DNF automatic updates
You can set up DNS to run automatically. To do this, install the dnf-automatic package, and enable the service with the following commands:
yum install dnf-automatic
systemctl enable dnf-automatic.timer
systemctl start dnf-automatic.timer
Next, edit the /etc/dnf/automatic.conf file. There are a few tricks in this file. You can override whether patches are applied when downloaded by setting the apply_updates parameter to yes. This will force patches to be applied when the job runs.
Don’t forget to set the system_name parameter so that emails and notifications will have the correct name.
You can also set up the system to email you a report of what was installed. Set up email in the [email] stanza. If using an email relay, make sure it does not require authentication, or add that to the configuration if needed.
As a final trick, you can change the emit_via parameter from stdio to motd. When set to motd, the system motd file is updated to reflect what patches were installed. When users log in to the system, they will see a complete list of what patches were installed and when, as shown in the following screenshot:
Figure 5.1 – MOTD on login
By default, the service checks for updates at 6 A.M. This can be changed by editing the /etc/systemd/system/timers.target.wants/dnf-automatic.timer file:
Figure 5.2 – The dnf-automatic.timer file
In this file, the [Timer] stanza controls the time, as well as a randomized delay. To change when this runs, replace 6:00 with whatever time you want, in a 24-hour format. For example, if you want the check to run at 10 P.M., the time should be 22:00.
Since this uses the standard OnCalendar function, you have other options. OnCalendar is a very flexible method; the following are some of the most commonly used examples:
OnCalendar Example | Description |
DOW YYYY-MM-DD HH:MM:SS | Generic time formatting methods. |
*-*-* 2:00 | Runs every day at 2:00 A.M. |
Weekly | Every Monday at midnight. |
Sat *-*-* 2:00 | Every Saturday at 2:00 A.M. |
Sat | Every Saturday at midnight. |
Sun 2022-*-* | Every Sunday in 2022 at midnight. |
*-*-1,15 22:15 | The 1st and 15th of every month at 10:15 P.M. |
*-05-03/2 | Runs on the third day of the month in May, and then on the second day of every other month. Runs every year with the same cycle. This date format expression uses the dash for formatting. |
Table 5.1 – OnCalendar example date rules
RandomizedDelaySec is also an important setting. This will add a random delay to the clock, which is helpful in enterprise environments where large numbers of systems are running. Having 200 servers hitting a YUM repo at 6 A.M. can be a little overwhelming to the server. Adding a randomized delay in /etc/dnf/automatic.conf of maybe 600 seconds would spread the load across a few minutes.
DNF is an upgraded version of YUM, with a few enhancements. As seen in the recipe, it does have a few tricks up its sleeve, but it still does a great job of providing an easy way for admins to install and patch software on an Oracle Linux system.