How to patch AlmaLinux

Key Points
Introduction: Explains why AlmaLinux systems must be patched regularly to reduce security risk and maintain stability.
Patch Individual Systems Using Native Linux Tools: Covers how to manually patch single AlmaLinux systems using built-in Linux commands.
Patch AlmaLinux Systems at Scale: Explains how Patch Manager Plus enables centralized patch deployment and automation across multiple or thousands of AlmaLinux endpoints from a single console.

Introduction

AlmaLinux systems require timely patching to fix vulnerabilities and apply critical updates. Without a centralized process, tracking and deploying Linux patches across multiple systems becomes inconsistent and difficult to manage.

Patch Individual Systems Using Native Linux Tools

AlmaLinux can be patched manually using its built-in package manager when patching is required only for individual systems and a centralized patch management solution is not available.

Refresh the meta files with the repos enabled on the machine:

 sudo yum makecache

To list all available updates:

 sudo yum check-update

To list ony security available updates:

 sudo yum --security check-update

Install all available updates

Run the following command to install all available patches, including security and general updates:

 sudo yum update

Install only security updates

If you want to apply only security-related patches:

 sudo yum --security update

This installation commands downloads and installs updates from the repositories available & enabled on the machine.

Patch a specific package

To update a single package:

sudo yum install <package-name>

To update a single package to a specific version:

 sudo yum install <package-name>-<version> 

Note: The machine should have suitable repos enabled and access to the repositories.

Patch AlmaLinux Systems at Scale

The following steps guide you through centrally patching multiple or thousands of AlmaLinux systems and configuring automation to keep them continuously up to date using Patch Manager Plus

Step 1: Ensure Linux patches are synchronized

1. Navigate to Admin → Patch Settings → Patch Database Settings
2. Verify that Linux patches are enabled so the Patch Manager Plus server downloads the latest Linux patch details.
3. Confirm the synchronization schedule is active to keep the patch database updated.

Step 2: Scan AlmaLinux systems for missing patches

1. Navigate to Systems → Managed Systems → By Patches.
2. Initiate the patch scan so agents on AlmaLinux machines evaluate missing patches using the updated patch database.
3. Review the scan results to identify missing Linux patches applicable to AlmaLinux systems.

Step 3: Deploy patches to AlmaLinux systems

1. Navigate to Deployment → Manual Deployment → Install/Uninstall Patch.
2. Select the required Linux patches identified for AlmaLinux machines.
3. Choose the target AlmaLinux computers or groups and proceed with deployment using the appropriate deployment options.
4. Monitor the deployment status to confirm successful installation.

Step 4: Configure Automated Patch Deployment for AlmaLinux

1. Navigate to Deployment → Automate Patch Deployment.
2. Click Automate Task and select Linux as the operating system.
3. Provide a task name and configure the task in the following order:
   • Select Applications: Choose Linux applications and severities to be included for automation.
   • Choose Deployment Policy: Select an existing deployment policy that defines deployment timing and reboot behavior.
   • Define Target: Select the computer groups that contain AlmaLinux systems.
   • Configure Notifications: Set notification preferences to track deployment status.
4. Save the task to enable continuous patching for AlmaLinux systems.

Additional Linux deployment behavior can be referenced here: Linux Patch Deployment.

Step 5: Monitor automated patching status

1. Return to Deployment → Automate Patch Deployment to view the configured task.
2. Monitor task execution to track deployed, failed, or pending Linux patches.
3. Review results regularly to ensure AlmaLinux systems remain fully patched.

Start your 30-day free trial and manage unlimited endpoints — patched and protected!