thelinuxvault guide

Getting the Most Out of YUM in Red Hat-Based Systems

In the world of Red Hat-based Linux distributions—such as Red Hat Enterprise Linux (RHEL), CentOS, Fedora, and Oracle Linux—package management is a cornerstone of system administration. Among the tools available, **YUM (Yellowdog Updater, Modified)** has long been the go-to package manager for handling RPM (Red Hat Package Manager) packages. YUM simplifies installing, updating, removing, and managing software by resolving dependencies automatically, making it indispensable for system administrators and users alike. While newer distributions like RHEL 8+ and Fedora now use **DNF (Dandified YUM)** as the default package manager (with YUM often serving as an alias), YUM remains relevant for older systems (e.g., RHEL 7 and earlier) and shares many command-line similarities with DNF. This blog will guide you through mastering YUM, from basic operations to advanced configurations, ensuring you can efficiently manage packages on Red Hat-based systems.

Table of Contents

  1. Understanding YUM Basics
  2. Configuring YUM Repositories
  3. Essential YUM Commands
  4. Advanced YUM Operations
  5. Extending YUM with Plugins
  6. Troubleshooting Common YUM Issues
  7. Best Practices for YUM Management
  8. Conclusion
  9. References

1. Understanding YUM Basics

YUM is an open-source package manager designed to automate the installation, update, and removal of RPM packages on Red Hat-based systems. It resolves dependencies automatically, ensuring that all required libraries and tools are installed alongside the target package.

Key Concepts:

  • RPM Packages: The underlying package format for Red Hat systems (.rpm files).
  • Repositories: Remote or local directories containing RPM packages and metadata (used by YUM to locate packages).
  • Dependencies: Additional packages required for a software to function (YUM handles these automatically).

YUM vs. DNF:

While YUM is still widely used (especially in RHEL 7 and earlier), DNF has replaced it as the default in RHEL 8+, Fedora, and CentOS Stream. DNF offers faster performance and better dependency resolution but retains most YUM commands (e.g., dnf install works similarly to yum install). For simplicity, this blog focuses on YUM, but most commands apply to DNF with minimal changes.

2. Configuring YUM Repositories

YUM relies on repositories to fetch packages. Repositories are defined in .repo files located in /etc/yum.repos.d/.

Repository File Structure:

A typical repo file (e.g., CentOS-Base.repo) includes:

[base]  
name=CentOS-$releasever - Base  
baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/  
enabled=1  
gpgcheck=1  
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
  • [base]: Unique repository ID (enclosed in brackets).
  • name: Human-readable name for the repository.
  • baseurl: URL/path to the repository (supports http://, https://, ftp://, or local paths like file://).
  • enabled=1: Enables the repository (set to 0 to disable).
  • gpgcheck=1: Enables GPG signature verification (recommended for security).
  • gpgkey: Path/URL to the GPG public key for verifying package integrity.

Managing Repositories:

  • List Enabled Repositories:

    yum repolist enabled

  • Enable/Disable Repositories Temporarily:
    Use --enablerepo or --disablerepo with YUM commands:

    yum --enablerepo=epel install htop  # Install htop from the EPEL repo  
yum --disablerepo=base update       # Update without using the "base" repo

  • Add a Third-Party Repository:
    For example, to add the EPEL (Extra Packages for Enterprise Linux) repo (a popular source for additional packages):

    # For RHEL/CentOS 7  
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm  
# For RHEL/CentOS 8  
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

3. Essential YUM Commands

Mastering these core commands will handle 90% of daily package management tasks.

Update System Packages:

Check for available updates and apply them:

yum check-update  # List available updates  
yum update        # Update all installed packages (requires sudo)  
yum update <package>  # Update a specific package (e.g., yum update httpd)

Install Packages:

Install a package from configured repositories:

yum install <package>  # e.g., yum install nginx  
yum install <package1> <package2>  # Install multiple packages

Remove Packages:

Uninstall a package (use remove for safer removal than erase):

yum remove <package>  # e.g., yum remove nginx

Search for Packages:

Find packages by name or keyword:

yum search <term>  # e.g., yum search "text editor"

View Package Details:

