9. yum command

最後更新: 2023-05-02




man yum

man yum.conf

Package 的格式

name.architecture, name-version

* noarch

repos 設定檔保存在





rpm --import GPG-PUB-KEY.asc


# uname -i = x86_64

tree -L 2 /var/cache/yum/`uname -i`

└── 7
    ├── base
    ├── epel
    ├── extras
    ├── remi-safe
    ├── timedhosts
    ├── timedhosts.txt
    └── updates


查看現有的 repository


yum repolist

repo id                repo name                                                             status
base                   CentOS-6 - Base                                                       4,764
elrepo                 ELRepo.org Community Enterprise Linux Repository - el6                  166
epel                   Extra Packages for Enterprise Linux 6 - i386                          6,061
extras                 CentOS-6 - Extras                                                         4
rpmforge               RHEL 6 - RPMforge.net - dag                                           4,381
updates                CentOS-6 - Updates                                                      732




[base] make up CentOS, as it is released on the ISOs. It is enabled by default.

[updates] - Updated packages to [base] released after the CentOS ISOs.

[contrib] - Packages contributed by the CentOS Users
                , which do not overlap with any of the core Distribution packages.

[extras] - Packages built and maintained by the CentOS developers
              that add functionality to the core distribution.

[centosplus]     - Packages built and maintained by the CentOS developers
                   These packages might replace rpm's included in the core Distribution.

[csgfs] - Packages that make up the Cluster Suite and Global File System.
             It is disabled by default.


yum Usage


# Search: names, descriptions, summaries and listed package maintainers

yum search application_name

# List: package name

yum list available

# Provides: packages that include files

yum provides libneon

# Regular Expressions

yum list tsc\*

# info

yum info application_name

# install

yum install application_name

# install local rpm

yum localinstall /path/to/the/rpm

# Remove

yum remove application_name

# To remove a package without removing its dependency on RHEL

rpm -e --nodeps PKG_NAME

# keep files, just remove the db entry

rpm -e --nodeps --justdb PKG_NAME




yum install yum-cron


  • /etc/cron.daily/0yum-daily.cron ( 食 yum-cron.conf call yum-cron )
  • /etc/cron.hourly/0yum-hourly.cron ( 食 yum-cron-hourly.conf call yum-cron )
  • /etc/yum/yum-cron-hourly.conf
  • /etc/yum/yum-cron.conf
  • /usr/lib/systemd/system/yum-cron.service (建立 /var/lock/subsys/yum-cron ,  0yum-daily.cron 及 0yum-hourly.cron 會 check 它 )
  • /usr/sbin/yum-cron (an interface to convieniently call yum from cron)

Start Service

systemctl enable yum-cron

systemctl start yum-cron

systemctl status yum-cron


update_cmd = default         # default = "yum upgrade"
                             # security = "yum --security upgrade"

# Whether updates should be applied when they are available. (Default: no)
apply_updates = yes

# sleep for a random amount of time before running
random_sleep = 5             # Unit: min, 0=> run immediately

# How to send messages.
emit_via = None              # stdio, email.



啟用 plugin



Plugin - fastestmirror:

yum install yum-plugin-fastestmirror


verbose = 0
socket_timeout = 3
enabled = 1
hostfilepath = /var/cache/yum/timedhosts.txt
maxhostfileage = 1


Plugin - protectbase:

Packages in the protected repositories can't be overridden by packages in non-protected repositories even if the non-protected repo has a later version.

yum install yum-plugin-protectbase


enabled = 1


Plugin protectbase 與 priorities 只能二擇其一 !


Plugin - priorities:



yum grouplist


找出要的 package:

yum grouplist | grep Development

Additional Development
Development tools
Desktop Platform Development
Server Platform Development


  • yum groupinstall "some group"'
  • yum groupremove "some group"'
  • yum groupupdate "some group"'


yum groupinstall "Development Tools"


Plugin - yum-plugin-security



只做 Security Update


yum -y install yum-plugin-security

查看有什麼 security update:

yum --security check-update

Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: repo.virtualhosting.hk
 * epel: free.nchc.org.tw
 * extras: repo.virtualhosting.hk
 * ius: hkg.mirror.rackspace.com
 * updates: repo.virtualhosting.hk
Limiting package lists to security relevant ones
No packages needed for security; 5 packages available

更新 security update only:

yum --security update




Packages in the protected repositories will not be updated or overridden by packages in non-protected repositories

even if the non-protected repo has a later version.

let us protect the base packages from EPEL using the yum plugin protectbase.

* You should pick either the protectbase or the priorities plugin, they should not be used at the same time.

* You MUST add "protect=0" to all repos in all .repo files  if you want them unprotected,
   otherwise they belong to the protect=1 group.

