Chapter 9. Yum

Yum is the Red Hat package manager that is able to query for information about available packages, fetch packages from repositories, install and uninstall them, and update an entire system to the latest available version. Yum performs automatic dependency resolution when updating, installing, or removing packages, and thus is able to automatically determine, fetch, and install all available dependent packages.

Yum can be configured with new, additional repositories, or package sources, and also provides many plug-ins which enhance and extend its capabilities. Yum is able to perform many of the same tasks that RPM can; additionally, many of the command-line options are similar. Yum enables easy and simple package management on a single machine or on groups of them.

The following sections assume your system was registered with Red Hat Subscription Management during installation as described in the Red Hat Enterprise Linux 7 Installation Guide. If your system is not subscribed, see Chapter 7, Registering the System and Managing Subscriptions.

Important

Yum provides secure package management by enabling GPG (Gnu Privacy Guard; also known as GnuPG) signature verification on GPG-signed packages to be turned on for all package repositories (package sources), or for individual repositories. When signature verification is enabled, yum will refuse to install any packages not GPG-signed with the correct key for that repository. This means that you can trust that the RPM packages you download and install on your system are from a trusted source, such as Red Hat, and were not modified during transfer. See Section 9.5, “Configuring Yum and Yum Repositories” for details on enabling signature-checking with yum.

Yum also enables you to easily set up your own repositories of RPM packages for download and installation on other machines. When possible, yum uses parallel download of multiple packages and metadata to speed up downloading.

Learning yum is a worthwhile investment because it is often the fastest way to perform system administration tasks, and it provides capabilities beyond those provided by the PackageKit graphical package management tools.

Note

You must have superuser privileges in order to use yum to install, update or remove packages on your system. All examples in this chapter assume that you have already obtained superuser privileges by using either the su or sudo command.

9.1. Checking For and Updating Packages

Yum enables you to check if your system has any updates waiting to be applied. You can list packages that need to be updated and update them as a whole, or you can update a selected individual package.

9.1.1. Checking For Updates

To see which installed packages on your system have updates available, use the following command:

yum check-update

Example 9.1. Example output of the yum check-update command

The output of yum check-update can look as follows:

~]# yum check-update
Loaded plugins: product-id, search-disabled-repos, subscription-manager
dracut.x86_64             033-360.el7_2   rhel-7-server-rpms
dracut-config-rescue.x86_64      033-360.el7_2   rhel-7-server-rpms
kernel.x86_64             3.10.0-327.el7   rhel-7-server-rpms
rpm.x86_64              4.11.3-17.el7   rhel-7-server-rpms
rpm-libs.x86_64            4.11.3-17.el7   rhel-7-server-rpms
rpm-python.x86_64           4.11.3-17.el7   rhel-7-server-rpms
yum.noarch              3.4.3-132.el7   rhel-7-server-rpms

The packages in the above output are listed as having updates available. The first package in the list is dracut. Each line in the example output consists of several rows, in case of dracut:

  • dracut — the name of the package,
  • x86_64 — the CPU architecture the package was built for,
  • 033 — the version of the updated package to be installed,
  • 360.el7 — the release of the updated package,
  • _2 — a build version, added as part of a z-stream update,
  • rhel-7-server-rpms — the repository in which the updated package is located.

The output also shows that we can update the kernel (the kernel package), yum and RPM themselves (the yum and rpm packages), as well as their dependencies (such as the rpm-libs, and rpm-python packages), all using the yum command.

9.1.2. Updating Packages

You can choose to update a single package, multiple packages, or all packages at once. If any dependencies of the package or packages you update have updates available themselves, then they are updated too.

Updating a Single Package

To update a single package, run the following command as root:

yum update package_name

Example 9.2. Updating the rpm package

To update the rpm package, type:

~]# yum update rpm
Loaded plugins: langpacks, product-id, subscription-manager
Updating Red Hat repositories.
INFO:rhsm-app.repolib:repos updated: 0
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package rpm.x86_64 0:4.11.1-3.el7 will be updated
--> Processing Dependency: rpm = 4.11.1-3.el7 for package: rpm-libs-4.11.1-3.el7.x86_64
--> Processing Dependency: rpm = 4.11.1-3.el7 for package: rpm-python-4.11.1-3.el7.x86_64
--> Processing Dependency: rpm = 4.11.1-3.el7 for package: rpm-build-4.11.1-3.el7.x86_64
---> Package rpm.x86_64 0:4.11.2-2.el7 will be an update
--> Running transaction check
...
--> Finished Dependency Resolution

Dependencies Resolved
=============================================================================
 Package          Arch    Version     Repository    Size
=============================================================================
Updating:
 rpm            x86_64   4.11.2-2.el7  rhel      1.1 M
Updating for dependencies:
 rpm-build         x86_64   4.11.2-2.el7  rhel      139 k
 rpm-build-libs      x86_64   4.11.2-2.el7  rhel       98 k
 rpm-libs         x86_64   4.11.2-2.el7  rhel      261 k
 rpm-python        x86_64   4.11.2-2.el7  rhel       74 k

Transaction Summary
=============================================================================
Upgrade 1 Package (+4 Dependent packages)

Total size: 1.7 M
Is this ok [y/d/N]:

This output contains several items of interest:

  1. Loaded plugins: langpacks, product-id, subscription-manager — Yum always informs you which yum plug-ins are installed and enabled. See Section 9.6, “Yum Plug-ins” for general information on yum plug-ins, or Section 9.6.3, “Working with Yum Plug-ins” for descriptions of specific plug-ins.
  2. rpm.x86_64 — you can download and install a new rpm package as well as its dependencies. Transaction check is performed for each of these packages.
  3. Yum presents the update information and then prompts you for confirmation of the update; yum runs interactively by default. If you already know which transactions the yum command plans to perform, you can use the -y option to automatically answer yes to any questions that yum asks (in which case it runs non-interactively). However, you should always examine which changes yum plans to make to the system so that you can easily troubleshoot any problems that might arise. You can also choose to download the package without installing it. To do so, select the d option at the download prompt. This launches a background download of the selected package.

    If a transaction fails, you can view yum transaction history by using the yum history command as described in Section 9.4, “Working with Transaction History”.

Important

Yum always installs a new kernel regardless of whether you are using the yum update or yum install command.

When using RPM, on the other hand, it is important to use the rpm -i kernel command which installs a new kernel instead of rpm -u kernel which replaces the current kernel.

Similarly, it is possible to update a package group. Type as root:

yum group update group_name

Here, replace group_name with a name of the package group you want to update. For more information on package groups, see Section 9.3, “Working with Package Groups”.

Yum also offers the upgrade command that is equal to update with enabled obsoletes configuration option (see Section 9.5.1, “Setting [main] Options”). By default, obsoletes is turned on in /etc/yum.conf, which makes these two commands equivalent.

Updating All Packages and Their Dependencies

To update all packages and their dependencies, use the yum update command without any arguments:

yum update
yum update --security

You can also update packages only to versions containing the latest security updates. Type as root:

yum update-minimal --security

For example, assume that:

  • the kernel-3.10.0-1 package is installed on your system;
  • the kernel-3.10.0-2 package was released as a security update;
  • the kernel-3.10.0-3 package was released as a bug fix update.

Then yum update-minimal --security updates the package to kernel-3.10.0-2, and yum update --security updates the package to kernel-3.10.0-3.

Automating Package Updating

To refresh the package database and download updates automatically, you can use the yum-cron service. For more information, see Section 9.7, “Automatically Refreshing Package Database and Downloading Updates with Yum-cron”.

9.1.3. Upgrading the System Off-line with ISO and Yum

For systems that are disconnected from the Internet or Red Hat Network, using the yum update command with the Red Hat Enterprise Linux installation ISO image is an easy and quick way to upgrade systems to the latest minor version. The following steps illustrate the upgrading process:

  1. Create a target directory to mount your ISO image. This directory is not automatically created when mounting, so create it before proceeding to the next step. As root, type:

    mkdir mount_dir

    Replace mount_dir with a path to the mount directory. Typically, users create it as a subdirectory in the /media directory.

  2. Mount the Red Hat Enterprise Linux 7 installation ISO image to the previously created target directory. As root, type:

    mount -o loop iso_name mount_dir

    Replace iso_name with a path to your ISO image and mount_dir with a path to the target directory. Here, the -o loop option is required to mount the file as a block device.

  3. Copy the media.repo file from the mount directory to the /etc/yum.repos.d/ directory. Note that configuration files in this directory must have the .repo extension to function properly.

    cp mount_dir/media.repo /etc/yum.repos.d/new.repo

    This creates a configuration file for the yum repository. Replace new.repo with the filename, for example rhel7.repo.

  4. Edit the new configuration file so that it points to the Red Hat Enterprise Linux installation ISO. Add the following line into the /etc/yum.repos.d/new.repo file:

    baseurl=file:///mount_dir

    Replace mount_dir with a path to the mount point.

