Chapter 6. Yum

Yum is the Red Hat package manager that is able to query for information about available packages, fetch packages from repositories, install and uninstall them, and update an entire system to the latest available version. Yum performs automatic dependency resolution on packages you are updating, installing, or removing, and thus is able to automatically determine, fetch, and install all available dependent packages.

Yum can be configured with new, additional repositories, or package sources, and also provides many plug-ins which enhance and extend its capabilities. Yum is able to perform many of the same tasks that RPM can; additionally, many of the command line options are similar. Yum enables easy and simple package management on a single machine or on groups of them.

Secure package management with GPG-signed packages

Yum provides secure package management by enabling GPG (Gnu Privacy Guard; also known as GnuPG) signature verification on GPG-signed packages to be turned on for all package repositories (i.e. package sources), or for individual repositories. When signature verification is enabled, Yum will refuse to install any packages not GPG-signed with the correct key for that repository. This means that you can trust that the RPM packages you download and install on your system are from a trusted source, such as Red Hat, and were not modified during transfer. Refer to Section 6.3, "Configuring Yum and Yum Repositories" for details on enabling signature-checking with Yum, or Section B.3, "Checking a Package's Signature" for information on working with and verifying GPG-signed RPM packages in general.

Yum also enables you to easily set up your own repositories of RPM packages for download and installation on other machines.

Learning Yum is a worthwhile investment because it is often the fastest way to perform system administration tasks, and it provides capabilities beyond those provided by the PackageKit graphical package management tools. Refer to Chapter 7, PackageKit for details on using PackageKit.

Yum and superuser privileges

You must have superuser privileges in order to use yum to install, update or remove packages on your system. All examples in this chapter assume that you have already obtained superuser privileges by using either the su or sudo command.

6.1. Checking For and Updating Packages

6.1.1. Checking For Updates

To see which installed packages on your system have updates available, use the following command:

yum check-update

For example:

~]# yum check-updateLoaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0PackageKit.x86_64  0.5.8-2.el6 rhelPackageKit-glib.x86_64 0.5.8-2.el6 rhelPackageKit-yum.x86_64  0.5.8-2.el6 rhelPackageKit-yum-plugin.x86_64   0.5.8-2.el6 rhelglibc.x86_64   2.11.90-20.el6 rhelglibc-common.x86_64 2.10.90-22 rhelkernel.x86_64  2.6.31-14.el6  rhelkernel-firmware.noarch 2.6.31-14.el6  rhelrpm.x86_64 4.7.1-5.el6 rhelrpm-libs.x86_64 4.7.1-5.el6 rhelrpm-python.x86_64  4.7.1-5.el6 rheludev.x86_64 147-2.15.el6   rhelyum.noarch 3.2.24-4.el6   rhel

The packages in the above output are listed as having updates available. The first package in the list is PackageKit, the graphical package manager. The line in the example output tells us:

PackageKit - the name of the package
x86_64 - the CPU architecture the package was built for
0.5.8 - the version of the updated package to be installed
rhel - the repository in which the updated package is located

The output also shows us that we can update the kernel (the kernel package), Yum and RPM themselves (the yum and rpm packages), as well as their dependencies (such as the kernel-firmware, rpm-libs, and rpm-python packages), all using yum.

6.1.2. Updating Packages

You can choose to update a single package, multiple packages, or all packages at once. If any dependencies of the package (or packages) you update have updates available themselves, then they are updated too.

Updating a Single Package

To update a single package, run the following command as root:

yum update package_name

For example, to update the udev package, type:

~]# yum update udevLoaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Setting up Update ProcessResolving Dependencies--> Running transaction check---> Package udev.x86_64 0:147-2.15.el6 set to be updated--> Finished Dependency ResolutionDependencies Resolved=========================================================================== Package   Arch Version Repository Size===========================================================================Updating: udev  x86_64  147-2.15.el6 rhel  337 kTransaction Summary===========================================================================Install   0 Package(s)Upgrade   1 Package(s)Total download size: 337 kIs this ok [y/N]:

This output contains several items of interest:

Loaded plugins: product-id, refresh-packagekit, subscription-manager - yum always informs you which Yum plug-ins are installed and enabled. Refer to Section 6.4, "Yum Plug-ins" for general information on Yum plug-ins, or to Section 6.4.3, "Plug-in Descriptions" for descriptions of specific plug-ins.
udev.x86_64 - you can download and install new udev package.
yum presents the update information and then prompts you as to whether you want it to perform the update; yum runs interactively by default. If you already know which transactions the yum command plans to perform, you can use the -y option to automatically answer yes to any questions that yum asks (in which case it runs non-interactively). However, you should always examine which changes yum plans to make to the system so that you can easily troubleshoot any problems that might arise.
If a transaction does go awry, you can view Yum's transaction history by using the yum history command as described in Section 6.2.6, "Working with Transaction History".

Updating and installing kernels with Yum

yum always installs a new kernel in the same sense that RPM installs a new kernel when you use the command rpm -i kernel. Therefore, you do not need to worry about the distinction between installing and upgrading a kernel package when you use yum: it will do the right thing, regardless of whether you are using the yum update or yum install command.

When using RPM, on the other hand, it is important to use the rpm -i kernel command (which installs a new kernel) instead of rpm -u kernel (which replaces the current kernel). Refer to Section B.2.2, "Installing and Upgrading" for more information on installing/upgrading kernels with RPM.

Updating All Packages and Their Dependencies

To update all packages and their dependencies, simply enter yum update (without any arguments):

yum update

Updating Security-Related Packages

Discovering which packages have security updates available and then updating those packages quickly and easily is important. Yum provides the plug-in for this purpose. The security plug-in extends the yum command with a set of highly-useful security-centric commands, subcommands and options. Refer to Section 6.4.3, "Plug-in Descriptions" for specific information.

6.1.3. Preserving Configuration File Changes

You will inevitably make changes to the configuration files installed by packages as you use your Red Hat Enterprise Linux system. RPM, which Yum uses to perform changes to the system, provides a mechanism for ensuring their integrity. Refer to Section B.2.2, "Installing and Upgrading" for details on how to manage changes to configuration files across package upgrades.

6.2. Packages and Package Groups

6.2.1. Searching Packages

You can search all RPM package names, descriptions and summaries by using the following command:

yum search term . . . . . .

This command displays the list of matches for each term. For example, to list all packages that match "meld" or "kompare", type:

~]# yum search meld kompareLoaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0============================ Matched: kompare =============================kdesdk.x86_64 : The KDE Software Development Kit (SDK)Warning: No matches found for: meld

The yum search command is useful for searching for packages you do not know the name of, but for which you know a related term.

6.2.2. Listing Packages

yum list and related commands provide information about packages, package groups, and repositories.

All of Yum's list commands allow you to filter the results by appending one or more glob expressions as arguments. Glob expressions are normal strings of characters which contain one or more of the wildcard characters * (which expands to match any character multiple times) and ? (which expands to match any one character).

Filtering results with glob expressions

Be careful to escape the glob expressions when passing them as arguments to a yum command, otherwise the Bash shell will interpret these expressions as pathname expansions, and potentially pass all files in the current directory that match the globs to yum. To make sure the glob expressions are passed to yum as intended, either:

escape the wildcard characters by preceding them with a backslash character
double-quote or single-quote the entire glob expression.

