- 新しい順
- 投票が多い順
- コメントが多い順
Hello,
Disabling security updates on servers is generally not recommended, as it leaves them vulnerable to potential exploits. The yum check-update process you're seeing is likely checking for any available security updates from Amazon Linux repositories.
Thanks
Hi,
To know more about yum --security, go to https://www.cyberciti.biz/faq/rhel-centos-yum-check-update-security-plugin/
This post details what the yum-security plugin brings you. This plugin make it possible to limit list/upgrade of packages to specific security relevant ones.
All possible command options are detailled here: https://linux.die.net/man/8/yum-security
If it brings a high cpu spike to your machine, you should - if possible - schedule it via cron during a low-activity period. But, it would not be a good idea to disable the package updates, especially those relevant to security. It is better to keep you machine up to date.
Best,
Didier
You can try to set a yum cron job schedule to run checks during off-peak hours to minimize impact.