- Newest
- Most votes
- Most comments
Hello,
Disabling security updates on servers is generally not recommended, as it leaves them vulnerable to potential exploits. The yum check-update process you're seeing is likely checking for any available security updates from Amazon Linux repositories.
Thanks
Hi,
To know more about yum --security, go to https://www.cyberciti.biz/faq/rhel-centos-yum-check-update-security-plugin/
This post details what the yum-security plugin brings you. This plugin make it possible to limit list/upgrade of packages to specific security relevant ones.
All possible command options are detailled here: https://linux.die.net/man/8/yum-security
If it brings a high cpu spike to your machine, you should - if possible - schedule it via cron during a low-activity period. But, it would not be a good idea to disable the package updates, especially those relevant to security. It is better to keep you machine up to date.
Best,
Didier
Relevant content
- Accepted Answerasked 8 months ago
- asked 6 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 10 months ago
You can try to set a yum cron job schedule to run checks during off-peak hours to minimize impact.