  5. Update all yum repositories including /etc/yum.repos.d/new.repo created in previous steps. As root, type:

    yum update

    This upgrades your system to the version provided by the mounted ISO image.

  6. After successful upgrade, you can unmount the ISO image. As root, type:

    umount mount_dir

    where mount_dir is a path to your mount directory. Also, you can remove the mount directory created in the first step. As root, type:

    rmdir mount_dir
  7. If you will not use the previously created configuration file for another installation or update, you can remove it. As root, type:

    rm /etc/yum.repos.d/new.repo

Example 9.3. Upgrading from Red Hat Enterprise Linux 7.0 to 7.1

If required to upgrade a system without access to the Internet using an ISO image with the newer version of the system, called for example rhel-server-7.1-x86_64-dvd.iso, create a target directory for mounting, such as /media/rhel7/. As root, change into the directory with your ISO image and type:

~]# mount -o loop
    rhel-server-7.1-x86_64-dvd.iso /media/rhel7/

Then set up a yum repository for your image by copying the media.repo file from the mount directory:

~]# cp /media/rhel7/media.repo /etc/yum.repos.d/rhel7.repo

To make yum recognize the mount point as a repository, add the following line into the /etc/yum.repos.d/rhel7.repo copied in the previous step:

baseurl=file:///media/rhel7/

Now, updating the yum repository will upgrade your system to a version provided by rhel-server-7.1-x86_64-dvd.iso. As root, execute:

~]# yum update

When your system is successfully upgraded, you can unmount the image, remove the target directory and the configuration file:

~]# umount /media/rhel7/
~]# rmdir /media/rhel7/
~]# rm
     /etc/yum.repos.d/rhel7.repo

9.2. Working with Packages

Yum enables you to perform a complete set of operations with software packages, including searching for packages, viewing information about them, installing and removing.

9.2.1. Searching Packages

You can search all RPM package names, descriptions and summaries by using the following command:

yum search term…

Replace term with a package name you want to search.

Example 9.4. Searching for packages matching a specific string

To list all packages that match "vim", "gvim", or "emacs", type:

~]$ yum search vim gvim emacs
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
============================= N/S matched: vim ==============================
vim-X11.x86_64 : The VIM version of the vi editor for the X Window System
vim-common.x86_64 : The common files needed by any version of the VIM editor
[output truncated]

============================ N/S matched: emacs =============================
emacs.x86_64 : GNU Emacs text editor
emacs-auctex.noarch : Enhanced TeX modes for Emacs
[output truncated]

 Name and summary matches mostly, use "search all" for everything.
Warning: No matches found for: gvim

The yum search command is useful for searching for packages you do not know the name of, but for which you know a related term. Note that by default, yum search returns matches in package name and summary, which makes the search faster. Use the yum search all command for a more exhaustive but slower search.

Filtering the Results

All of yum’s list commands allow you to filter the results by appending one or more glob expressions as arguments. Glob expressions are normal strings of characters which contain one or more of the wildcard characters * (which expands to match any character subset) and ? (which expands to match any single character).

Be careful to escape the glob expressions when passing them as arguments to a yum command, otherwise the Bash shell will interpret these expressions as pathname expansions, and potentially pass all files in the current directory that match the global expressions to yum. To make sure the glob expressions are passed to yum as intended, use one of the following methods:

  • escape the wildcard characters by preceding them with a backslash character
  • double-quote or single-quote the entire glob expression.

Examples in the following section demonstrate usage of both these methods.

9.2.2. Listing Packages

To list information on all installed and available packages type the following at a shell prompt:

yum list all

To list installed and available packages that match inserted glob expressions use the following command:

yum list glob_expression…

Example 9.5. Listing ABRT-related packages

Packages with various ABRT add-ons and plug-ins either begin with "abrt-addon-", or "abrt-plugin-". To list these packages, type the following command at a shell prompt. Note how the wildcard characters are escaped with a backslash character:

~]$ yum list abrt-addon\* abrt-plugin\*
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Installed Packages
abrt-addon-ccpp.x86_64          2.1.11-35.el7       @rhel-7-server-rpms
abrt-addon-kerneloops.x86_64       2.1.11-35.el7       @rhel-7-server-rpms
abrt-addon-pstoreoops.x86_64       2.1.11-35.el7       @rhel-7-server-rpms
abrt-addon-python.x86_64         2.1.11-35.el7       @rhel-7-server-rpms
abrt-addon-vmcore.x86_64         2.1.11-35.el7       @rhel-7-server-rpms
abrt-addon-xorg.x86_64          2.1.11-35.el7       @rhel-7-server-rpms

To list all packages installed on your system use the installed keyword. The rightmost column in the output lists the repository from which the package was retrieved.

yum list installed glob_expression…

Example 9.6. Listing all installed versions of the krb package

The following example shows how to list all installed packages that begin with "krb" followed by exactly one character and a hyphen. This is useful when you want to list all versions of certain component as these are distinguished by numbers. The entire glob expression is quoted to ensure proper processing.

~]$ yum list installed "krb?-*"
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Installed Packages
krb5-libs.x86_64         1.13.2-10.el7          @rhel-7-server-rpms

To list all packages in all enabled repositories that are available to install, use the command in the following form:

yum list available glob_expression…

Example 9.7. Listing available gstreamer plug-ins

For instance, to list all available packages with names that contain "gstreamer" and then "plugin", run the following command:

~]$ yum list available gstreamer*plugin\*
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Available Packages
gstreamer-plugins-bad-free.i686       0.10.23-20.el7     rhel-7-server-rpms
gstreamer-plugins-base.i686         0.10.36-10.el7     rhel-7-server-rpms
gstreamer-plugins-good.i686         0.10.31-11.el7     rhel-7-server-rpms
gstreamer1-plugins-bad-free.i686      1.4.5-3.el7      rhel-7-server-rpms
gstreamer1-plugins-base.i686        1.4.5-2.el7      rhel-7-server-rpms
gstreamer1-plugins-base-devel.i686     1.4.5-2.el7      rhel-7-server-rpms
gstreamer1-plugins-base-devel.x86_64    1.4.5-2.el7      rhel-7-server-rpms
gstreamer1-plugins-good.i686        1.4.5-2.el7      rhel-7-server-rpms

Listing Repositories

To list the repository ID, name, and number of packages for each enabled repository on your system, use the following command:

yum repolist

To list more information about these repositories, add the -v option. With this option enabled, information including the file name, overall size, date of the last update, and base URL are displayed for each listed repository. As an alternative, you can use the repoinfo command that produces the same output.

yum repolist -v
yum repoinfo

To list both enabled and disabled repositories use the following command. A status column is added to the output list to show which of the repositories are enabled.

yum repolist all

By passing disabled as a first argument, you can reduce the command output to disabled repositories. For further specification you can pass the ID or name of repositories or related glob_expressions as arguments. Note that if there is an exact match between the repository ID or name and the inserted argument, this repository is listed even if it does not pass the enabled or disabled filter.

9.2.3. Displaying Package Information

To display information about one or more packages, use the following command (glob expressions are valid here as well):

yum info package_name…

Replace package_name with the name of the package.

Example 9.8. Displaying information on the abrt package

To display information about the abrt package, type:

~]$ yum info abrt
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Installed Packages
Name    : abrt
Arch    : x86_64
Version   : 2.1.11
Release   : 35.el7
Size    : 2.3 M
Repo    : installed
From repo  : rhel-7-server-rpms
Summary   : Automatic bug detection and reporting tool
URL     : https://fedorahosted.org/abrt/
License   : GPLv2+
Description : abrt is a tool to help users to detect defects in applications and
      : to create a bug report with all information needed by maintainer to fix
      : it. It uses plugin system to extend its functionality.

The yum info package_name command is similar to the rpm -q --info package_name command, but provides as additional information the name of the yum repository the RPM package was installed from (look for the From repo: line in the output).

Using yumdb

You can also query the yum database for alternative and useful information about a package by using the following command:

yumdb info package_name

This command provides additional information about a package, including the check sum of the package (and the algorithm used to produce it, such as SHA-256), the command given on the command line that was invoked to install the package (if any), and the reason why the package is installed on the system (where user indicates it was installed by the user, and dep means it was brought in as a dependency).

Example 9.9. Querying yumdb for information on the yum package

To display additional information about the yum package, type:

~]$ yumdb info yum
Loaded plugins: langpacks, product-id
yum-3.4.3-132.el7.noarch
   changed_by = 1000
   checksum_data = a9d0510e2ff0d04d04476c693c0313a11379053928efd29561f9a837b3d9eb02
   checksum_type = sha256
   command_line = upgrade
   from_repo = rhel-7-server-rpms
   from_repo_revision = 1449144806
   from_repo_timestamp = 1449144805
   installed_by = 4294967295
   origin_url = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/Packages/yum-3.4.3-132.el7.noarch.rpm
   reason = user
   releasever = 7Server
   var_uuid = 147a7d49-b60a-429f-8d8f-3edb6ce6f4a1

For more information on the yumdb command, see the yumdb(8) manual page.

