Beginners Guide to Package Management with YUM in CentOS/RHEL

The purpose of implementing a YUM server is to have a centralized repository of packages/rpms. Also, the main motive behind it is to have a centralized patch management system, where you can download the packages from the Redhat website and store it on a central location. By configuring YUM we can save efforts to install/update any package on the server. Also, we can apply the latest bug fixes and hotfixes with less manual efforts.

I have taken this discussion as an opportunity to explore more on the RHEL patching side. And I could create a Centralized Patch (update) server using YUM (HTTP-based) for updating the clients. Here are the steps that I performed to configure the server. I kept all the steps and screenshot with this article so it’s a bit long. I hope this would help you guys as well.

Here I am using RHEL 6.3 release. You can check the version using:

# cat /etc/redhat-release

Pre-requisites for creating the Centralized patch/update YUM server are:

  • Apache software (httpd-2.2.15-29.el6_4.i686)
  • YUM download only plugin rpm (yum-plugin-downloadonly-1.1.30-14.el6.noarch)
  • Createrepo rpm (createrepo-0.9.9-18.el6.noarch)
  • Internet connectivity (which is required to contact Redhat server for pulling updates)
  • RHEL 6.3 OS DVD for copying the rpms and creating rpm.
  • Valid redhat (RHN) login ID and password for downloading the update from Redhat

Check the required rpms are installed in the server.

[root@server-yum ~]# rpm -qa | grep -i httpd
httpd-2.2.15-29.el6_4.i686

[root@server-yum ~]# rpm -qa | grep -i Yum
yum-plugin-downloadonly-1.1.30-14.el6.noarch

[root@server-yum ~]# rpm -qa | grep -i create
createrepo-0.9.9-18.el6.noarch

First we need to configure apache server. In this setup I am using http protocol for YUM server. For configuring the apache we need to edit the apache configuration file /etc/httpd/conf/httpd.conf and change the following lines:

ServerAdmin [email protected]
ServerName 192.168.1.5:80
DocumentRoot "/var/www/html"
apache httpd.conf configuration for yum

Mount the DVD and using mount command to any directory here I am using /mnt for mounting the DVD in my server.

mount RHEL DVD

Now we need to copy all the rpms from the RHEL6 DVD to /var/www/html for creating the repo. In the RHEL DVD you have 3 directories which contains rpms. They are Packages, HighAvailability & LoadBalancer. Run the following commands to copy the rpms directories to /var/www/html location.

copy DVD in yum repository

Once you have copied all the RPMs you start or restart Apache. Using the following command.

[root@server-yum ~]# service httpd restart

Now we need to run createrepo command to create database of the rpm’s. Using createrepo command.

[root@server-yum ~]# cd /var/www/html/Packages/
[root@server-yum Packages]# createrepo .
createrepo command
[root@server-yum Packages]# cd /var/www/html/LoadBalancer/
[root@server-yum LoadBalancer]# createrepo .
createrepo loadbalancer
[root@server-yum LoadBalancer]# cd /var/www/html/HighAvailability/
[root@server-yum HighAvailability]# createrepo .
createrepo high availability

You might be thinking why we are copying all RPMs in different directories why can’t we copy all the RPMs into a single directory and run single createrepo command to create a single RPM database. It is possible to create a single directory and copy all the RPMs into that and run the createrepo. However we cannot use the groupinstall or gouplistand all RPM group related commands.

Now we need to create group of RPM’s for convenient installation of Packages using the following command. If we don’t create group you would get the following error message when you run the group related commands from client machine like groupinstall ,grouplist etc.

[root@yum-client yum.repos.d]# yum grouplist
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Setting up Group Process
Error: No group data available for configured repositories
[root@yum-client yum.repos.d]#

So we need to create a group repo file to fix these kind of issue or to use group rpm related command in YUM. Now for running the createrepo command for group of RPM you need to have a XML file. This file would be under the repodata directory in the DVD and the end of file name as –comps-rhel6-server.xml. Filename would be something similar to this:

9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml

You need to copy this XML file to all the RPM directories under the /var/www/html.

[root@yum-server repodata]# cp /cdrom/repodata/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/Packages/
[root@yum-server repodata]# cp /cdrom/repodata/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/HighAvailability/
[root@yum-server repodata]# cp /cdrom/repodata/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/LoadBalancer/

Then you need to run the createrepo command using the following command in each RPM directory.