Refer to Example 6.1, "Listing all ABRT addons and plug-ins using glob expressions" and Example 6.3, "Listing available packages using a single glob expression with escaped wildcard characters" for an example usage of both these methods.

yum list glob_expression . . . . . .

Lists information on installed and available packages matching all glob expressions.

Example 6.1. Listing all ABRT addons and plug-ins using glob expressions

Packages with various ABRT addons and plug-ins either begin with "abrt-addon-", or "abrt-plugin-". To list these packages, type the following at a shell prompt:

~]# yum list abrt-addon\* abrt-plugin\*Loaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Installed Packagesabrt-addon-ccpp.x86_64 1.0.7-5.el6 @rhelabrt-addon-kerneloops.x86_64  1.0.7-5.el6 @rhelabrt-addon-python.x86_64  1.0.7-5.el6 @rhelabrt-plugin-bugzilla.x86_64   1.0.7-5.el6 @rhelabrt-plugin-logger.x86_64 1.0.7-5.el6 @rhelabrt-plugin-sosreport.x86_64  1.0.7-5.el6 @rhelabrt-plugin-ticketuploader.x86_64 1.0.7-5.el6 @rhel

yum list all

Lists all installed and available packages.

yum list installed

Lists all packages installed on your system. The rightmost column in the output lists the repository from which the package was retrieved.

Example 6.2. Listing installed packages using a double-quoted glob expression

To list all installed packages that begin with "krb" followed by exactly one character and a hyphen, type:

~]# yum list installed "krb?-*"Loaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Installed Packageskrb5-libs.x86_64 1.8.1-3.el6  @rhelkrb5-workstation.x86_64  1.8.1-3.el6  @rhel

yum list available

Lists all available packages in all enabled repositories.

Example 6.3. Listing available packages using a single glob expression with escaped wildcard characters

To list all available packages with names that contain "gstreamer" and then "plugin", run the following command:

~]# yum list available gstreamer\*plugin\*Loaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Available Packagesgstreamer-plugins-bad-free.i686   0.10.17-4.el6 rhelgstreamer-plugins-base.i686   0.10.26-1.el6 rhelgstreamer-plugins-base-devel.i686 0.10.26-1.el6 rhelgstreamer-plugins-base-devel.x86_64   0.10.26-1.el6 rhelgstreamer-plugins-good.i686   0.10.18-1.el6 rhel

yum grouplist

Lists all package groups.

yum repolist

Lists the repository ID, name, and number of packages it provides for each enabled repository.

6.2.3. Displaying Package Information

To display information about one or more packages (glob expressions are valid here as well), use the following command:

yum info package_name . . . . . .

For example, to display information about the abrt package, type:

~]# yum info abrtLoaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Installed PackagesName   : abrtArch   : x86_64Version : 1.0.7Release : 5.el6Size   : 578 kRepo   : installedFrom repo  : rhelSummary : Automatic bug detection and reporting toolURL : https://fedorahosted.org/abrt/License : GPLv2+Description: abrt is a tool to help users to detect defects in applications   : and to create a bug report with all informations needed by   : maintainer to fix it. It uses plugin system to extend its   : functionality.

The yum info package_name command is similar to the rpm -q --info package_name command, but provides as additional information the ID of the Yum repository the RPM package is found in (look for the From repo: line in the output).

You can also query the Yum database for alternative and useful information about a package by using the following command:

yumdb info package_name

This command provides additional information about a package, including the checksum of the package (and algorithm used to produce it, such as SHA-256), the command given on the command line that was invoked to install the package (if any), and the reason that the package is installed on the system (where user indicates it was installed by the user, and dep means it was brought in as a dependency). For example, to display additional information about the yum package, type:

~]# yumdb info yumLoaded plugins: product-id, refresh-packagekit, subscription-manageryum-3.2.27-4.el6.noarch checksum_data = 23d337ed51a9757bbfbdceb82c4eaca9808ff1009b51e9626d540f44fe95f771 checksum_type = sha256 from_repo = rhel from_repo_revision = 1298613159 from_repo_timestamp = 1298614288 installed_by = 4294967295 reason = user releasever = 6.1

For more information on the yumdb command, refer to the yumdb(8) manual page.

6.2.4. Installing Packages

Yum allows you to install both a single package and multiple packages, as well as a package group of your choice.

Installing Individual Packages

To install a single package and all of its non-installed dependencies, enter a command in the following form:

yum install package_name

You can also install multiple packages simultaneously by appending their names as arguments:

yum install package_name package_name . . . . . .

If you are installing packages on a multilib system, such as an AMD64 or Intel64 machine, you can specify the architecture of the package (as long as it is available in an enabled repository) by appending .arch to the package name. For example, to install the sqlite2 package for i586, type:

~]# yum install sqlite2.i586

You can use glob expressions to quickly install multiple similarly-named packages:

~]# yum install audacious-plugins-\*

In addition to package names and glob expressions, you can also provide file names to yum install. If you know the name of the binary you want to install, but not its package name, you can give yum install the path name:

~]# yum install /usr/sbin/named

yum then searches through its package lists, finds the package which provides /usr/sbin/named, if any, and prompts you as to whether you want to install it.

Finding which package owns a file

If you know you want to install the package that contains the named binary, but you do not know in which bin or sbin directory is the file installed, use the yum provides command with a glob expression:

~]# yum provides "*bin/named"Loaded plugins: product-id, refresh-packagekit, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 032:bind-9.7.0-4.P1.el6.x86_64 : The Berkeley Internet Name Domain (BIND)  : DNS (Domain Name System) serverRepo : rhelMatched from:Filename : /usr/sbin/named

yum provides "*/file_name" is a common and useful trick to find the package(s) that contain file_name.

Installing a Package Group

A package group is similar to a package: it is not useful by itself, but installing one pulls a group of dependent packages that serve a common purpose. A package group has a name and a groupid. The yum grouplist -v command lists the names of all package groups, and, next to each of them, their groupid in parentheses. The groupid is always the term in the last pair of parentheses, such as kde-desktop in the following example:

~]# yum -v grouplist kde\*Loading "product-id" pluginLoading "refresh-packagekit" pluginLoading "subscription-manager" pluginUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Config time: 0.123Yum Version: 3.2.29Setting up Group ProcessLooking for repo options for [rhel]rpmdb time: 0.001group time: 1.291Available Groups:   KDE Desktop (kde-desktop)Done

You can install a package group by passing its full group name (without the groupid part) to groupinstall:

yum groupinstall group_name

You can also install by groupid:

yum groupinstall groupid

You can even pass the groupid (or quoted name) to the install command if you prepend it with an @-symbol (which tells yum that you want to perform a groupinstall):

yum install @group

For example, the following are alternative but equivalent ways of installing the KDE Desktop group:

~]# yum groupinstall "KDE Desktop"~]# yum groupinstall kde-desktop~]# yum install @kde-desktop

6.2.5. Removing Packages

Similarly to package installation, Yum allows you to uninstall (remove in RPM and Yum terminology) both individual packages and a package group.

Removing Individual Packages

To uninstall a particular package, as well as any packages that depend on it, run the following command as root:

yum remove package_name . . . . . .

As when you install multiple packages, you can remove several at once by adding more package names to the command. For example, to remove totem, rhythmbox, and sound-juicer, type the following at a shell prompt:

~]# yum remove totem rhythmbox sound-juicer

Similar to install, remove can take these arguments:

package names
glob expressions
file lists
package provides

Removing a package when other packages depend on it

Yum is not able to remove a package without also removing packages which depend on it. This type of operation can only be performed by RPM, is not advised, and can potentially leave your system in a non-functioning state or cause applications to misbehave and/or crash. For further information, refer to Section B.2.4, "Uninstalling" in the RPM chapter.

