How To Configure Automatic Updates On CentOS

CentOS Logo Header

So how do you keep your CentOS or Almalinux servers secure as possible, but without having to do the mundane task of manually applying updates? In this tutoral we cover how to configure automatic updates on CentOS. It is essential that you keep your servers and desktops fully up to date. With the constant threat of attacks to systems, it is only a matter of time before you find your systems down, encrypted or even worse, your data completely lost.

For CentOS and Almalinux, we can simply enable the automatic updates package and allow the OS to do this job for us. If on the other hand, the server is mission critical, then caution should be taken to ensure a service restarting doesn’t cause any disruption.

Strive not to be a success, but rather to be of value.

Albert Einstein


  • You will need root access to the CentOS or Almalinux system
  • Your OS should be supported (at least CentOS 7)

There are currently different EOL schedules for CentOS 7 and CentOS 8 due to the change that RedHat took with its support. If you havent already, then we would suggest moving from CentOS to either CentOS 9 Stream, or AlmaLinux (the CentOS fork).

If you want to try out either OS then you can simply spin up a Virtual Private Server with us.

Before You Begin

Lets get the dnf package manager up to date, this will ensure the repositorys are working correctly. Login to SSH using root and running the following:

dnf update

Step 1: Install CentOS Automatic Updates

First of all, we need to download and install the dnf-automatic package:

dnf install -y vim dnf-automatic

During the install process, dnf package manager will prompt to continue, if you are happy please enter ‘Y

You can review more information about the package by running the following:

rpm -qi dnf-automatic

Step 2: Configure the configuration files

Lets review the configuraion file /etc/dnf/automatic.conf

vim /etc/dnf/automatic.conf

You should have options similar to this:

upgrade_type = default
random_sleep = 0
download_updates = yes
apply_updates = yes
emit_via = email
email_from =
email_to =
email_host = localhost
debuglevel = 1

Edit the file to match your requirements. If you wish to be notifed by email when updates have occurred, then change the settings as required. To receive email you will also need to install an email server package, such as mailx or use your own SMTP server.

You can also download the updates and have the system notify you when they are ready to be installed. This approach is useful if you have a mission critical server, you can then schedule the manual install during a mainteance window.

To set the system to only notify, change this:

apply_updates = no

Step 3: Enable The CentOS Automatic Timer

We can now tell the system to start downloading the updates automatically by running the following:

systemctl enable --now dnf-automatic.timer

If successful we should then see:

Created symlink /etc/systemd/system/ → /usr/lib/systemd/system/dnf-automatic.timer.

The command above enables and starts the system timer. We can check the status of the dnf-automatic service by running the following:

systemctl list-timers *dnf-*

The timer should be running, and output the following:

NEXT                         LEFT     LAST PASSED UNIT                ACTIVATES
Thu 2021-10-21 06:24:35 UTC  10h left n/a  n/a    dnf-automatic.timer dnf-automatic.service
n/a                          n/a      n/a  n/a    dnf-makecache.timer dnf-makecache.service

2 timers listed.
Pass --all to see loaded but inactive timers, too.

Now the system is set for automatic updates on CentOS or Almalinux. The system will periodically download and apply the updates, no further configuration is required. It is recommened to check the system occasionally to ensure the updates are being applied.

Leave a Reply
Previous Post
citrix logo header

Citrix Workspace app for Linux Security Bulletin for CVE-2023-24486

Next Post
Debian Logo Header

How To Configure Automatic Updates On Debian

Related Posts