9. Centos Repository

最後更新: 2020-09-22

目錄

 


介紹

 

用過 Debian 後, 當遇上了 Centos , 第一時間會覺得"它的 package system 很"舊"

最後我可以肯定它是一場惡夢 .... 因為什麼 package 都 yum 唔到.

設定一些常用的 Centos respositories 才 yum 到要的 package

 


Package Version

 

i.e. httpd 2.4.6 on Centos 7

CentOS httpd 2.4.6 is not exactly 2.4.6 and contains features backported from newer versions

rpm -q --changelog httpd

* Tue Mar 31 2020 CentOS Sources <[email protected]> - 2.4.6-93.el7.centos
- Remove index.html, add centos-noindex.tar.gz
- change vstring
- change symlink for poweredby.png
- update welcome.conf with proper aliases

* Tue Oct 08 2019 Lubos Uhliarik <[email protected]> - 2.4.6-93
- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect
  expiry time
...

 


repoforge

 

它可以說是必須的, 因為最少可以安裝 nload, jailkit

過程:

** i386 及 i686 是有不同的 !!

Centos: http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

Centos6: rpmforge-release-0.5.2-2.el6.rf.i686.rpm

# Download

Centos7: http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7....

Centos6: wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6....

# Verify the package you have downloaded

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

rpm -K rpmforge-release-0.5.2-2.el5.rf.*.rpm

# 安裝

rpm -Uvh

會多了:

  • /etc/yum.repos.d/mirrors-rpmforge  
  • /etc/yum.repos.d/rpmforge.repo

 


EPEL

 

安裝:

Centos7:

方法1:

wget https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7...

rpm -Uvh epel-release-7*.rpm

方法2:

yum install epel-release

Centos6:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

# x86_64

rpm -Uvh https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Centos5:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

安裝後會多了

  • /etc/yum.repos.d/epel.repo

 


ELRepo

 

Homepage: https://www.elrepo.org

ELRepo contains four channels

  • elrepo (Default: Enable)
  • elrepo-extras
  • elrepo-testing
  • elrepo-kernel

安裝

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

Centos 5:

rpm -Uvh http://elrepo.org/elrepo-release-5-3.el5.elrepo.noarch.rpm

Centos 6:

rpm -Uvh http://elrepo.org/elrepo-release-6-4.el6.elrepo.noarch.rpm

Centos 7:

yum install https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

安裝後會得到 /etc/yum.repos.d/elrepo.repo

[elrepo]
name=ELRepo.org Community Enterprise Linux Repository - el6
baseurl=http://elrepo.org/linux/elrepo/el6/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org
protect=0

[elrepo-kernel]
name=ELRepo.org Community Enterprise Linux Kernel Repository - el6
baseurl=http://elrepo.org/linux/kernel/el6/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org
protect=0

[elrepo-extras]
name=ELRepo.org Community Enterprise Linux Extras Repository - el6
baseurl=http://elrepo.org/linux/extras/el6/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org
protect=0

elrepo-extras

The elrepo-extras channel provides packages and their dependencies that replace/update RHEL distribution packages.

It may be enabled in the /etc/yum.repos.d/elrepo.repo file or used with 'yum --enablerepo=elrepo-testing'.

提供有:

  • munin
  • php-mcrypt

elrepo-kernel

provides both the long-term support kernels(kernel-lt) and

the latest stable mainline kernels (kernel-ml) [For RHEL-7]

Centos7 用 kernel-3.10.X 時它提供 kernel-ml 5.0.X

安裝及設定

yum --enablerepo=elrepo-kernel install kernel-ml -y

egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'

CentOS Linux (5.0.6-1.el7.elrepo.x86_64) 7 (Core)                    # 0
CentOS Linux (3.10.0-957.1.3.el7.x86_64) 7 (Core)                    # 1
CentOS Linux, with Linux 0-rescue-0a697737800f45c9fb660663f9b1a5e8   # 2

grub2-set-default 0

reboot


yum-plugin-priorities

 

Protect your system from updates from the CentOSPlus repository is to use the yum-plugin-priorities plugin.

yum install yum-plugin-priorities

vi /etc/yum.conf

plugins=1

You would set priorities in /etc/yum.repos.d/CentOS-Base.repo like this:

[base]
exclude=foo bar
priority=1

[update]
exclude=foo bar
priority=1

[centosplus]
enable=1
priority=2

說明:

This will make the [base] and [update] repositories have higher priority over the [centosplus] repository, so the only items in CentOSPlus that will update either [base] or [update] are items that are excluded from those repositories with an exclude= setting.