Removing a Package Group

You can remove a package group using syntax congruent with the install syntax:

yum groupremove group

yum remove @group

The following are alternative but equivalent ways of removing the KDE Desktop group:

~]# yum groupremove "KDE Desktop"~]# yum groupremove kde-desktop~]# yum remove @kde-desktop

Intelligent package group removal

When you tell yum to remove a package group, it will remove every package in that group, even if those packages are members of other package groups or dependencies of other installed packages. However, you can instruct yum to remove only those packages which are not required by any other packages or groups by adding the groupremove_leaf_only=1 directive to the [main] section of the /etc/yum.conf configuration file. For more information on this directive, refer to Section 6.3.1, "Setting [main] Options".

6.2.6. Working with Transaction History

The yum history command allows users to review information about a timeline of Yum transactions, the dates and times they occurred, the number of packages affected, whether transactions succeeded or were aborted, and if the RPM database was changed between transactions. Additionally, this command can be used to undo or redo certain transactions.

Listing Transactions

To display a list of twenty most recent transactions, as root, either run yum history with no additional arguments, or type the following at a shell prompt:

yum history list

To display all transactions, add the all keyword:

yum history list all

To display only transactions in a given range, use the command in the following form:

yum history list start_id..end_id

You can also list only transactions regarding a particular package or packages. To do so, use the command with a package name or a glob expression:

yum history list glob_expression . . . . . .

For example, the list of the first five transactions looks as follows:

~]# yum history list 1..5Loaded plugins: product-id, refresh-packagekit, subscription-managerID | Login user   | Date and time | Action(s)  | Altered------------------------------------------------------------------------------- 5 | Jaromir ... <jhradilek>  | 2011-07-29 15:33 | Install | 1 4 | Jaromir ... <jhradilek>  | 2011-07-21 15:10 | Install | 1 3 | Jaromir ... <jhradilek>  | 2011-07-16 15:27 | I, U   |   73 2 | System <unset>   | 2011-07-16 15:19 | Update | 1 1 | System <unset>   | 2011-07-16 14:38 | Install | 1106history list

All forms of the yum history list command produce tabular output with each row consisting of the following columns:

ID - an integer value that identifies a particular transaction.
Login user - the name of the user whose login session was used to initiate a transaction. This information is typically presented in the Full Name <username> form. For transactions that were not issued by a user (such as an automatic system update), System <unset> is used instead.
Date and time - the date and time when a transaction was issued.
Action(s) - a list of actions that were performed during a transaction as described in Table 6.1, "Possible values of the Action(s) field".
Altered - the number of packages that were affected by a transaction, possibly followed by additional information as described in Table 6.2, "Possible values of the Altered field".

Table 6.1. Possible values of the Action(s) field

Action	Abbreviation	Description
`Downgrade`	`D`	At least one package has been downgraded to an older version.
`Erase`	`E`	At least one package has been removed.
`Install`	`I`	At least one new package has been installed.
`Obsoleting`	`O`	At least one package has been marked as obsolete.
`Reinstall`	`R`	At least one package has been reinstalled.
`Update`	`U`	At least one package has been updated to a newer version.

Table 6.2. Possible values of the Altered field

Symbol	Description
`<`	Before the transaction finished, the `rpmdb` database was changed outside Yum.
`>`	After the transaction finished, the `rpmdb` database was changed outside Yum.
`*`	The transaction failed to finish.
`#`	The transaction finished successfully, but `yum` returned a non-zero exit code.
`E`	The transaction finished successfully, but an error or a warning was displayed.
`P`	The transaction finished successfully, but problems already existed in the `rpmdb` database.
`s`	The transaction finished successfully, but the `--skip-broken` command line option was used and certain packages were skipped.

Yum also allows you to display a summary of all past transactions. To do so, run the command in the following form as root:

yum history summary

To display only transactions in a given range, type:

yum history summary start_id..end_id

Similarly to the yum history list command, you can also display a summary of transactions regarding a certain package or packages by supplying a package name or a glob expression:

yum history summary glob_expression . . . . . .

For instance, a summary of the transaction history displayed above would look like the following:

~]# yum history summary 1..5Loaded plugins: product-id, refresh-packagekit, subscription-managerLogin user | Time | Action(s) | Altered -------------------------------------------------------------------------------Jaromir ... <jhradilek> | Last day | Install  | 1Jaromir ... <jhradilek> | Last week   | Install  | 1Jaromir ... <jhradilek> | Last 2 weeks | I, U |   73System <unset> | Last 2 weeks | I, U | 1107history summary

All forms of the yum history summary command produce simplified tabular output similar to the output of yum history list.

As shown above, both yum history list and yum history summary are oriented towards transactions, and although they allow you to display only transactions related to a given package or packages, they lack important details, such as package versions. To list transactions from the perspective of a package, run the following command as root:

yum history package-list glob_expression . . . . . .

For example, to trace the history of subscription-manager and related packages, type the following at a shell prompt:

~]# yum history package-list subscription-manager\*Loaded plugins: product-id, refresh-packagekit, subscription-managerID | Action(s)  | Package------------------------------------------------------------------------------- 3 | Updated | subscription-manager-0.95.11-1.el6.x86_64 3 | Update |  0.95.17-1.el6_1.x86_64 3 | Updated | subscription-manager-firstboot-0.95.11-1.el6.x86_64 3 | Update | 0.95.17-1.el6_1.x86_64 3 | Updated | subscription-manager-gnome-0.95.11-1.el6.x86_64 3 | Update | 0.95.17-1.el6_1.x86_64 1 | Install | subscription-manager-0.95.11-1.el6.x86_64 1 | Install | subscription-manager-firstboot-0.95.11-1.el6.x86_64 1 | Install | subscription-manager-gnome-0.95.11-1.el6.x86_64history package-list

In this example, three packages were installed during the initial system installation: subscription-manager, subscription-manager-firstboot, and subscription-manager-gnome. In the third transaction, all these packages were updated from version 0.95.11 to version 0.95.17.

Examining Transactions

To display the summary of a single transaction, as root, use the yum history summary command in the following form:

yum history summary id

To examine a particular transaction or transactions in more detail, run the following command as root:

yum history info id . . . . . .

