[CentOS] running yum update on remote servers

Mon Feb 25 14:03:11 UTC 2013
Dennis Jacobfeuerborn <dennisml at conversis.de>

On 02/25/2013 02:48 PM, Robert Moskowitz wrote:
> I have read a couple old threads here on updates for servers, and I am 
> looking for some mechanics to getting the actual updates done.  I don't 
> want automatic updates; I want to control when and what gets updated.
> 
> First I have to determine that a particular server needs updates.  I 
> suppose a daily script that would run "yum check-updates' and emails me 
> the results could work, but then I would only want the email IF there 
> was something to update, at my limited use of this option does not show 
> anything to trigger a notify on changes.  Does anyone know of a script 
> that would do this?

A daily cronjob could call "yum check-update" and use the return code to
decide if the output should be mailed or not. From the yum man-page for
"check-update":
"Implemented so you could know if your machine had any updates that needed
to be applied without running it interactively. Returns exit value of 100
if there are packages available for an update. Also returns a list of the
packages to be updated in list format. Returns 0 if no packages are
available for update. Returns 1 if an error occurred.  Running in verbose
mode also shows obsoletes."

So redirect the output into a file and when the return code is 100 mail
that file to the admin.

> Then there is the actual update.  I learned long ago NOT to run yum over 
> an SSH connection, as WHEN that connection breaks in the middle of an 
> update, you can have quite a problem to clean up.  All I have done 
> todate is to start vncserver and connect via vnc to then run yum.  I can 
> even drop the vnc connection and come back later to check results.  I 
> have considered running yum disconnected (? when you end a command with 
> &) and log the results to a file that you check later.  What are 
> practical approaches to this?  I only have a few servers here to manage.

Use "screen". That gives you a sort of virtual terminal (many in fact) that
works just like a regular shell except that when your connection drops the
session will just become detached. After you reconnect you can call "screen
-R" to re-attache to that session and continue as if nothing happened.
Scripts keep running in a detached session and the output will be there
once you re-attach again just like with your VNC method.

Regards,
  Dennis