[root@server-yum repodata]# createrepo -g /var/www/html/Packages/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/Packages/
Spawning worker 0 with 2842 pkgs

Worker 0:
Worker 0: iso-8859-1 encoding on Ville Skyttä <ville class="skytta@iki fi"> - 2.8.2-2
Worker 0:
Workers Finished
Gathering worker results

Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete</ville>
[root@server-yum repodata]# createrepo -g /var/www/html/LoadBalancer/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/LoadBalancer/

Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@server-yum repodata]# createrepo -g /var/www/html/HighAvailability/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/HighAvailability/
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete

Testing the YUM Server you can create local repo file and check the some YUM installation commands.

My repo file is /etc/yum.repos.d/yum.repo:

# cat /etc/yum.repos.d/yum.repo
repo file yum

After testing the YUM server functionality locally now we need to register this server with Redhat for getting the update. We can use rhn_register command to register the server.

# rhn_register

Here is the screenshot of registering the server with Redhat for update:

rhn_register command

Here you need to use your valid Redhat Login ID and password for login.

redhat network login passowrd redhat network profile name redhat network 01 redhat network 02

This will take some time to send the profile to Redhat:

sending profile to redhat network review system subscription details RHN RHN setup

Once you have finished the registration then you can download the updates from Redhat using the following command. I have given an option to downloadonly so the update will be downloaded into the local directory it won’t update the server automatically. These packages can be used to update the clients.

[root@server-yum ~]# yum update -y --downloadonly --downloaddir=/var/www/html/Packages/

Loaded plugins: downloadonly, product-id, refresh-packagekit, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Server-Yum                                       | 3.7 kB     00:00
rhel-i386-server-6                               | 1.8 kB     00:00
rhel-i386-server-6/primary                       | 16 MB      03:51
rhel-i386-server-6                               | 9441/9441

You can see the downloaded started and end of this screen you can see some messages like exiting because dowloadonly. Once download is finished you need to run createrepo command again to update the repo database.

[root@server-yum]# cd /var/www/html/ Packages
[root@server-yum Packages]# createrepo .
Spawning worker 0 with 3306 pkgs
Worker 0:
Worker 0: iso-8859-1 encoding on Ville Skytta [[email protected]] - 2.8.2-2
Worker 0:
Workers Finished
Gathering worker results

Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs

To update the RPM’s group database run the following command

[root@server-yum Packages]# createrepo -g /var/www/html/Packages/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/Packages/
Spawning worker 0 with 3306 pkgs
Worker 0:
Worker 0: iso-8859-1 encoding on Ville Skyttä <ville class="skytta@iki fi"> - 2.8.2-2
Worker 0:
Workers Finished
Gathering worker results

Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete</ville>

The YUM server is ready to give/distribute the update to its clients. On the client-side you need to create a repo file under /etc/yum.repos.d, which is pointing to your YUM server. My YUM client repo file looks like the below.

# cat /etc/yum.repos.d/yum.repo
yum.repo configuration file

For updating the client with the latest packages, fixes, and enhancement you can run the ‘yum update’ command (Patch up system by applying all updates). You could see the entries like this.

[root@localhost yum.repos.d]# yum update
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package ModemManager.i686 0:0.4.0-3.git20100628.el6 will be updated
---> Package ModemManager.i686 0:0.4.0-5.git20100628.el6 will be an update
---> Package NetworkManager.i686 1:0.8.1-33.el6 will be updated
---> Package NetworkManager.i686 1:0.8.1-66.el6 will be an update
---> Package NetworkManager-glib.i686 1:0.8.1-33.el6 will be updated
yum update

You can give confirmation that whether to update or not. If given Y then it starts updating the client.

yum update confirmation

After the confirmation, you can see the packages is getting updated in the client-side

package update centos

That’s it. But there are many other things you can do. For example, yum updateinfo has some handy options. Try the following:

# yum updateinfo summary
# yum updateinfo list security
# yum updateinfo list available
# yum updateinfo list bugzillas

To prevent yum command from updating the Kernel type:

# yum -y --exclude=kernel\* update

How do I prevent yum from Updating the Kernel permanently? Edit /etc/yum.conf file, enter:

# vi /etc/yum.conf

Append/modify exclude directive line under [main] section, enter:

exclude=kernel*