9.2.4. Installing Packages

To install a single package and all of its non-installed dependencies, enter a command in the following form as root:

yum install package_name

You can also install multiple packages simultaneously by appending their names as arguments. To do so, type as root:

yum install package_name package_name…

If you are installing packages on a multilib system, such as an AMD64 or Intel 64 machine, you can specify the architecture of the package (as long as it is available in an enabled repository) by appending .arch to the package name:

yum install package_name.arch

Example 9.10. Installing packages on multilib system

To install the sqlite package for the i686 architecture, type:

~]# yum install sqlite.i686

You can use glob expressions to quickly install multiple similarly named packages. Execute as root:

yum install glob_expression…

Example 9.11. Installing all audacious plugins

Global expressions are useful when you want to install several packages with similar names. To install all audacious plug-ins, use the command in the following form:

~]# yum install audacious-plugins-\*

In addition to package names and glob expressions, you can also provide file names to yum install. If you know the name of the binary you want to install, but not its package name, you can give yum install the path name. As root, type:

yum install /usr/sbin/named

Yum then searches through its package lists, finds the package which provides /usr/sbin/named, if any, and prompts you as to whether you want to install it.

As you can see in the above examples, the yum install command does not require strictly defined arguments. It can process various formats of package names and glob expressions, which makes installation easier for users. On the other hand, it takes some time until yum parses the input correctly, especially if you specify a large number of packages. To optimize the package search, you can use the following commands to explicitly define how to parse the arguments:

yum install-n name
yum install-na name.architecture
yum install-nevra name-epoch:version-release.architecture

With install-n, yum interprets name as the exact name of the package. The install-na command tells yum that the subsequent argument contains the package name and architecture divided by the dot character. With install-nevra, yum will expect an argument in the form name-epoch:version-release.architecture. Similarly, you can use yum remove-n, yum remove-na, and yum remove-nevra when searching for packages to be removed.

Note

If you know you want to install the package that contains the named binary, but you do not know in which bin/ or sbin/ directory the file is installed, use the yum provides command with a glob expression:

~]# yum provides "*bin/named"
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-
       : manager
32:bind-9.9.4-14.el7.x86_64 : The Berkeley Internet Name Domain (BIND) DNS
              : (Domain Name System) server
Repo    : rhel-7-server-rpms
Matched from:
Filename  : /usr/sbin/named

yum provides "*/file_name" is a useful way to find the packages that contain file_name.

Example 9.12. Installation Process

The following example provides an overview of installation with use of yum. To download and install the latest version of the httpd package, execute as root:

~]# yum install httpd
Loaded plugins: langpacks, product-id, subscription-manager
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-12.el7 will be updated
---> Package httpd.x86_64 0:2.4.6-13.el7 will be an update
--> Processing Dependency: 2.4.6-13.el7 for package: httpd-2.4.6-13.el7.x86_64
--> Running transaction check
---> Package httpd-tools.x86_64 0:2.4.6-12.el7 will be updated
---> Package httpd-tools.x86_64 0:2.4.6-13.el7 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

After executing the above command, yum loads the necessary plug-ins and runs the transaction check. In this case, httpd is already installed. Since the installed package is older than the latest currently available version, it will be updated. The same applies to the httpd-tools package that httpd depends on. Then, a transaction summary is displayed:

================================================================================
 Package    Arch   Version         Repository        Size
================================================================================
Updating:
 httpd     x86_64  2.4.6-13.el7      rhel-x86_64-server-7  1.2 M
Updating for dependencies:
 httpd-tools  x86_64  2.4.6-13.el7      rhel-x86_64-server-7   77 k

Transaction Summary
================================================================================
Upgrade 1 Package (+1 Dependent package)

Total size: 1.2 M
Is this ok [y/d/N]:

In this step yum prompts you to confirm the installation. Apart from y (yes) and N (no) options, you can choose d (download only) to download the packages but not to install them directly. If you choose y, the installation proceeds with the following messages until it is finished successfully.

Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
 Updating  : httpd-tools-2.4.6-13.el7.x86_64               1/4
 Updating  : httpd-2.4.6-13.el7.x86_64                  2/4
 Cleanup  : httpd-2.4.6-12.el7.x86_64                  3/4
 Cleanup  : httpd-tools-2.4.6-12.el7.x86_64               4/4
 Verifying : httpd-2.4.6-13.el7.x86_64                  1/4
 Verifying : httpd-tools-2.4.6-13.el7.x86_64               2/4
 Verifying : httpd-tools-2.4.6-12.el7.x86_64               3/4
 Verifying : httpd-2.4.6-12.el7.x86_64                  4/4

Updated:
 httpd.x86_64 0:2.4.6-13.el7

Dependency Updated:
 httpd-tools.x86_64 0:2.4.6-13.el7

Complete!

To install a previously downloaded package from the local directory on your system, use the following command:

yum localinstall path

Replace path with the path to the package you want to install.

9.2.5. Downloading Packages

As shown in Example 9.12, “Installation Process”, at a certain point of installation process you are prompted to confirm the installation with the following message:

...
Total size: 1.2 M
Is this ok [y/d/N]:
...

With the d option, yum downloads the packages without installing them immediately. You can install these packages later offline with the yum localinstall command or you can share them with a different device. Downloaded packages are saved in one of the subdirectories of the cache directory, by default /var/cache/yum/$basearch/$releasever/packages/. The downloading proceeds in background mode so that you can use yum for other operations in parallel.

9.2.6. Removing Packages

Similarly to package installation, yum enables you to uninstall them. To uninstall a particular package, as well as any packages that depend on it, run the following command as root:

yum remove package_name…

As when you install multiple packages, you can remove several at once by adding more package names to the command.

Example 9.13. Removing several packages

To remove totem, type the following at a shell prompt:

~]# yum remove totem

Similar to install, remove can take these arguments:

  • package names
  • glob expressions
  • file lists
  • package provides
Warning

Yum is not able to remove a package without also removing packages which depend on it. This type of operation, which can only be performed by RPM, is not advised, and can potentially leave your system in a non-functioning state or cause applications to not work correctly or crash.

9.3. Working with Package Groups

A package group is a collection of packages that serve a common purpose, for instance System Tools or Sound and Video. Installing a package group pulls a set of dependent packages, saving time considerably. The yum groups command is a top-level command that covers all the operations that act on package groups in yum.

9.3.1. Listing Package Groups

The summary option is used to view the number of installed groups, available groups, available environment groups, and both installed and available language groups:

yum groups summary

Example 9.14. Example output of yum groups summary

~]$ yum groups summary
Loaded plugins: langpacks, product-id, subscription-manager
Available Environment Groups: 12
Installed Groups: 10
Available Groups: 12

To list all package groups from yum repositories add the list option. You can filter the command output by group names.

yum group list glob_expression…

Several optional arguments can be passed to this command, including hidden to list also groups not marked as user visible, and ids to list group IDs. You can add language, environment, installed, or available options to reduce the command output to a specific group type.

To list mandatory and optional packages contained in a particular group, use the following command:

yum group info glob_expression…

Example 9.15. Viewing information on the LibreOffice package group

 ~]$ yum group info LibreOffice
Loaded plugins: langpacks, product-id, subscription-manager

Group: LibreOffice
 Group-Id: libreoffice
 Description: LibreOffice Productivity Suite
 Mandatory Packages:
 =libreoffice-calc
  libreoffice-draw
 -libreoffice-emailmerge
  libreoffice-graphicfilter
 =libreoffice-impress
 =libreoffice-math
 =libreoffice-writer
 +libreoffice-xsltfilter
 Optional Packages:
  libreoffice-base
  libreoffice-pyuno

As you can see in the above example, the packages included in the package group can have different states that are marked with the following symbols:

  • " - " — Package is not installed and it will not be installed as a part of the package group.
  • " + " — Package is not installed but it will be installed on the next yum upgrade or yum group upgrade.
  • " = " — Package is installed and it was installed as a part of the package group.
  • no symbol — Package is installed but it was installed outside of the package group. This means that the yum group remove will not remove these packages.

These distinctions take place only when the group_command configuration parameter is set to objects, which is the default setting. Set this parameter to a different value if you do not want yum to track if a package was installed as a part of the group or separately, which will make "no symbol" packages equivalent to "=" packages.

You can alter the above package states using the yum group mark command. For example, yum group mark packages marks any given installed packages as members of a specified group. To avoid installation of new packages on group update, use yum group mark blacklist. See the yum(8) man page for more information on capabilities of yum group mark.

