This article will explore how to filter the updates available to your Fedora Linux system by type. This way you can choose to, for example, only install security or bug fixes updates. This article will demo running the dnf commands inside toolbox instead of using a real Fedora Linux install.
You might also want to read Use dnf updateinfo to read update changelogs before reading this article.
If you have been managing system updates for Fedora Linux or any other GNU/Linux distro, you might have noticed how, when you run a system update (with dnf update, in the case of Fedora Workstation), you usually are not installing only security updates.
Due to how package management in a GNU/Linux distro works, generally (with the exception of software running in a container, under Flatpak, or similar technologies) you are updating every single package regardless of whether it’s a “system” software or an “app”.
DNF divides updates in three types: “security”, “bugfix” and “enhancement”. And, as you will see, DNF allows filtering which types you want to operate on.
But, why would you want to update only a subset of packages?
Well, this might depend on how you personally choose to deal with system updates. If you are not comfortable at the moment with updating everything, then restricting the current update to only security updates might be a good choice. You could also install bug fix updates as well and only install enhancements and other types of updates during a future opportunity.
How to filter security and bug fix updates
Start by creating a Fedora Linux 34 toolbox:
toolbox create --distro fedora --release f34 updatefilter-demo
Then enter that toolbox:
toolbox enter updatefilter-demo
From now on commands can be run on a real Fedora Linux install.
First, run dnf check-update to see the unfiltered list of packages:
DNF supports passing the types of updates to operate on as parameter: ‐‐security for security updates, ‐‐bugfix for bug fix updates and ‐‐enhancement for enhancement updates. Those work on commands such as dnf check-update, dnf update and dnf updateinfo.
For example, this is how you filter the list of available updates by security updates only:
And now same thing but by bug fix updates only:
They can even be combined, so you can use two or more of them at the same time. For example, you can filter the list to show both security and bug fix updates:
As mentioned, dnf updateinfo also works with this filtering, so you can filter dnf updateinfo, dnf updateinfo list and dnf updateinfo info. For example, for the list of security updates and their IDs:
If desired, you can install only security updates:
Or even to install both security and bug fix updates while ignoring enhancement updates:
Install only specific updates
You may also choose to only install the updates with a specific ID, such as FEDORA-2021-74ebf2f06f for avahi by using –advisory and specifying the ID:
Or even multiple updates, with ‐‐advisories:
In the end it all comes down to how you personally prefer to manage your updates. But if you need, for whichever reason, to only install security updates, then these filters will surely come in handy!