This guide provides instructions for setting up unattended security upgrades on Amazon Linux 2 with optional Email notifications.
To send notifications by Email, an SMTP server is required; more details below this page.
For unattended upgraded, use yum-cron as recommended in https://stackoverflow.com/a/46248515/3041544
Configure yum-cron: /etc/yum/yum-cron.conf.
Relevant yum-cron config options are:
update_cmd = security
apply_updates = yes
[emitters]
system_name = example.com
emit_via = stdio,email
[email]
email_from = noreply@example.com
email_to = root
email_host = localhost
Then:
# Enable the service (start on boot)
sudo systemctl enable yum-cron
# Start it
sudo systemctl start yum-cron
# Check status
sudo systemctl status yum-cron
To see service and update logs:
# service logs
journalctl -u yum-cron
# yum logs
sudo tail -n 10 /var/log/yum.log*
# cron logs
sudo grep yum /var/log/cron
# email logs
sudo tail /var/mail/root
Example: https://hub.docker.com/r/namshi/smtp/
There is a limit on AWS accounts preventing a large number of outgoing limits. Need to apply to AWS to remove this limit: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/
After setting up the SMTP server, update /etc/yum/yum-cron.conf and set email_to and email_host. Example:
email_to = receiver1@example.com,receiver2@example.com
email_host = smtp.example.com:25
And restart the service:
sudo systemctl restart yum-cron
Amazon Simple Email Service (SES) SMTP config and user creation: https://eu-central-1.console.aws.amazon.com/ses/home?region=eu-central-1#smtp-settings:
Note: Amazon SES requires the verification of the domain or receiver's addresses before being able to send emails.
Setup Postfix: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/postfix.html
Don't skip prerequisites or optional steps.
Postfix will act as a local relay. So, in /etc/yum/yum-cron.conf, set the following:
email_to = receiver1@example.com,receiver2@example.com
email_host = localhost
And restart the service:
sudo systemctl restart yum-cron