Updates are essential in any operating system environment because it allows application, processes and the operating system itself to be in a consistent working condition. That’s also the reason that most of the updates include security compatibility and enhancements.

Why are security updates so important to install?

Your computer’s vulnerabilities are fixed with the help of security updates. These updates protect your system from local and remote threats. When developers found any vulnerability, they try to fix it quickly and then distribute the “quick fix” as a security update for you to install it as soon as possible. As those vulnerabilities become public, permitting the potential attackers to exploit them. This statement declares that an outdated system is vulnerable, but it is also recognized as a vulnerable system for attackers.

Security updates also play a significant role in the Linux environment since they give the administrator complete control over performance expectations. Therefore, it’s usually a good idea to keep your Linux software up to date, especially when we talk about its security. Users should generally install security updates in Linux systems within 30 days of their release date. This post will demonstrate the manual and automatic installation method of security update on your CentOS 8. So let’s head towards this journey!

Manual Installation Method of Security Updates:

Now you will look at the procedure of checking and installing security updates manually. Additionally, this section comprises checking system updates and manually updating a particular package on your system.

1. First of all, open up your terminal and write out the below-given command to note down your current kernel version of CentOS 8.

uname -r 

Check Kernal Version on CentOS 8

2. Next, we will check for the security updates on the system. For that, execute the following command:

dnf check-update 

DNF Check Packages Update CentOS 8

3. To install the available security updates for installed packages on your CentOS 8, utilize this command:

sudo dnf update --security 

DNF Check Security Update CentOS 8

4. The output declares that the system doesn’t need any security updates. In other cases, execute the below-given commands:

sudo dnf upgrade --security 

DNF Upgrade Security Packages CentOS 8

5. You can also verify if there exists any notice related to security updates.

$ sudo dnf updateinfo 

DNF Check Update Info CentOS 8

6. To manually a single package, specify the name of the package in the “check-update” command. For instance, we will try to update the “firewalld.noarch” package manually.

sudo dnf check-update firewalld.noarch 

DNF Upgrade Specific Package Manually CentOS 8

Automatic Installation method of Security Updates:

Although security updates can be checked and installed manually, the automatic way is safer. Unfortunately, sometimes, we may forget about the security updates, making our system vulnerable to inadvertent attacks.

1. In this regard, “dnf-automatic” is utilized to run automatic security updates and regularly using cron tasks and system timers. This also minimizes the need for ongoing engagement by the system administrator.
Write out the following command to install “dnf-automatic” on your CentOS 8.

sudo dnf install dnf-automatic  

Install dnf-automatic Package on CentOS 8

Enter “y” for giving permission to the installation process.

2. Execute the below-given command to verify if everything is correctly installed or not.

rpm -qi dnf-automatic  

The output will provide you lots of information about the installed “dnf-automatic” which includes its version, group, size, packager, architecture, etc.

3. Now, we will update the configuration file of dnf-automatic.

sudo nano /etc/dnf/automatic.conf 

On your system, the dnf-configuration file will be edited:

4. In the commands section modify the “upgrade_type” as follows:

upgrade_type = security

DNF Set Automatic Upgrade to Security

5. Also, you have to add your system name in the “emitters” section and set its mode to “motd”.

system_name = CentOS 8

emit_via = motd

DNF Automatical Upgrade Settings on CentOS 8

6. To begin the execution of the whole procedure, start and enable the “dnf-automatic” on your CentOS 8 system.

sudo systemctl enable --now dnf-automatic.timer 

DNF enable automatic timer service CentOS 8

7. Check the “dnf-automatic” service status.

sudosystemctl list-timers * dnf- * 

You will see the “no timer listed” output if you haven’t created any timer task. Otherwise, the output will let you know the details about the assigned tasks and their specific time.

Conclusion

Always be aware of the procedures to protect your system against threats and vulnerabilities. The first step is to keep your Linux-based system up-to-date. In this post, we have shared the methods of manual and automatic installation of security updates on your CentOS 8.