Checking for updates and installing them as soon as they are available is highly recommended as it makes your system more secure, stable, and less vulnerable to security threats.
When developers find any bugs in the system, they try to fix them as early as possible. Then, they give out the new fixed system as a security update. Security updates also have unique features.
This precise and to-the-point article will learn how to check for system security updates by two different methods: A) Manual B) Automatic.
Let’s first learn to install security updates manually.
Installing security updates manually
First, fire up the terminal of your CentOS 8 operating system and login as a root user or as a user with sudo privileges.
The commands given below will only work in case you’re a root user or have sudo privileges.
Now, use the command given below to check the kernel version currently installed on your system:
<img alt="" data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image1-5.png" height="65" src="data:image/svg xml,” width=”298″>
You can see in the screenshot attached above that kernel version 4.18.0 is installed on my CentOS 8 system.
After knowing the kernel version, the first step is to check for the package’s update. To check for updates, use the command:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image3-5.png" data-lazy- height="76" src="data:image/svg xml,” width=”723″>
This command checks for any updates for all the packages on your system.
You can also check for updates for a specific package using the same command followed by the package name. For example, to check update for the package cockpit, the command would go like this:
$ sudo dnf check-update cockpit
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image2-5.png" data-lazy- height="59" src="data:image/svg xml,” width=”728″>
Now, if you want to check for updates and notices related to security, execute the below-given command:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image5-5.png" data-lazy- height="96" src="data:image/svg xml,” width=”723″>
As you can see, there is only one update available to install in the example given above.
You can also execute the “update info list sec” command to show the number of security packages for which updates are available:
$ sudo dnf updateinfo list sec
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image4-5.png" data-lazy- height="63" src="data:image/svg xml,” width=”727″>
You can see that there are no security packages for which updates are available.
Now, to install security updates that are available for all the installed packages on your CentOS 8 Operating system, execute the command:
$ sudo dnf update –security
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image7-4.png" data-lazy- height="133" src="data:image/svg xml,” width=”724″>
There are no security updates needed for my CentOS 8 system, but they will be updated immediately if there are any security updates available.
This is how we can install security updates manually. Let’s learn how to install security updates automatically.
Installing security updates automatically
The automatic method of checking and installing the updates is most secure and easy. However, we might sometimes forget to install security updates leaving our system vulnerable and open to many attacks. The automatic method helps us avoid that.
Step 1: Install “dnf-automatic”
First, we need to install dnf-automatic on our system. To do that, use the command:
$ sudo dnf install dnf-automatic
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image6-4.png" data-lazy- height="300" src="data:image/svg xml,” width=”729″>
You will be asked for confirmation, so press ‘y’ and hit ‘Enter’ to confirm and continue.
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image9-3.png" data-lazy- height="97" src="data:image/svg xml,” width=”374″>
After the successful installation of ‘dnf-automatic,’ to verify the installation of dnf-automatic, you can use the command given below:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image8-4.png" data-lazy- height="399" src="data:image/svg xml,” width=”725″>
The terminal will output a lot of information, including version, group, size, packager, architecture, etc.
Step 2: Configure the “dnf-automatic” configuration file
Once the installation of “dnf-automatic” is confirmed, the next step is to update dnf-automatic’s configuration file. The “dnf-automatic” configuration file is placed in the /etc/dnf directory.
To configure the “dnf-automatic” configuration file, open the “automatic.conf” configuration file in the nano editor using the command:
$ sudo nano /etc/dnf/automatic.conf
The “dnf-automatic” configuration file will look something like this:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image12-3.png" data-lazy- height="529" src="data:image/svg xml,” width=”763″>
Make the following changes in the configuration file:
In the commands section, Change “Upgrade_type = default” to “Upgrade_type = security”:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image10-3.png" data-lazy- height="129" src="data:image/svg xml,” width=”607″>
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image11-3.png" data-lazy- height="127" src="data:image/svg xml,” width=”613″>
In the emitters section, Uncomment the line “system_name = my_host” and change “system_name = my_host” to “system_name = CentOS 8”:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image13-3.png" data-lazy- height="95" src="data:image/svg xml,” width=”685″>
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image14-3.png" data-lazy- height="104" src="data:image/svg xml,” width=”688″>
Similarly, in the emitters section, change “emit_via = stdio” to “emit_via = motd”:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image15-3.png" data-lazy- height="183" src="data:image/svg xml,” width=”684″>
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image16-4.png" data-lazy- height="184" src="data:image/svg xml,” width=”691″>
Step 3: Initiate “dnf-automatic”
Once you have made all these changes, save the file and execute the command given below to initiate “dnf-automatic”:
$ sudo systemctl enable –now dnf-automatic.timer
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image17-2.png" data-lazy- height="44" src="data:image/svg xml,” width=”647″>
Now to check the service status of “dnf-automatic,” input the following command in the terminal:
$ sudo systemctl list-timers * dnf- *
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/image18-2.png" data-lazy- height="76" src="data:image/svg xml,” width=”538″>
The above-written command will list the assigned tasks along with their specific time.
Conclusion
It is highly recommended to download and install security updates as soon as they are available to avoid any security mishaps. This article has learned different ways to check and install security updates on our CentOS 8 operating system.
About the author
<img alt="" data-del="avatar" data-lazy-src="https://kirelos.com/wp-content/uploads/2021/07/echo/7011409B3A384F43A8417D1DAC68D179-150×150.jpg60eb766e07e42.jpg" height="112" src="data:image/svg xml,” width=”112″>
Shehroz Azam
A Javascript Developer & Linux enthusiast with 4 years of industrial experience and proven know-how to combine creative and usability viewpoints resulting in world-class web applications. I have experience working with Vue, React & Node.js & currently working on article writing and video creation.
