yum performs automatic dependency resolution when updating, installing, or removing packages, and thus is able to automatically determine, fetch, and install all available dependent packages.
To check if there are updates for any of the already installed packages we use:
# yum check-update
To update all, a specific one or a group of packages we use the update option:
# yum update
# yum update package.rpm
# yum group update “group_name”
We can look for packages in the configured repositories with the search option:
# yum search star → searches for word “star” just in the name & description fields
# yum search all star → searches everywhere in the package specification
To list installed and available packages:
# yum list all → lists all installed & available
# yum list bzip* → lists installed & available packages that match the glob
# yum list installed bzip* → lists just installed packages matching the glob
# yum list available gzip* → lists just available packages matching glob
To list the configured repositories:
# yum repolist → repository ID, name and number of packages
# yum repolist -v → more verbose output
# yum repoinfo → same output as above
# yum repoinfo -v → same but also shows disabled repositories
To query the particularities of a package:
# yum info package.rpm
# yumdb info package.rpm
The second command above is a bit more comprehensive in its reporting and tells us, among other things, the command used to install the package and whether it was installed by a user or pulled as a dependency for another install.
To install a package or series of packages:
# yum install package1.rpm package2.rpm → installs the given rpm from the available repositories
# yum localinstall /tmp/package1.rpm → installs the given rpm rather than extracting it from repo
# yum group install “KDE Desktop”
# yum group install @kde-desktop
A very useful feature of yum is the possibility of installing a package implicitly by stating the file or binary we need. For example:
# yum install /usr/sbin/named → checks the repository and installs the package that has that file
# yum provides “*bin/named” → the same but matching the given glob
Uninstalling a package is easy as long as there are no dependency problems:
# yum remove package.rpm
We can see the history of yum installs and uninstalls with:
# yum history list → 20 most recent transactions
# yum history list all → all transactions
# yum history list 1..25 → list transactions 1 to 25
# yum history list kde* → list transactions involving KDE packages
# yum history sync → synchronise rpm and yum databases
# yum history summary → summary of all transactions
The configuration files for the yum utility reside in /etc/yum.conf and /etc/yum.d/ or /etc/yum/repos.d/ or /etc/yum.repos.d/. A typical configuration file looks something like this:
# cat /etc/yum.conf
.
[main] → this is the main repository
cachedir=/var/cache/yum/$basearch/$releasever → location of cache and yum database files
keepcache=0 → keep headers & packages after installation (0 = no, 1 = yes)
debuglevel=2 → 0 (none) to 10 (extremely verbose)
logfile=/var/log/yum.log
exactarch=1 → update only packages that match the used architecture
obsoletes=1 → keep obsolete packages (0 = keep them, 1 = get rid of them)
gpgcheck=1 → GPG signature check (0 = no, 1 = yes)
plugins=1 → enable ALL yum plugins (0 = disable, 1 = enable)
installonly_limit=3 → number of pkg versions kept (should be 3 or higher!)
.
[repository] → this is a secondary repository
name=local_repository → repository’s distinctive name
baseurl=file:///repo → location of repodata dir with .repo file (http, ftp, file)
enabled=1 → use this repository (0 = no, 1 = yes)
gpgcheck=0
There are a whole lot more options that can be used in the yum configuration file (i.e. proxy settings, SSL certificates, bandwidth throttling, etc) but if you need to dig further to customise your repositories further, then I suggest reading this carefully.
We shall cover the [repository] section briefly though because of its importance.
In this section, there are only two mandatory parameters: name and baseurl.
The name has to be unique and cannot contain blank spaces.
The baseurl can be a local directory (i.e. file:///repo), an ftp server (ftp://192.168.0.111/pub/rhel7) or http server (http://192.168.0.111/pub/rhel7).
The parameter enabled (0 = no, 1 = yes) is optional and defaults to 1.
The rest of parameters are mostly common with those from the main section. We can view them in the man page of yum.conf or by running the command yum-config-manager.
There are different ways to add repositories to a system. One of them is to create a repository on the local system with all the rpm packages we might need and then run createrepo:
# mkdir /repo
# cp -rf /cdrom/SL-7-x86_64/. /repo
# createrepo /repo/Packages → /repo/Packages is where the rpms are
# yum-config-manager –add-repo file:///repo/Packages
We have created and we have added it to the list of packages sources in /etc/yum.repo.d files. If we check that directory we’ll see the last file modified is our new repo. We can rename it to anything we want (both file name and the “[repo name]” inside it) as long as it keeps the *.repo ending.
We can enable or disable repositories with the command…
# yum-config-manager –enable repository_name
# yum-config-manager –disable repository_name
Or we can go straight to the repo files in /etc/yum.repos.d and switch the enabled parameter to 0 (disabled) or 1 (enabled).
Most usually we will point to remote repositories in ftp or http servers, to the directory where repodata is located and then import the GPG key:
# yum-config-manager –add-repo http://linuxsoft.cern.ch/centos/7.1.1503/os/x86_64
# rpm –import http://linuxsoft.cern.ch/centos/7.1.1503/os/x86_64/RPM-GPG-KEY-CentOS-7
Now we should have another file in /etc/yum.repos.d with the repository above plus we have imported the keys so we can authenticate any packages going forward.
If the key import does not work for whatever reason, we can just copy and paste the contents of the key and manually add it to /etc/pki/rpm/gpg as a new file. Then we point the parameter gpgkey to the full path of the key if gpgcheck=1.