I run a number of Digital Ocean droplets and like to keep on top of security updates. My droplets run CentOS which provides the yum-cron utility which can be configured to send an e-mail if security updates are available. Configuring yum-cron is a snap. First, you will need to install the package:
$ yum -y install yum-cron
Once the package is installed you can edit /etc/yum/yum-cron.conf to fit your needs. I typically modify update_cmd, system_name, emit_via, email_from and email_to. The update_cmd option allows you to define when e-mails are sent. You can get notifications for all updates or just for security updates. The system_name contains the hostname you want displayed in e-mail and the email_from and email_to contain the addresses used in the From: and To: fields. To enable the service you can use systemctl:
$ systemctl enable yum-cron.service && systemctl start yum-cron.service
Once enabled yum-cron will check for updates at the interval defined in the configuration file and produce an e-mail similar to the following if it detects updates:
The following updates will be downloaded on flip.prefetch.net:
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
kernel x86_64 3.10.0-693.17.1.el7 updates 43 M
Updating:
binutils x86_64 2.25.1-32.base.el7_4.2 updates 5.4 M
dhclient x86_64 12:4.2.5-58.el7.centos.1 updates 282 k
dhcp-common x86_64 12:4.2.5-58.el7.centos.1 updates 174 k
dhcp-libs x86_64 12:4.2.5-58.el7.centos.1 updates 130 k
initscripts x86_64 9.49.39-1.el7_4.1 updates 435 k
kernel-tools x86_64 3.10.0-693.17.1.el7 updates 5.1 M
kernel-tools-libs x86_64 3.10.0-693.17.1.el7 updates 5.1 M
kmod x86_64 20-15.el7_4.7 updates 121 k
kmod-libs x86_64 20-15.el7_4.7 updates 50 k
kpartx x86_64 0.4.9-111.el7_4.2 updates 73 k
Installing for dependencies:
linux-firmware noarch 20170606-58.gitc990aae.el7_4 updates 35 M
Transaction Summary
================================================================================
Install 1 Package (+1 Dependent package)
Upgrade 20 Packages
Updates downloaded successfully.
While this solution isn’t suited for large environments it definitely fits a need for personal cloud instances. If you are feeling frisky you can also configure yum-cron to automatically apply the updates it finds.