Operating system updates are a part of every admin’s daily routine. The problem is, sometimes, those updates can be pushed to the side for more important things. But, what’s more important than keeping your OSs up to date and secure? Sure, there are always crucial issues that regularly arise that you must deal with. However, those issues should never keep you from ensuring your operating systems are up to date.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
But when you are that busy, you could at least take the time to set up automatic updates, so they do happen regularly. After all, you don’t want to miss out on important security patches, performance enhancements and new features.
With Rocky Linux, there’s a very handy tool you can install and use for automating those updates. This tool enables you to configure updates for regular or even security updates.
Let’s get this software installed and set up.
What you’ll need to enable automatic updates on Rocky Linux
To make this work, you’ll need a running instance of Rocky Linux and a user with sudo privileges. I’ll demonstrate this on Rocky Linux 9, but this will work with previous iterations. That’s it. Let’s get this up and running.
How to install the necessary software
Log in to your instance of Rocky Linux, and open a terminal window. From the terminal, install the necessary software with the command:
sudo dnf install dnf-automatic -y
That’s it for the installation of software.
How to configure dnf-automatic
The dnf-automatic package has a single configuration file, where you can customize what updates are run. Open this file with the command:
sudo nano /etc/dnf/automatic.conf
You should already see several predefined configurations. After a quick scan of the file, you’ll also see that automatic updates are disabled by default.
The default configuration is set up to automatically download the updates but not apply them. The download_updates option should be set to yes. Keep that as is. However, the apply_updates line is set to no by default. Change that line, so it looks like this:
apply_updates = yes
Next, we need to set this up, so update information is sent to MOTD (message of the day), which will inform you of any updates that have been applied when you log in. For that, look for the line:
emit_via = stdio
Change that to:
emit_via = motd
You will also notice, near the top of the file, a line that looks like this:
upgrade_type = default
If you don’t want to install the default updates, which covers all packages, you could go with only using dnf-automatic to install security updates. For that, change the upgrade_type line to:
upgrade_type = security
Save and close the file.
How to enable the dnf-automatic timer
With dnf-automatic configured, you know how to enable it via systemctl. To do this, issue the command:
sudo systemctl enable --now dnf-automatic.timer
The default timer is set up, so updates will be applied at 6 a.m. every day. If that’s not a good time for your organization, you can change it by opening the dnf-automatic.timer file with the command:
sudo vim /etc/systemd/system/timers.target.wants/dnf-automatic.timer
In that file, look for the line that starts with:
Say you want to change those updates to run at 1:00 a.m. every day. For that, the line would look like this:
You might also want to change the randomized delay, which is set to 60 minutes, and make dnf-automatic to run at a different time each day. To disable that, change the line:
RandomizedDelaySec = 60m
RandomizedDelaySec = 0m
Save and close the file. Then, reload the Systemd daemon with:
sudo systemctl daemon-reload
To verify the new setting, issue the command:
In the output, you should see a listing similar to this:
Tue 2022-10-11 01:00:00 EDT 14h left n/a n/a dnf-automatic.timer dnf-automatic.service
There you go. Automatic updates are now set up for Rocky Linux. This is a great way to ensure you don’t miss a day of updates for your RHEL-based operating systems.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
Source of Article