Yum命令检查并仅应用安全更新
时间:2020-01-09 10:43:22 来源:igfitidea点击:
在基于CentOS/RHEL的服务器系统上运行yum命令时,如何仅使用安全性相关标准列出和/或者限制更新?
您需要安装名为yum-plugin-security的插件。
该插件可以将软件包的列表/升级限制为与安全相关的特定软件包。
这些命令为您提供安全信息。
安装yum-plugin-security
执行以下yum命令:
# yum -y install yum-plugin-security
输出示例:
Loaded plugins: product-id, protectbase, rhnplugin, subscription-manager Updating certificate-based repositories. Unable to read consumer identity 0 packages excluded due to repository protections Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package yum-plugin-security.noarch 0:1.1.30-14.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================== Package Arch Version Repository Size ==================================================================================================== Installing: yum-plugin-security noarch 1.1.30-14.el6 rhel-x86_64-server-6 38 k Transaction Summary ==================================================================================================== Install 1 Package(s) Total download size: 38 k Installed size: 0 Downloading Packages: yum-plugin-security-1.1.30-14.el6.noarch.rpm | 38 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : yum-plugin-security-1.1.30-14.el6.noarch 1/1 Installed products updated. Verifying : yum-plugin-security-1.1.30-14.el6.noarch 1/1 Installed: yum-plugin-security.noarch 0:1.1.30-14.el6 Complete!
例子
要显示所有与安全性相关的更新,并获取有关是否存在安全性更新的代码,请执行:
# yum --security check-update
输出示例:
Loaded plugins: product-id, protectbase, rhnplugin, security, subscription-manager Updating certificate-based repositories. Unable to read consumer identity 0 packages excluded due to repository protections Limiting package lists to security relevant ones 2 package(s) needed for security, out of 10 available Security: kernel-2.6.32-279.1.1.el6.x86_64 is an installed security update Security: kernel-2.6.32-279.el6.x86_64 is the currently running version glibc.x86_64 2.12-1.80.el6_3.3 rhel-x86_64-server-6 glibc-common.x86_64 2.12-1.80.el6_3.3 rhel-x86_64-server-6
要显示已安装软件包固定的所有BZ的列表,请执行:
# yum updateinfo list bugzillas
输出示例:
Loaded plugins: product-id, protectbase, rhnplugin, security, subscription-manager Updating certificate-based repositories. Unable to read consumer identity 0 packages excluded due to repository protections 838956 bugfix bind-libs-32:9.8.2-0.10.rc1.el6_3.1.x86_64 838956 bugfix bind-utils-32:9.8.2-0.10.rc1.el6_3.1.x86_64 826943 security glibc-2.12-1.80.el6_3.3.x86_64 833703 security glibc-2.12-1.80.el6_3.3.x86_64 833704 security glibc-2.12-1.80.el6_3.3.x86_64 837026 security glibc-2.12-1.80.el6_3.3.x86_64 826943 security glibc-common-2.12-1.80.el6_3.3.x86_64 833703 security glibc-common-2.12-1.80.el6_3.3.x86_64 833704 security glibc-common-2.12-1.80.el6_3.3.x86_64 837026 security glibc-common-2.12-1.80.el6_3.3.x86_64 837227 bugfix kernel-2.6.32-279.2.1.el6.x86_64 837227 bugfix kernel-firmware-2.6.32-279.2.1.el6.noarch 836252 bugfix net-snmp-libs-1:5.5-41.el6_3.1.x86_64 updateinfo list done
要获取尚未安装的公告的摘要,请使用:
# yum updateinfo summary
输出示例:
Loaded plugins: product-id, protectbase, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
0 packages excluded due to repository protections
Updates Information Summary: available
1 Security notice(s)
4 Bugfix notice(s)
1 Enhancement notice(s)
Security: kernel-2.6.32-279.1.1.el6.x86_64 is an installed security update
Security: kernel-2.6.32-279.el6.x86_64 is the currently running version
updateinfo summary done
要升级具有安全勘误的软件包(升级到最新的可用软件包),请使用:
# yum --security update
输出示例:
Loaded plugins: product-id, protectbase, rhnplugin, security, subscription-manager Updating certificate-based repositories. Unable to read consumer identity 0 packages excluded due to repository protections Setting up Update Process Resolving Dependencies Limiting packages to security relevant ones 2 package(s) needed (+0 related) for security, out of 10 available --> Running transaction check ---> Package glibc.x86_64 0:2.12-1.80.el6 will be updated ---> Package glibc.x86_64 0:2.12-1.80.el6_3.3 will be an update ---> Package glibc-common.x86_64 0:2.12-1.80.el6 will be updated ---> Package glibc-common.x86_64 0:2.12-1.80.el6_3.3 will be an update --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================== Package Arch Version Repository Size ==================================================================================================== Updating: glibc x86_64 2.12-1.80.el6_3.3 rhel-x86_64-server-6 3.8 M glibc-common x86_64 2.12-1.80.el6_3.3 rhel-x86_64-server-6 14 M Transaction Summary ==================================================================================================== Upgrade 2 Package(s) Total download size: 18 M Is this ok [y/N]:
要升级具有安全勘误的软件包(升级到最新的安全勘误软件包),请使用:
# yum --security update-minimal