Note

You can identify an environmental group with use of the @^ prefix and a package group can be marked with @. When using yum group list, info, install, or remove, pass @group_name to specify a package group, @^group_name to specify an environmental group, or group_name to include both.

9.3.2. Installing a Package Group

Each package group has a name and a group ID (groupid). To list the names of all package groups, and their group IDs, which are displayed in parentheses, type:

yum group list ids

Example 9.16. Finding name and groupid of a package group

To find the name or ID of a package group, for example a group related to the KDE desktop environment, type:

~]$ yum group list ids kde\*
Available environment groups:
  KDE Plasma Workspaces (kde-desktop-environment)
Done

Some groups are hidden by settings in the configured repositories. For example, on a server, make use of the hidden command option to list hidden groups too:

~]$ yum group list hidden ids kde\*
Loaded plugins: product-id, subscription-manager
Available Groups:
  KDE (kde-desktop)
Done

You can install a package group by passing its full group name, without the groupid part, to the group install command. As root, type:

yum group install "group name"

You can also install by groupid. As root, execute the following command:

yum group install groupid

You can pass the groupid or quoted group name to the install command if you prepend it with an @ symbol, which tells yum that you want to perform group install. As root, type:

yum install @group

Replace group with the groupid or quoted group name. The same logic applies to environmental groups:

yum install @^group

Example 9.17. Four equivalent ways of installing the KDE Desktop group

As mentioned before, you can use four alternative, but equivalent ways to install a package group. For KDE Desktop, the commands look as follows:

~]# yum group install "KDE Desktop"
~]# yum group install kde-desktop
~]# yum install @"KDE Desktop"
~]# yum install @kde-desktop

9.3.3. Removing a Package Group

You can remove a package group using syntax similar to the install syntax, with use of either name of the package group or its id. As root, type:

yum group remove group_name
yum group remove groupid

Also, you can pass the groupid or quoted name to the remove command if you prepend it with an @-symbol, which tells yum that you want to perform group remove. As root, type:

yum remove @group

Replace group with the groupid or quoted group name. Similarly, you can replace an environmental group:

yum remove @^group

Example 9.18. Four equivalent ways of removing the KDE Desktop group

Similarly to install, you can use four alternative, but equivalent ways to remove a package group. For KDE Desktop, the commands look as follows:

~]# yum group remove "KDE Desktop"
~]# yum group remove kde-desktop
~]# yum remove @"KDE Desktop"
~]# yum remove @kde-desktop

9.4. Working with Transaction History

The yum history command enables users to review information about a timeline of yum transactions, the dates and times they occurred, the number of packages affected, whether these transactions succeeded or were aborted, and if the RPM database was changed between transactions. Additionally, this command can be used to undo or redo certain transactions. All history data is stored in the history DB in the /var/lib/yum/history/ directory.

9.4.1. Listing Transactions

To display a list of the twenty most recent transactions, as root, either run yum history with no additional arguments, or type the following at a shell prompt:

yum history list

To display all transactions, add the all keyword:

yum history list all

To display only transactions in a given range, use the command in the following form:

yum history list start_id..end_id

You can also list only transactions regarding a particular package or packages. To do so, use the command with a package name or a glob expression:

yum history list glob_expression…

Example 9.19. Listing the five oldest transactions

In the output of yum history list, the most recent transaction is displayed at the top of the list. To display information about the five oldest transactions stored in the history data base, type:

~]# yum history list 1..5
Loaded plugins: langpacks, product-id, subscription-manager
ID   | Login user        | Date and time  | Action(s)   | Altered
-------------------------------------------------------------------------------
   5 | User <user>       | 2013-07-29 15:33 | Install    |  1
   4 | User <user>       | 2013-07-21 15:10 | Install    |  1
   3 | User <user>       | 2013-07-16 15:27 | I, U      |  73
   2 | System <unset>      | 2013-07-16 15:19 | Update     |  1
   1 | System <unset>      | 2013-07-16 14:38 | Install    | 1106
history list

All forms of the yum history list command produce tabular output with each row consisting of the following columns:

  • ID — an integer value that identifies a particular transaction.
  • Login user — the name of the user whose login session was used to initiate a transaction. This information is typically presented in the Full Name <username> form. For transactions that were not issued by a user (such as an automatic system update), System <unset> is used instead.
  • Date and time — the date and time when a transaction was issued.
  • Action(s) — a list of actions that were performed during a transaction as described in Table 9.1, “Possible values of the Action(s) field”.
  • Altered — the number of packages that were affected by a transaction, possibly followed by additional information as described in Table 9.2, “Possible values of the Altered field”.

Table 9.1. Possible values of the Action(s) field

ActionAbbreviationDescription

Downgrade

D

At least one package has been downgraded to an older version.

Erase

E

At least one package has been removed.

Install

I

At least one new package has been installed.

Obsoleting

O

At least one package has been marked as obsolete.

Reinstall

R

At least one package has been reinstalled.

Update

U

At least one package has been updated to a newer version.

Table 9.2. Possible values of the Altered field

SymbolDescription

<

Before the transaction finished, the rpmdb database was changed outside yum.

>

After the transaction finished, the rpmdb database was changed outside yum.

*

The transaction failed to finish.

#

The transaction finished successfully, but yum returned a non-zero exit code.

E

The transaction finished successfully, but an error or a warning was displayed.

P

The transaction finished successfully, but problems already existed in the rpmdb database.

s

The transaction finished successfully, but the --skip-broken command-line option was used and certain packages were skipped.

To synchronize the rpmdb or yumdb database contents for any installed package with the currently used rpmdb or yumdb database, type the following:

yum history sync

To display some overall statistics about the currently used history database use the following command:

yum history stats

Example 9.20. Example output of yum history stats

~]# yum history stats
Loaded plugins: langpacks, product-id, subscription-manager
File    : //var/lib/yum/history/history-2012-08-15.sqlite
Size    : 2,766,848
Transactions: 41
Begin time : Wed Aug 15 16:18:25 2012
End time  : Wed Feb 27 14:52:30 2013
Counts   :
 NEVRAC : 2,204
 NEVRA : 2,204
 NA   : 1,759
 NEVR  : 2,204
 rpm DB : 2,204
 yum DB : 2,204
history stats

Yum also enables you to display a summary of all past transactions. To do so, run the command in the following form as root:

yum history summary

To display only transactions in a given range, type:

yum history summary start_id..end_id

Similarly to the yum history list command, you can also display a summary of transactions regarding a certain package or packages by supplying a package name or a glob expression:

yum history summary glob_expression&hellip;

Example 9.21. Summary of the five latest transactions

~]# yum history summary 1..5
Loaded plugins: langpacks, product-id, subscription-manager
Login user         | Time        | Action(s)    | Altered
-------------------------------------------------------------------------------
Jaromir ... <jhradilek>  | Last day      | Install     |    1
Jaromir ... <jhradilek>  | Last week      | Install     |    1
Jaromir ... <jhradilek>  | Last 2 weeks    | I, U       |    73
System <unset>       | Last 2 weeks    | I, U       |   1107
history summary

All forms of the yum history summary command produce simplified tabular output similar to the output of yum history list.

As shown above, both yum history list and yum history summary are oriented towards transactions, and although they allow you to display only transactions related to a given package or packages, they lack important details, such as package versions. To list transactions from the perspective of a package, run the following command as root:

yum history package-list glob_expression&hellip;

Example 9.22. Tracing the history of a package

For example, to trace the history of subscription-manager and related packages, type the following at a shell prompt:

~]# yum history package-list subscription-manager\*
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
ID   | Action(s)   | Package
-------------------------------------------------------------------------------
   2 | Updated    | subscription-manager-1.13.22-1.el7.x86_64     EE
   2 | Update     |           1.15.9-15.el7.x86_64     EE
   2 | Obsoleted   | subscription-manager-firstboot-1.13.22-1.el7.x86_64 EE
   2 | Updated    | subscription-manager-gui-1.13.22-1.el7.x86_64   EE
   2 | Update     |             1.15.9-15.el7.x86_64   EE
   2 | Obsoleting   | subscription-manager-initial-setup-addon-1.15.9-15.el7.x86_64 EE
   1 | Install    | subscription-manager-1.13.22-1.el7.x86_64
   1 | Install    | subscription-manager-firstboot-1.13.22-1.el7.x86_64
   1 | Install    | subscription-manager-gui-1.13.22-1.el7.x86_64
history package-list

In this example, three packages were installed during the initial system installation: subscription-manager, subscription-manager-firstboot, and subscription-manager-gui. In the third transaction, all these packages were updated from version 1.10.11 to version 1.10.17.

9.4.2. Examining Transactions

To display the summary of a single transaction, as root, use the yum history summary command in the following form:

yum history summary id

Here, id stands for the ID of the transaction.