The id argument is optional and when you omit it, yum automatically uses the last transaction. Note that when specifying more than one transaction, you can also use a range:

yum history info start_id..end_id

The following is sample output for two transactions, each installing one new package:

~]# yum history info 4..5Loaded plugins: product-id, refresh-packagekit, subscription-managerTransaction ID : 4..5Begin time : Thu Jul 21 15:10:46 2011Begin rpmdb : 1107:0c67c32219c199f92ed8da7572b4c6df64eacd3aEnd time   : 15:33:15 2011 (22 minutes)End rpmdb  : 1109:1171025bd9b6b5f8db30d063598f590f1c1f3242User   : Jaromir Hradilek <jhradilek>Return-Code : SuccessCommand Line   : install screenCommand Line   : install yum-plugin-fs-snapshotTransaction performed with: Installed rpm-4.8.0-16.el6.x86_64 Installed yum-3.2.29-17.el6.noarch Installed yum-metadata-parser-1.1.2-16.el6.x86_64Packages Altered: Install screen-4.0.3-16.el6.x86_64 Install yum-plugin-fs-snapshot-1.1.30-6.el6.noarchhistory info

You can also view additional information, such as what configuration options were used at the time of the transaction, or from what repository and why were certain packages installed. To determine what additional information is available for a certain transaction, type the following at a shell prompt as root:

yum history addon-info id

Similarly to yum history info, when no id is provided, yum automatically uses the latest transaction. Another way to refer to the latest transaction is to use the last keyword:

yum history addon-info last

For instance, for the first transaction in the previous example, the yum history addon-info command would provide the following output:

~]# yum history addon-info 4Loaded plugins: product-id, refresh-packagekit, subscription-managerTransaction ID: 4Available additional history information:  config-main  config-repos  saved_txhistory addon-info

In this example, three types of information are available:

config-main - global Yum options that were in use during the transaction. Refer to Section 6.3.1, "Setting [main] Options" for information on how to change global options.
config-repos - options for individual Yum repositories. Refer to Section 6.3.2, "Setting [repository] Options" for information on how to change options for individual repositories.
saved_tx - the data that can be used by the yum load-transaction command in order to repeat the transaction on another machine (see below).

To display selected type of additional information, run the following command as root:

yum history addon-info id information

Reverting and Repeating Transactions

Apart from reviewing the transaction history, the yum history command provides means to revert or repeat a selected transaction. To revert a transaction, type the following at a shell prompt as root:

yum history undo id

To repeat a particular transaction, as root, run the following command:

yum history redo id

Both commands also accept the last keyword to undo or repeat the latest transaction.

Note that both yum history undo and yum history redo commands only revert or repeat the steps that were performed during a transaction. If the transaction installed a new package, the yum history undo command will uninstall it, and if the transaction uninstalled a package the command will again install it. This command also attempts to downgrade all updated packages to their previous version, if these older packages are still available. If you need to restore the system to the state before an update, consider using the fs-snapshot plug-in described in Section 6.4.3, "Plug-in Descriptions".

When managing several identical systems, Yum also allows you to perform a transaction on one of them, store the transaction details in a file, and after a period of testing, repeat the same transaction on the remaining systems as well. To store the transaction details to a file, type the following at a shell prompt as root:

yum -q history addon-info id saved_tx > file_name

Once you copy this file to the target system, you can repeat the transaction by using the following command as root:

yum load-transaction file_name

Note, however that the rpmdb version stored in the file must be identical to the version on the target system. You can verify the rpmdb version by using the yum version nogroups command.

Starting New Transaction History

Yum stores the transaction history in a single SQLite database file. To start new transaction history, run the following command as root:

yum history new

This will create a new, empty database file in the /var/lib/yum/history/ directory. The old transaction history will be kept, but will not be accessible as long as a newer database file is present in the directory.

6.3. Configuring Yum and Yum Repositories

The configuration file for yum and related utilities is located at /etc/yum.conf. This file contains one mandatory [main] section, which allows you to set Yum options that have global effect, and can also contain one or more [repository] sections, which allow you to set repository-specific options. However, it is recommended to define individual repositories in new or existing .repo files in the /etc/yum.repos.d/directory. The values you define in the [main] section of the /etc/yum.conf file can override values set in individual [repository] sections.

This section shows you how to:

set global Yum options by editing the [main] section of the /etc/yum.conf configuration file;
set options for individual repositories by editing the [repository] sections in /etc/yum.conf and .repo files in the /etc/yum.repos.d/ directory;
use Yum variables in /etc/yum.conf and files in the /etc/yum.repos.d/ directory so that dynamic version and architecture values are handled correctly;
add, enable, and disable Yum repositories on the command line; and,
set up your own custom Yum repository.

6.3.1. Setting [main] Options

The /etc/yum.conf configuration file contains exactly one [main] section, and while some of the key-value pairs in this section affect how yum operates, others affect how Yum treats repositories. You can add many additional options under the [main] section heading in /etc/yum.conf.

A sample /etc/yum.conf configuration file can look like this:

[main]cachedir=/var/cache/yum/$basearch/$releaseverkeepcache=0debuglevel=2logfile=/var/log/yum.logexactarch=1obsoletes=1gpgcheck=1plugins=1installonly_limit=3[comments abridged]# PUT YOUR REPOS HERE OR IN separate files named file.repo# in /etc/yum.repos.d

The following are the most commonly-used options in the [main] section:

assumeyes=value: . . . . . . where value is one of:
0 - yum should prompt for confirmation of critical actions it performs. This is the default.
1 - Do not prompt for confirmation of critical yum actions. If assumeyes=1 is set, yum behaves in the same way that the command line option -y does.
cachedir=directory: . . . . . . where directory is an absolute path to the directory where Yum should store its cache and database files. By default, Yum's cache directory is /var/cache/yum/$basearch/$releasever.
Refer to Section 6.3.3, "Using Yum Variables" for descriptions of the $basearch and $releasever Yum variables.
debuglevel=value: . . . . . . where value is an integer between 1 and 10. Setting a higher debuglevel value causes yum to display more detailed debugging output. debuglevel=0 disables debugging output, while debuglevel=2 is the default.
exactarch=value: . . . . . . where value is one of:
0 - Do not take into account the exact architecture when updating packages.
1 - Consider the exact architecture when updating packages. With this setting, yum will not install an i686 package to update an i386 package already installed on the system. This is the default.
exclude=package_name [more_package_names]: This option allows you to exclude packages by keyword during installation/updates. Listing multiple packages for exclusion can be accomplished by quoting a space-delimited list of packages. Shell globs using wildcards (for example, * and ?) are allowed.
gpgcheck=value: . . . . . . where value is one of:
0 - Disable GPG signature-checking on packages in all repositories, including local package installation.
1 - Enable GPG signature-checking on all packages in all repositories, including local package installation. gpgcheck=1 is the default, and thus all packages' signatures are checked.
If this option is set in the [main] section of the /etc/yum.conf file, it sets the GPG-checking rule for all repositories. However, you can also set gpgcheck=value for individual repositories instead; that is, you can enable GPG-checking on one repository while disabling it on another. Setting gpgcheck=value for an individual repository in its corresponding .repo file overrides the default if it is present in /etc/yum.conf.
For more information on GPG signature-checking, refer to Section B.3, "Checking a Package's Signature".
groupremove_leaf_only=value: . . . . . . where value is one of:
0 - yum should not check the dependencies of each package when removing a package group. With this setting, yum removes all packages in a package group, regardless of whether those packages are required by other packages or groups. groupremove_leaf_only=0 is the default.
1 - yum should check the dependencies of each package when removing a package group, and remove only those packages which are not required by any other package or group.
For more information on removing packages, refer to Intelligent package group removal.
installonlypkgs=space separated list of packages: Here you can provide a space-separated list of packages which yum can install, but will never update. Refer to the yum.conf(5) manual page for the list of packages which are install-only by default.
If you add the installonlypkgs directive to /etc/yum.conf, you should ensure that you list all of the packages that should be install-only, including any of those listed under the installonlypkgs section of yum.conf(5). In particular, kernel packages should always be listed in installonlypkgs (as they are by default), and installonly_limit should always be set to a value greater than 2 so that a backup kernel is always available in case the default one fails to boot.
installonly_limit=value: . . . . . . where value is an integer representing the maximum number of versions that can be installed simultaneously for any single package listed in the installonlypkgs directive.
The defaults for the installonlypkgs directive include several different kernel packages, so be aware that changing the value of installonly_limit will also affect the maximum number of installed versions of any single kernel package. The default value listed in /etc/yum.conf is installonly_limit=3, and it is not recommended to decrease this value, particularly below 2.
keepcache=value: . . . . . . where value is one of:
0 - Do not retain the cache of headers and packages after a successful installation. This is the default.
1 - Retain the cache after a successful installation.
logfile=file_name: . . . . . . where file_name is an absolute path to the file in which yum should write its logging output. By default, yum logs to /var/log/yum.log.
multilib_policy=value: . . . . . . where value is one of:
best - install the best-choice architecture for this system. For example, setting multilib_policy=best on an AMD64 system causes yum to install 64-bit versions of all packages.
all - always install every possible architecture for every package. For example, with multilib_policy set to all on an AMD64 system, yum would install both the i586 and AMD64 versions of a package, if both were available.
obsoletes=value: . . . . . . where value is one of:
0 - Disable yum's obsoletes processing logic when performing updates.
1 - Enable yum's obsoletes processing logic when performing updates. When one package declares in its spec file that it obsoletes another package, the latter package will be replaced by the former package when the former package is installed. Obsoletes are declared, for example, when a package is renamed. obsoletes=1 the default.
plugins=value: . . . . . . where value is one of:
0 - Disable all Yum plug-ins globally.
Disabling all plug-ins is not advised
Disabling all plug-ins is not advised because certain plug-ins provide important Yum services. In particular, rhnplugin provides support for RHN Classic, and product-id and subscription-manager plug-ins provide support for the certificate-based Content Delivery Network (CDN). Disabling plug-ins globally is provided as a convenience option, and is generally only recommended when diagnosing a potential problem with Yum.
1 - Enable all Yum plug-ins globally. With plugins=1, you can still disable a specific Yum plug-in by setting enabled=0 in that plug-in's configuration file.
For more information about various Yum plug-ins, refer to Section 6.4, "Yum Plug-ins". For further information on controlling plug-ins, see Section 6.4.1, "Enabling, Configuring, and Disabling Yum Plug-ins".
reposdir=directory: . . . . . . where directory is an absolute path to the directory where .repo files are located. All .repo files contain repository information (similar to the [repository] sections of /etc/yum.conf). yum collects all repository information from .repo files and the [repository] section of the /etc/yum.conf file to create a master list of repositories to use for transactions. If reposdir is not set, yum uses the default directory /etc/yum.repos.d/.
retries=value: . . . . . . where value is an integer 0 or greater. This value sets the number of times yum should attempt to retrieve a file before returning an error. Setting this to 0 makes yum retry forever. The default value is 10.

