How to Enable Automatic Updates for Rocky Linux
Operating system updates are part of everyday life for every admin. The problem is that these updates can sometimes be pushed aside for more important things. But what’s more important than keeping your operating systems up to date and secure? Sure, there are always crucial issues that have to be dealt with. However, these issues should never stop you from making sure your operating systems are up to date.
SEE: 40+ Open Source and Linux Terms You Need to Know (TechRepublic Premium)
But if you’re that busy, you could at least take the time to set up automatic updates so they happen regularly. After all, you don’t want to miss important security patches, performance improvements and new features.
With Rocky Linux there is a very handy tool that you can install and use to automate these updates. This tool allows you to configure updates for periodic or even security updates.
Let’s install and setup this software.
What you need to enable automatic updates on Rocky Linux
For this to work you need a running instance of Rocky Linux and a user with sudo privileges. I’ll be demonstrating this on Rocky Linux 9, but this will work with earlier iterations. That’s it. Let’s get this working.
How to install the required software
Login to your instance of Rocky Linux and open a terminal window. From the terminal, install the required software with the command:
sudo dnf install dnf-automatic -y
That’s it for installing software.
How to configure dnf-automatic
The dnf-automatic package has a single configuration file where you can customize which updates are run. Open this file with the command:
sudo nano /etc/dnf/automatic.conf
You should already see several predefined configurations. After a quick scan of the file, you’ll also see that automatic updates are disabled by default.
The default configuration is set up to automatically download the updates but not apply them. The download_updates option should be set to yes. Keep this as it is. However, the apply_updates line is set to no by default. Change this line to look like this:
apply_updates = yes
Next we need to set this up so that update information is sent to MOTD (message of the day) which will let you know of any updates that have been applied when you log in. To do this, look for the line:
emit_via = stdio
Change that to:
emit_via = motd
You’ll also notice a line at the beginning of the file that looks like this:
upgrade_type = default
If you don’t want to install the default updates that cover all packages, you can just use dnf-automatic to install security updates. To do this, change the upgrade_type line to:
upgrade_type = security
Save and close the file.
How to enable dnf automatic timer
If dnf-automatic is configured, you know how to enable it via systemctl. To do this, issue the command:
sudo systemctl enable --now dnf-automatic.timer
The default timer is set up so that updates are applied at 6am every day. If this is not a good time for your organization, you can change it by opening the dnf-automatic.timer file with the following command:
sudo vim /etc/systemd/system/timers.target.wants/dnf-automatic.timer
In this file, look for the line that starts with:
OnCalendar=*-*-*
Suppose you want to change these updates to run at 1:00 AM every day. For this, the line would look like this:
OnCalendar=*-*-* 01:00
You may also want to change the random delay which is set to 60 minutes and set dnf-automatic to run at a different time each day. To disable that, change the line:
RandomizedDelaySec = 60m
to
RandomizedDelaySec = 0m
Save and close the file. Then reload the systemd daemon with:
sudo systemctl daemon-reload
Issue the following command to verify the new setting:
systemctl list-timers
In the output you should see a listing similar to this:
Tue 2022-10-11 01:00:00 EDT 14h left n/a n/a dnf-automatic.timer dnf-automatic.service
Here we go. Automatic updates are now set up for Rocky Linux. This way, you can make sure you don’t miss a day of updates for your RHEL-based operating systems.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for the latest tech advice for business professionals from Jack Wallen.