Welcome to Centmin Mod Community
Register Now

Automatic nightly YUM updates with yum-cron for CentOS 7 Only

Discussion in 'System Administration' started by eva2000, Sep 28, 2014.

  1. Eduardo

    Eduardo Member

    38
    3
    8
    Feb 7, 2015
    Ratings:
    +5
    Local Time:
    1:54 AM
    1.7.9
    yes, its centminmod beta. I've removed postfix and replaced with ssmpt to use with mandrill.

    Thanks for your help :)

     
  2. rdan

    rdan Well-Known Member

    5,439
    1,399
    113
    May 25, 2014
    Ratings:
    +2,188
    Local Time:
    12:54 PM
    Mainline
    10.2
    This one seems working for me, as I didn't update ES to 1.5.1 knowing it's updated now :D
    But I don't receive an email :/
     
  3. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    check your /var/log/maillog for your email address to see what happened around time of yum update, you can use yum history info to find the specific time yum ran

    Code:
    yum history
    yum history info IDNUMBER
     
  4. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    If i just install yum-cron and edit the /etc/yum/yum-cron-hourly.conf it will run every hour?

    And if i want to run it every 30 minutes how can set it?
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yes for CentOS 7, it allows you to run different update_cmd settings in hourly from daily one

    daily yum-cron referenced in /etc/cron.daily/0yum-daily.cron

    Code:
    cat /etc/cron.daily/0yum-daily.cron
    #!/bin/bash
    
    # Only run if this flag is set. The flag is created by the yum-cron init
    # script when the service is started -- this allows one to use chkconfig and
    # the standard "service stop|start" commands to enable or disable yum-cron.
    if [[ ! -f /var/lock/subsys/yum-cron ]]; then
      exit 0
    fi
    
    # Action!
    exec /usr/sbin/yum-cron
    hourly yum-cron referenced in /etc/cron.hourly/0yum-hourly.cron

    Code:
    cat /etc/cron.hourly/0yum-hourly.cron
    #!/bin/bash
    
    # Only run if this flag is set. The flag is created by the yum-cron init
    # script when the service is started -- this allows one to use chkconfig and
    # the standard "service stop|start" commands to enable or disable yum-cron.
    if [[ ! -f /var/lock/subsys/yum-cron ]]; then
      exit 0
    fi
    
    # Action!
    exec /usr/sbin/yum-cron /etc/yum/yum-cron-hourly.conf
    haven't done it myself but I suppose for CentOS 7, you can copy the /etc/cron.hourly/0yum-hourly.cron file to say /root/tools/yum-custom.cron and then replace it's contents with

    Code:
    #!/bin/bash
    
    if [[ ! -f /var/lock/subsys/yum-cron ]]; then
      exit 0
    fi
    
    exec /usr/sbin/yum-cron /etc/yum/yum-cron-custom.conf
    chmod 0700 the /root/tools/yum-custom.cron file and then setup custom cronjob for /root/tools/yum-custom.cron file

    then copy /etc/yum/yum-cron-hourly.conf to /etc/yum/yum-cron-custom.conf and edit /etc/yum/yum-cron-custom.conf accordingly
     
  6. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    On Centos 7.1 i can't find the:

    Code:
    CHECK_ONLY=
    What i am doing wrong?

    I can't find it on the daily file:

    Code:
    /etc/yum/yum-cron.conf
    and can't find it also at the hourly:

    Code:
    /etc/yum/yum-cron-hourly.conf
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    did you even install yum-cron ?

    Code:
    yum list yum-cron
     
  8. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Yes as i can see all the rest settings:

    Code:
    yum-cron.noarch                    3.4.3-125.el7.centos
    nano /etc/yum/yum-cron.conf

    Code:
    [commands]
    #  What kind of update to use:
    # default                            = yum upgrade
    # security                           = yum --security upgrade
    # security-severity:Critical         = yum --sec-severity=Critical upgrade
    # minimal                            = yum --bugfix upgrade-minimal
    # minimal-security                   = yum --security upgrade-minimal
    # minimal-security-severity:Critical =  --sec-severity=Critical upgrade-minimal
    update_cmd = default
    
    # Whether a message should be emitted when updates are available,
    # were downloaded, or applied.
    update_messages = yes
    
    # Whether updates should be downloaded when they are available.
    download_updates = yes
    
    # Whether updates should be applied when they are available.  Note
    # that download_updates must also be yes for the update to be applied.
    apply_updates = no
    
    # Maximum amout of time to randomly sleep, in minutes.  The program
    # will sleep for a random amount of time between 0 and random_sleep
    # minutes before running.  This is useful for e.g. staggering the
    # times that multiple systems will access update servers.  If
    # random_sleep is 0 or negative, the program will run immediately.
    # 6*60 = 360
    random_sleep = 360
    