For a complete list of available [main] options, refer to the [main] OPTIONS section of the yum.conf(5) manual page.

6.3.2. Setting [repository] Options

The [repository] sections, where repository is a unique repository ID such as my_personal_repo (spaces are not permitted), allow you to define individual Yum repositories.

The following is a bare-minimum example of the form a [repository] section takes:

[repository]name=repository_namebaseurl=repository_url

Every [repository] section must contain the following directives:

name=repository_name

. . . . . . where repository_name is a human-readable string describing the repository.

baseurl=repository_url

. . . . . . where repository_url is a URL to the directory where the repodata directory of a repository is located:

If the repository is available over HTTP, use: http://path/to/repo
If the repository is available over FTP, use: ftp://path/to/repo
If the repository is local to the machine, use: file:///path/to/local/repo
If a specific online repository requires basic HTTP authentication, you can specify your username and password by prepending it to the URL as username:password@link. For example, if a repository on http://www.example.com/repo/ requires a username of "user" and a password of "password", then the baseurl link could be specified as http://user:password@www.example.com/repo/.

Usually this URL is an HTTP link, such as:

baseurl=http://path/to/repo/releases/$releasever/server/$basearch/os/

Note that Yum always expands the $releasever, $arch, and $basearch variables in URLs. For more information about Yum variables, refer to Section 6.3.3, "Using Yum Variables".

Another useful [repository] directive is the following:

enabled=value: . . . . . . where value is one of:
0 - Do not include this repository as a package source when performing updates and installs. This is an easy way of quickly turning repositories on and off, which is useful when you desire a single package from a repository that you do not want to enable for updates or installs.
1 - Include this repository as a package source.
Turning repositories on and off can also be performed by passing either the --enablerepo=repo_name or --disablerepo=repo_name option to yum, or through the Add/Remove Software window of the PackageKit utility.

Many more [repository] options exist. For a complete list, refer to the [repository] OPTIONS section of the yum.conf(5) manual page.

Example 6.4. A sample /etc/yum.repos.d/redhat.repo file

The following is a sample /etc/yum.repos.d/redhat.repo file:

## Red Hat Repositories# Managed by (rhsm) subscription-manager#[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-rpms]name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (RPMs)baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/osenabled = 1gpgcheck = 1gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-releasesslverify = 1sslcacert = /etc/rhsm/ca/redhat-uep.pemsslclientkey = /etc/pki/entitlement/key.pemsslclientcert = /etc/pki/entitlement/11300387955690106.pem[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-source-rpms]name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (Source RPMs)baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/source/SRPMSenabled = 0gpgcheck = 1gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-releasesslverify = 1sslcacert = /etc/rhsm/ca/redhat-uep.pemsslclientkey = /etc/pki/entitlement/key.pemsslclientcert = /etc/pki/entitlement/11300387955690106.pem[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-debug-rpms]name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (Debug RPMs)baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/debugenabled = 0gpgcheck = 1gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-releasesslverify = 1sslcacert = /etc/rhsm/ca/redhat-uep.pemsslclientkey = /etc/pki/entitlement/key.pemsslclientcert = /etc/pki/entitlement/11300387955690106.pem

6.3.3. Using Yum Variables

You can use and reference the following built-in variables in yum commands and in all Yum configuration files (that is, /etc/yum.conf and all .repo files in the /etc/yum.repos.d/ directory):

$releasever: You can use this variable to reference the release version of Red Hat Enterprise Linux. Yum obtains the value of $releasever from the distroverpkg=value line in the /etc/yum.conf configuration file. If there is no such line in /etc/yum.conf, then yum infers the correct value by deriving the version number from the redhat-release package.
$arch: You can use this variable to refer to the system's CPU architecture as returned when calling Python's os.uname() function. Valid values for $arch include: i586, i686 and x86_64.
$basearch: You can use $basearch to reference the base architecture of the system. For example, i686 and i586 machines both have a base architecture of i386, and AMD64 and Intel64 machines have a base architecture of x86_64.
$YUM0-9: These ten variables are each replaced with the value of any shell environment variables with the same name. If one of these variables is referenced (in /etc/yum.conf for example) and a shell environment variable with the same name does not exist, then the configuration file variable is not replaced.

To define a custom variable or to override the value of an existing one, create a file with the same name as the variable (without the "$" sign) in the /etc/yum/vars/ directory, and add the desired value on its first line.

For example, repository descriptions often include the operating system name. To define a new variable called $osname, create a new file with "Red Hat Enterprise Linux" on the first line and save it as /etc/yum/vars/osname:

~]# echo "Red Hat Enterprise Linux" > /etc/yum/vars/osname

Instead of "Red Hat Enterprise Linux 6", you can now use the following in the .repo files:

name=$osname $releasever

6.3.4. Viewing the Current Configuration

To display the current values of global Yum options (that is, the options specified in the [main] section of the /etc/yum.conf file), run the yum-config-manager with no command line options:

yum-config-manager

To list the content of a different configuration section or sections, use the command in the following form:

yum-config-manager section . . . . . .

