Yum Secrets

Tips and tricks related to various little known yum commands

  1. Floren
    The CentOS Wiki provides useful tips and tricks related to yum, but they missed few important ones which can make your sysadmin life a lot easier (not to mention saving it, when disaster time arrives).

    Basic Configuration
    Did you know that you can protect specific yum packages from being manipulated? I had issues on certain servers where a kernel update will create havoc on specific network firmware or VOIP software. Simply add the following configuration file into /etc/yum/protected.d directory:
    This will prevent any kernel related packages from being deleted, installed or upgraded. You can also use yum-plugin-versionlock, for a similar purpose.

    Part of yum-utils package, this program finds incomplete or aborted transactions on a system and attempts to complete them. It looks at transaction-all* and transaction-done* files which can normally be found in /var/lib/yum, if a transaction aborted in the middle of execution. Other useful programs part of same package are package-cleanup and yumdownloader, see man package-cleanup and man yumdownloader for more details.

    Did you know that yum has a transaction history, allowing you to easily revise what packages were installed or removed? Simply run yum history, followed by yum history help to display all available sub-commands. For example, I can undo a MariaDB update performed recently, by running the following commands:
    # yum history package-list mariadb
    ID     | Action(s)      | Package
       191 | Updated        | mariadb-1:10.0.12-1.el6.x86_64                     EE
    # yum history undo 191
    This tool will save you a lot of headaches, in the long run.

    Did you know that yum has a plugin system implemented into its core functionality? To display all available plugins, perform a yum search:
    For example, I use often yum-plugin-changelog to see what was changed into package logs since last update, or yum-plugin-keys to verify easy what repository keys are installed in a server.

    Did you know that yum has a command shell, allowing you to perform multiple commands during a single execution? I noticed many sysadmins are running the classy rpm -e --nodeps command, instead of taking advantage of this incredibly valuable tool.

    Let's presume you have two OpenSSL packages installed from another repository and want to update them to AXIVO packages. Simply run the following commands:
    # yum shell
    > remove openssl openssl-devel
    > repo enable axivo
    > install openssl openssl-devel
    > transaction solve
    > transaction run
    > quit
    This is particularly useful if you deal with packages having an Epoch defined. Take a look at man yum-shell, for other shell commands you can execute.
    eva2000 and MattW like this.

Recent Reviews

  1. MattW
    Some very useful commands there, especially the yum history one. Great guide Floren.