[tor-commits] [community/develop] Add RPM based distros instructions to automatically update, link to post-install

Sat Oct 5 07:39:30 UTC 2019

commit aeb0731cc1b6d9e7c70724312c529646a020bc46
Author: gus <gus at torproject.org>
Date:   Thu Aug 29 06:53:32 2019 -0400

    Add RPM based distros instructions to automatically update, link to post-install
---
 .../technical-setup/guard/centosrhel/contents.lr   | 16 +++--
 .../guard/centosrhel/updates/contents.lr           | 68 ++++++++++++++++++++++
 2 files changed, 80 insertions(+), 4 deletions(-)

diff --git a/content/relay-operations/technical-setup/guard/centosrhel/contents.lr b/content/relay-operations/technical-setup/guard/centosrhel/contents.lr
index 27b6031..9ab6048 100644
--- a/content/relay-operations/technical-setup/guard/centosrhel/contents.lr
+++ b/content/relay-operations/technical-setup/guard/centosrhel/contents.lr
@@ -4,19 +4,23 @@ title: CentOS/RHEL
 ---
 body:
 
-# 1. Enable the EPEL repository
+# 1. Enable Automatic Software Updates
+
+One of the most imported things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
+
+# 2. Enable the EPEL repository
 
 To install `tor` package on CentOS/RHEL, you need to install the [EPEL](https://fedoraproject.org/wiki/EPEL) repository first:
 
 `yum install epel-release`
 
-# 2. Install the tor package and verify the EPEL signing key
+# 3. Install the tor package and verify the EPEL signing key
 
 `yum install tor`
 
 When you install the first package from the EPEL repository you will be asked about verifying the EPEL GPG signing key. Please ensure the key matches with the one available on the [Fedora Project website](https://getfedora.org/keys/).
 
-# 3. Put the tor configuration file `/etc/tor/torrc` in place
+# 4. Put the tor configuration file `/etc/tor/torrc` in place
 
 ```
 #change the nickname "myNiceRelay" to a name that you like
@@ -28,7 +32,7 @@ ExitRelay 0
 ContactInfo tor-operator at your-emailaddress-domain
 ```
 
-# 4. Enable and start your Tor relay
+# 5. Enable and start your Tor relay
 
 CentOS 7 / RHEL 7:
 
@@ -44,6 +48,10 @@ service tor enable
 service tor start
 ```
 
+# 6. Final notes
+
+If you are having troubles setting up your relay, have a look at our [help section](FIXME). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
+
 ---
 html: two-columns-page.html
 ---
diff --git a/content/relay-operations/technical-setup/guard/centosrhel/updates/contents.lr b/content/relay-operations/technical-setup/guard/centosrhel/updates/contents.lr
new file mode 100644
index 0000000..c452749
--- /dev/null
+++ b/content/relay-operations/technical-setup/guard/centosrhel/updates/contents.lr
@@ -0,0 +1,68 @@
+_model: page
+---
+title: Automatic Updates on RPM Distributions
+---
+_hidden: yes
+---
+body:
+
+# CentOS and RHEL
+
+For CentOS and RHEL the yum-cron package is the preferred approach:
+
+```
+yum install yum-cron
+```
+
+In /etc/yum/yum-cron.conf set:
+
+```
+download_updates = yes
+apply_updates = yes
+```
+
+Enable and start automatic updates via:
+
+```
+systemctl start yum-cron.service
+```
+
+# openSUSE
+
+First, you need to install the automatic update package
+
+```
+zypper install  yast2-online-update-configuration
+```
+
+Then start the configuration tool (ncurses based) with:
+
+```
+yast2 online_update_configuration
+```
+
+Enable the following settings:
+
+```
+    Automatic Online Update
+    Interval: Daily
+    Skip Interactive Patches
+    Agree with Licenses
+    Use delta rpms 
+```
+
+Confirm your configuration with OK.
+
+The official openSUSE documentation can be found [here](https://doc.opensuse.org/documentation/leap/startup/html/book.opensuse.startup/cha.onlineupdate.you.html#sec.onlineupdate.you.automatically).
+---
+html: two-columns-page.html
+---
+key: 1
+---
+section: Relay Operations
+---
+section_id: relay-operations
+---
+_slug: updates
+---
+_discoverable: yes



