Hi all...
A few weeks ago, I installed (and configured) the three recommended scripts to run yum update check via cron.daily on my CentOS 5.6
server (a Dell 2650). Although it is clearly configured to "check only", it appears to be updating, instead. Has something
(environmentally?) changed between the version of CentOS under which those scripts were originally authored and version 5.6, or do I
have something (and please, tell me what!) mis-configured somewhere??
Every couple of days (when there are updates, obviously) I'll see something like this in my Logwatch report:
--------------------- yum Begin ------------------------
Packages Updated:
nss_ldap-253-37.el5_6.1.i386
poppler-0.5.4-4.4.el5_6.17.i386
ksh-20100202-1.el5_6.5.i386
poppler-utils-0.5.4-4.4.el5_6.17.i386
---------------------- yum End -------------------------
The scripts are set up as follows:
in /etc/cron.daily/yum.cron:
--------------------- yum.cron --------------------------
#!/bin/sh
# Pull in sysconfig settings
. /etc/sysconfig/yum-check
if [ -f /var/lock/subsys/yum ]; then
if [ ${CHECKONLY} = "yes" ];then
/usr/bin/yum-check
fi
else
/usr/bin/yum -R 10 -e 0 -d 0 -y update yum
/usr/bin/yum -R 120 -e 0 -d 0 -y update
fi
----------------------------------------------------------
in /etc/sysconfig/yum-check:
---------------------- yum-check -------------------------
# yes sets yum to check for updates and mail only if patches are available
# no does enable autoupdate if /var/lock/subsys/yum is available
CHECKONLY="yes"
# defaults to root, leave empty if .forward/alias in place for root
MAILTO=""
# Set to yes for debugging only! You'll get a mail for each run!
CHECKWRK="no"
# Seconds to randomize startup, if running from cron to balance load
RANGE="3600"
----------------------------------------------------------
and, in /usr/bin/yum-check:
---------------------- yum-check -------------------------
#!/bin/sh
#
# Name: yum-check
# Author: Michael Heiming - 2005-03-11
# Function: Run from cron to check for yum updates
# and mail results
# Version: 0.7 (initial)
# 2005-03-12 0.8 randomize startup (cron only)
# Config: /etc/sysconfig/yum
# Pull in sysconfig settings
. /etc/sysconfig/yum-check
maila=${MAILTO:=root}
yumdat="/tmp/yum-check-update.$$"
yumb="/usr/bin/yum"
# wait a random interval if there is not a controlling terminal,
# for load management
if ! [ -t ]
then
num=$RANDOM
let "num %= ${RANGE:=1}"
sleep $num
fi
rm -f ${yumdat%%[0-9]*}*
$yumb check-update >& $yumdat
yumstatus="$?"
case $yumstatus in
100)
cat $yumdat |\
mail -s "Alert ${HOSTNAME} updates available!" $maila
exit 0
;;
0)
# Only send mail if debug is turned on
if [ ${CHECKWRK} = "yes" ];then
cat $yumdat |\
mail -s "Yum check succeeded ${HOSTNAME} zero patches
available." $maila
fi
exit 0
;;
*)
# Unexpected yum return status
(echo "Undefined, yum return status: ${yumstatus}" && \
[ -e "${yumdat}" ] && cat "${yumdat}" )|\
mail -s "Alert ${HOSTNAME} problems running yum." $maila
esac
[ -e "${yumdat}" ] && rm ${yumdat}
----------------------------------------------------------