Yum
The Yum and DNF package managers are typically found on Red Hat based distros. Yum has been superseded by the DNF package manager, but its usage is backwards compatible and for the most part functions identically to Yum.
Usage
Unless otherwise stated, the usage examples listed below work for both Yum and DNF.
| Task | Command |
|---|---|
| Clean and update repository metadata | # yum clean all
# yum update
|
| Install a package by name | # yum install <package>
|
| Remove a package by name | # yum remove <package>
|
| Upgrade a package | # yum update <package>
|
| Search for a package | # yum search <package>
|
| List all available versions | Use --showduplicates to show all available versions of a package.
# yum search --showduplicates kernel
|
| Search for a package by provided file | ## To find any package that provides *bin/netcat as a file
# yum whatprovides \*bin/netcat
|
| List installed packages | # rpm -qa
|
| Determine which package provided a file | # rpm -qf <path to file>
|
Yum repositories are placed in /etc/yum.repos.d. Typically, yum logs will show all actions taken by yum at /var/log/yum.rpm.log.
Excluding Packages
To exclude a package from being installed, use the -x option or add to the exclude attribute in the /etc/yum.conf file.
The list is separated by a space and supports wildcards. For example:
exclude=cpsc-uml pack* package3
DNF Specific
If you are usingdnf such as on CentOS 8, or a recent version of Fedora, you need to add the exclude line in the /etc/dnf/dnf.conf file under the [main] section.
For example:
[main]
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
deltarpm=0
exclude=lightdm-webkit2-greeter
Troubleshooting
thread.error: can't start new thread
While attempting to install a package on a VPS, I encountered:
[root@drache ~]# yum install php-mysql
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 309, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 178, in main
result, resultmsgs = base.doCommands()
File "/usr/share/yum-cli/cli.py", line 345, in doCommands
self._getTs(needTsRemove)
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 101, in _getTs
self._getTsInfo(remove_only)
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 112, in _getTsInfo
pkgSack = self.pkgSack
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 661, in
pkgSack = property(fget=lambda self: self._getSacks(),
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 501, in _getSacks
self.repos.populateSack(which=repos)
File "/usr/lib/python2.4/site-packages/yum/repos.py", line 232, in populateSack
self.doSetup()
File "/usr/lib/python2.4/site-packages/yum/repos.py", line 79, in doSetup
self.ayum.plugins.run('postreposetup')
File "/usr/lib/python2.4/site-packages/yum/plugins.py", line 179, in run
func(conduitcls(self, self.base, conf, **kwargs))
File "/usr/lib/yum-plugins/fastestmirror.py", line 181, in postreposetup_hook
all_urls = FastestMirror(all_urls).get_mirrorlist()
File "/usr/lib/yum-plugins/fastestmirror.py", line 333, in get_mirrorlist
self._poll_mirrors()
File "/usr/lib/yum-plugins/fastestmirror.py", line 376, in _poll_mirrors
pollThread.start()
File "/usr/lib64/python2.4/threading.py", line 416, in start
_start_new_thread(self.__bootstrap, ())
thread.error: can't start new thread
The solution was to disable the fastest mirror plugin by editing /etc/yum/pluginconf.d/fastestmirror.conf and setting enable=0
[main]
enabled=0
verbose=0
socket_timeout=3
hostfilepath=/var/cache/yum/timedhosts.txt
maxhostfileage=10
maxthreads=15
#exclude=.gov, facebook
Bad id for repo: My Repo, byte = N
After adding a custom repository, running yum or dnf resulted in this error:
Bad id for repo: Local EPEL - Everything, byte = 5
Bad id for repo: Local EPEL - Modular, byte = 5
The issue here is the space. Replace the spaces with dashes or underscores and try again.
Cannot install packages because of an unimported repo key
If you had installed a repo via kickstart without importing the necessary keys, you will see the following message:
# dnf -y install docker-ce docker-ce-cli containerd.io
You have enabled checking of packages via GPG keys. This is a good thing.
However, you do not have any GPG public keys installed. You need to download
the keys for packages you wish to install and install them.
You can do that by running the command:
rpm --import public.gpg.key
Alternatively you can specify the url to the key you would like to use
for a repository in the 'gpgkey' option in a repository section and DNF
will install it for you.
For more information contact your distribution or package provider.
You will need to import the keys for this repo via rpm --import. Check the repo file for the appropriate gpg key to import.
In the case above, I was missing the docker keys, so the fix was to run rpm --import https://download.docker.com/linux/centos/gpg.
Error download packages: EE certificate key too weak
# yum install wget
Last metadata expiration check: 0:12:19 ago on Tue Oct 19 16:20:18 2021.
Dependencies resolved.
=========================================================================================================================================================================
Package Architecture Version Repository Size
=========================================================================================================================================================================
Installing:
wget x86_64 1.19.5-10.el8 appstream 733 k
Transaction Summary
=========================================================================================================================================================================
Install 1 Package
Total download size: 733 k
Installed size: 2.8 M
Is this ok [y/N]: y
Downloading Packages:
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'yum clean packages'.
Error: Error downloading packages:
Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://mirrors.rockylinux.org/mirrorlist?arch=x86_64&repo=AppStream-8 [SSL certificate problem: EE certificate key too weak]
Check what the crypto policy is set to. For repos using TLS1.2/1.3 to work, you'll need to lower the policy down to DEFAULT. More information on Red Hat's website at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening.
To lower the policy, set it with the update-crypto-policies command:
# update-crypto-policies --show
FUTURE
# update-crypto-policies --set DEFAULT
Setting system policy to DEFAULT