Get information about a package (installed or available):

yum info <package>  # e.g., yum info firefox

List Installed Packages:

yum list installed  # List all installed packages  
yum list installed | grep <package>  # Filter for a specific package

Clean YUM Cache:

YUM caches package metadata and RPM files to speed up operations. Clean the cache if you encounter errors:

yum clean all  # Clears all cached data (metadata + RPMs)  
yum clean metadata  # Clears only metadata (faster than clean all)

4. Advanced YUM Operations

Install Local RPM Files:

YUM can install RPMs stored locally (and resolve dependencies from repos):

yum localinstall /path/to/package.rpm  # e.g., yum localinstall ~/Downloads/mypackage.rpm

Downgrade Packages:

Revert to an older version of a package (use with caution):

yum downgrade <package>-<version>  # e.g., yum downgrade httpd-2.4.6-97.el7.centos

Manage Package Groups:

Install pre-defined groups of packages (e.g., “Development Tools”):

yum group list  # List all available groups  
yum group install "Development Tools"  # Install a group  
yum group remove "Development Tools"  # Remove a group

Exclude Packages from Updates:

Prevent specific packages from being updated (useful for stability):
Add to /etc/yum.conf:

exclude=httpd mysql  # Excludes httpd and mysql from all updates

Or exclude temporarily:

yum update --exclude=httpd  # Update all except httpd

Check Dependencies:

View dependencies for a package (before installation):

yum deplist <package>  # e.g., yum deplist nginx

5. Extending YUM with Plugins

YUM plugins add functionality like faster mirror selection, security updates, and version locking. Plugins are installed via yum install yum-plugin-<plugin-name>.

Key Plugins:

  • fastestmirror: Automatically selects the fastest repository mirror.

    yum install yum-plugin-fastestmirror

    Enabled by default in most systems; configure in /etc/yum/pluginconf.d/fastestmirror.conf.

  • priorities: Ensures packages from higher-priority repos are preferred (prevents conflicts).

    yum install yum-plugin-priorities

    Set priority in repo files (e.g., priority=1 for critical repos, priority=10 for third-party).

  • security: Enables security-focused updates (e.g., install only security patches):

    yum install yum-plugin-security  
yum update --security  # Install all security updates  
yum list-security  # List available security updates

  • versionlock: Lock packages to specific versions (prevents accidental updates):

    yum install yum-plugin-versionlock  
yum versionlock add httpd  # Lock httpd to its current version  
yum versionlock list  # View locked packages  
yum versionlock delete httpd  # Unlock httpd

6. Troubleshooting Common YUM Issues

Repo Not Found/404 Errors:

  • Cause: Invalid repo URL or disabled repo.
  • Fix: 
    yum repolist all  # Check if repo is enabled  
vi /etc/yum.repos.d/your-repo.repo  # Verify baseurl

GPG Key Errors (“public key not available”):

  • Cause: Missing GPG key for a repository.
  • Fix: Import the GPG key manually: 
    rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7  # Example for CentOS 7

Dependency Conflicts:

  • Cause: Incompatible package versions or missing dependencies.
  • Fix: 
    yum clean all  # Clear cache and retry  
yum install --skip-broken  # Skip unresolvable dependencies (last resort)

Corrupted Cache:

  • Fix: Rebuild the cache: 
    yum clean all  
yum makecache  # Rebuild metadata cache

7. Best Practices for YUM Management

  1. Use Official Repositories: Prioritize Red Hat/CentOS official repos to avoid security risks from untrusted sources.
  2. Enable GPG Checks: Always set gpgcheck=1 in repo files to verify package integrity.
  3. Update Regularly: Run yum update weekly to patch security vulnerabilities.
  4. Clean Cache Periodically: Use yum clean all monthly to free disk space and resolve metadata issues.
  5. Lock Critical Packages: Use versionlock for packages requiring stability (e.g., databases).
  6. Document Changes: Log package installations/removals for auditing (e.g., yum history shows past transactions).

8. Conclusion

YUM is a powerful tool for managing packages on Red Hat-based systems, simplifying everything from basic updates to complex dependency resolution. By mastering the commands, configuring repositories securely, and following best practices, you can ensure a stable, up-to-date system. Whether you’re using RHEL 7, CentOS, or even newer DNF-based systems, the skills learned here will remain invaluable.

9. References