If you trust your distribution’s vendor with their digitally signed security updates and would like to automatically install those security updates,  you can easily configure your CentOS, RedHat or other Yum based system to automatically install them.  Of course installing updates automatically is not for everyone since in most environments, patches are usually tested before being deployed to production servers. Nevertheless, this information may be useful for less critical production servers and other servers used for development, testing, staging, etc.. I found that yum-updatesd provided similar functionally but it wants to update all packages and not only security fixes.

First you will need to install yum-security like this (as root or with sudo):

yum install yum-security

You can learn some more about yum-security here: http://magazine.redhat.com/2008/01/16/tips-and-tricks-yum-security/

Second, with your favorite text editor, you will want to create a script in /etc/cron.daily (to run the job daily) named “yum-update-security” with this content:


#!/bin/bash
yum update --security -y -d0 -q


Finally, once the script has been created make sure to give it execute permissions by running:

chmod +x /etc/cron.daily/yum-update-security

Then its a good idea to give it a spin by running it manually. ie:


/etc/cron.daily/yum-update-security


If the run is successful, the script should not output any text and  return to the command prompt after waiting a few seconds (or minutes if you are actually out of date on updates).