To examine a particular transaction or transactions in more detail, run the following command as root:

yum history info id&hellip;

The id argument is optional and when you omit it, yum automatically uses the last transaction. Note that when specifying more than one transaction, you can also use a range:

yum history info start_id..end_id

Example 9.23. Example output of yum history info

The following is sample output for two transactions, each installing one new package:

~]# yum history info 4..5
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Transaction ID : 4..5
Begin time   : Mon Dec 7 16:51:07 2015
Begin rpmdb  : 1252:d2b62b7b5768e855723954852fd7e55f641fbad9
End time    :      17:18:49 2015 (27 minutes)
End rpmdb   : 1253:cf8449dc4c53fc0cbc0a4c48e496a6c50f3d43c5
User      : Maxim Svistunov <msvistun>
Return-Code  : Success
Command Line  : install tigervnc-server.x86_64
Command Line  : reinstall tigervnc-server
Transaction performed with:
  Installed   rpm-4.11.3-17.el7.x86_64         @rhel-7-server-rpms
  Installed   subscription-manager-1.15.9-15.el7.x86_64 @rhel-7-server-rpms
  Installed   yum-3.4.3-132.el7.noarch         @rhel-7-server-rpms
Packages Altered:
  Reinstall tigervnc-server-1.3.1-3.el7.x86_64 @rhel-7-server-rpms
history info

You can also view additional information, such as what configuration options were used at the time of the transaction, or from what repository and why were certain packages installed. To determine what additional information is available for a certain transaction, type the following at a shell prompt as root:

yum history addon-info id

Similarly to yum history info, when no id is provided, yum automatically uses the latest transaction. Another way to refer to the latest transaction is to use the last keyword:

yum history addon-info last

Example 9.24. Example output of yum history addon-info

For the fourth transaction in the history, the yum history addon-info command provides the following output:

~]# yum history addon-info 4
Loaded plugins: langpacks, product-id, subscription-manager
Transaction ID: 4
Available additional history information:
 config-main
 config-repos
 saved_tx

history addon-info

In the output of the yum history addon-info command, three types of information are available:

  • config-main — global yum options that were in use during the transaction. See Section 9.5.1, “Setting [main] Options” for information on how to change global options.
  • config-repos — options for individual yum repositories. See Section 9.5.2, “Setting [repository] Options” for information on how to change options for individual repositories.
  • saved_tx — the data that can be used by the yum load-transaction command in order to repeat the transaction on another machine (see below).

To display a selected type of additional information, run the following command as root:

yum history addon-info id information

9.4.3. Reverting and Repeating Transactions

Apart from reviewing the transaction history, the yum history command provides means to revert or repeat a selected transaction. To revert a transaction, type the following at a shell prompt as root:

yum history undo id

To repeat a particular transaction, as root, run the following command:

yum history redo id

Both commands also accept the last keyword to undo or repeat the latest transaction.

Note that both yum history undo and yum history redo commands only revert or repeat the steps that were performed during a transaction. If the transaction installed a new package, the yum history undo command will uninstall it, and if the transaction uninstalled a package the command will again install it. This command also attempts to downgrade all updated packages to their previous version, if these older packages are still available.

When managing several identical systems, yum also enables you to perform a transaction on one of them, store the transaction details in a file, and after a period of testing, repeat the same transaction on the remaining systems as well. To store the transaction details to a file, type the following at a shell prompt as root:

yum -q history addon-info id saved_tx > file_name

Once you copy this file to the target system, you can repeat the transaction by using the following command as root:

yum load-transaction file_name

You can configure load-transaction to ignore missing packages or rpmdb version. For more information on these configuration options see the yum.conf(5) man page.

9.4.4. Starting New Transaction History

Yum stores the transaction history in a single SQLite database file. To start new transaction history, run the following command as root:

yum history new

This will create a new, empty database file in the /var/lib/yum/history/ directory. The old transaction history will be kept, but will not be accessible as long as a newer database file is present in the directory.

9.5. Configuring Yum and Yum Repositories

Note

To expand your expertise, you might also be interested in the Red Hat System Administration III (RH254) and RHCSA Rapid Track (RH199) training courses.

The configuration information for yum and related utilities is located at /etc/yum.conf. This file contains one mandatory [main] section, which enables you to set yum options that have global effect, and can also contain one or more [repository] sections, which allow you to set repository-specific options. However, it is recommended to define individual repositories in new or existing .repo files in the /etc/yum.repos.d/ directory. The values you define in individual [repository] sections of the /etc/yum.conf file override values set in the [main] section.

This section shows you how to:

  • set global yum options by editing the [main] section of the /etc/yum.conf configuration file;
  • set options for individual repositories by editing the [repository] sections in /etc/yum.conf and .repo files in the /etc/yum.repos.d/ directory;
  • use yum variables in /etc/yum.conf and files in the /etc/yum.repos.d/ directory so that dynamic version and architecture values are handled correctly;
  • add, enable, and disable yum repositories on the command line; and
  • set up your own custom yum repository.

9.5.1. Setting [main] Options

The /etc/yum.conf configuration file contains exactly one [main] section, and while some of the key-value pairs in this section affect how yum operates, others affect how yum treats repositories.

You can add many additional options under the [main] section heading in /etc/yum.conf.

A sample /etc/yum.conf configuration file can look like this:

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=3

[comments abridged]

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d

The following are the most commonly used options in the [main] section:

assumeyes=value

The assumeyes option determines whether or not yum prompts for confirmation of critical actions. Replace value with one of:

0 (default) — yum prompts for confirmation of critical actions it performs.

1 — Do not prompt for confirmation of critical yum actions. If assumeyes=1 is set, yum behaves in the same way as the command-line options -y and --assumeyes.

cachedir=directory

Use this option to set the directory where yum stores its cache and database files. Replace directory with an absolute path to the directory. By default, yum’s cache directory is /var/cache/yum/$basearch/$releasever/.

See Section 9.5.3, “Using Yum Variables” for descriptions of the $basearch and $releasever yum variables.

debuglevel=value
This option specifies the detail of debugging output produced by yum. Here, value is an integer between 1 and 10. Setting a higher debuglevel value causes yum to display more detailed debugging output. debuglevel=2 is the default, while debuglevel=0 disables debugging output.
exactarch=value

With this option, you can set yum to consider the exact architecture when updating already installed packages. Replace value with:

0 — Do not take into account the exact architecture when updating packages.

1 (default) — Consider the exact architecture when updating packages. With this setting, yum does not install a package for 32-bit architecture to update a package already installed on the system with 64-bit architecture.

exclude=package_name more_package_names
The exclude option enables you to exclude packages by keyword during installation or system update. Listing multiple packages for exclusion can be accomplished by quoting a space-delimited list of packages. Shell glob expressions using wildcards (for example, * and ?) are allowed.
gpgcheck=value

Use the gpgcheck option to specify if yum should perform a GPG signature check on packages. Replace value with:

0 — Disable GPG signature-checking on packages in all repositories, including local package installation.

1 (default) — Enable checking of GPG signature on all packages in all repositories, including local package installation. With gpgcheck enabled, all packages' signatures are checked.

If this option is set in the [main] section of the /etc/yum.conf file, it sets the GPG-checking rule for all repositories. However, you can also set gpgcheck=value for individual repositories instead; that is, you can enable GPG-checking on one repository while disabling it on another. Setting gpgcheck=value for an individual repository in its corresponding .repo file overrides the default if it is present in /etc/yum.conf.

group_command=value

Use the group_command option to specify how the yum group install, yum group upgrade, and yum group remove commands handle a package group. Replace value with on of:

simple — Install all members of a package group. Upgrade only previously installed packages, but do not install packages that have been added to the group in the meantime.

compat — Similar to simple but yum upgrade also installs packages that were added to the group since the previous upgrade.

objects — (default.) With this option, yum keeps track of the previously installed groups and distinguishes between packages installed as a part of the group and packages installed separately. See Example 9.15, “Viewing information on the LibreOffice package group”

group_package_types=package_type more_package_types
Here you can specify which type of packages (optional, default or mandatory) is installed when the yum group install command is called. The default and mandatory package types are chosen by default.
history_record=value

With this option, you can set yum to record transaction history. Replace value with one of:

0 — yum should not record history entries for transactions.

1 (default) — yum should record history entries for transactions. This operation takes certain amount of disk space, and some extra time in the transactions, but it provides a lot of information about past operations, which can be displayed with the yum history command. history_record=1 is the default.

For more information on the yum history command, see Section 9.4, “Working with Transaction History”.

Note

Yum uses history records to detect modifications to the rpmdb data base that have been done outside of yum. In such case, yum displays a warning and automatically searches for possible problems caused by altering rpmdb. With history_record turned off, yum is not able to detect these changes and no automatic checks are performed.

installonlypkgs=space separated list of packages

Here you can provide a space-separated list of packages which yum can install, but will never update. See the yum.conf(5) manual page for the list of packages which are install-only by default.

