You can check for software updates using the yum check-update subcommand. Using the yum update command you can easily update all of our system software. Also using the yum update command you can update single packages. You can also version lock certain programs using the yum versionlock plugin. Using the yum changelog plugin you can view the changes made to any application in the system.
- [Grant] We can check for OS updates using the yum check update subcommand. Type in yum space check dash update, and hit Enter. This shows all software packages that need updated. Notice near the bottom, my Nautilus Open Terminal package is indented, so you may not have this package, so don't be alarmed if it's not there. This package is indented because it's been obsoleted. The package that it's indented from is Gnome Terminal Nautilus that will replace it. We can verify this with yum list obsoletes.
Type in yum space list space obsoletes and hit Enter. You can see that my obsoleting package is Gnome Terminal Nautilus, which is replacing Nautilus Open Terminal. When updating software packages, we can either update our single package or the entire OS. If you look up on my list above, you can see xz has an update. To update this package, I type in sudo space yum space update space xz and hit Enter. I type in my password and hit Enter again.
Press y to continue. This updates the xz package and its dependency. To update the entire OS, leave off the package name. So we type in sudo space yum space update and hit Enter. On my system, yum wants to update 589 packages. Yum's asking us to press y if we want to proceed, N for not proceeding, and d for downloading packages. The last option is useful if you ever want to update offline. Pressing d would allow us to download the update packages, and we can install them later when we're not connected to the network.
For now, let's just say N for no and hit Enter. When we say no, it saves our transaction into the slash tmp folder. To rerun this transaction later, we'd use yum space load dash transaction, and the file path to the transaction file and the update operation would proceed. If you want to update all packages except one, you can specify the exception after the dash x option. Type in sudo space yum space update space dash x space cups asterisk and hit Enter.
Now, I only have 585 packages to upgrade. Notice that holding back some packages from upgrading may break your dependencies because other packages may need them. Press No to cancel. If you want to permanently hold back some packages from being updated, you need to add the versionlock yum plugin. Type in sudo space yum space install space yum dash plugin dash versionlock and hit Enter. Press y to continue. To versionlock a package, just run yum versionlock followed by the package name.
For instance, type in sudo space yum space versionlock space cups and hit Enter. To see a list a versionlocked packages, type in yum space versionlock and hit Enter. We can see our cups package is now versionlocked. To delete a verisonlock, we need to copy the output of yum versionlock to the clipboard. So right-click and select Copy. Now, type in sudo space yum space versionlock space delete, and then we'll paste and hit Enter.
Now we can see our versionlock is deleted. To clear all versionlocks, type in sudo space yum space versionlock space clear, and this clears all versionlocks. We can also be a bit more granular when doing OS updates. Let's say we only want to install security updates. Type in sudo space yum space update space dash dash security and hit Enter. The dash dash security option will update packages with security updates in them to the latest version, even if the latest version is just a bug fix.
If we want to restrict the update to only the latest security patched versions, we'd use sudo space yum space update dash minimal space dash dash security and we'd hit Enter. Notice there are no updates that are strictly security updates. Confused? Let me explain. In a completely hypothetical situation, and let's say we have kernel -3.10.0-1 installed. The second release of this package has a security update in it.
The third release of this package has a bug fix. Yum update dash minimal dash dash security would only update the second release because the second release was strictly a security release. However, yum space update space dash dash security would upgrade to the third release because it's the latest release, even though it was just a bug fix. Be aware that the base CentOS 7 repositories do not have the required metadata to differentiate security updates. Red Hat repositories do, so you can use these commands on Red Hat Enterprise Linux 7.
Also, some third-party repositories like EPEL do as well, so these commands will work for those packages. Another thing to keep in mind when installing a single package or updating the entire OS is that configuration files may be renamed when a new package is installed. If your modified configuration file is not forward compatible, meaning that changes won't work with the new package version, then your configuration file will be renamed with a dot rpmsave extension. If your modified configuration file is forward compatible and will work the new package, then the configuration file from the package will be saved with a dot rpmsave extension.
When installing with yum on RPM, you will see message to let you know which operation was done, so pay close attention. The message will look something like this. Often, we are looking to update our packages due to bugs. It may be helpful to look through package change logs to see if the issue's been fixed. To do so, let's install the change log yum plugin. Type in sudo space install space yum dash plugin dash changelog and hit Enter. And press y to continue. Now, we can look through the package change logs.
For recent change logs, we'll pass at the reset option. Type in yum space changelog space recent and hit Enter. To get all the change logs for packages listed to be updated, supply the updates option. Type in yum space changelog space updates and hit Enter. This can be quite a lot of information, but we could type in the graph and search for specific issues. We could also narrow it down to a specific package as well. For instance, we want to get the change log for the irqbalance package, we'd type in yum space changelog space irqbalance and hit Enter.
This will show the changelog just for this one package.
Instructor Grant McWilliams covers network and internet services administration, kernel management, and intrusion prevention. He shows how to make your systems more efficient with virtualization, manage users and groups, and lock everything down with SELinux mandatory access control. Plus, get access to 25 PDF "cheat sheets" and 100 practice questions so you can solidify and test your knowledge.
- Installing Linux on a physical machine
- Managing systemd services
- Managing reoccurring jobs with cron
- Limiting system access
- Configuring networking
- Creating, editing, and moving files and directories
- Analyzing text with grep and regular expressions
- Installing software and packages
- Managing the kernel
- Managing users, accounts, and groups
- Setting permissions
- Using access control lists
- Securing Linux with SELinux
- Accessing Linux remotely
- Configuring local storage