" >"${LOCKFILE}"
      # and clean up locks and tempfile if the script exits or is killed
      trap "{ rm -f $LOCKFILE $TSLOCK; rmdir $LOCKDIR 2>/dev/null; rm -f $YUMTMP; exit 255; }" INT TERM EXIT
    else
      # lock failed, check if process exists.  First, if there's no PID file
      # in the lock directory, something bad has happened, we can't know the
      # process name, so clean up the old lockdir and restart
      if [ ! -f $LOCKFILE ]; then
        rmdir $LOCKDIR 2>/dev/null
        echo "yum-cron: no lock PID, clearing and restarting myself" >&2
        exec $0 "$@"
      fi
      OTHERPID="$(cat "${LOCKFILE}")"
      # if cat wasn't able to read the file anymore, another instance probably is
      # about to remove the lock -- exit, we're *still* locked
        if [ $? != 0 ]; then
          echo "yum-cron: lock failed, PID ${OTHERPID} is active" >&2
          exit 0
        fi
        if ! kill -0 $OTHERPID &>/dev/null; then
          # lock is stale, remove it and restart
          echo "yum-cron: removing stale lock of nonexistant PID ${OTHERPID}" >&2
          rm -rf "${LOCKDIR}"
          echo "yum-cron: restarting myself" >&2
          exec $0 "$@"
        else
          # Remove stale (more than a day old) lockfiles
          find $LOCKDIR -type f -name 'pidfile' -amin +1440 -exec rm -rf $LOCKDIR \;
          # if it's still there, it wasn't too old, bail
          if [ -f $LOCKFILE ]; then
            # lock is valid and OTHERPID is active - exit, we're locked!
            echo "yum-cron: lock failed, PID ${OTHERPID} is active" >&2
            exit 0
          else
            # lock was invalid, restart
            echo "yum-cron: removing stale lock belonging to stale PID ${OTHERPID}" >&2
            echo "yum-cron: restarting myself" >&2
            exec $0 "$@"
          fi
        fi
    fi
    
    # Then check for updates and/or do them, as configured
    {
      # First, if this is CLEANDAY, do so
      CLEANDAY=${CLEANDAY:-0}
      if [ ! "${CLEANDAY/$dow/}" == "${CLEANDAY}" ]; then
          /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y shell $WEEKLYSCRIPT
      fi
    
      # Now continue to do the real work
      if [ "$CHECK_ONLY" == "yes" ]; then
        random_wait
        touch $TSLOCK
        /usr/bin/yum $YUM_PARAMETER -e 0 -d 0 -y check-update 1> /dev/null 2>&1
        case $? in
          1)   exit 1;;
          100) echo "New updates available for host `/bin/hostname`";
               /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y -C check-update
               if [ "$DOWNLOAD_ONLY" == "yes" ]; then
                   /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y --downloadonly update
                   echo "Updates downloaded, use \"yum -C update\" manually to install them."
               fi
               ;;
        esac
      elif [ "$CHECK_FIRST" == "yes" ]; then
        # Don't run if we can't access the repos
        random_wait
        touch $TSLOCK
        /usr/bin/yum $YUM_PARAMETER -e 0 -d 0 check-update 2>&-
        case $? in
          1)   exit 1;;
          100) /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y update yum
               /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y shell $DAILYSCRIPT
               ;;
        esac
      else
        random_wait
        touch $TSLOCK
        /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y update yum
        /usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y shell $DAILYSCRIPT
      fi
    } >> $YUMTMP 2>&1
    
    if [ ! -z "$MAILTO" ] && [ -x /bin/mail ]; then
    # if MAILTO is set, use mail command (ie better than standard mail with cron output)
      [ -s "$YUMTMP" ] && mail -s "System update: $SYSTEMNAME" $MAILTO < $YUMTMP
    else
    # default behavior is to use cron's internal mailing of output from cron-script
      cat $YUMTMP
    fi
    rm -f $YUMTMP
    
    exit 0
     
    Last edited: Sep 28, 2014
  8. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    Should be default on Centmin mod :)
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yeah but no way to set email notifications by default as no idea of end users email address
     
  10. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    Ask it on 1st install?
    Like the disk alert? :)
     
  11. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yeah then it wouldn't be unattended.. but yeah plan to add EMAIL option to centmin.sh so can use variable for stuff like this :D
     
  12. Andy

    Andy Active Member

    540
    89
    28
    Aug 6, 2014
    Ratings:
    +132
    Local Time:
    10:17 PM
    add variable in centmin.sh and we can edit it later.
     
  13. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    That's the plan :D
     
  14. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    This will run only once a day?
    Still can't confirm if it's working or not on my live server.
     
  15. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yeah one per day and only notify if there is an update. You can check your cron log at /var/log/cron to see if it ran

    Code:
    grep yum.cron /var/log/cron | tail -10
    Sep 29 03:24:01 vultr run-parts(/etc/cron.daily)[21165]: starting 0yum.cron
    Sep 29 03:28:39 vultr run-parts(/etc/cron.daily)[21235]: finished 0yum.cron
    Sep 30 04:45:01 vultr run-parts(/etc/cron.daily)[26324]: starting 0yum.cron
    Sep 30 04:54:00 vultr run-parts(/etc/cron.daily)[26403]: finished 0yum.cron
    Oct  1 03:39:01 vultr run-parts(/etc/cron.daily)[31068]: starting 0yum.cron
    Oct  1 04:29:19 vultr run-parts(/etc/cron.daily)[31314]: finished 0yum.cron
    and check yum log when it does notify of updates
    Code:
    tail -10 /var/log/yum.log 
    Sep 27 04:08:45 Updated: nss-util-3.16.1-2.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-softokn-freebl-3.14.3-12.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-softokn-3.14.3-12.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-sysinit-3.16.1-7.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-3.16.1-7.el6_5.x86_64
    Sep 27 04:08:45 Updated: nss-tools-3.16.1-7.el6_5.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-libs-5.5-49.el6_5.4.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-5.5-49.el6_5.4.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-utils-5.5-49.el6_5.4.x86_64
    Oct 01 04:29:18 Updated: 1:net-snmp-devel-5.5-49.el6_5.4.x86_64
     
  16. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    yeah looks like running.
     
