Security Updates

Latest response

Hi,

Think my lack of understanding is a fault here so I'm hoping it can be cleared up here.

We have decided to patch some of servers with security updates only. However, when I type:

% yum update --security

I see no patches returned. Only the following output:

Setting up Update Process
Resolving Dependencies
Limiting packages to security relevant ones
No packages needed for security; 355 packages available

What is this telling me? Is it basically there are no security updates available within our repository? Do I need to subscribe to a separate security channel for example. I've searched on RedHat customer portal and come across the errata web page. Is this the aspect I need to update from to appease our security needs?

Any help and/or advise will be greatly appreciated.

Thanks,
DJC.

Responses

What is this telling me? Is it basically there are no security
updates available within our repository?

From the output you have shown, it looks that way. You can try some other commands if you wish. See my little blog.

Using "yum-plugin-security" we have list the latest security patches.

For Installing "yum-plugin-security

yum install yum-plugin-security

For Listing Security Updates:

yum updateinfo list security

For Installing Security Updates:

yum --security update

For Listing Available Updates:

yum updateinfo list available

Hello While running below command we are getting below issue,

yum updateinfo list available

Loaded plugins: priorities, product-id, refresh-packagekit, search-disabled-repos, security, subscription-manager, versionlock An update notice is broken, or duplicate, skipping: RHBA-2014:1719 RHBA-2015:1653 bugfix bash-4.1.2-29.el6_6.1.x86_64 RHBA-2015:1655 bugfix device-mapper-1.02.90-2.el6_6.5.x86_64 RHBA-2015:1813 bugfix device-mapper-1.02.90-2.el6_6.6.x86_64 RHBA-2015:1655 bugfix device-mapper-event-1.02.90-2.el6_6.5.x86_64 RHBA-2015:1813 bugfix device-mapper-event-1.02.90-2.el6_6.6.x86_64 RHBA-2015:1655 bugfix device-mapper-event-libs-1.02.90-2.el6_6.5.x86_64 RHBA-2015:1813 bugfix device-mapper-event-libs-1.02.90-2.el6_6.6.x86_64 RHBA-2015:1655 bugfix device-mapper-libs-1.02.90-2.el6_6.5.x86_64 RHBA-2015:1813 bugfix device-mapper-libs-1.02.90-2.el6_6.6.x86_64 RHBA-2015:1885 bugfix irqbalance-2:1.0.4-11.el6_6.x86_64 RHBA-2016:1590 bugfix libgudev1-147-2.57.el6_6.1.x86_64 RHBA-2016:1818 bugfix libgudev1-147-2.57.el6_6.2.x86_64 RHEA-2016:0626 enhancement libtalloc-2.1.5-1.el6_6.x86_64 RHEA-2016:0626 enhancement libtdb-1.3.8-1.el6_6.x86_64 RHEA-2016:0626 enhancement libtevent-0.9.26-2.el6_6.x86_64 RHBA-2016:1590 bugfix libudev-147-2.57.el6_6.1.x86_64 RHBA-2016:1818 bugfix libudev-147-2.57.el6_6.2.x86_64 RHBA-2015:1997 bugfix logrotate-3.7.8-17.el6_6.1.x86_64 RHBA-2015:1655 bugfix lvm2-2.02.111-2.el6_6.5.x86_64 RHBA-2015:1813 bugfix lvm2-2.02.111-2.el6_6.6.x86_64 RHBA-2015:1655 bugfix lvm2-libs-2.02.111-2.el6_6.5.x86_64 RHBA-2015:1813 bugfix lvm2-libs-2.02.111-2.el6_6.6.x86_64 RHBA-2015:1084 bugfix resource-agents-sap-hana-3.9.5-12.el6_6.6.x86_64 RHBA-2015:1181 bugfix resource-agents-sap-hana-3.9.5-12.el6_6.7.x86_64 RHEA-2016:0635 enhancement selinux-policy-3.7.19-260.el6_6.6.noarch RHEA-2016:0635 enhancement selinux-policy-targeted-3.7.19-260.el6_6.6.noarch RHBA-2015:1126 bugfix tzdata-java-2015e-1.el6.noarch RHEA-2015:1625 enhancement tzdata-java-2015f-1.el6.noarch RHEA-2015:1863 enhancement tzdata-java-2015g-2.el6.noarch RHEA-2016:0154 enhancement tzdata-java-2016a-2.el6.noarch RHEA-2016:0463 enhancement tzdata-java-2016b-1.el6.noarch RHEA-2016:0517 enhancement tzdata-java-2016c-1.el6.noarch RHEA-2016:0683 enhancement tzdata-java-2016d-1.el6.noarch RHBA-2016:1266 bugfix tzdata-java-2016e-1.el6.noarch RHEA-2016:1388 enhancement tzdata-java-2016f-1.el6.noarch RHEA-2016:1982 enhancement tzdata-java-2016g-2.el6.noarch RHBA-2016:2096 bugfix tzdata-java-2016h-1.el6.noarch RHBA-2016:1590 bugfix udev-147-2.57.el6_6.1.x86_64 RHBA-2016:1818 bugfix udev-147-2.57.el6_6.2.x86_64 updateinfo list done

yum updateinfo list security

Loaded plugins: priorities, product-id, refresh-packagekit, search-disabled-repos, security, subscription-manager, versionlock An update notice is broken, or duplicate, skipping: RHBA-2014:1719 updateinfo list done

You can try a yum clean all and then retry your command. Somethings the yum cache contains old info.

Hi Christiaan,

Let me add that in order to clean the cache, sudo rm -r /var/cache/yum has to be executed additionally. :)

Regards,
Christian

Tried all this, on my RHEL 6.10 server, and I cannot get anythingl isted. I have the security plugin installed and enabled. I cleaned the cache both with the command and by clearing the directory /var/cache/yum. Still nothing listed. How can I refresh all packages from the repository ?

Hello Jean-Francois Messier, and anyone landing here (there's a number of inputs, this discussion was resurrected Aug 2019.

Can you post the exact error(s) you get when you attempt to run your yum commands as root? Also the output (if any) from yum repolist (again, run as root).

Do you get a list of repositories when you execute yum clean all; yum repolist (especially the yum repolist)?

Examine the repositories in /etc/yum.repos.d/ namely files ending in *.repo **Any file ending in that will be attempting to cite a repository. One very common issue with failed yum commands are out of date (non-fuctioning) repo files citing either bad, deprecated repo files in /etc/yum.repos.d/ directory.

What do you get when you run echo n | yum update or yum check-update ? (The first command will exit out of the yum update).

If you get no repositories listed or zero rpms in repositories from your yum repolist command, then you might need to re-register your system. I don't know if you are connected directly to Red Hat, or if you have access to your own "Satellite Server".

Let us know that output, and come back here if you need assistance.

Oh, make sure to always run these yum commands as root (I say this because I've seen new admins ask me why yum commands fail, and I remind them they must be in the root account, You might be a Linux admin of years, but it's good to check).

ONCE you are able to get valid output from running yum repolist or yum check-update then try the other yum commands you attempted.

Come back here if you need more help

Regards

RJ