    
    [emitters]
    # Name to use for this system in messages that are emitted.  If
    # system_name is None, the hostname will be used.
    system_name = None
    
    # How to send messages.  Valid options are stdio and email.  If
    # emit_via includes stdio, messages will be sent to stdout; this is useful
    # to have cron send the messages.  If emit_via includes email, this
    # program will send email itself according to the configured options.
    # If emit_via is None or left blank, no messages will be sent.
    emit_via = stdio
    
    # The width, in characters, that messages that are emitted should be
    # formatted to.
    ouput_width = 80

    /etc/yum/yum-cron-hourly.conf

    Code:
    [commands]
    #  What kind of update to use:
    # default                            = yum upgrade
    # security                           = yum --security upgrade
    # security-severity:Critical         = yum --sec-severity=Critical upgrade
    # minimal                            = yum --bugfix upgrade-minimal
    # minimal-security                   = yum --security upgrade-minimal
    # minimal-security-severity:Critical =  --sec-severity=Critical upgrade-minimal
    update_cmd = default
    
    # Whether a message should emitted when updates are available.
    update_messages = no
    
    # Whether updates should be downloaded when they are available. Note
    # that updates_messages must also be yes for updates to be downloaded.
    download_updates = no
    
    # Whether updates should be applied when they are available.  Note
    # that both update_messages and download_updates must also be yes for
    # the update to be applied
    apply_updates = no
    
    # Maximum amout of time to randomly sleep, in minutes.  The program
    # will sleep for a random amount of time between 0 and random_sleep
    # minutes before running.  This is useful for e.g. staggering the
    # times that multiple systems will access update servers.  If
    # random_sleep is 0 or negative, the program will run immediately.
    random_sleep = 15
    
    
    [emitters]
    # Name to use for this system in messages that are emitted.  If
    # system_name is None, the hostname will be used.
    system_name = None
    
    # How to send messages.  Valid options are stdio and email.  If
    # emit_via includes stdio, messages will be sent to stdout; this is useful
    # to have cron send the messages.  If emit_via includes email, this
    # program will send email itself according to the configured options.
    # If emit_via is None or left blank, no messages will be sent.
    emit_via = stdio
    
    # The width, in characters, that messages that are emitted should be
    # formatted to.
    ouput_width = 80
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    oh you meant the variable CHECK__ONLY i thought you meant the files were missing.

    CentOS7 doesn't use CHECK_ONLY read the config files it's controlled by 3 variables - see apply_updates = no is the default
    Code:
    [commands]
    #  What kind of update to use:
    # default                            = yum upgrade
    # security                           = yum --security upgrade
    # security-severity:Critical         = yum --sec-severity=Critical upgrade
    # minimal                            = yum --bugfix upgrade-minimal
    # minimal-security                   = yum --security upgrade-minimal
    # minimal-security-severity:Critical =  --sec-severity=Critical upgrade-minimal
    update_cmd = default
    
    # Whether a message should be emitted when updates are available,
    # were downloaded, or applied.
    update_messages = yes
    
    # Whether updates should be downloaded when they are available.
    download_updates = yes
    
    # Whether updates should be applied when they are available.  Note
    # that download_updates must also be yes for the update to be applied.
    apply_updates = no
     
  10. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Does that mean that i must set it to yes to get the notification on my email?

    Code:
    # Whether a message should emitted when updates are available.
    update_messages = no
    Bad english here sorry :(
     
    Last edited: Sep 29, 2015
  11. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    messages either go to stdio or email, default is stdio so for emails set emit_via = email
    Code:
    # How to send messages.  Valid options are stdio and email.  If
    # emit_via includes stdio, messages will be sent to stdout; this is useful
    # to have cron send the messages.  If emit_via includes email, this
    # program will send email itself according to the configured options.
    # If emit_via is None or left blank, no messages will be sent.
    emit_via = stdio
    
     
  12. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    And i miss also this parameter:

    Code:
    YUM_PARAMETER=
    Any other related?
     
  13. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    don't believe there is an equivalent for CentOS 7 yum-cron
     
  14. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    It is useful to exclude something that you don't need :(

    Anyway, last question:

    Code:
    # default  = yum upgrade
    There is no yum update as an option as yum upgrade removal of obsolete packages can be risky, as it may remove packages that i use?
     
  15. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    only way as obsolete pkgs could cause conflicts on update so either way it's a risk

    For CentOS 7, using sed replacements to enable yum-cron settings. This sets daily updates for full yum upgrades and hourly to security only updates.

