Issue with ansible.builtin.dnf list updates

ume90009 · October 30, 2025, 9:51am

When using the below task:

- name: Get list of available updates
  ansible.builtin.dnf:
    list: updates
  register: dnf_available_patches

- name: Display available updates
  ansible.builtin.debug:
    var: dnf_available_patches

The output shows more updates than what the normal dnf list updates command shows.
Example: Actual updates = 14, but Ansible shows 56.

It looks like the module lists packages from all architectures and repos, not just the unique ones like the normal dnf command does.
This is causing confusion in our post-patching reports (available vs installed counts don’t match).

Questions:

Is this normal behavior of the ansible.builtin.dnf module, or a known bug?
Is there a way to list only security or bugfix updates using this module (without using shell commands)?

This is part of our end-to-end automated patching setup triggered by ITSM, so reporting accuracy is important.

Lyle_McKarns · October 30, 2025, 11:38am

The module documentation says that list is for use with ansible directly, and not in playbooks.

It seems like ansible.builtin.package_facts might be a better approach to what you’re looking for.

Topic		Replies	Views
Getting complete package update information Ansible Project	4	120	March 6, 2024
Ansible.builtin.dnf module - capturing output of package upgrades Get Help rhel , centos , rockylinux , almalinux	3	3078	October 6, 2023
Debian/Ubuntu: Show available updates (or control if all updates are installed) Ansible Project ubuntu	2	60	February 13, 2016
dpkg options Ansible Project	0	6	December 19, 2014
Reporting individual packages under apt and with_items Ansible Project	2	6	May 7, 2014

Issue with ansible.builtin.dnf list updates

Related topics