P.S

1-10 系統保留的, 1 為最高 priority

Summary

Using the CentOSPlus repository is more dangerous than using other CentOS repositories,

as it is designed to have several updated packages and it is not really designed to be completely enabled.

You can use all the packages in CentOSPlus, but normally one will pick only the packages they are looking for and

use exclude= and includepkgs= (or exclude= and yum-plugin-priorities)

to load only those packages from the CentOSPlus repository.

 


yum-plugin-versionlock

 

功能: lock package version

Install

yum install yum-plugin-versionlock

Usage:

yum versionlock kernel-*

Checking

# 相當於 /etc/yum/pluginconf.d/versionlock.list 的內容

yum versionlock list

Loaded plugins: fastestmirror, security, versionlock
0:kernel-2.6.32-696.3.1.el6.*
0:kernel-headers-2.6.32-696.16.1.el6.*
0:kernel-2.6.32-573.el6.*
0:kernel-firmware-2.6.32-696.16.1.el6.*
0:kernel-2.6.32-696.16.1.el6.*
versionlock list done

其他方法

/etc/yum.conf

[main]
...
exclude=httpd php python-3*

Temporarily Disable Package for Install or Update

yum -x httpd -x php update

 


enablerepo

 

# 指定在某 repo 安 Package

yum-config-manager --disable <repoid>

yum --enablerepo=centosplus install php

 


舊 package 的 repos

 

Centos repos archive

http://vault.centos.org/???/

Example:

# 直接用 6.10 <- Centos 6 最後一個 Version

[base]
baseurl=https://vault.centos.org/6.10/os/$basearch/

[updates]
baseurl=https://vault.centos.org/6.10/updates/$basearch/

[extras]
baseurl=https://vault.centos.org/6.10/extras/$basearch/

[centosplus]
baseurl=https://vault.centos.org/6.10/centosplus/$basearch/

系統會 call

因為 "$releasever = 4", 而 vault 係 4.0, 4.1 ...

所以要用 "4.9"

http://vault.centos.org/4.9/os/i386/repodata/repomd.xml

EPEL repos archive

http://archives.fedoraproject.org/pub/archive/epel/

https://archives.fedoraproject.org/pub/archive/epel/6/x86_64/epel-release-6-8.noarch.rpm

人手安舊 Package

# 當前系統狀態

uname -r

2.6.32-696.16.1.el6.x86_64

rpm -qa | grep ^kernel-

kernel-devel-2.6.32-696.el6.x86_64.rpm
kernel-headers-2.6.32-696.el6.x86_64.rpm

# 找回舊 Package

cat /etc/redhat-release

CentOS release 6.9 (Final)

https://vault.centos.org/6.9/os/x86_64/Packages/

EPEL 舊 Package

https://archives.fedoraproject.org/pub/archive/epel/6/x86_64/Packages/i/iperf-2.0.5-11.el6.x86_64.rpm

6, 7, 8       <- 沒有小數點

a, b, ..., i   <- 以 package 首字母為目錄

 


Repo Setting

 

failovermethod

'roundrobin' (defaults)

By default yum randomly selects repositories URL from the baseurl list and

proceeds through each of them as it encounters a failure contacting the host.

'priority'

To force yum to use them in sequence

skip_if_unavailable

yum-config-manager --save --setopt=skip_if_unavailable=true <repoid>

retries

# Set the number of total retries for downloading packages.
# 0 => forever. Default is 10
retries=3

 


Troubleshoot

 

Error

 "Cannot retrieve metalink for repository: epel" Error

解決

yum upgrade ca-certificates --disablerepo=epel

 

 

 

 

附加檔案大小
epel-release-6-8.noarch.rpm14.2 KB

Creative Commons license icon Creative Commons license icon