    Code:
        EMAIL=your@email.com
        sed -i "s|^email_to = root|email_to = ${EMAIL}|" /etc/yum/yum-cron.conf
        sed -i 's|^update_messages = no|update_messages = yes|' /etc/yum/yum-cron.conf
        sed -i 's|^download_updates = no|download_updates = yes|' /etc/yum/yum-cron.conf
        sed -i 's|^apply_updates = no|apply_updates = yes|' /etc/yum/yum-cron.conf
        sed -i 's|^emit_via = stdio|emit_via = email|' /etc/yum/yum-cron.conf
    
        sed -i "s|^email_to = root|email_to = ${EMAIL}|" /etc/yum/yum-cron-hourly.conf
        sed -i 's|^update_cmd = default|update_cmd = security|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^update_messages = no|update_messages = yes|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^download_updates = no|download_updates = yes|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^apply_updates = no|apply_updates = yes|' /etc/yum/yum-cron-hourly.conf
        sed -i 's|^emit_via = stdio|emit_via = email|' /etc/yum/yum-cron-hourly.conf  
    
        egrep '^email_to|^update_messages|^download_updates|^apply_updates|^emit_via' /etc/yum/yum-cron.conf
        egrep '^email_to|^update_cmd|^update_messages|^download_updates|^apply_updates|^emit_via' /etc/yum/yum-cron-hourly.conf
        service yum-cron restart
    
     
  16. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Ok this is what i did just to get a notification for updates on every hour check without downloading/installing anything:

    Code:
    yum -y install yum-cron
    systemctl enable yum-cron.service
    /bin/systemctl start  yum-cron.service
    nano /etc/yum/yum-cron-hourly.conf

    Code:
    update_messages = yes
    download_updates = no
    apply_updates = no
    system_name = Server5
    emit_via = email
    email_to = myemail@gmail.com

    /bin/systemctl restart yum-cron.service

    And i am waiting for an email as i check manually and there are updates waiting :)
     
  17. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Ok i set it at 00:30 about and now is 01:06 and no mail at all and running manually yum upgrade i can see updates waiting there :(

    Any ideas?

    Code:
    [root@vultr ~]# grep yum.cron /var/log/cron | tail -10
    [root@vultr ~]#
    Code:
    [root@vultr ~]# tail -10 /var/log/yum.log
    Sep 19 23:36:30 Installed: lshw-B.02.17-2.el7.x86_64
    Sep 20 00:09:41 Installed: hdparm-9.43-5.el7.x86_64
    Sep 26 22:23:37 Updated: python34u-setuptools-18.3.1-1.ius.centos7.noarch
    Sep 26 22:23:37 Updated: python34u-pip-7.1.2-1.ius.centos7.noarch
    Sep 26 22:23:48 Installed: fuse-libs-2.9.2-5.el7.x86_64
    Sep 26 22:23:48 Installed: libattr-devel-2.4.46-12.el7.x86_64
    Sep 26 22:23:48 Installed: libacl-devel-2.2.51-12.el7.x86_64
    Sep 26 22:23:48 Installed: fuse-devel-2.9.2-5.el7.x86_64
    Sep 26 22:23:48 Installed: lz4-devel-r131-1.el7.x86_64
    Sep 28 19:18:40 Installed: yum-cron-3.4.3-125.el7.centos.noarch
    Code:
    [root@vultr ~]# ls -lahrt /var/log | grep cron
    -rw-r--r--  1 root       root  551K Sep  6 03:45 cron-20150906
    -rw-r--r--  1 root       root  629K Sep 14 03:40 cron-20150914
    -rw-r--r--  1 root       root  471K Sep 20 03:11 cron-20150920
    -rw-r--r--  1 root       root  547K Sep 27 03:35 cron-20150927
    -rw-r--r--  1 root       root  138K Sep 28 22:10 cron
     
  18. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    is yum-cron running ?

    Code:
    service yum-cron start
    chkconfig yum-cron on
     
  19. pamamolf

    pamamolf Premium Member Premium Member

    4,071
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    6:54 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Doesn't seem to run and i was use:

    systemctl enable yum-cron.service
    /bin/systemctl start yum-cron.service

    and after editing the config i run:

    /bin/systemctl restart yum-cron.service

    I think is the same as your commands but i run them again anyway:

    Code:
    [root@vultr ~]# service yum-cron start
    Redirecting to /bin/systemctl start  yum-cron.service
    [root@vultr ~]# chkconfig yum-cron on
    Note: Forwarding request to 'systemctl enable yum-cron.service'.
    Is there any other way to check that is running ?
     
  20. eva2000

    eva2000 Administrator Staff Member

    53,853
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    2:54 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    how did you set it ?