How to Configure yum-cron to Send Email Notifications
This post outlines steps to configure yum-cron services and send an email notification.
1. Install the yum-cron package:
# yum install yum-cron
2. Edit /etc/yum/yum-cron.conf configuration file to use an email notification:
# cat /etc/yum/yum-cron.conf
[commands]
# What kind of update to use:
# default = yum upgrade
# security = yum --security upgrade
# security-severity:Critical = yum --sec-severity=Critical upgrade
# minimal = yum --bugfix update-minimal
# minimal-security = yum --security update-minimal
# minimal-security-severity:Critical = --sec-severity=Critical update-minimal
update_cmd = default
# Whether a message should be emitted when updates are available,
# were downloaded or applied.
update_messages = yes
# Whether updates should be downloaded when they are available.
download_updates = yes
# Whether updates should be applied when they are available. Note
# that download_updates must also be yes for the update to be applied.
apply_updates = yes
# Maximum amout of time to randomly sleep, in minutes. The program
# will sleep for a random amount of time between 0 and random_sleep
# minutes before running. This is useful for e.g. staggering the
# times that multiple systems will access update servers. If
# random_sleep is 0 or negative, the program will run immediately.
# 6*60 = 360
random_sleep = 10
[emitters]
# Name to use for this system in messages that are emitted. If
# system_name is None, the hostname will be used.
system_name = [email protected]
# How to send messages. Valid options are stdio and email. If
# emit_via includes stdio, messages will be sent to stdout; this is useful
# to have cron send the messages. If emit_via includes email, this
# program will send email itself according to the configured options.
# If emit_via is None or left blank, no messages will be sent.
emit_via = email
# The width, in characters, that messages that are emitted should be
# formatted to.
output_width = 80
[email]
# The address to send email messages from.
# NOTE: 'localhost' will be replaced with the value of system_name.
#email_from = root@localhost
email_from = [email protected]
# List of addresses to send messages to.
email_to = [email protected]
# Name of the host to connect to to send email messages.
email_host = localhost
[groups]
# NOTE: This only works when group_command != objects, which is now the default
# List of groups to update
group_list = None
# The types of group packages to install
group_package_types = mandatory, default
[base]
# This section overrides yum.conf
# Use this to filter Yum core messages
# -4: critical
# -3: critical+errors
# -2: critical+errors+warnings (default)
debuglevel = -2
# skip_broken = True
mdpolicy = group:main
# Uncomment to auto-import new gpg keys (dangerous)
# assumeyes = True
3. Edit below option in the base section of /etc/yum/yum-cron.conf in order to exclude any rpm to be installed, example the kernel.
[base]
exclude=kernel*
4. To use following option in yum-cron configuration file to install security updates.
[commands]
# What kind of update to use:
# default = yum upgrade
# security = yum --security upgrade
# security-severity:Critical = yum --sec-severity=Critical upgrade
# minimal = yum --bugfix upgrade-minimal
# minimal-security = yum --security upgrade-minimal
# minimal-security-severity:Critical = --sec-severity=Critical upgrade-minimal
update_cmd = security
5. Start and Enable yum-cron:
# systemctl enable --now yum-cron
6. Make sure to configure and start postfix services as relay server in order to send the emails. For example:
# cat /etc/postfix/main.cf | grep -v "^#"
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
relayhost = [156.151.31.79]
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
7. Enable and start Postfix services:
# systemctl enable --now postfix
8. Make sure the postfix relay it is working as expected:
