Wednesday, April 12, 2017

CentOS/ RHEL : 4 Ways to Disable/Lock Certain Package Updates Using Yum Command

4 Ways to Disable/Lock Certain Package Updates Using Yum Command

Package Manager is software which allows a user in case of installation of new software, up-gradation of system, or updating any specific software and such sorts of things. In case of Linux based systems wherein one software has lots of dependencies which are required to be present on system for a complete installation of that software, such software’s like package manager become a much needed tool on every system.
Disable Lock Certain Package Updates Yum
Disable Lock Certain Package Updates with Yum
Each Linux Distribution ships with its default package manager for above stated functionalities, but of all these most found ones are: yum on RHEL and Fedora systems (where it is being currently replaced with DNF from Fedora 22+ onwards) and apt from Debian.
If you’re looking for APT tool to block or disable certain specific package updates, then you should read this article.
Dnf or Danified yum is replacing yum on Fedora systems which is another one in our list. If explored properly, these Package Managers can be used for following functionalities:
  1. Installing new software from the repository.
  2. Resolve dependencies of the software by installing those dependencies before installing the software.
  3. Maintaining database of dependencies of each software.
  4. Downgrade version of any existing software.
  5. Upgrading the kernel version.
  6. Listing packages available for installation.
We’ve already covered detailed articles separately on each individual package managers with practical examples, you should must read them to control and manager package management in your respective Linux distributions.
Read Also:
  1. Mastering Yum Command with this 20 Practical Examples
  2. 27 DNF Commands to Manage Packages in Fedora 22+ Versions
  3. Learn 25 APT Commands to Manage Ubuntu Packages
In the article, we will see how to lock/disable certain package updates using Yum package manager in RHEL/CentOS and Fedora systems (applicable till Fedora 21, later newer Fedora version ships with dnf as default package manager).

Disable/Lock Package Updates using Yum

Yellow dog Updater, Modified (yum) is package management tool in RedHat based distributions such as CentOS and Fedora. Various strategies used to Lock/Disable Package Updates using Yum are discussed below:

1. Permanently Disable Package for Install or Update

1. Open and edit the yum.conf file, which is located in /etc/yum.conf or in /etc/yum/yum.conf.
It looks like below:
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release
...
Here, to exclude certain package from installation or up-gradation, you just need to add exclude variable along with name of package you wish to exclude. For example, if I want to exclude all the python-3 packages from getting updated, then I will just append following line to yum.conf:
exclude=python-3*
For more than one package to exclude just separate their names by space.
exclude=httpd php 
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release
exclude=python-3*        [Exclude Single Package]
exclude=httpd php        [Exclude Multiple Packages]
...
Note: to include these packages, ignoring entries in yum.conf, use “-disableexcludes” and set it to all|main|repoid, where ‘main’ are those entered in yum.conf and ‘repoid’ are those whose exclusion is specified in repos.d directory, as explained later on.
Now let’s try to install or update the specified packages and see the yum command will disable them installing or updating.
# yum install httpd php

Loaded plugins: fastestmirror, langpacks, versionlock
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * epel: mirror.wanxp.id
 * extras: mirror.nbrc.ac.in
 * updates: mirror.nbrc.ac.in
Nothing to do
# yum update httpd php

Loaded plugins: fastestmirror, langpacks, versionlock
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * epel: mirror.wanxp.id
 * extras: mirror.nbrc.ac.in
 * updates: mirror.nbrc.ac.in
No packages marked for update

2. Temporarily Disable Package for Install or Update

2. Above was a permanent solution to exclude a package as unless file is edited, that package won’t get updated. Here is a temporary solution for this also. Just at the time when you go for any update, use -x switch in yum command to exclude package which you do not want to update, like:
# yum -x python-3 update
The above command will update all the packages whose updates are available, excluding python-3 on your system.
Here, for excluding multiple packages, use -x multiple times, or separate package names with ',' in a single switch.
# yum -x httpd -x php update
OR
# yum -x httpd,php update
3. Using --exclude switch works same as -x, just need to replace -x with –exclude and pass ',' separated list of package names to it.
# yum --exclude httpd,php

3. Disable Package Updates using Repository

4. For any package installed from any external source via adding a repository, there is another way to stop its up-gradation in future. This can be done by editing its .repo file which is created in /etc/yum/repos.d/ or /etc/yum.repos.d directory.
Add the exclude option with the package name in the repo. Like: to exclude any package say wine from epel repo, add the following line in epel.repo file:
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
exclude=wine
Now try to update the wine package, you will get error like shown below:
# yum update wine

Loaded plugins: fastestmirror, langpacks, versionlock
epel/x86_64/metalink                                    | 5.6 kB     00:00     
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * epel: mirror.wanxp.id
 * extras: mirror.nbrc.ac.in
 * updates: mirror.nbrc.ac.in
No Match for argument: wine
No package wine available.
No packages marked for update

4. Disable Package Update Using versionlock Option

5. Another way in yum to mask the version of any package thus making it unavailable for up-gradation, is to use versionlock option of yum, but to do this, you must yum-plugin-versionlock package installed on the system.
# yum -y install yum-versionlock
For example, to lock the version of package say httpd to 2.4.6 only, just write following command as root.
# yum versionlock add httpd
Sample Output
Loaded plugins: fastestmirror, langpacks, versionlock
Adding versionlock on: 0:httpd-2.4.6-40.el7.centos
versionlock added: 1
To view locked packages, use the following command will list the packages which have been version locked.
# yum versionlock list httpd
Sample Output
Loaded plugins: fastestmirror, langpacks, versionlock
0:httpd-2.4.6-40.el7.centos.*
versionlock list done

Conclusion

These are a few tips which will help you Disable/Lock Package updates using yum package manager.

No comments: