English Spanish
Alternative methods
Alternatives to automatic updates
Another common problem is having automatic updates run when it isn't desired (holidays, weekends, vacations, etc). If there are times that no one will be around to fix any problem arising from the updates, it may be best to avoid doing updates on those days.
As an alternative to dnf-automatic, https://github.com/rackerlabs/auter[auter] can be used. This operates in a similar way to dnf-automatic, but provides more flexibility in scheduling, and some additional options including running custom scripts before or after updates, and automatic reboots. This comes at the expense of more complexity to configure.
As of Fedora 26 there are now three timers that control dnf-automatic.
auter --apply
auter --disable
Auter is not scheduled by default. Add a schedule for `--prep` (if you want to pre-download updates) and `--apply` (install updates). The installed cron job which you can see in `/etc/cron.d/auter` contains lots of examples.
Automatic updates may not complete the entire process needed to make the system secure. For example, DNF can install a kernel update, but until the machine is rebooted (which DNF will not do automatically) the new changes won't take effect. The same may apply to restarting daemons. This can leave the user feeling that he is secure when he is not.
Best practices when using automatic updates
Bugs. Many packages contain buggy software or installation scripts. The update may create problems during or after installation. Even cosmetic bugs, like those found in previous Mozilla updates causing the user's icons to be removed or break, can be annoying or problematic.
By default, dnf-automatic runs from the configurations in the `/etc/dnf/automatic.conf` file. These configurations only download, but do not apply any of the packages. In order to change or add any configurations, open the `.conf` file as the root user (or using `sudo`) from a terminal window.
Can we trust DNF updates?
Changes as of Fedora 26
Check for package updates which have been automatically performed, and note if they need further (manual) intervention. You can monitor what DNF has updated via its log file (usually `/var/log/dnf.log`).
Check status of `dnf-automatic`:
Detailed description of dnf-automatic settings is provided on the https://dnf.readthedocs.org/en/latest/automatic.html[dnf-automatic] page.
`dnf-automatic-download.timer` - Only download
`dnf-automatic-install.timer` - Download and install
`dnf-automatic-notifyonly.timer` - Only notify via configured emitters in `/etc/dnf/automatic.conf`