How do I exclude kernel or other packages from getting updated in Red Hat Enterprise Linux while updating system via yum?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux (RHEL) 5
  • Red Hat Enterprise Linux (RHEL) 6
  • Red Hat Enterprise Linux (RHEL) 7
  • Red Hat Satellite
  • Red Hat Network

Issue

  • How do I exclude kernel or other packages from getting updated in Red Hat Enterprise Linux while updating system via yum?
  • How do I use the exclude option with yum?
  • How to prevent a package from updating while updating system from Satellite Server ?
  • How to exclude only 32 bit or 64 bit packages ?

Resolution

  • The up2date command in Red Hat Enterprise Linux 4 excludes kernel updates by default. The yum in Red Hat Enterprise Linux 5 includes kernel updates by default.

  • To skip installing or updating kernel or other packages while using the yum update utility in Red Hat Enterprise Linux 5, 6, and 7, use following options:

  • Temporary solution via Command line:

# yum update --exclude=PACKAGENAME

For example, to exclude all kernel related packages:

# yum update --exclude=kernel*
  • To make permanent changes, edit the /etc/yum.conf file and following entries to it:
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exclude=kernel* redhat-release*                           <====

NOTE: If there are multiple package to be excluded then separate them using a single space or comma. Also, do not add multiple exclude= lines in the configuration file because yum only considers the last exclude entry.

To exclude 32 bit packages edit /etc/yum.conf file.

exclude=*.i?86 *.i686
  • Component
  • yum

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

9 Comments

Log in to comment
YG Newbie 5 points
15 September 2014 1:50 PM

Shouldn't you also exclude redhat-release* to prevent the /etc/redhat-release file to be updated independently of the kernel? If you don't do this you risk having a kernel version older than what the redhat-release file says you have.

Amel Hodzic's picture Pro 649 points
4 March 2015 8:01 AM

Is there a repository-specific way to make that change? Namely, to exclude the kernel updates from the rhel-7-server-beta-rpms repository. The notes in the /etc/yum.repos.d/redhat.repo state that the changes made to the file are overwritten and that subscription-manager should be used instead. Does anyone have a suggestion on how to accomplish this with the subscription-manager?

So far, adding the exclude line to the [rhel-7-server-beta-rpms] section in /etc/yum.repos.d/redhat.repo file works as expected.

UPDATE
The following command will add the option to a specific repository using the subscription-manager:
subscription-manager repo-override --repo=rhel-7-server-beta-rpms --add=exclude:kernel*,redhat-release*

AS Newbie 10 points
14 October 2015 3:36 PM

Your solution has subtle bug: it also prevents kernel-headers from updating which would ruin eventually installing packages having dependency on newer glibc which has dependency on newer kernel-headers. My fix was to remove "star" from exclusion string so that only "kernel" package would match, and "kernel-headers" won't be excluded.

TD Newbie 12 points
17 October 2015 5:12 AM

i have a problem about include kernel or exclude kernel,if i using yum to update my RHEL 6.1.
Is other packeage(like nscd,firefox,....) have any different between include kernel update and exclude kernel update?

AS Newbie 10 points
19 October 2015 11:54 AM

My particular problem was VirtualBox Guest Additions kernel modules ruined after unintended kernel upgrade.

You can try this command which would run update temporary disabling all exclusions:

yum --disableexcludes=all update
PC Newbie 5 points
13 December 2015 7:15 AM

I am getting below error if i tried to exclude redhat-release package.

-> Finished Dependency Resolution
Error: unbound-libs conflicts with redhat-release-server-7.0-1.el7.x86_64
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest
[root@UA-HA ~]#
JF Red Hat Active Contributor 235 points
20 December 2016 12:47 AM

Simple solution: rhel-7-server-rhceph-1.3-osd-rpms is available on all OSP SKUs, so just enable the repos at no cost to solve this problem.

CA Community Member 95 points
13 November 2018 4:31 PM

i use to exclude the kernel but a colleague just advised me that it is good to update verything together

jJ Community Member 29 points
6 July 2020 8:14 AM

Is there any problem of installing New kernel every month?
for Eg: I use to run yum update --security

Since we were facing zombie process on the servers.

[root@TCLDIGMDMAPRD02 ~]# ps -ef | grep defunct root 955 906 0 13:49 pts/0 00:00:00 grep --color=auto defunct root 22918 22915 0 01:13 pts/1 00:00:00 [sh] root 23881 23880 0 01:58 ? 00:00:00 [ksmtuned] root 25558 25553 0 04:00 ? 00:00:00 [date] root 26856 26854 0 05:40 ? 00:00:00 [date] root 27471 27466 0 06:30 ? 00:00:00 [date] root 29671 29666 0 09:00 ? 00:00:00 [date] root 31352 31351 0 11:10 ? 00:00:00 [date]

[root@TCLDIGMDMAPRD02 ~]# ps -ef | grep 29671 root 958 906 0 13:49 pts/0 00:00:00 grep --color=auto 29671 root 29671 29666 0 09:00 ? 00:00:00 [date]

[root@TCLDIGMDMAPRD02 ~]# ps -xal | grep 29666 0 0 960 906 20 0 112708 964 pipe_w S+ pts/0 0:00 grep --color=auto 29666 0 0 29666 29659 20 0 113184 1192 - Rs ? 21114870:52 /bin/sh /usr/lib64/sa/sa1 1 1 0 0 29671 29666 20 0 0 0 do_exi Z ? 0:00 [date]