If you add the installonlypkgs directive to /etc/yum.conf, ensure that you list all of the packages that should be install-only, including any of those listed under the installonlypkgs section of yum.conf(5). In particular, make sure that kernel packages are always listed in installonlypkgs (as they are by default), and installonly_limit is always set to a value greater than 2 so that a backup kernel is always available in case the default one fails to boot.

installonly_limit=value

This option sets how many packages listed in the installonlypkgs directive can be installed at the same time. Replace value with an integer representing the maximum number of versions that can be installed simultaneously for any single package listed in installonlypkgs.

The defaults for the installonlypkgs directive include several different kernel packages, so be aware that changing the value of installonly_limit also affects the maximum number of installed versions of any single kernel package. The default value listed in /etc/yum.conf is installonly_limit=3, and the minimum possible value is installonly_limit=2.

You cannot set installonly_limit=1 because that would make yum remove the running kernel, which is prohibited. If installonly_limit=1 is used, yum fails.

Using installonly_limit=2 ensures that one backup kernel is available. However, it is recommended to keep the default setting installonly_limit=3, so that you have two backup kernels available.

keepcache=value

The keepcache option determines whether yum keeps the cache of headers and packages after successful installation. Here, value is one of:

0 (default) — Do not retain the cache of headers and packages after a successful installation.

1 — Retain the cache after a successful installation.

logfile=file_name
To specify the location for logging output, replace file_name with an absolute path to the file in which yum should write its logging output. By default, yum logs to /var/log/yum.log.
max_connenctions=number
Here value stands for the maximum number of simultaneous connections, default is 5.
multilib_policy=value

The multilib_policy option sets the installation behavior if several architecture versions are available for package install. Here, value stands for:

best — install the best-choice architecture for this system. For example, setting multilib_policy=best on an AMD64 system causes yum to install the 64-bit versions of all packages.

all — always install every possible architecture for every package. For example, with multilib_policy set to all on an AMD64 system, yum would install both the i686 and AMD64 versions of a package, if both were available.

obsoletes=value

The obsoletes option enables the obsoletes process logic during updates.When one package declares in its spec file that it obsoletes another package, the latter package is replaced by the former package when the former package is installed. Obsoletes are declared, for example, when a package is renamed. Replace value with one of:

0 — Disable yum’s obsoletes processing logic when performing updates.

1 (default) — Enable yum’s obsoletes processing logic when performing updates.

plugins=value

This is a global switch to enable or disable yum plug-ins, value is one of:

0 — Disable all yum plug-ins globally.

Important

Disabling all plug-ins is not advised because certain plug-ins provide important yum services. In particular, product-id and subscription-manager plug-ins provide support for the certificate-based Content Delivery Network (CDN). Disabling plug-ins globally is provided as a convenience option, and is generally only recommended when diagnosing a potential problem with yum.

1 (default) — Enable all yum plug-ins globally. With plugins=1, you can still disable a specific yum plug-in by setting enabled=0 in that plug-in’s configuration file.

For more information about various yum plug-ins, see Section 9.6, “Yum Plug-ins”. For further information on controlling plug-ins, see Section 9.6.1, “Enabling, Configuring, and Disabling Yum Plug-ins”.

reposdir=directory
Here, directory is an absolute path to the directory where .repo files are located. All .repo files contain repository information (similar to the [repository] sections of /etc/yum.conf). Yum collects all repository information from .repo files and the [repository] section of the /etc/yum.conf file to create a master list of repositories to use for transactions. If reposdir is not set, yum uses the default directory /etc/yum.repos.d/.
retries=value
This option sets the number of times yum should attempt to retrieve a file before returning an error. value is an integer 0 or greater. Setting value to 0 makes yum retry forever. The default value is 10.

For a complete list of available [main] options, see the [main] OPTIONS section of the yum.conf(5) manual page.

9.5.2. Setting [repository] Options

The [repository] sections, where repository is a unique repository ID such as my_personal_repo (spaces are not permitted), allow you to define individual yum repositories. To avoid conflicts, custom repositories should not use names used by Red Hat repositories.

The following is a bare minimum example of the form a [repository] section takes:

[repository]
name=repository_name
baseurl=repository_url

Every [repository] section must contain the following directives:

name=repository_name
Here, repository_name is a human-readable string describing the repository.
baseurl=repository_url

Replace repository_url with a URL to the directory where the repodata directory of a repository is located:

  • If the repository is available over HTTP, use: http://path/to/repo
  • If the repository is available over FTP, use: ftp://path/to/repo
  • If the repository is local to the machine, use: file:///path/to/local/repo
  • If a specific online repository requires basic HTTP authentication, you can specify your user name and password by prepending it to the URL as username:password@link. For example, if a repository on http://www.example.com/repo/ requires a user name of "user" and a password of "password", then the baseurl link could be specified as http://user:password@www.example.com/repo/.

    Usually this URL is an HTTP link, such as:

    baseurl=http://path/to/repo/releases/$releasever/server/$basearch/os/

    Note that yum always expands the $releasever, $arch, and $basearch variables in URLs. For more information about yum variables, see Section 9.5.3, “Using Yum Variables”.

Other useful [repository] directive are:

enabled=value

This is a simple way to tell yum to use or ignore a particular repository, value is one of:

0 — Do not include this repository as a package source when performing updates and installs. This is an easy way of quickly turning repositories on and off, which is useful when you desire a single package from a repository that you do not want to enable for updates or installs.

1 — Include this repository as a package source.

Turning repositories on and off can also be performed by passing either the --enablerepo=repo_name or --disablerepo=repo_name option to yum, or through the Add/Remove Software window of the PackageKit utility.

async=value

Controls parallel downloading of repository packages. Here, value is one of:

auto (default) — parallel downloading is used if possible, which means that yum automatically disables it for repositories created by plug-ins to avoid failures.

on — parallel downloading is enabled for the repository.

off — parallel downloading is disabled for the repository.

Many more [repository] options exist, part of them have the same form and function as certain [main] options. For a complete list, see the [repository] OPTIONS section of the yum.conf(5) manual page.

Example 9.25. A sample /etc/yum.repos.d/redhat.repo file

The following is a sample /etc/yum.repos.d/redhat.repo file:

#
# Red Hat Repositories
# Managed by (rhsm) subscription-manager
#

[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-rpms]
name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (RPMs)
baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/os
enabled = 1
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
sslverify = 1
sslcacert = /etc/rhsm/ca/redhat-uep.pem
sslclientkey = /etc/pki/entitlement/key.pem
sslclientcert = /etc/pki/entitlement/11300387955690106.pem

[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-source-rpms]
name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (Source RPMs)
baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/source/SRPMS
enabled = 0
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
sslverify = 1
sslcacert = /etc/rhsm/ca/redhat-uep.pem
sslclientkey = /etc/pki/entitlement/key.pem
sslclientcert = /etc/pki/entitlement/11300387955690106.pem

[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-debug-rpms]
name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (Debug RPMs)
baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/debug
enabled = 0
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
sslverify = 1
sslcacert = /etc/rhsm/ca/redhat-uep.pem
sslclientkey = /etc/pki/entitlement/key.pem
sslclientcert = /etc/pki/entitlement/11300387955690106.pem

9.5.3. Using Yum Variables

You can use and reference the following built-in variables in yum commands and in all yum configuration files (that is, /etc/yum.conf and all .repo files in the /etc/yum.repos.d/ directory):

$releasever
You can use this variable to reference the release version of Red Hat Enterprise Linux. Yum obtains the value of $releasever from the distroverpkg=value line in the /etc/yum.conf configuration file. If there is no such line in /etc/yum.conf, then yum infers the correct value by deriving the version number from the redhat-releaseproduct package that provides the redhat-release file.
$arch
You can use this variable to refer to the system’s CPU architecture as returned when calling Python’s os.uname() function. Valid values for $arch include: i586, i686 and x86_64.
$basearch
You can use $basearch to reference the base architecture of the system. For example, i686 and i586 machines both have a base architecture of i386, and AMD64 and Intel 64 machines have a base architecture of x86_64.
$YUM0-9
These ten variables are each replaced with the value of any shell environment variables with the same name. If one of these variables is referenced (in /etc/yum.conf for example) and a shell environment variable with the same name does not exist, then the configuration file variable is not replaced.

To define a custom variable or to override the value of an existing one, create a file with the same name as the variable (without the "$" sign) in the /etc/yum/vars/ directory, and add the desired value on its first line.