# echo "Testing Posfix Relay Services" | mailx -vvv -s "IGNORE: TEST MESSAGE " -S -r [user]@thegeeksearch.com
NOTE: The cron jobs from the yum-cron package are active immediately after installing the package and there’s no extra configuration necessary
9. Example of an email notification:
Forwarded Message --------
Subject: Yum: Updates Available on
Date: Thu, 21 May 2020 21:36:39 +0000 (GMT)
From: root@
To: [email protected]
The following updates are available on mau-yum-cron.common.linuxandvirtiad.thegeeksearch.com:
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
kernel x86_64 3.10.0-1127.8.2.el7 ol7_latest 50 M
kernel-uek x86_64 4.14.35-1902.302.2.el7uek ol7_UEKR5 52 M
python2-cffi x86_64 1.9.1-1.el7 ol7_developer 220 k
replacing python-cffi.x86_64 1.6.0-5.el7
python2-chardet noarch 3.0.4-3.el7 ol7_developer 185 k
replacing python-chardet.noarch 2.2.1-3.el7
python2-idna noarch 2.5-1.el7 ol7_developer 95 k
replacing python-idna.noarch 2.4-1.el7
python2-pyyaml x86_64 5.1.2-1.0.1.el7 ol7_developer 106 k
replacing PyYAML.x86_64 3.10-11.el7
python2-urllib3 noarch 1.22-2.el7 ol7_developer 174 k
replacing python-urllib3.noarch 1.10.2-7.el7
Updating:
augeas-libs x86_64 1.4.0-9.el7_8.1 ol7_latest 355 k
bind-export-libs x86_64 32:9.11.4-16.P2.el7_8.3 ol7_latest 1.1 M
bind-libs x86_64 32:9.11.4-16.P2.el7_8.3 ol7_latest 155 k
bind-libs-lite x86_64 32:9.11.4-16.P2.el7_8.3 ol7_latest 1.1 M
bind-license noarch 32:9.11.4-16.P2.el7_8.3 ol7_latest 89 k
bind-utils x86_64 32:9.11.4-16.P2.el7_8.3 ol7_latest 258 k
binutils x86_64 2.27-43.base.0.1.el7_8.1 ol7_latest 5.9 M
bpftool x86_64 3.10.0-1127.8.2.el7 ol7_latest 8.4 M
device-mapper x86_64 7:1.02.164-7.0.1.el7_8.2 ol7_latest 295 k
device-mapper-event x86_64 7:1.02.164-7.0.1.el7_8.2 ol7_latest 191 k
device-mapper-event-libs
x86_64 7:1.02.164-7.0.1.el7_8.2 ol7_latest 190 k
device-mapper-libs x86_64 7:1.02.164-7.0.1.el7_8.2 ol7_latest 324 k
dracut x86_64 033-568.0.3.el7 ol7_latest 330 k
dracut-config-rescue
x86_64 033-568.0.3.el7 ol7_latest 62 k
dracut-network x86_64 033-568.0.3.el7 ol7_latest 105 k
iproute x86_64 5.4.0-1.0.1.el7 ol7_UEKR5 619 k
iproute-tc x86_64 5.4.0-1.0.1.el7 ol7_UEKR5 406 k
iscsi-initiator-utils
x86_64 6.2.0.874-17.0.2.el7 ol7_latest 428 k
iscsi-initiator-utils-iscsiuio
x86_64 6.2.0.874-17.0.2.el7 ol7_latest 94 k
kernel-tools x86_64 3.10.0-1127.8.2.el7 ol7_latest 8.0 M
kernel-tools-libs x86_64 3.10.0-1127.8.2.el7 ol7_latest 8.0 M
libgudev1 x86_64 219-73.0.1.el7_8.6 ol7_latest 107 k
libsss_idmap x86_64 1.16.4-37.0.1.el7_8.3 ol7_latest 155 k
libsss_nss_idmap x86_64 1.16.4-37.0.1.el7_8.3 ol7_latest 161 k
libzstd x86_64 1.4.4-1.el7 ol7_developer_EPEL 259 k
lvm2 x86_64 7:2.02.186-7.0.1.el7_8.2 ol7_latest 1.3 M
lvm2-libs x86_64 7:2.02.186-7.0.1.el7_8.2 ol7_latest 1.1 M
osms-agent x86_64 0.0.1-449.el7 ol7_oci_included 21 M
python-perf x86_64 3.10.0-1127.8.2.el7 ol7_latest 8.0 M
python-setuptools noarch 18.0.1-2.el7 ol7_developer 417 k
sos noarch 3.8-8.0.1.el7_8 ol7_latest 518 k
sssd-client x86_64 1.16.4-37.0.1.el7_8.3 ol7_latest 211 k
systemd x86_64 219-73.0.1.el7_8.6 ol7_latest 5.1 M
systemd-libs x86_64 219-73.0.1.el7_8.6 ol7_latest 417 k
systemd-python x86_64 219-73.0.1.el7_8.6 ol7_latest 143 k
systemd-sysv x86_64 219-73.0.1.el7_8.6 ol7_latest 94 k
tuned noarch 2.11.0-8.0.2.el7 ol7_latest 269 k
tuned-profiles-oci noarch 2.11.0-8.0.2.el7 ol7_optional_latest 33 k
tuned-profiles-oci-recommend
noarch 2.11.0-8.0.2.el7 ol7_optional_latest 30 k
tzdata noarch 2020a-1.el7 ol7_latest 494 k
yum-utils noarch 1.1.31-54.0.1.el7_8 ol7_latest 122 k
Installing for dependencies:
python2-pyOpenSSL noarch 18.0.0-1.el7 ol7_developer 97 k
python2-pysocks noarch 1.6.8-6.el7 ol7_developer_EPEL 30 k
Transaction Summary
================================================================================
Install 7 Packages (+2 Dependent packages)
Upgrade 41 Packages