9. yum

最後更新: 2019-05-02


  • 學習
  • 查看現有的 repository
  • Plugins
  • yum grouplist
  • Plugin - yum-plugin-security
  • Plugin - yum-plugin-protectbase
  • yum 的變數 (只適用於 cenots6)
  • unfinished transactions
  • install from specific repo
  • 常見問題
  • 定時 update 某些 Package
  • exclude package install
  • Downgrade Package
  • deltarpm



man yum

man yum.conf

Package 的格式

name.architecture, name-version

* noarch

repos File 保存在




rpm --import GPG-PUB-KEY.asc





查看現有的 repository:


yum repolist

repo id                repo name                                                             status
base                   CentOS-6 - Base                                                       4,764
elrepo                 ELRepo.org Community Enterprise Linux Repository - el6                  166
epel                   Extra Packages for Enterprise Linux 6 - i386                          6,061
extras                 CentOS-6 - Extras                                                         4
rpmforge               RHEL 6 - RPMforge.net - dag                                           4,381
updates                CentOS-6 - Updates                                                      732




[base] make up CentOS, as it is released on the ISOs. It is enabled by default.

[updates] - Updated packages to [base] released after the CentOS ISOs.

[contrib] - Packages contributed by the CentOS Users
                , which do not overlap with any of the core Distribution packages.

[extras] - Packages built and maintained by the CentOS developers
              that add functionality to the core distribution.

[centosplus]     - Packages built and maintained by the CentOS developers
                   These packages might replace rpm's included in the core Distribution.

[csgfs] - Packages that make up the Cluster Suite and Global File System.
             It is disabled by default.


yum search application_name
yum list available
yum provides libneon

search: names, descriptions, summaries and listed package maintainers
list: package name
provides: packages that include files

Regular Expressions:
yum list tsc\*

yum info application_name

yum install application_name
yum localinstall /path/to/the/rpm

yum remove application_name



yum install yum-cron


  • /etc/cron.daily/0yum-daily.cron ( 食 yum-cron.conf call yum-cron )
  • /etc/cron.hourly/0yum-hourly.cron ( 食 yum-cron-hourly.conf call yum-cron )
  • /etc/yum/yum-cron-hourly.conf
  • /etc/yum/yum-cron.conf
  • /usr/lib/systemd/system/yum-cron.service (建立 /var/lock/subsys/yum-cron ,  0yum-daily.cron 及 0yum-hourly.cron 會 check 它 )
  • /usr/sbin/yum-cron (an interface to convieniently call yum from cron)

Start Service

systemctl enable yum-cron

systemctl start yum-cron

systemctl status yum-cron


update_cmd = default         # default = "yum upgrade"
                             # security = "yum --security upgrade"

# Whether updates should be applied when they are available. (Default: no)
apply_updates = yes

# sleep for a random amount of time before running
random_sleep = 5             # Unit: min, 0=> run immediately

# How to send messages.
emit_via = None              # stdio, email.



啟用 plugin



Plugin - fastestmirror:

yum install yum-plugin-fastestmirror


verbose = 0
socket_timeout = 3
enabled = 1
hostfilepath = /var/cache/yum/timedhosts.txt
maxhostfileage = 1


Plugin - protectbase:

Packages in the protected repositories can't be overridden by packages in non-protected repositories even if the non-protected repo has a later version.

yum install yum-plugin-protectbase


enabled = 1


Plugin protectbase 與 priorities 只能二擇其一 !


Plugin - priorities:



yum grouplist


找出要的 package:

yum grouplist | grep Development

Additional Development
Development tools
Desktop Platform Development
Server Platform Development


  • yum groupinstall "some group"'
  • yum groupremove "some group"'
  • yum groupupdate "some group"'


yum groupinstall "Development Tools"


Plugin - yum-plugin-security



只做 Security Update


yum -y install yum-plugin-security

查看有什麼 security update:

yum --security check-update

Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: repo.virtualhosting.hk
 * epel: free.nchc.org.tw
 * extras: repo.virtualhosting.hk
 * ius: hkg.mirror.rackspace.com
 * updates: repo.virtualhosting.hk
Limiting package lists to security relevant ones
No packages needed for security; 5 packages available

更新 security update only:

yum --security update




Packages in the protected repositories will not be updated or overridden by packages in non-protected repositories

even if the non-protected repo has a later version.

let us protect the base packages from EPEL using the yum plugin protectbase.

* You should pick either the protectbase or the priorities plugin, they should not be used at the same time.

* You MUST add "protect=0" to all repos in all .repo files  if you want them unprotected,
   otherwise they belong to the protect=1 group.

# 查看有什麼 repo

yum repolist

repo id                        repo name                                                                    status
base                           CentOS-6 - Base                                                              4,968
*epel                          Extra Packages for Enterprise Linux 6 - i386                                 9,587
extras                         CentOS-6 - Extras                                                               40
ius                            IUS Community Packages for Enterprise Linux 6 - i386                           301
updates                        CentOS-6 - Updates                                                             379
repolist: 15,275

# Install

yum install yum-plugin-protectbase -y

# Enable


enabled = 1

# 保護




yum 的變數 (只適用於 cenots6) {Variables}



  • $basearch
  • $arch                              # 取代 python 的 os.uname()
  • $releasever

當 $arch 是 i686 (uname -p) 時, 那 $basearch 就是 i386


在 /etc/yum/vars/ 建立 basearch 內容

i386                        // 另有 x86_64

unfinished transactions


行 yum install 野後

Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction,
or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. 
If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).


# 會安一大堆 package



yum-complete-transaction --cleanup-only

Cleaning up unfinished transaction journals
Cleaning up 2015-01-12.21:43.46


Install from specific repo


# list repo

yum repolist

# install

yum --disablerepo="*" --enablerepo="nginx" install nginx





Not using downloaded repomd.xml because it is older than what we have:


yum clean all

問題2: ssl error

yum update 唔到, ssl error

curl 都唔得

curl https://mirrors.fedoraproject.org

curl: (35) SSL connect error


cd /etc/yum.repos.d

mkdir _tmp

mv *.repo _tmp

mv _tmp/CentOS-Base.repo .

yum update openssl curl

yum update ca-certificates


定時 update 某些 Package



yum -y update httpd24u httpd24u-mod_ssl \
              php71u-cli mod_php71u \
              php71u-gd php71u-mbstring php71u-mysqlnd php71u-pdo php71u-mcrypt \
              php71u-xml php71u-soap php71u-opcache php71u-json 

# 這句是必須的, 否則有機會 restart 唔起.
systemctl daemon-reload

service httpd restart


exclude package install


-x, --exclude=package

Exclude a specific package by name or glob from all repositories, so yum works as if that package was never in the repositories.  

This is commonly used so a package isn't upgraded or installed accidentally,

but can be used to remove packages in any way that "yum list" will show packages.

應用: 安 munin 時選擇安 munin-nginx

yum deplist munin

  dependency: munin-web-support
   provider: munin-apache.noarch 2.0.40-4.el6
   provider: munin-nginx.noarch 2.0.40-4.el6

# 略過 munin-apache 的安裝, 而改安 munin-nginx

yum install -x munin-apache munin


Downgrade Package


# 系統安了 SOGo 的  libffi, 安裝唔到 base 的 libffi-devel, 因為版本不用

yum list | grep libffi

libffi.i686                                3.0.10-1                     @SOGo
libffi-devel.i686                          3.0.5-3.2.el6                base

# 如果打算 remove libffi 後再 install 它, 發現會影響大量 Package

yum remove libffi

# 用 downgrade 可以順利解決到

yum downgrade libffi




A deltarpm contains the difference between an old and a new version of a rpm

deltarpms can also work with installed rpms (You don't have to have a copy of the old rpm)

yum install deltarpm


phpmyadmin 的小升級會用到它