For example, repository descriptions often include the operating system name. To define a new variable called $osname, create a new file with "Red Hat Enterprise Linux" on the first line and save it as /etc/yum/vars/osname:

~]# echo "Red Hat Enterprise Linux 7" > /etc/yum/vars/osname

Instead of "Red Hat Enterprise Linux 7", you can now use the following in the .repo files:

name=$osname $releasever

9.5.4. Viewing the Current Configuration

To display the current values of global yum options (that is, the options specified in the [main] section of the /etc/yum.conf file), execute the yum-config-manager command with no command-line options:

yum-config-manager

To list the content of a different configuration section or sections, use the command in the following form:

yum-config-manager section&hellip;

You can also use a glob expression to display the configuration of all matching sections:

yum-config-manager glob_expression&hellip;

Example 9.26. Viewing configuration of the main section

To list all configuration options and their corresponding values for the main section, type the following at a shell prompt:

~]$ yum-config-manager main \*
Loaded plugins: langpacks, product-id, subscription-manager
================================== main ===================================
[main]
alwaysprompt = True
assumeyes = False
bandwith = 0
bugtracker_url = https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%206&component=yum
cache = 0
[output truncated]

9.5.5. Adding, Enabling, and Disabling a Yum Repository

Note

To expand your expertise, you might also be interested in the Red Hat System Administration III (RH254) training course.

Section 9.5.2, “Setting [repository] Options” describes various options you can use to define a yum repository. This section explains how to add, enable, and disable a repository by using the yum-config-manager command.

Important

When the system is registered with Red Hat Subscription Management to the certificate-based Content Delivery Network (CDN), the Red Hat Subscription Manager tools are used to manage repositories in the /etc/yum.repos.d/redhat.repo file.

Adding a Yum Repository

To define a new repository, you can either add a [repository] section to the /etc/yum.conf file, or to a .repo file in the /etc/yum.repos.d/ directory. All files with the .repo file extension in this directory are read by yum, and it is recommended to define your repositories here instead of in /etc/yum.conf.

Warning

Obtaining and installing software packages from unverified or untrusted software sources other than Red Hat’s certificate-based Content Delivery Network (CDN) constitutes a potential security risk, and could lead to security, stability, compatibility, and maintainability issues.

Yum repositories commonly provide their own .repo file. To add such a repository to your system and enable it, run the following command as root:

yum-config-manager --add-repo repository_url

…where repository_url is a link to the .repo file.

Example 9.27. Adding example.repo

To add a repository located at http://www.example.com/example.repo, type the following at a shell prompt:

~]# yum-config-manager --add-repo http://www.example.com/example.repo
Loaded plugins: langpacks, product-id, subscription-manager
adding repo from: http://www.example.com/example.repo
grabbing file http://www.example.com/example.repo to /etc/yum.repos.d/example.repo
example.repo                       | 413 B   00:00
repo saved to /etc/yum.repos.d/example.repo

Enabling a Yum Repository

To enable a particular repository or repositories, type the following at a shell prompt as root:

yum-config-manager --enable repository&hellip;

…where repository is the unique repository ID (use yum repolist all to list available repository IDs). Alternatively, you can use a glob expression to enable all matching repositories:

yum-config-manager --enable glob_expression&hellip;

Example 9.28. Enabling repositories defined in custom sections of /etc/yum.conf.

To enable repositories defined in the [example], [example-debuginfo], and [example-source]sections, type:

~]# yum-config-manager --enable example\*
Loaded plugins: langpacks, product-id, subscription-manager
============================== repo: example ==============================
[example]
bandwidth = 0
base_persistdir = /var/lib/yum/repos/x86_64/7Server
baseurl = http://www.example.com/repo/7Server/x86_64/
cache = 0
cachedir = /var/cache/yum/x86_64/7Server/example
[output truncated]

Example 9.29. Enabling all repositories

To enable all repositories defined both in the /etc/yum.conf file and in the /etc/yum.repos.d/ directory, type:

~]# yum-config-manager --enable \*
Loaded plugins: langpacks, product-id, subscription-manager
============================== repo: example ==============================
[example]
bandwidth = 0
base_persistdir = /var/lib/yum/repos/x86_64/7Server
baseurl = http://www.example.com/repo/7Server/x86_64/
cache = 0
cachedir = /var/cache/yum/x86_64/7Server/example
[output truncated]

When successful, the yum-config-manager --enable command displays the current repository configuration.

Disabling a Yum Repository

To disable a yum repository, run the following command as root:

yum-config-manager --disable repository&hellip;

…where repository is the unique repository ID (use yum repolist all to list available repository IDs). Similarly to yum-config-manager --enable, you can use a glob expression to disable all matching repositories at the same time:

yum-config-manager --disable glob_expression&hellip;

Example 9.30. Disabling all repositories

To disable all repositories defined both in the /etc/yum.conf file and in the /etc/yum.repos.d/ directory, type:

~]# yum-config-manager --disable \*
Loaded plugins: langpacks, product-id, subscription-manager
============================== repo: example ==============================
[example]
bandwidth = 0
base_persistdir = /var/lib/yum/repos/x86_64/7Server
baseurl = http://www.example.com/repo/7Server/x86_64/
cache = 0
cachedir = /var/cache/yum/x86_64/7Server/example
[output truncated]

When successful, the yum-config-manager --disable command displays the current configuration.

9.5.6. Creating a Yum Repository

To set up a yum repository:

  1. Install the createrepo package:

    # yum install createrepo
  2. Copy all packages for your new repository into one directory, such as /tmp/local_repo/:

    cp /your/packages/*.rpm /tmp/local_repo/
  3. To create the repository run:

    createrepo /tmp/local_repo/

    This creates the necessary metadata for the yum repository and places metadata in a newly created subdirectory repodata.

    The repository is now ready to be consumed by yum. This repository can be shared over the HTTP or FTP protocol, or refered directly from the local machine. See the Section 9.5.2, “Setting [repository] Options” section for more details on how to configure a yum repository.

    Note

    When constructing the URL for a repository, refer to the /mnt/local_repo not to /mnt/local_repo/repodata, as this directory contains only metadata. Actual yum packages are in /mnt/local_repo.

9.5.6.1. Adding packages to an already created yum repository

To add packages to an already created yum repository:

  1. Copy the new packages to your repository directory, such as /tmp/local_repo/:

    cp /your/packages/*.rpm /tmp/local_repo/
  2. To reflect the newly added packages in the metadata, run:

    createrepo --update /tmp/local_repo/
  3. Optional: If you have already used any yum command with newly updated repository, run:

    yum clean expire-cache

9.5.7. Adding the Optional and Supplementary Repositories

The Optional and Supplementary subscription channels provide additional software packages for Red Hat Enterprise Linux that cover open source licensed software (in the Optional channel) and proprietary licensed software (in the Supplementary channel).

Before subscribing to the Optional and Supplementary channels see the Scope of Coverage Details. If you decide to install packages from these channels, follow the steps documented in the article called How to access Optional and Supplementary channels, and -devel packages using Red Hat Subscription Manager (RHSM)? on the Red Hat Customer Portal.

9.6. Yum Plug-ins

Yum provides plug-ins that extend and enhance its operations. Certain plug-ins are installed by default. Yum always informs you which plug-ins, if any, are loaded and active whenever you call any yum command. For example:

~]# yum info yum
Loaded plugins: langpacks, product-id, subscription-manager
[output truncated]

Note that the plug-in names which follow Loaded plugins are the names you can provide to the --disableplugin=plugin_name option.

9.6.1. Enabling, Configuring, and Disabling Yum Plug-ins

To enable yum plug-ins, ensure that a line beginning with plugins= is present in the [main] section of /etc/yum.conf, and that its value is 1:

plugins=1

You can disable all plug-ins by changing this line to plugins=0.

Important

Disabling all plug-ins is not advised because certain plug-ins provide important yum services. In particular, the product-id and subscription-manager plug-ins provide support for the certificate-based Content Delivery Network (CDN). Disabling plug-ins globally is provided as a convenience option, and is generally only recommended when diagnosing a potential problem with yum.

Every installed plug-in has its own configuration file in the /etc/yum/pluginconf.d/ directory. You can set plug-in specific options in these files. For example, here is the aliases plug-in’s aliases.conf configuration file:

[main]
enabled=1

Similar to the /etc/yum.conf file, the plug-in configuration files always contain a [main] section where the enabled= option controls whether the plug-in is enabled when you run yum commands. If this option is missing, you can add it manually to the file.

If you disable all plug-ins by setting enabled=0 in /etc/yum.conf, then all plug-ins are disabled regardless of whether they are enabled in their individual configuration files.

If you merely want to disable all yum plug-ins for a single yum command, use the --noplugins option.

If you want to disable one or more yum plug-ins for a single yum command, add the --disableplugin=plugin_name option to the command. For example, to disable the aliases plug-in while updating a system, type:

~]# yum update --disableplugin=aliases

The plug-in names you provide to the --disableplugin= option are the same names listed after the Loaded plugins line in the output of any yum command. You can disable multiple plug-ins by separating their names with commas. In addition, you can match multiple plug-in names or shorten long ones by using glob expressions:

~]# yum update --disableplugin=aliases,lang*

9.6.2. Installing Additional Yum Plug-ins

Yum plug-ins usually adhere to the yum-plugin-plugin_name package-naming convention, but not always: the package which provides the kabi plug-in is named kabi-yum-plugins, for example. You can install a yum plug-in in the same way you install other packages. For instance, to install the yum-aliases plug-in, type the following at a shell prompt:

~]# yum install yum-plugin-aliases

9.6.3. Working with Yum Plug-ins

The following list provides descriptions and usage instructions for several useful yum plug-ins. Plug-ins are listed by names, brackets contain the name of the package.

search-disabled-repos (subscription-manager)

The search-disabled-repos plug-in allows you to temporarily or permanently enable disabled repositories to help resolve dependencies. With this plug-in enabled, when Yum fails to install a package due to failed dependency resolution, it offers to temporarily enable disabled repositories and try again. If the installation succeeds, Yum also offers to enable the used repositories permanently. Note that the plug-in works only with the repositories that are managed by subscription-manager and not with custom repositories.

Important

If yum is executed with the --assumeyes or -y option, or if the assumeyes directive is enabled in /etc/yum.conf, the plug-in enables disabled repositories, both temporarily and permanently, without prompting for confirmation. This may lead to problems, for example, enabling repositories that you do not want enabled.

To configure the search-disabled-repos plug-in, edit the configuration file located in /etc/yum/pluginconf.d/search-disabled-repos.conf. For the list of directives you can use in the [main] section, see the table below.

Table 9.3. Supported search-disabled-repos.conf directives

DirectiveDescription

enabled=value

Allows you to enable or disable the plug-in. The value must be either 1 (enabled), or 0 (disabled). The plug-in is enabled by default.

notify_only=value

Allows you to restrict the behavior of the plug-in to notifications only. The value must be either 1 (notify only without modifying the behavior of Yum), or 0 (modify the behavior of Yum). By default the plug-in only notifies the user.

ignored_repos=repositories

Allows you to specify the repositories that will not be enabled by the plug-in.

kabi (kabi-yum-plugins)

The kabi plug-in checks whether a driver update package conforms with the official Red Hat kernel Application Binary Interface (kABI). With this plug-in enabled, when a user attempts to install a package that uses kernel symbols which are not on a whitelist, a warning message is written to the system log. Additionally, configuring the plug-in to run in enforcing mode prevents such packages from being installed at all.

To configure the kabi plug-in, edit the configuration file located in /etc/yum/pluginconf.d/kabi.conf. A list of directives that can be used in the [main] section is shown in the table below.

Table 9.4. Supported kabi.conf directives

DirectiveDescription

enabled=value

Allows you to enable or disable the plug-in. The value must be either 1 (enabled), or 0 (disabled). When installed, the plug-in is enabled by default.

whitelists=directory

Allows you to specify the directory in which the files with supported kernel symbols are located. By default, the kabi plug-in uses files provided by the kernel-abi-whitelists package (that is, the /usr/lib/modules/kabi-rhel70/ directory).

enforce=value

Allows you to enable or disable enforcing mode. The value must be either 1 (enabled), or 0 (disabled). By default, this option is commented out and the kabi plug-in only displays a warning message.

product-id (subscription-manager)
The product-id plug-in manages product identity certificates for products installed from the Content Delivery Network. The product-id plug-in is installed by default.
langpacks (yum-langpacks)
The langpacks plug-in is used to search for locale packages of a selected language for every package that is installed. The langpacks plug-in is installed by default.
aliases (yum-plugin-aliases)
The aliases plug-in adds the alias command-line option which enables configuring and using aliases for yum commands.
yum-changelog (yum-plugin-changelog)
The yum-changelog plug-in adds the --changelog command-line option that enables viewing package change logs before and after updating.
yum-tmprepo (yum-plugin-tmprepo)
The yum-tmprepo plug-in adds the --tmprepo command-line option that takes the URL of a repository file, downloads and enables it for only one transaction. This plug-in tries to ensure the safe temporary usage of repositories. By default, it does not allow to disable the gpg check.
yum-verify (yum-plugin-verify)
The yum-verify plug-in adds the verify, verify-rpm, and verify-all command-line options for viewing verification data on the system.
yum-versionlock (yum-plugin-versionlock)
The yum-versionlock plug-in excludes other versions of selected packages, which enables protecting packages from being updated by newer versions. With the versionlock command-line option, you can view and edit the list of locked packages.

9.7. Automatically Refreshing Package Database and Downloading Updates with Yum-cron

The yum-cron service checks and downloads package updates automatically. The cron jobs provided by the yum-cron service are active immediately after installation of the yum-cron package. The yum-cron service can also automatically install downloaded updates.

With default settings, the yum-cron service:

The yum-cron service has two configuration files:

/etc/yum/yum-cron.conf
For daily tasks.
/etc/yum/yum-cron-hourly.conf
For hourly tasks.

9.7.1. Enabling Automatic Installation of Updates

To enable automatic installation of downloaded updates, edit the daily configuration file for daily installation or the hourly configuration file for hourly installation by setting the apply_updates option as follows:

apply_updates = yes

9.7.2. Setting up Optional Email Notifications

By default, the yum-cron service uses cron to send emails containing an output of the executed command. This email is sent according to cron configuration, typically to the local superuser and stored in the /var/spool/mail/root file.

You can use specific email configuration different from the settings which affect all cron jobs. However, this email configuration does not support TLS and overall email built-in logic is very basic.

To enable yum-cron built-in email notifications:

  1. Open selected yum-cron configuration file:

    /etc/yum/yum-cron.conf
    For daily tasks.
    /etc/yum/yum-cron-hourly.conf
    For hourly tasks.
  2. In the [emitters] section, set the following option:

    emit_via = email
  3. Set the email_from, email_to, email_host options as required

9.7.3. Enabling or Disabling Specific Repositories

The yum-cron does not support specific configuration of repositories. As a workaround for enabling or disabling specific repositories for yum-cron but not for yum in general follow the steps bellow:

  1. Create an empty repository configuration directory anywhere on the system.
  2. Copy all configuration files from the /etc/yum.repos.d/ directory to this newly created directory.
  3. In the respective .repo configuration file within the /etc/yum.repos.d/, set the enabled option as follows:

    enabled = 1
    To enable the repository.
    enabled = 0
    To disable the repository.
  4. Add the following option, which points to the newly created repository directory, at the end of the selected yum-cron configuration file:

    reposdir=/path/to/new/reposdir

9.7.4. Testing Yum-cron Settings

To test yum-cron settings without waiting for the next scheduled yum-cron task:

  1. Open selected yum-cron configuration file:

    /etc/yum/yum-cron.conf
    For daily tasks.
    /etc/yum/yum-cron-hourly.conf
    For hourly tasks.
  2. Set the random_sleep option in the selected configuration file as follows:

    random_sleep = 0
  3. Run the configuration files:

    # yum-cron /etc/yum/yum-cron.conf
    # yum-cron /etc/yum/yum-cron-hourly.conf

9.7.5. Disabling Yum-cron messages

The yum-cron messages cannot be entirely disabled, but can be limited to messages with critical priority only. To limit the messages:

  1. Open selected yum-cron configuration file:

    /etc/yum/yum-cron.conf
    For daily tasks.
    /etc/yum/yum-cron-hourly.conf
    For hourly tasks.
  2. Set the following option in the [base] section of the configuration file:

    debuglevel = -4

9.7.6. Automatically Cleaning Packages

The yum-cron service does not support any configuration option for removing packages similar to the yum clean all command. To clean packages automatically, you can create a cron job as an executable shell script:

  1. Create a shell script in the /etc/cron.daily/ directory containing:

    #!/bin/sh
    yum clean all
  2. Make the script executable:

    # chmod +x /etc/cron.daily/script-name.sh

9.8. Additional Resources

For more information on how to manage software packages on Red Hat Enterprise Linux, see the resources listed below.

Installed Documentation

  • yum(8) — The manual page for the yum command-line utility provides a complete list of supported options and commands.
  • yumdb(8) — The manual page for the yumdb command-line utility documents how to use this tool to query and, if necessary, alter the yum database.
  • yum.conf(5) — The manual page named yum.conf documents available yum configuration options.
  • yum-utils(1) — The manual page named yum-utils lists and briefly describes additional utilities for managing yum configuration, manipulating repositories, and working with yum database.

Online Resources

  • Yum Guides — The Yum Guides page on the project home page provides links to further documentation.
  • Red Hat Customer Portal Labs — The Red Hat Customer Portal Labs includes a "Yum Repository Configuration Helper".

See Also