This article will communicate approximately the way to update / upgrade Redhat Enterprise Linux to unique minor launch whilst you operate in Red Hat Subscription Manager. It can even discuss about the way to save you YUM from updating  kernel and packages but most effective to the security updates. In many cases , you would possibly need to tie with particular version of Redhat Enterprise Linux minor release because of application compatibility and retain to run with stable releases with out upgrading. At the same time , you should replace the security patches to maintain the machine at ease from ability assaults.



Advertisements




Environment: 
RHEL 6 , 7
Red Hat Subscription Manager (RHSM)
Red Hat Network Classic


To lock RHEL to specific model: 
1.  Login to RHEL as root person.



2. Ensure that yum’s cache is cleared out with the command.

[root@uaans ~]# yum easy all
Loaded plugins: langpacks, product-id, subscription-manager
This device is not registered to Red Hat Subscription Management. You can use subscription-manager to sign up.
Cleaning repos: InstallMedia uaans-repo
Cleaning up the entirety
[root@uaans ~]#
three.This process will paintings when your machine is registered with RHSM (subscription-manager). To enable “–releasever” alternative, you want to sign in a gadget thru subscription-supervisor

# subscription-supervisor check in
# subscription-supervisor check in --auto-attach
4. If the modern OS model is RHEL 6.2 and the requirement is to replace to six.Five , please use the following command to update the device to particular release. If you don’t specify “releasever” parameter ,then device will be updated to present day important launch.

# yum --releasever=6.5 replace
If you would like to replace handiest the kernel ,

# yum --releasever=6.5 replace kernel


Note: If the machine is registered to RHN traditional through rhn_register command, this selection is disabled.





Five. If “–releasever” parameter isn't running as we assume , please affirm the putting of rhnplugin plug-in.

/and so forth/yum/pluginconf.D/rhnplugin.Conf 
[main]
enabled = zero
gpgcheck = 1
# You can specify options in step with channel, e.G.:
#
#[rhel-i386-server-5]
#enabled = 1
#
#[some-unsigned-custom-channel]
#gpgcheck = zero


Update Only Security updates : 
1. System Must be registered with RHSM (subscription-manager).



2. Install safety plugin if you are jogging with RHEL 6.X servers. For RHEl 7 , YUM itself have this capability

# yum  install yum-plugin-protection


3. To list all to be had erratas with out putting in the ones updates, run the following command.

# yum updateinfo listing to be had


4. To listing all to be had safety updates without putting in the ones ,

# yum updateinfo listing security all
# yum updateinfo listing sec


5.To get a listing of the presently set up security updates,

# yum updateinfo listing security mounted


6.To list all available protection updates with verbose descriptions ,

# yum data-sec


7. To replace all the secutrity patches from RHSM / Redhat satellite.

# yum -y replace --safety


8. To installation the packages which have a safety errata use,

# yum update-minimum --security -y


nine. To installation a security update the use of a CVE reference variety, use the subsequent command.

# yum update --cve CVE-2008-0947
* Replace “CVE-2008-0947” with require CVE.
10.If you need to apply simplest one specific advisory, use the subsequent command.

# yum replace --advisory=RHSA-2014:0159
* Replace “RHSA-2014:0159” with valid RHSA.