  17. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    Don't know what happen but this command: grep yum.cron /var/log/cron | tail -10
    Doesn't output any data anymore, and I have this update since yesterday:
    Code:
    # yum update
    Loaded plugins: downloadonly, fastestmirror, priorities
    Loading mirror speeds from cached hostfile
    epel/metalink                                                                              |  16 kB     00:00
    * base: less.cogeco.net
    * epel: epel.mirror.constant.com
    * extras: centos.cubiculestudio.com
    * rpmforge: repoforge.mirror.constant.com
    * updates: centos.bhs.mirrors.ovh.net
    base                                                                                       | 3.7 kB     00:00
    extras                                                                                     | 3.3 kB     00:00
    mariadb                                                                                    | 1.9 kB     00:00
    rpmforge                                                                                   | 1.9 kB     00:00
    updates                                                                                    | 3.4 kB     00:00
    1582 packages excluded due to repository priority protections
    Setting up Update Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package tzdata.noarch 0:2014g-1.el6 will be updated
    ---> Package tzdata.noarch 0:2014h-1.el6 will be an update
    ---> Package tzdata-java.noarch 0:2014g-1.el6 will be updated
    ---> Package tzdata-java.noarch 0:2014h-1.el6 will be an update
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ==================================================================================================================
    Package                      Arch                    Version                      Repository                Size
    ==================================================================================================================
    Updating:
    tzdata                       noarch                  2014h-1.el6                  updates                  449 k
    tzdata-java                  noarch                  2014h-1.el6                  updates                  176 k
    
    Transaction Summary
    ==================================================================================================================
    Upgrade       2 Package(s)
    
    Total download size: 625 k
    Is this ok [y/N]: n
    Exiting on user Command
    
    
    
    Until now it's there.
    What could be the problem?
     
  18. eva2000

    eva2000 Administrator Staff Member

    53,461
    12,128
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,668
    Local Time:
    1:17 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    what about
    Code:
    grep yum.cron /var/log/cron 
    could just be the cron log was rotated and a fresh empty log is now in place
    you can check
    Code:
    ls -lahrt /var/log | grep cron
     
  19. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    /etc/sysconfig/yum-cron content:
    Code:
    # Pass any given paramter to yum, as run in all the scripts invoked
    # by this package.  Be aware that this is global, and yum is invoked in
    # several modes by these scripts for which your own parameter might not
    # be appropriate
    YUM_PARAMETER=
    
    # Don't install, just check (valid: yes|no)
    CHECK_ONLY=no
    
    # Check to see if you can reach the repos before updating (valid: yes|no)
    CHECK_FIRST=no
    
    # Don't install, just check and download (valid: yes|no)
    # Implies CHECK_ONLY=yes (gotta check first to see what to download)
    DOWNLOAD_ONLY=no
    
    # Error level, practical range 0-10, 0 means print only critical errors which
    # you must be told, 1 means print all errors, even ones that are not important
    # Level 0 is the default
    # ERROR_LEVEL=0
    
    # Debug level, practical range 0-10, higher number means more output
    # Level 1 is a useful level if you want to see what's been done and
    # don't want to read /var/log/yum.log
    # Level 0 is the default
    # DEBUG_LEVEL=1
    
    # randomwait is used by yum to wait random time
    # default is 60 so yum waits random time from 1 to 60 minutes
    # the value must not be zero
    RANDOMWAIT="60"
    
    # if MAILTO is set and the mail command is available, the mail command
    # is used to deliver yum output
    
    # by default MAILTO is unset, so crond mails the output by itself
    # example:  MAILTO=root
    MAILTO=mypersonalemail@gmail.com
    
    # you may set SYSTEMNAME if you want your yum emails tagged differently
    # default is output of hostname command
    # this variable is used only if MAILTO is set too
    SYSTEMNAME="SoYouStartServer"
    
    # you may set DAYS_OF_WEEK to the days of the week you want to run
    # default is every day
    #DAYS_OF_WEEK="0123456"
    
    # which day should it do cleanup on?  defaults to 0 (Sunday).  If this day isn't in the
    # DAYS_OF_WEEK above, it'll never happen
    CLEANDAY="0"
    
    # set to yes to make the yum-cron service to wait for transactions to complete
    SERVICE_WAITS=yes
    
    # set maximum time period (in seconds) for the yum-cron service to wait for
    # transactions to complete.  The default is 300 seconds (5 minutes)
    SERVICE_WAIT_TIME=300
    
     
  20. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:17 AM
    Mainline
    10.2
    grep yum.cron /var/log/cron, No output.

    # ls -lahrt /var/log | grep cron
    -rw-------. 1 root root 366K Sep 21 03:34 cron-20140921
    -rw------- 1 root root 2.0M Sep 28 03:06 cron-20140928
    -rw------- 1 root root 2.0M Oct 5 03:11 cron-20141005
    -rw------- 1 root root 83K Oct 5 10:09 cron

    I'm confuse why it's is not updating automatically?
    that update is already there since yesterday, I doesn't update it myself to see if cron works or not.
    But looks like it's not :confused: