CentOS 6.0系列更新安全補丁
阿新 • • 發佈:2017-09-05
升級 補丁 centos 安全加固 更新安全補丁
一、安裝yum-security
這個方法是使用的yum方式更新安全補丁,不需要再去官網上來回查看了,還以自動安裝更新。
安裝yum-security,這個軟件可以檢查並更新安全補丁,挺方便
[[email protected]_server-12-155 ~]# yum -y install yum-security
1、檢查是否有可用安全補丁
[[email protected]_server-12-155 ~]# yum --security check-update Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: mirrors.btte.net * epel: mirrors.ustc.edu.cn * extras: mirrors.btte.net * updates: mirrors.nwsuaf.edu.cn * webtatic: uk.repo.webtatic.com Limiting package lists to security relevant ones epel/updateinfo | 750 kB 00:00 3 package(s) needed for security, out of 229 available firebird-libfbclient.x86_64 2.5.7.27050.0-1.el6 epel zabbix22.x86_64 2.2.18-1.el6 epel zabbix22-agent.x86_64
2、列出可以升級的安全補丁
[[email protected]_server-12-155 ~]# yum list-security Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: mirrors.btte.net * epel: mirrors.ustc.edu.cn * extras: mirrors.btte.net * updates: mirrors.nwsuaf.edu.cn * webtatic: uk.repo.webtatic.com FEDORA-EPEL-2017-dd0d0467e9 enhancement GeoIP-GeoLite-data-2017.07-1.el6.noarch FEDORA-EPEL-2017-dd0d0467e9 enhancement GeoIP-GeoLite-data-extra-2017.07-1.el6.noarch FEDORA-EPEL-2017-3f527c60d9 security firebird-libfbclient-2.5.7.27050.0-1.el6.x86_64 FEDORA-EPEL-2017-94b8514427 security zabbix22-2.2.18-1.el6.x86_64 FEDORA-EPEL-2017-94b8514427 security zabbix22-agent-2.2.18-1.el6.x86_64 updateinfo list done
3、查看具體升級包的詳細修復信息
[[email protected]_server-12-155 ~]# yum info-security FEDORA-EPEL-2017-94b8514427 Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: mirrors.btte.net * epel: mirrors.ustc.edu.cn * extras: mirrors.btte.net * updates: mirrors.nwsuaf.edu.cn * webtatic: uk.repo.webtatic.com =============================================================================== zabbix22-2.2.18-1.el6 =============================================================================== Update ID : FEDORA-EPEL-2017-94b8514427 Release : Fedora EPEL 6 Type : security Status : stable Issued : 2017-07-11 18:54:44 Updated : 2017-06-24 10:46:38 Bugs : 1448395 - CVE-2017-2824 zabbix22: zabbix: Multiple vulnerabilities [epel-all] Description : - http://www.zabbix.com/rn2.2.18 : - : https://www.zabbix.com/documentation/2.2/manual/introduction/whatsnew2218 updateinfo info done
4、安裝升級補丁包
這是用的是upgrade而不是update,以下兩者區別:
Linux升級命令有兩個分別是yum upgrade和yum update, 這個兩個命令是有區別的:
yum -y update
升級所有包同時也升級軟件和系統內核
yum -y upgrade
只升級所有包,不升級軟件和系統內核
開始升級所有軟件的安全補丁:
[[email protected]_server-12-155 ~]# yum -y --security upgrade
二、自動更新安全補丁
[[email protected]_server-12-155 ~]# yum -y install yum-cron
默認情況下zai /etc/sysconfig/yum-cron 配置文件中把下面兩個參數改為yes
# Don‘t install, just check (valid: yes|no) CHECK_ONLY=yes # Check to see if you can reach the repos before updating (valid: yes|no) CHECK_FIRST=yes # Don‘t install, just check and download (valid: yes|no) # Implies CHECK_ONLY=yes (gotta check first to see what to download) DOWNLOAD_ONLY=yes 開機自動啟動 [[email protected]_server-12-155 ~]# service yum-cron start Enabling nightly yum update: [ OK ] [[email protected]_server-12-155 ~]# chkconfig yum-cron on [[email protected]_server-12-155 ~]# chkconfig yum-cron --list yum-cron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
以後可以自動更新補丁了
本文出自 “LINUX” 博客,請務必保留此出處http://wangpengtai.blog.51cto.com/3882831/1962802
CentOS 6.0系列更新安全補丁