You can also use a glob expression to display the configuration of all matching sections:

yum-config-manager glob_expression . . . . . .

For example, to list all configuration options and their corresponding values, type the following at a shell prompt:

~]$ yum-config-manager main \*Loaded plugins: product-id, refresh-packagekit, subscription-manager================================== main ===================================[main]alwaysprompt = Trueassumeyes = Falsebandwith = 0bugtracker_url = https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%206&component=yumcache = 0[output truncated]

6.3.5. Adding, Enabling, and Disabling a Yum Repository

Section 6.3.2, "Setting [repository] Options" described various options you can use to define a Yum repository. This section explains how to add, enable, and disable a repository by using the yum-config-manager command.

The /etc/yum.repos.d/redhat.repo file

When the system is registered with the certificate-based Red Hat Network, the Red Hat Subscription Manager tools are used to manage repositories in the /etc/yum.repos.d/redhat.repo file. Refer to Chapter 5, Registering a System and Managing Subscriptions for more information how to register a system with Red Hat Network and use the Red Hat Subscription Manager tools to manage subscriptions.

Adding a Yum Repository

To define a new repository, you can either add a [repository] section to the /etc/yum.conf file, or to a .repo file in the /etc/yum.repos.d/ directory. All files with the .repo file extension in this directory are read by yum, and it is recommended to define your repositories here instead of in /etc/yum.conf.

Be careful when using untrusted software sources

Obtaining and installing software packages from unverified or untrusted software sources other than Red Hat Network constitutes a potential security risk, and could lead to security, stability, compatibility, and maintainability issues.

Yum repositories commonly provide their own .repo file. To add such a repository to your system and enable it, run the following command as root:

yum-config-manager --add-repo repository_url

. . . . . . where repository_url is a link to the .repo file. For example, to add a repository located at http://www.example.com/example.repo, type the following at a shell prompt:

~]# yum-config-manager --add-repo http://www.example.com/example.repoLoaded plugins: product-id, refresh-packagekit, subscription-manageradding repo from: http://www.example.com/example.repograbbing file http://www.example.com/example.repo to /etc/yum.repos.d/example.repoexample.repo |  413 B 00:00repo saved to /etc/yum.repos.d/example.repo

Enabling a Yum Repository

To enable a particular repository or repositories, type the following at a shell prompt as root:

yum-config-manager --enable repository . . . . . .

. . . . . . where repository is the unique repository ID (use yum repolist all to list available repository IDs). Alternatively, you can use a glob expression to enable all matching repositories:

yum-config-manager --enable glob_expression . . . . . .

For example, to enable repositories defined in the [example], [example-debuginfo], and [example-source]sections, type:

~]# yum-config-manager --enable example\*Loaded plugins: product-id, refresh-packagekit, subscription-manager============================== repo: example ==============================[example]bandwidth = 0base_persistdir = /var/lib/yum/repos/x86_64/6Serverbaseurl = http://www.example.com/repo/6Server/x86_64/cache = 0cachedir = /var/cache/yum/x86_64/6Server/example[output truncated]

When successful, the yum-config-manager --enable command displays the current repository configuration.

Disabling a Yum Repository

To disable a Yum repository, run the following command as root:

yum-config-manager --disable repository . . . . . .

. . . . . . where repository is the unique repository ID (use yum repolist all to list available repository IDs). Similarly to yum-config-manager --enable, you can use a glob expression to disable all matching repositories at the same time:

yum-config-manager --disable glob_expression . . . . . .

When successful, the yum-config-manager --disable command displays the current configuration.

6.3.6. Creating a Yum Repository

To set up a Yum repository, follow these steps:

Install the createrepo package. To do so, type the following at a shell prompt as root:
```
yum install createrepo
```
Copy all packages that you want to have in your repository into one directory, such as /mnt/local_repo/.
Change to this directory and run the following command:
```
createrepo --database /mnt/local_repo
```
This creates the necessary metadata for your Yum repository, as well as the sqlite database for speeding up yum operations.
Using the createrepo command on Red Hat Enterprise Linux 5
Compared to Red Hat Enterprise Linux 5, RPM packages for Red Hat Enterprise Linux 6 are compressed with the XZ lossless data compression format and can be signed with newer hash algorithms like SHA-256. Consequently, it is not recommended to use the createrepo command on Red Hat Enterprise Linux 5 to create the package metadata for Red Hat Enterprise Linux 6. If you want to use createrepo on this system anyway, install the python-hashlib package from EPEL (Extra Packages for Enterprise Linux) so that the repodata can also use the SHA-256 hash algorithm.

6.4. Yum Plug-ins

Yum provides plug-ins that extend and enhance its operations. Certain plug-ins are installed by default. Yum always informs you which plug-ins, if any, are loaded and active whenever you call any yum command. For example:

~]# yum info yumLoaded plugins: product-id, refresh-packagekit, subscription-manager[output truncated]

Note that the plug-in names which follow Loaded plugins are the names you can provide to the --disableplugins=plugin_name option.

6.4.1. Enabling, Configuring, and Disabling Yum Plug-ins

To enable Yum plug-ins, ensure that a line beginning with plugins= is present in the [main] section of /etc/yum.conf, and that its value is 1:

plugins=1

You can disable all plug-ins by changing this line to plugins=0.

Disabling all plug-ins is not advised

Disabling all plug-ins is not advised because certain plug-ins provide important Yum services. In particular, rhnplugin provides support for RHN Classic, and product-id and subscription-manager plug-ins provide support for the certificate-based Content Delivery Network (CDN). Disabling plug-ins globally is provided as a convenience option, and is generally only recommended when diagnosing a potential problem with Yum.

Every installed plug-in has its own configuration file in the /etc/yum/pluginconf.d/ directory. You can set plug-in specific options in these files. For example, here is the refresh-packagekit plug-in's refresh-packagekit.conf configuration file:

[main]enabled=1

Plug-in configuration files always contain a [main] section (similar to Yum's /etc/yum.conf file) in which there is (or you can place if it is missing) an enabled= option that controls whether the plug-in is enabled when you run yum commands.

If you disable all plug-ins by setting enabled=0 in /etc/yum.conf, then all plug-ins are disabled regardless of whether they are enabled in their individual configuration files.

If you merely want to disable all Yum plug-ins for a single yum command, use the --noplugins option.

If you want to disable one or more Yum plug-ins for a single yum command, add the --disableplugin=plugin_name option to the command. For example, to disable the presto plug-in while updating a system, type:

~]# yum update --disableplugin=presto

The plug-in names you provide to the --disableplugin= option are the same names listed after the Loaded plugins line in the output of any yum command. You can disable multiple plug-ins by separating their names with commas. In addition, you can match multiple plug-in names or shorten long ones by using glob expressions:

~]# yum update --disableplugin=presto,refresh-pack*

6.4.2. Installing Additional Yum Plug-ins

Yum plug-ins usually adhere to the yum-plugin-plugin_name package-naming convention, but not always: the package which provides the presto plug-in is named yum-presto, for example. You can install a Yum plug-in in the same way you install other packages. For instance, to install the security plug-in, type the following at a shell prompt:

~]# yum install yum-plugin-security

6.4.3. Plug-in Descriptions

The following list provides descriptions of a few useful Yum plug-ins:

fs-snapshot (yum-plugin-fs-snapshot)

The fs-snapshot plug-in extends Yum to create a snapshot of a file system before proceeding with a transaction such as a system update or package removal. When a user decides that the changes made by the transaction are unwanted, this mechanism allows the user to roll back to the changes that are stored in a snapshot.

