4 Ways to Disable/Lock Certain Package Updates Using Yum Command

Package Manager is software which allows a user in case of installation of new software, up-gradation of system, or updating any specific software and such sorts of things. In case of Linux based systems wherein one software has lots of dependencies which are required to be present on system for a complete installation of that software, such software’s like package manager become a much needed tool on every system.

 

Each Linux Distribution ships with its default package manager for above stated functionalities, but of all these most found ones are: yum on RHEL and Fedora systems (where it is being currently replaced with DNF from Fedora 22+ onwards) and apt from Debian.

 

Dnf or Danified yum is replacing yum on Fedora systems which is another one in our list. If explored properly, these Package Managers can be used for the following functionalities:

  • Installing new software from the repository.
  • Resolve dependencies of the software by installing those dependencies before installing the software.
  • Maintaining a database of dependencies of each software.
  • Downgrade version of any existing software.
  • Upgrading the kernel version.
  • Listing packages available for installation.

 

Disable/Lock Package Updates using Yum

 

Yellow dog Updater, Modified (yum) is a package management tool in RedHat based distributions such as CentOS and Fedora. Various strategies used to Lock/Disable Package Updates using Yum are discussed below:

 

1. Permanently Disable Package for Install or Update

 

1. Open and edit the yum.conf file, which is located in /etc/yum.conf or in /etc/yum/yum.conf.

 

It looks like below:

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release
....

 

Here, to exclude certain package from installation or up-gradation, you just need to add exclude variable along with name of package you wish to exclude. For example, if I want to exclude all the python-3 packages from getting updated, then I will just append following line to yum.conf:

exclude=python-3*

 

For more than one package to exclude just separate their names by space.

exclude=httpd php 

 

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release
exclude=python-3*        [Exclude Single Package]
exclude=httpd php        [Exclude Multiple Packages]
...

 

Note: to include these packages, ignoring entries in yum.conf, use “-disableexcludes” and set it to all|main|repoid, where ‘main’ are those entered in yum.conf and ‘repoid’ are those whose exclusion is specified in repos.d directory, as explained later on.

 

Now let’s try to install or update the specified packages and see the yum command will disable them installing or updating.

# yum install httpd php

Loaded plugins: fastestmirror, langpacks, versionlock
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * epel: mirror.wanxp.id
 * extras: mirror.nbrc.ac.in
 * updates: mirror.nbrc.ac.in
Nothing to do

 

# yum update httpd php

Loaded plugins: fastestmirror, langpacks, versionlock
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * epel: mirror.wanxp.id
 * extras: mirror.nbrc.ac.in
 * updates: mirror.nbrc.ac.in
No packages marked for update

 

2. Temporarily Disable Package for Install or Update

 

2. Above was a permanent solution to exclude a package as unless file is edited, that package won’t get updated. Here is a temporary solution for this also. Just at the time when you go for any update, use -x switch in yum command to exclude package which you do not want to update, like:

# yum -x python-3 update

 

The above command will update all the packages whose updates are available, excluding python-3 on your system.

 

Here, for excluding multiple packages, use -x multiple times, or separate package names with ',' in a single switch.

# yum -x httpd -x php update
OR
# yum -x httpd,php update

 

3. Using --exclude switch works same as -x, just need to replace -x with –exclude and pass ',' separated list of package names to it.

# yum --exclude httpd,php

 

3. Disable Package Updates using Repository

 

4. For any package installed from any external source via adding a repository, there is another way to stop its up-gradation in future. This can be done by editing its .repo file which is created in /etc/yum/repos.d/ or /etc/yum.repos.d directory.

 

Add the exclude option with the package name in the repo. Like: to exclude any package say wine from epel repo, add the following line in epel.repo file:

[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
exclude=wine

 

Now try to update the wine package, you will get an error like shown below:

# yum update wine

Loaded plugins: fastestmirror, langpacks, versionlock
epel/x86_64/metalink                                    | 5.6 kB     00:00     
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * epel: mirror.wanxp.id
 * extras: mirror.nbrc.ac.in
 * updates: mirror.nbrc.ac.in
No Match for argument: wine
No package wine available.
No packages marked for update

 

4. Disable Package Update Using versionlock Option

 

5. Another way in yum to mask the version of any package thus making it unavailable for up-gradation, is to use  versionlock option of yum, but to do this, you must yum-plugin-versionlock package installed on the system.

# yum -y install yum-versionlock

 

For example, to lock the version of package say httpd to 2.4.6 only, just write following command as root.

# yum versionlock add httpd

 

Sample Output

 

Loaded plugins: fastestmirror, langpacks, versionlock
Adding versionlock on: 0:httpd-2.4.6-40.el7.centos
versionlock added: 1

 

To view locked packages, use the following command will list the packages which have been version locked.

# yum versionlock list httpd

 

Sample Output

 

Loaded plugins: fastestmirror, langpacks, versionlock
0:httpd-2.4.6-40.el7.centos.*
versionlock list done

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)