Prerequisites & Environment
When working in a private environment, it's pretty easy to have the courage to keep your OS up-to-date.
But when it comes to production or work environments, I sometimes used to feel a bit more cautious.
In the Red Hat world, for example, cautious admins would manually install updates, inspect the packages, and then proceed with operation and maintenance. This was especially true many years ago — particularly when it involved kernel updates, which occasionally required extra care.
These days, things have gotten much smoother. I personally update everything aggressively without much concern!
Summary:
- 1. Install
dnf-automatic - 2. Configure
dnf-automatic
1. Installing dnf-automatic
First, install dnf-automatic using the following command:
sudo dnf install -y dnf-automaticHere’s a snapshot from my terminal during installation:
[root@www rocky]# dnf install -y dnf-automatic
Last metadata expiration check: 0:04:04 ago on Sat 26 Apr 2025 01:09:42 PM JST.
Dependencies resolved.
==================================================================================================
Package Architecture Version Repository Size
==================================================================================================
Installing:
dnf-automatic noarch 4.14.0-17.el9 baseos 30 k
Transaction Summary
==================================================================================================
Install 1 Package
Total download size: 30 k
Installed size: 54 k
Downloading Packages:
dnf-automatic-4.14.0-17.el9.noarch.rpm 374 kB/s | 30 kB 00:00
--------------------------------------------------------------------------------------------------
Total 55 kB/s | 30 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : dnf-automatic-4.14.0-17.el9.noarch 1/1
Running scriptlet: dnf-automatic-4.14.0-17.el9.noarch 1/1
Verifying : dnf-automatic-4.14.0-17.el9.noarch 1/1
Installed:
dnf-automatic-4.14.0-17.el9.noarch
Complete!
2. Configuring dnf-automatic
After installation, a config file is created at:
/etc/dnf/automatic.confLet's take a quick look at the default settings:
✅ Default Settings of dnf-automatic
| Setting | Default Value | Meaning |
|---|---|---|
upgrade_type |
default |
Apply all updates (not just security updates) |
download_updates |
yes |
Automatically download available updates |
apply_updates |
no |
Do not apply updates automatically (just download) |
reboot |
never |
Never reboot automatically after updates |
emit_via |
stdio |
Output messages to the standard output (no email notifications) |
✅ So what happens with the default settings?
- It checks for updates daily,
- Downloads packages automatically,
- But doesn’t install them automatically,
- Only outputs results to standard output (no emails).
If you want automatic application of updates:
You just need to change this one line:
apply_updates = yesBy doing this:
- Updates will not only be downloaded,
- They'll be automatically installed too!
- (Still no automatic reboot — safe and sound.)
Pretty easy, right?
Here's a quick view of the actual default config:
[commands]
upgrade_type = default
random_sleep = 0
network_online_timeout = 60
download_updates = yes
apply_updates = no
reboot = never
reboot_command = "shutdown -r +5 'Rebooting after applying package updates'"
[emitters]
emit_via = stdio
[email]
email_from = root@example.com
email_to = root
email_host = localhost
[command_email]
email_from = root@example.com
email_to = root
[base]
debuglevel = 1
0 Comments