How do I exclude kernel or other packages from getting updated in Red Hat Enterprise Linux while updating system via yum?

Solution Verified - Updated -


  • Red Hat Enterprise Linux (RHEL) 5
  • Red Hat Enterprise Linux (RHEL) 6
  • Red Hat Enterprise Linux (RHEL) 7
  • Red Hat Satellite
  • Red Hat Network


  • How do I exclude kernel or other packages from getting updated in Red Hat Enterprise Linux while updating system via yum?
  • How do I use the exclude option with yum?
  • How to prevent a package from updating while updating system from Satellite Server ?
  • How to exclude only 32 bit or 64 bit packages ?


  • The up2date command in Red Hat Enterprise Linux 4 excludes kernel updates by default. The yum in Red Hat Enterprise Linux 5 includes kernel updates by default.

  • To skip installing or updating kernel or other packages while using the yum update utility in Red Hat Enterprise Linux 5, 6, and 7, use following options:

  • Temporary solution via Command line:

# yum update --exclude=PACKAGENAME 

For example, to exclude all kernel related packages:

# yum update --exclude=kernel*
  • To make permanent changes, edit the /etc/yum.conf file and following entries to it:
exclude=kernel* redhat-release*                           <==== 

NOTE: If there are multiple package to be excluded then separate them using a single space or comma. Also, do not add multiple exclude= lines in the configuration file because yum only considers the last exclude entry.

To exclude 32 bit packages edit /etc/yum.conf file.

exclude=*.i?86 *.i686
  • Component
  • yum

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.


Shouldn't you also exclude redhat-release* to prevent the /etc/redhat-release file to be updated independently of the kernel? If you don't do this you risk having a kernel version older than what the redhat-release file says you have.

Is there a repository-specific way to make that change? Namely, to exclude the kernel updates from the rhel-7-server-beta-rpms repository. The notes in the /etc/yum.repos.d/redhat.repo state that the changes made to the file are overwritten and that subscription-manager should be used instead. Does anyone have a suggestion on how to accomplish this with the subscription-manager?

So far, adding the exclude line to the [rhel-7-server-beta-rpms] section in /etc/yum.repos.d/redhat.repo file works as expected.

The following command will add the option to a specific repository using the subscription-manager:
subscription-manager repo-override --repo=rhel-7-server-beta-rpms --add=exclude:kernel*,redhat-release*

Your solution has subtle bug: it also prevents kernel-headers from updating which would ruin eventually installing packages having dependency on newer glibc which has dependency on newer kernel-headers. My fix was to remove "star" from exclusion string so that only "kernel" package would match, and "kernel-headers" won't be excluded.

i have a problem about include kernel or exclude kernel,if i using yum to update my RHEL 6.1.
Is other packeage(like nscd,firefox,....) have any different between include kernel update and exclude kernel update?

My particular problem was VirtualBox Guest Additions kernel modules ruined after unintended kernel upgrade.

You can try this command which would run update temporary disabling all exclusions:

yum --disableexcludes=all update

I am getting below error if i tried to exclude redhat-release package.

-> Finished Dependency Resolution
Error: unbound-libs conflicts with redhat-release-server-7.0-1.el7.x86_64
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest
[root@UA-HA ~]#

Simple solution: rhel-7-server-rhceph-1.3-osd-rpms is available on all OSP SKUs, so just enable the repos at no cost to solve this problem.

i use to exclude the kernel but a colleague just advised me that it is good to update verything together