4

I help manage a small production server. The server runs a downlevel version of CentOS. CentOS recently announced Release for CentOS Linux 7 (1511) on x86_64.

Running yum update picked up the release and offered 400+ packages upgrades. We would like to prohibit the upgrade at the moment on the production server.

We are most concerned about an accidental upgrade, like a script using -y. We still want to receive updates for the older version of CentOS; we just don't want the OS upgrade.

How can we configure yum to avoid the CentOS 7 upgrade?

Here's what it looks like when we run yum update:

$ sudo yum update
[sudo] password for xxxxxxxx: 
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.hostduplex.com
 * epel: linux.mirrors.es.net
 * extras: mirror.hostduplex.com
 * updates: mirror.hostduplex.com
Resolving Dependencies
...
Transaction Summary
================================================================================
Install    2 Packages (+6 Dependent packages)
Upgrade  412 Packages

Total download size: 374 M
Is this ok [y/d/N]:

Here is our yum.conf:

$ cat /etc/yum.conf
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release

Here is the section in the manual covering the configuration: 12.4. Configuring yum. But its not obvious to me how to prohibit the upgrade.

  • I have to admit I'm not that firm with current CentOS, is 1511 basically the same as RHEL 7.2 ? The announcement says "third major release for CentOS 7" and "derived from RHEL 7.2" so what is it now? Centos 7.2 or 7.3 ? Just curious ... – doktor5000 Dec 19 '15 at 20:55

2 Answers2

4

This seems to be the same question as How do I keep Centos at version 6.3? and the second answer that might help you achieve what you want: https://serverfault.com/a/500606

Something like this might work: yum --releasever=7.0 update You may have to adapt as I'm not sure what releasever your currently installed CentOS uses, maybe you also need to use 7.1. The latter answers to Yum: How can I view variables like $releasever, $basearch & $YUM0? should help you with that.

Although another source mentions that this might still draw updates from later point releases, see http://www.linuxquestions.org/questions/linux-server-73/rhel-yum-update-without-migrating-to-point-releases-4175456496/

FWIW, this was also already asked the same way as How can I keep the RHEL version static (e.g. RHEL 5.1)? but I don't think that solution will work as cleanly as the above or if it will work at all.

Community
  • 1
doktor5000
  • 2,699
  • Thanks doktor5000. If it can be done, then I think this probably holds the answer. –  Dec 20 '15 at 22:39
1

There are two ways to achieve your goal.

The easiest is to add exclude=* in your /etc/yum.conf file.

The second is to disable all the repositories. For each definition of repository into in /etc/yum.repos.d/ add a line enabled=0, ie (CentOS-Base.repo):

[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=0
LilloX
  • 1,226
  • Forgive my ignorance... It seems like exclude=* is easiest, but would it prohibit updates to installed packages? –  Dec 18 '15 at 08:12
  • Yes, prohibit also that a new package will be installed. – LilloX Dec 18 '15 at 08:15