The CentOS Wiki provides useful tips and tricks related to yum, but they missed few important ones which can make your sysadmin life a lot easier (not to mention saving it, when disaster time arrives).
Did you know that you can protect specific yum packages from being manipulated? I had issues on certain servers where a kernel update will create havoc on specific network firmware or VOIP software. Simply add the following configuration file into /etc/yum/protected.d directory:
This will prevent any kernel related packages from being deleted, installed or upgraded. You can also use yum-plugin-versionlock, for a similar purpose.
Part of yum-utils package, this program finds incomplete or aborted transactions on a system and attempts to complete them. It looks at transaction-all* and transaction-done* files which can normally be found in /var/lib/yum, if a transaction aborted in the middle of execution. Other useful programs part of same package are package-cleanup and yumdownloader, see man package-cleanup and man yumdownloader for more details.
Did you know that yum has a transaction history, allowing you to easily revise what packages were installed or removed? Simply run yum history, followed by yum history help to display all available sub-commands. For example, I can undo a MariaDB update performed recently, by running the following commands:
This tool will save you a lot of headaches, in the long run.# yum history package-list mariadb ID | Action(s) | Package ------------------------------------------------------------------------------- 191 | Updated | mariadb-1:10.0.12-1.el6.x86_64 EE # yum history undo 191
Did you know that yum has a plugin system implemented into its core functionality? To display all available plugins, perform a yum search:
For example, I use often yum-plugin-changelog to see what was changed into package logs since last update, or yum-plugin-keys to verify easy what repository keys are installed in a server.
Did you know that yum has a command shell, allowing you to perform multiple commands during a single execution? I noticed many sysadmins are running the classy rpm -e --nodeps command, instead of taking advantage of this incredibly valuable tool.
Let's presume you have two OpenSSL packages installed from another repository and want to update them to AXIVO packages. Simply run the following commands:
This is particularly useful if you deal with packages having an Epoch defined. Take a look at man yum-shell, for other shell commands you can execute.# yum shell > remove openssl openssl-devel > repo enable axivo > install openssl openssl-devel > transaction solve > transaction run > quit