# 查看有什麼 repo

yum repolist

repo id                        repo name                                                                    status
base                           CentOS-6 - Base                                                              4,968
*epel                          Extra Packages for Enterprise Linux 6 - i386                                 9,587
extras                         CentOS-6 - Extras                                                               40
ius                            IUS Community Packages for Enterprise Linux 6 - i386                           301
updates                        CentOS-6 - Updates                                                             379
repolist: 15,275

# Install

yum install yum-plugin-protectbase -y

# Enable


enabled = 1

# 保護




yum 的變數 (只適用於 cenots6) {Variables}



  • $basearch                  # i.e. x86_64
  • $arch                         # 取代 python 的 os.uname()
  • $releasever                # 6, 7, 8

當 $arch 是 i686 (uname -p) 時, 那 $basearch 就是 i386


在 /etc/yum/vars/ 建立 basearch 內容

i386                        // 另有 x86_64


yum clean



              Removes cache files generated from the repository metadata.

              This forces DNF to regenerate the cache files the next time it is run.


              Those are the files which DNF uses to determine the remote  availability of packages.

              Using this option will make DNF download all the metadata the next time  it is run.


              Removes any cached packages from the system.


unfinished transactions


行 yum install 野後

Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction,
or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. 
If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).


# 會安一大堆 package



yum-complete-transaction --cleanup-only

Cleaning up unfinished transaction journals
Cleaning up 2015-01-12.21:43.46


Install from specific repo


# list repo

yum repolist

# Install

yum --disablerepo="*" --enablerepo="nginx" install nginx

# Another

--repo=<repoid>    # a shortcut for --disablerepo="*" --enablerepo=<repoid>

yum install vim --repo MyPackage





Not using downloaded repomd.xml because it is older than what we have:


yum clean all

問題2: ssl error

yum update 唔到, ssl error

curl 都唔得

curl https://mirrors.fedoraproject.org

curl: (35) SSL connect error


cd /etc/yum.repos.d

mkdir _tmp

mv *.repo _tmp

mv _tmp/CentOS-Base.repo .

yum update openssl curl

yum update ca-certificates


定時 update 某些 Package



yum -y update httpd24u httpd24u-mod_ssl \
              php71u-cli mod_php71u \
              php71u-gd php71u-mbstring php71u-mysqlnd php71u-pdo php71u-mcrypt \
              php71u-xml php71u-soap php71u-opcache php71u-json 

# 這句是必須的, 否則有機會 restart 唔起.
systemctl daemon-reload

service httpd restart


exclude package install


-x, --exclude=package

Exclude a specific package by name or glob from all repositories, so yum works as if that package was never in the repositories.  

This is commonly used so a package isn't upgraded or installed accidentally,

but can be used to remove packages in any way that "yum list" will show packages.

應用: 安 munin 時選擇安 munin-nginx

yum deplist munin

  dependency: munin-web-support
   provider: munin-apache.noarch 2.0.40-4.el6
   provider: munin-nginx.noarch 2.0.40-4.el6

# 略過 munin-apache 的安裝, 而改安 munin-nginx

yum install -x munin-apache munin


Downgrade Package


# 系統安了 SOGo 的  libffi, 安裝唔到 base 的 libffi-devel, 因為版本不用

yum list | grep libffi

libffi.i686                                3.0.10-1                     @SOGo
libffi-devel.i686                          3.0.5-3.2.el6                base

# 如果打算 remove libffi 後再 install 它, 發現會影響大量 Package

yum remove libffi

# 用 downgrade 可以順利解決到

yum downgrade libffi




A deltarpm contains the difference between an old and a new version of a rpm

deltarpms can also work with installed rpms (You don't have to have a copy of the old rpm)

yum install deltarpm


phpmyadmin 的小升級會用到它

yum ignore dependent


mkdir /usr/src/rpm

yum install --downloadonly --downloaddir=/usr/src/rpm \
gettext-devel intltool pcre2

rpm -Uvh --nodeps FILENAME.rpm




ls /var/cache/yum/x86_64/7/



yum history


yum history


sqlite> .tables

pkg_rpmdb             trans_end             trans_with_pkgs
pkg_yumdb             trans_error           vtrans_data_pkgs
pkgtups               trans_prob_pkgs       vtrans_prob_pkgs2
trans_beg             trans_rpmdb_problems  vtrans_skip_pkgs
trans_cmdline         trans_script_stdout   vtrans_with_pkgs
trans_data_pkgs       trans_skip_pkgs

sqlite3 history-2018-09-04.sqlite "select * from pkgtups" > pkgtups.txt


Rebuilt rpm DB




error: rpmdb: BDB0113 Thread/process 170993/139903904709504 failed: BDB1507 Thread died in Berkeley DB library
error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery
error: cannot open Packages index using db5 -  (-30973)
error: cannot open Packages database in /var/lib/rpm
Error: Error: rpmdb open failed

"rpm -qa" 同樣 error

Rebuilt RPM DB

mkdir /var/lib/rpm/backup

cp -a /var/lib/rpm/__db* /var/lib/rpm/backup/

rm -f /var/lib/rpm/__db.[0-9][0-9]*

rpm --quiet -qa   # 測試

rpm --rebuilddb

dnf clean all



Creative Commons license icon Creative Commons license icon