how to install security patches in Centos

General support questions
Post Reply
miyappan
Posts: 16
Joined: 2016/08/06 07:51:28

how to install security patches in Centos

Post by miyappan » 2016/09/19 08:23:00

Hi team,

how to install security patches in Centos. is there any ftp location available for downloading security patches.through yum server i want to install security patches on 100 machines. kindly suggest me on the same and share me the .rpm download link.

User avatar
TrevorH
Forum Moderator
Posts: 26129
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: how to install security patches in Centos

Post by TrevorH » 2016/09/19 09:32:02

Just run yum update on a regular basis and you will automatically get security updates.

If you are referring to the ability to run e.g. yum --security update then you are out of luck as CentOS does not supply the necessary data in the yum repositories to allow the yum -plugin-security plugin to work at all. It does not work.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

miyappan
Posts: 16
Joined: 2016/08/06 07:51:28

Re: how to install security patches in Centos

Post by miyappan » 2016/09/19 10:04:02

is their any .rpm package available for offline installation.

mghe
Posts: 747
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: how to install security patches in Centos

Post by mghe » 2016/09/19 10:27:13

miyappan wrote:is their any .rpm package available for offline installation.

If you want to install offline, you have to made local repo:

https://wiki.centos.org/HowTos/CreateLocalMirror

https://wiki.centos.org/HowTos/CreateLocalRepos

miyappan
Posts: 16
Joined: 2016/08/06 07:51:28

Re: how to install security patches in Centos

Post by miyappan » 2016/09/26 11:20:10

i have created yum repo in my server. can you please tell me how to download security patches in locally.

ex : http://ftp.redhat.com/pub/redhat/linux/ ... /os/SRPMS/

shankardeo
Posts: 5
Joined: 2016/04/12 08:02:06

Re: how to install security patches in Centos

Post by shankardeo » 2016/09/27 10:45:11

Hi miyappan,

To check & update the security patches in Centos run the below command but internet connection is required.

# yum updateinfo list security all [To check the available all security updatesl ]

#yum updateinfo list serurity installed [To check the installed security patches ]

# yum -y update --security [ To installed all available security patches ]

# yum update-minimal --security -y [To only install the packages that have a security errata use]

# man yum-security [For more commands consult the manual pages of yum-security with]

Note : you will be able to run these commands with yum "updateinfo" when you have installed "yum install yum-plugin-security" on centOS 6.

If it is already installed check with rpm command

#rpm -qa |grep 'yum-plugin-security'

if it is already there you can install & check the security updates.

enjoy :)

stevemowbray
Posts: 469
Joined: 2012/06/26 14:20:47

Re: how to install security patches in Centos

Post by stevemowbray » 2016/09/27 11:46:33

This is incorrect. As Trevor said above yum-plugin-security will not work on CentOS.

shankardeo
Posts: 5
Joined: 2016/04/12 08:02:06

Re: how to install security patches in Centos

Post by shankardeo » 2016/09/27 11:59:22

Hi stevemowbray,

I am already using CentOS 6.8 and the above mentioned all commands are working, Please install the mentioned package & check first. I hope this will work for sure.

User avatar
TrevorH
Forum Moderator
Posts: 26129
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: how to install security patches in Centos

Post by TrevorH » 2016/09/27 12:29:40

Shankardeo: just because they do not fail does not mean they do anything useful. The necessary metadata needed for yum-plugin-security to function - i.e. to know what patches fix what - is missing entirely from the CentOS supplied yum repos. This renders yum-plugin-security a noop and if you use yum update --security then it will always tell you that nothing from CentOS needs an update thus giving you a false sense of security as the reason it doesn't is because it lacks the knowledge to know that such-and-such a patch is a security update.

The EPEL yum repo does have this metadata and yum-plugin-security will work for those packages but it will not do anything for the 6700 packages in base or the 500 packages in the updates repo.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply