Unattended updates on CentOS

Unattended updates on CentOS

Having recently had to clean up after the Exim4 vulnerability that did not get patched on a server in time, one of the first things I do on a new VPS is set up automatic unattended updates. The steps are clearly documented for Debian/Ubuntu, but for CentOS it was a little harder to find the information. Here are the steps:

In a terminal session run

yum install yum-updatesd

Next you need to edit /etc/yum/yum-updatesd.conf
and edit the following lines to hold the values in bold

emit_via = email
# automatically install updates
do_update = yes
# automatically download updates
do_download = yes
# automatically download deps of updates
do_download_deps = yes

and also enter the following lines

# who to send the email to:
email_to = myself@myemaildomain.com
# who send the notifications
email_from = myself@myvpsdomain.com

Finally, you need to restart the notification service by typing

/etc/init.d/yum-updatesd restart

Now you will receive an email notification every time and update is available or installed (depending on your configured options above)