In order for the plug-in to work, the root file system (that is, /) must be on an LVM (Logical Volume Manager) or Btrfs volume. To use the fs-snapshot plug-in on an LVM volume, take the following steps:

Make sure that the volume group with the root file system has enough free extents. The required size is a function of the amount of changes to the original logical volume that is expected during the life of the snapshot. The reasonable default is 50-80 % of the original logical volume size.
To display detailed information about a particular volume group, run the vgdisplay command in the following form as root:
```
vgdisplay volume_group
```
The number of free extents is listed on the Free PE / Size line.
If the volume group with the root file system does not have enough free extents, add a new physical volume:
1. As root, run the pvcreate command in the following form to initialize a physical volume for use with the Logical Volume Manager:
```
pvcreate device
```
2. Use the vgextend command in the following form as root to add the physical volume to the volume group:
```
vgextend volume_group physical_volume
```
Edit the configuration file located in /etc/yum/pluginconf.d/fs-snapshot.conf, and make the following changes to the [lvm] section:
1. Change the value of the enabled option to 1:
```
enabled = 1
```
2. Remove the hash sign (that is, #) from the beginning of the lvcreate_size_args line, and adjust the number of logical extents which are allocated for a snapshot. For example, to allocate 80 % of the size of the original logical volume, use:
```
lvcreate_size_args = -l 80%ORIGIN
```
Refer to Table 6.3, "Supported fs-snapshot.conf directives" for a complete list of available configuration options.
Run the desired yum command, and make sure fs-snapshot is included in the list of loaded plug-ins (the Loaded plugins line) before you confirm the changes and proceed with the transaction. The fs-snapshot plug-in displays a line in the following form for each affected logical volume:
```
fs-snapshot: snapshotting file_system (/dev/volume_group/logical_volume): logical_volume_yum_timestamp
```
Verify that the system is working as expected:
- If you decide to keep the changes, remove the snapshot by running the lvremove command as root:
```
lvremove /dev/volume_group/logical_volume_yum_timestamp
```
- If you decide to revert the changes and restore the file system to a state that is saved in a snapshot, take the following steps:
  1. As root, run the command in the following form to merge a snapshot into its original logical volume:
```
lvconvert --merge /dev/volume_group/logical_volume_yum_timestamp
```
    The lvconvert command will inform you that a restart is required in order for the changes to take effect.
  2. Restart the system as instructed. You can do so by typing the following at a shell prompt as root:
```
reboot
```

To use the fs-snapshot plug-in on a Btrfs file system, take the following steps:

Run the desired yum command, and make sure fs-snapshot is included in the list of loaded plug-ins (the Loaded plugins line) before you confirm the changes and proceed with the transaction. The fs-snapshot plug-in displays a line in the following form for each affected file system:
```
fs-snapshot: snapshotting file_system: file_system/yum_timestamp
```
Verify that the system is working as expected:
- If you decide to keep the changes, you can optionally remove unwanted snapshots. To remove a Btrfs snapshot, use the command in the following form as root:
```
btrfs subvolume delete file_system/yum_timestamp
```
- If you decide to revert the changes and restore a file system to a state that is saved in a snapshot, take the following steps:
  1. Determine the identifier of a particular snapshot by using the following command as root:
```
btrfs subvolume list file_system
```
  2. As root, configure the system to mount this snapshot by default:
```
btrfs subvolume set-default id file_system
```
  3. Restart the system. You can do so by typing the following at a shell prompt as root:
```
reboot
```

Note that in Red Hat Enterprise Linux 6, Btrfs is included as a technology preview to allow you to experiment with this file system, and is only available on 64-bit x86 architectures. Do not use Btrfs for partitions that will contain valuable data or that are essential for the operation of important systems.

For more information on logical volume management, Btrfs, and file system snapshots, see the Red Hat Enterprise Linux 6 Storage Administration Guide. For additional information about the plug-in and its configuration, refer to the yum-fs-snapshot(1) and yum-fs-snapshot.conf(5) manual pages.

Table 6.3. Supported fs-snapshot.conf directives

Section	Directive	Description
`[main]`	`enabled`=`value`	Allows you to enable or disable the plug-in. The `value` must be either `1` (enabled), or `0` (disabled). When installed, the plug-in is enabled by default.
`[main]`	`exclude`=`list`	Allows you to exclude certain file systems. The value must be a space-separated `list` of mount points you do not want to snapshot (for example, `/srv /mnt/backup`). This option is not included in the configuration file by default.
`[lvm]`	`enabled`=`value`	Allows you to enable or disable the use of the plug-in on LVM volumes. The `value` must be either `1` (enabled), or `0` (disabled). This option is disabled by default.
`[lvm]`	`lvcreate_size_args`=`value`	Allows you to specify the size of a logical volume snapshot. The `value` must be the `-l` or `-L` command line option for the lvcreate utility followed by a valid argument (for example, `-l 80%ORIGIN`).

kabi (kabi-yum-plugins)

The kabi plug-in checks whether a driver update package conforms with official Red Hat kernel Application Binary Interface (kABI). With this plug-in enabled, when a user attempts to install a package that uses kernel symbols which are not on a whitelist, a warning message is written to the system log. Additionally, configuring the plug-in to run in enforcing mode prevents such packages from being installed at all.

To configure the kabi plug-in, edit the configuration file located in /etc/yum/pluginconf.d/kabi.conf. Refer to Table 6.4, "Supported kabi.conf directives" for a list of directives that can be used in the [main] section.

Table 6.4. Supported kabi.conf directives

Directive	Description
`enabled`=`value`	Allows you to enable or disable the plug-in. The `value` must be either `1` (enabled), or `0` (disabled). When installed, the plug-in is enabled by default.
`whitelists`=`directory`	Allows you to specify the `directory` in which the files with supported kernel symbols are located. By default, the kabi plug-in uses files provided by the kabi-whitelists package (that is, the `/lib/modules/kabi/` directory).
`enforce`=`value`	Allows you to enable or disable enforcing mode. The `value` must be either `1` (enabled), or `0` (disabled). By default, this option is commented out and the kabi plug-in only displays a warning message.

presto (yum-presto)

The presto plug-in adds support to Yum for downloading delta RPM packages, during updates, from repositories which have presto metadata enabled. Delta RPMs contain only the differences between the version of the package installed on the client requesting the RPM package and the updated version in the repository.

Downloading a delta RPM is much quicker than downloading the entire updated package, and can speed up updates considerably. Once the delta RPMs are downloaded, they must be rebuilt to apply the difference to the currently-installed package and thus create the full, updated package. This process takes CPU time on the installing machine. Using delta RPMs is therefore a tradeoff between time-to-download, which depends on the network connection, and time-to-rebuild, which is CPU-bound. Using the presto plug-in is recommended for fast machines and systems with slower network connections, while slower machines on very fast connections benefit more from downloading normal RPM packages, that is, by disabling presto.

product-id (subscription-manager)

The product-id plug-in manages product identity certificates for products installed from the Content Delivery Network. The product-id plug-in is installed by default.

protect-packages (yum-plugin-protect-packages)

The protect-packages plug-in prevents the yum package and all packages it depends on from being deliberately or accidentally removed. This prevents many of the most important packages necessary for your system to run from being removed. In addition, you can list more packages, one per line, in the /etc/sysconfig/protected-packages file ^[2] (which you should create if it does not exist), and protect-packages will extend protection-from-removal to those packages as well.

