After covering the basics of Yum in my first article, letâ€™s move on to the second part. In this article Iâ€™d like to cover some things about keeping your system up to date with Yum on a CentOS 4 system. But these information will also apply with little changes to any other system using Yum like Fedora Core for example.
Letâ€™s begin with a scheduled update of your system: To activate an automatic nightly update, just enter these lines as root:
Yum will now check every night for new software versions in your configured Yum repositories and install them. If you didnâ€™t configure any special repositories, at least the normal CentOS update repository is used, so you wonâ€™t miss any critical security updates.
But if you configured any 3rd party repositories (like many people do) you should keep the following things in mind: If you add more and more repositories to your Yum configuration, there is a high chance that important system files that were installed from official CentOS repositories (like base and update) are replaced by versions originating from your added 3rd party repositories.
Why? you may ask. Simple answer: Because they are newer!
Yum always updates your system to the latest versions of all packages it finds. And often, 3rd party repositories contain newer versions of critical system files, so Yum replaces your old ones from CentOS.
Some people may like this behavior very much, but I prefer to have a stable system, so critical system files should only be replaced by official distribution packages. So the following yum behaviour would be very useful: _Never update packages originating from official CentOS repositories with 3rd party repository packages_.
Unfortunately, Yum canâ€™t do this out of the box, but luckily for us there is a plugin called Protectbase for Yum available which will exactly achieve this. To install this plugin just enter:
Edit /etc/yum.conf and add the following line:
Next you need to edit all .repo files in /etc/yum.repos.d/ and add either:
for each repository. Packages from repositories tagged with â€œprotect=1â€ can not be updated with packages from â€œprotect=0â€ repositories, even if they contain newer versions.
So itâ€™s a good idea to tag all official CentOS repositories with â€œprotect=1â€ and all 3rd party repositories with â€œprotect=0â€ to ensure a stable running system. Remember: You have to edit all files in /etc/yum.repos.d/ and set the â€œprotectâ€ flag. Repository configurations which are missing the â€œprotectâ€ flag are automatically treated as â€œprotect=1â€ repositories!
Thatâ€™s it for today. Another part about Yum will follow :-)