[CentOS] Understanding yum automatic upgrades

Tue Apr 5 23:40:54 UTC 2011
email builder <emailbuilder88 at yahoo.com>

> >> Sorry if this is somewhat naive, but I'm a little confused   as to what the

> >> criteria is for that which will get upgraded  automatically by  yum and 
what
> >> will not.
> >>
> >> I  see in our logwatch messages from  time to time that yum upgraded
> >> a  bunch of stuff, but I also notice that yum  will not upgrade other
> >>  packages at all (easy example is clamav, but there  are  others).
> >>
> >>  Can someone explain or point me to where I can  read  about the 
distinction
> >> between what is and is not subjected to  automatic  upgrade?
> >
> > More info: yum-updatesd is running and I do  not have yum-cron. 
 yum-updatesd
> > does a fine job from what I can tell,  but I still cannot understand what
> > criteria it applies to know which  packages get upgraded and which do not. 
> (?)
> >
> > The yum-updatesd  configuration file is ultra-simple, so that doesn't seem to 
>be
> > where the  update choice/distinction is being made.
> >
> > There seem to be people  posting in various places that they prefer to use
> > yum-cron, but I have  no problems with yum-updatesd and I suspect yum-cron
> > wouldn't  address/answer my question anyway.
> >
> > Help?
> 
> Yum-updatesd  does not automatically install packages (unless you
> configure it to), it only  notifies you of ones that need updating.  If
> no one is manually doing  it, and you don't have "do_update = yes" in
> /etc/yum/yum-updatesd.conf, then  you have installed something else
> that is performing the updates  automatically.

It does look like updates are happening, but it's not clear to me by whom.  
do_update is set to "no", but notification is by "dbus", so I assumed that 
"dbus" is notifying another process to do the actual updates.  Is there a way I 
can track that down?

> Are you sure the updates are actually getting installed,  and it's not
> just noise in the log from yum-updatesd?

Well, if I can take it at its word, updates *are* happening.  Here is a snippet 
I clipped out of a logwatch a few months ago:

 --------------------- yum Begin ------------------------ 

 
 Packages Updated:
    php-dba - 5.1.6-27.el5_5.3.i386
    php - 5.1.6-27.el5_5.3.i386
    php-devel - 5.1.6-27.el5_5.3.i386
    php-cli - 5.1.6-27.el5_5.3.i386
    php-common - 5.1.6-27.el5_5.3.i386
    php-gd - 5.1.6-27.el5_5.3.i386
    php-pdo - 5.1.6-27.el5_5.3.i386
    php-mysql - 5.1.6-27.el5_5.3.i386
 
 ---------------------- yum End -------------------------

> P.S. The yum log doesn't have the year in the timestamp, and  if it's
> not active it might not get rotated by logrotate.  This can  cause
> false messages sent from logwatch about packages that were  installed
> last  year.

Hmm, is there a known fix for this?