Staying Current with Your Distribution's Security Updates

Keeping software up to date is the first lesson for beginning Linux administrators. Jeremy covers how to do it with the most popular update tools, click by click.
SuSE 9.1

SuSE 9.1 has a similar method for installing updates by using the YaST2 Online Update (YOU) GUI tool. You can find this by clicking on the SuSE icon, then System→YaST. After entering your root password, click on Software and then Online Update. You can choose your installation source or add a new server manually (Figure 4). Additionally, you can configure YOU to download and/or install updates automatically at a specified time each day. Clicking Next downloads information that tells you what packages need to be updated. After this list is updated, we are presented with the list of packages, a patch description and disk usage (Figure 5). In the list of patches, red lines denote security updates, blue lines denote recommended updates and black lines are optional updates. To perform the upgrade, click Accept. After the updates are completed, click Finish, which configures a few system services. In addition to the YOU system, you can use the rpm command from the command line.

Figure 4. YaST2 Online Update's Mirror Selection Process

Figure 5. YaST2 Online Update's List of Available Package Upgrades

Fedora Core 2

The Red Hat Update Agent, up2date, has been around for several Red Hat versions and is present in Fedora Core 2. To check for new software updates in Fedora Core 2, right-click on the red exclamation point in the system tray and choose Check for updates. To download and install the latest updates, right-click on the red exclamation point and choose Launch up2date. You can choose the defaults. The first time you run up2date, you are asked whether you want to install the Red Hat GPG key signature. I chose yes on my system.

In the Channels menu, you can subscribe to two channels or repositories where updates are kept, fedora-core-2 and updates-released-fc2. Channels in up2date are similar to the repository in APT or urpmi. You are asked to note any packages you want to skip. The package already listed for me was a kernel upgrade. Clicking Forward gives you a list of available software updates (Figure 6). To select all updates, click the check box next to Select all packages.

Figure 6. Up2date's List of Available Package Updates

Clicking Forward starts retrieving packages. Again, a break with your favorite beverage will do nicely at this point. When the download process is finished, click Forward to start the installation process. When the installation process is finished, you are given a nice summary of exactly what packages were installed and their versions (Figure 7).

Figure 7. Up2date All Finished Downloading and Installing

Fedora Core 2 also is based on the RPM system, which allows you to use the rpm command at a terminal.

Another package management front end that has received notoriety is the Yellow dog Updater Modified, or Yum. Yum is much like APT, but it has several differences that the author explains on the Yum Web site. In essence, Yum acts like urpmi or APT in dealing with package repositories, and then it hands the actual package installation off to RPM. The anaconda installer uses Python bindings for RPM access, so you can count on the Python support staying around.


There's a saying in baseball: “You're only as good as your last at-bat.” The computer application of this principle is that your system is only as secure as your last update. A fancy network firewall and a magnetic-stripe server-room door key are good security steps, but running an outdated version of Apache or OpenSSH can bring your systems to a halt if you don't keep your Linux systems up to date.

Resources for this article: /article/7862.

Jeremy Turner has been a Linux user for more than five years and has a passion for helping users learn open-source software. He hacks PHP, sings first tenor, watches too much baseball and checks his e-mail regularly (


Geek Guide
The DevOps Toolbox

Tools and Technologies for Scale and Reliability
by Linux Journal Editor Bill Childers

Get your free copy today

Sponsored by IBM

8 Signs You're Beyond Cron

Scheduling Crontabs With an Enterprise Scheduler
On Demand
Moderated by Linux Journal Contributor Mike Diehl

Sign up and watch now

Sponsored by Skybot