Enable Automatic Software Updates on CentOS 8

Security updates, as most of you would agree, are very important. Under Linux it is always advisable to keep the installed packages up to date, especially when it comes to security. In general, users should apply security updates to their Linux systems within 30 days of the release.
In this article, you are going to learn how to enable automatic software updates on CentOS 8 Linux machine. This ensures that the system automatically downloads packages and performs updates without manual intervention.
On the CentOS 8 system, we have two ways to set up automatic update packages. We can use the CLI mode with the utility “dnf-automatic“.

Set automatic CentOS 8 updates using automatic RPM Package

The first thing is to install the DNF-automatic RPM package. The package provides a DNF component that starts automatically. To install it, use the following command.

# dnf install dnf-automatic

More details on the package can be pulled with the rpm command.

# rpm -qi dnf-automatic
Name        : dnf-automatic
Version     : 4.0.9.2
Release     : 5.el8
Architecture: noarch
Install Date: Thu 26 Sep 2019 12:50:23 AM EAT
Group       : Unspecified
Size        : 46825
License     : GPLv2+ and GPLv2 and GPL
Signature   : RSA/SHA256, Tue 02 Jul 2019 12:14:36 AM EAT, Key ID 05b555b38483c65d
Source RPM  : dnf-4.0.9.2-5.el8.src.rpm
Build Date  : Mon 13 May 2019 10:35:13 PM EAT
Build Host  : ppc64le-01.mbox.centos.org
Relocations : (not relocatable)
Packager    : CentOS Buildsys <bugs@centos.org>
Vendor      : CentOS
URL         : https://github.com/rpm-software-management/dnf
Summary     : Package manager - automated upgrades
Description :
Systemd units that can periodically download package upgrades and apply them.

Configure dnf-automatic updates

Once the installation is complete, go to the /etc/dnf directory and edit the configuration automatic.conf.

# cd /etc/dnf/
vim automatic.conf

On the [commands] section, change the upgrade_type as you need. You can use default for upgrading all packages or use the security option to upgrade all packages related security.

[commands]
upgrade_type = default
download_updates = yes

On the [emitters] section, uncomment the system_name option and change the value with your hostname. Then change the emit_via option to motd, so you will be displayed about package updates on every login.

[emitters]
system_name = lintut-centos8
emit_via = motd

Other options for emit_via configuration are stdio which is default configuration and email for sending package updates information to your email.
Now go to the [email] section and change each configuration with your own.

[email]
email_from = root@server.com
email_to = root
email_host = localhost

Save and close.
Finally, you can now run dnf-automatic, execute the following command to schedule DNF automatic updates for your CentOS 8 machine.

# systemctl enable --now dnf-automatic.timer

The command executed will enable and start the systemd timer. To check the status of dnf-automatic service, run:

$ sudo systemctl list-timers *dnf-*
NEXT                         LEFT       LAST                         PASSED       UNIT                        ACTIVATES
Sat 2019-09-28 11:24:09 EAT  23min left Sat 2019-09-28 10:24:09 EAT  36min ago    dnf-makecache.timer         dnf-makecache.service
Sun 2019-09-29 06:01:45 EAT  19h left   Sat 2019-09-28 06:02:11 EAT  4h 58min ago dnf-automatic-install.timer dnf-automatic-install.service
Sun 2019-09-29 11:02:13 EAT  24h left   Sat 2019-09-28 10:59:02 EAT  1min 21s ago dnf-automatic.timer         dnf-automatic.service

3 timers listed.
Pass --all to see loaded but inactive timers, too.

Conclusion

The main advantage of enabling YUM|DNF automatic updates on RHEL 8 / CentOS 8 Linux is that your machines will get updated more uniformly, quickly and frequently as compared to manual updates.