dnf-automatic – Install Security Updates Automatically in CentOS 8

Security updates play a crucial role in safeguarding your Linux system against cyber-attacks and breaches which can have a devastating effect on your critical files, databases and other resources on your system.

You can manually apply security patches on your CentOS 8 system, but it is much easier as a system administrator to configure automatic updates. This will give you the confidence that your system will be periodically checking for any security patches or updates and applying them.

Recommended Read: Yum-cron – Install Security Updates Automatically in CentOS 7

In this article, we will walk you through how you can configure security updates manually using dnf-automatic and also using a web-based console known as cockpit-webserver.

Step 1: Install dnf-automatic in CentOS 8

To get the ball rolling, begin by installing the dnf-automatic RPM package shown below.

# dnf install dnf-automatic
Install dnf-automatic in CentOS 8
Install dnf-automatic in CentOS 8

Upon successful installation, you can confirm its presence by running rpm command.

# rpm -qi dnf-automatic
Get Info About dnf-automatic
Get Info About dnf-automatic

Step 2. Configuring dnf-automatic in CentOS 8

The configuration file for the dnf-automatic RPM file is the automatic.conf found at /etc/dnf/ directory. You can view the default configurations using your favorite text editor and here’s how the file looks like.

# vi /etc/dnf/automatic.conf
dnf-automatic- Configuration
dnf-automatic- Configuration

Under the 'commands' section, define the upgrade type. You can leave it as default, which will apply all updates. Since we are concerned with security updates, set it as shown:

upgrade_type = security

Next, scroll to the 'emitters' section and set the system hostname.

system_name = centos-8

Also, set the emit_via a parameter to motd so that upon every login, messages about the updates packages will be displayed.

emit_via = motd

Now save and exit the configuration file.

Step 3. Start and Enable dnf-automatic in CentOS 8

The next step will be to start the dnf-automatic service. Run the command below to start scheduling automatic updates for your CentOS 8 system.

# systemctl enable --now dnf-automatic.timer
Enable dnf-automatic Updates
Enable dnf-automatic Updates

To check the status of the service, issue the command.

# systemctl list-timers *dnf-*
Check dnf-automatic Update Status
Check dnf-automatic Update Status

The dnf-makecache runs the dnf-makecache service which is responsible for updating cache packages, while the dnf-automatic unit runs the dnf-automatic service which will download the package upgrades.

Install Security Updates Automatically using Cockpit in CentOS 8

Cockpit is a web-based GUI platform that allows system administrators to seamlessly have an overview of the system metrics and configure various parameters such as the firewall, create users, manage cron jobs, etc. Cockpit also allows you to set up automatic updates: package/feature updates and security updates.

To configure automatic security updates, log in to cockpit as root user by browsing the server URL as shown:


On the left sidebar, click on the ‘Software updates’ option.

Cockpit - Software Updates for CentOS0-8
Cockpit – Software Updates for CentOS0-8

Next, turn the ‘Automatic Updates’ toggle ON. Be sure to select ‘Apply Security Updates’ and choose the frequency of the updates.

Cockpit - Set Automatic CentOS 8 Updates
Cockpit – Set Automatic CentOS 8 Updates

And this concludes our topic today. We cannot stress further the need for setting security updates on your system. This will not only keep your system safe from potential malware, at the very least but also give you peace of mind that your system is being regularly patched and staying up to date with the latest security definitions.

Tutorial Feedback...
Was this article helpful? If you don't find this article helpful or found some outdated info, issue or a typo, do post your valuable feedback or suggestions in the comments to help improve this article...

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

4 thoughts on “dnf-automatic – Install Security Updates Automatically in CentOS 8”

  1. gnurap is right. “security” mode is only for RHEL, as CentOS is not maintaining the metadata, so you won’t get updates then….

  2. Hi,

    Have you been able to really get security updates with CentOS, since security metadata are missing from CentOS repositories?


Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.