Setting automatic server patching/updating on Red Hat/Centos

This is a trail of how we got some scheduled patching/updating working on our Red Hat and CentOS machines using cron jobs that notify us via email.

TCP Wrappers

  • If you are using tcp wrappers you will need to allow sendmail by editing the /etc/hosts.allow file. Simply add something like this to your hosts.allow file
    sendmail : All : All

Update config (depends on if you are using Yum or up2date, you choose)

Using Yum

  • We did not want kernel upgrades to be done automatically and we had to set a proxy so we added the following lines to the /etc/yum.conf file

Using up2date

  • run up2date – – configure and follow the prompts

Executable file

  • Next we created an executable file that can be called by the crontab (notice the -y, this answers yes to all of the questions automatically so that the updates will run) There is one example for each system
yum -y update
  up2date -u -v
  • After creating this file be sure to make it executable (as root, type)
    chmod 755

Cron Job

  • We created the following example (to run it once a week on Sundays at 1 past 1 am),,
    1 1 * * 0 /location_of_executable

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s