To temporarily override package protection, use the --override-protection option with an applicable yum command.

refresh-packagekit (PackageKit-yum-plugin)

The refresh-packagekit plug-in updates metadata for PackageKit whenever yum is run. The refresh-packagekit plug-in is installed by default.

rhnplugin (yum-rhn-plugin)

The rhnplugin provides support for connecting to RHN Classic. This allows systems registered with RHN Classic to update and install packages from this system. Note that RHN Classic is only provided for older Red Hat Enterprise Linux systems (that is, Red Hat Enterprise Linux 4.x, Red Hat Enterprise Linux 5.x, and Satellite 5.x) in order to migrate them over to Red Hat Enterprise Linux 6. The rhnplugin is installed by default.

Refer to the rhnplugin(8) manual page for more information about the plug-in.

security (yum-plugin-security)

Discovering information about and applying security updates easily and often is important to all system administrators. For this reason Yum provides the security plug-in, which extends yum with a set of highly-useful security-related commands, subcommands and options.

You can check for security-related updates as follows:

~]# yum check-update --securityLoaded plugins: product-id, refresh-packagekit, security, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Limiting package lists to security relevant onesNeeded 3 of 7 packages, for securityelinks.x86_64   0.12-0.13.el6   rhelkernel.x86_64   2.6.30.8-64.el6 rhelkernel-headers.x86_64   2.6.30.8-64.el6 rhel

You can then use either yum update --security or yum update-minimal --security to update those packages which are affected by security advisories. Both of these commands update all packages on the system for which a security advisory has been issued. yum update-minimal --security updates them to the latest packages which were released as part of a security advisory, while yum update --security will update all packages affected by a security advisory to the latest version of that package available.

In other words, if:

the kernel-2.6.30.8-16 package is installed on your system;
the kernel-2.6.30.8-32 package was released as a security update;
then kernel-2.6.30.8-64 was released as a bug fix update,

...then yum update-minimal --security will update you to kernel-2.6.30.8-32, and yum update --security will update you to kernel-2.6.30.8-64. Conservative system administrators probably want to use update-minimal to reduce the risk incurred by updating packages as much as possible.

Refer to the yum-security(8) manual page for usage details and further explanation of the enhancements the security plug-in adds to yum.

subscription-manager (subscription-manager)

The subscription-manager plug-in provides support for connecting to Red Hat Network. This allows systems registered with Red Hat Network to update and install packages from the certificate-based Content Delivery Network. The subscription-manager plug-in is installed by default.

Refer to Chapter 5, Registering a System and Managing Subscriptions for more information how to manage product subscriptions and entitlements.

yum-downloadonly (yum-plugin-downloadonly)

The yum-downloadonly plug-in provides the --downloadonly command-line option which can be used to download packages from Red Hat Network or a configured Yum repository without installing the packages.

To install the package, follow the instructions in Section 6.4.2, "Installing Additional Yum Plug-ins". After the installation, see the contents of the /etc/yum/pluginconf.d/downloadonly.conf file to ensure that the plug-in is enabled:

~]$ cat /etc/yum/pluginconf.d/downloadonly.conf[main]enabled=1

In the following example, the yum install --downloadonly command is run to download the latest version of the httpd package, without installing it:

~]# yum install httpd --downloadonlyLoaded plugins: downloadonly, product-id, refresh-packagekit, rhnplugin,  : subscription-managerUpdating Red Hat repositories.Setting up Install ProcessResolving Dependencies--> Running transaction check---> Package httpd.x86_64 0:2.2.15-9.el6_1.2 will be updated---> Package httpd.x86_64 0:2.2.15-15.el6_2.1 will be an update--> Processing Dependency: httpd-tools = 2.2.15-15.el6_2.1 for package: httpd-2.2.15-15.el6_2.1.x86_64--> Running transaction check---> Package httpd-tools.x86_64 0:2.2.15-9.el6_1.2 will be updated---> Package httpd-tools.x86_64 0:2.2.15-15.el6_2.1 will be an update--> Finished Dependency ResolutionDependencies Resolved================================================================================ Package Arch  Version Repository   Size================================================================================Updating: httpd  x86_64 2.2.15-15.el6_2.1   rhel-x86_64-server-6 812 kUpdating for dependencies: httpd-tools x86_64 2.2.15-15.el6_2.1   rhel-x86_64-server-6 70 kTransaction Summary================================================================================Upgrade   2 Package(s)Total download size: 882 kIs this ok [y/N]: yDownloading Packages:(1/2): httpd-2.2.15-15.el6_2.1.x86_64.rpm | 812 kB 00:00 (2/2): httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm  |  70 kB 00:00 --------------------------------------------------------------------------------Total   301 kB/s | 882 kB 00:02 exiting because --downloadonly specified

By default, packages downloaded using the --downloadonly option are saved in one of the subdirectories of the /var/cache/yum directory, depending on the Red Hat Enterprise Linux variant and architecture.

If you want to specify an alternate directory to save the packages, pass the --downloaddir option allong with --downloadonly:

~]# yum install --donwloadonly --downloaddir=/path/to/direcotry httpd

Note

As an alternative to the yum-downloadonly plugin - to download packages without installing them - you can use the yumdownloader utility that is provided by the yum-utils package.

6.5. Additional Resources

http://yum.baseurl.org/wiki/Guides: The Yum Guides section of the Yum wiki contains more documentation.

^[2]You can also place files with the extension .list in the /etc/sysconfig/protected-packages.d/ directory (which you should create if it does not exist), and list packages-one per line-in these files. protect-packages will protect these too.

Deployment Guide

Chapter 6. Yum

6.1. Checking For and Updating Packages

6.1.1. Checking For Updates

6.1.2. Updating Packages

Updating a Single Package

Updating All Packages and Their Dependencies

Updating Security-Related Packages

6.1.3. Preserving Configuration File Changes

6.2. Packages and Package Groups

6.2.1. Searching Packages

6.2.2. Listing Packages

6.2.3. Displaying Package Information

6.2.4. Installing Packages

Installing Individual Packages

Installing a Package Group

6.2.5. Removing Packages

Removing Individual Packages

Removing a Package Group

6.2.6. Working with Transaction History

Listing Transactions

Examining Transactions

Reverting and Repeating Transactions

Starting New Transaction History

6.3. Configuring Yum and Yum Repositories

6.3.1. Setting [main] Options

6.3.2. Setting [repository] Options

6.3.3. Using Yum Variables

6.3.4. Viewing the Current Configuration

6.3.5. Adding, Enabling, and Disabling a Yum Repository

Adding a Yum Repository

Enabling a Yum Repository

Disabling a Yum Repository

6.3.6. Creating a Yum Repository

6.4. Yum Plug-ins

6.4.1. Enabling, Configuring, and Disabling Yum Plug-ins

6.4.2. Installing Additional Yum Plug-ins

6.4.3. Plug-in Descriptions

6.5. Additional Resources