yum
is the default package manager on CentOS (and other EPEL distos) and a very powerful utility to manage installed packages and software repositories.
Beside its wide out-of-the-box power, the extensible plugin architecture allows extending its feature set. We are going to do that now.
Since updating packages may always break your system, we install a yum plugin that allows us to see packages' changelog and one that allows us to download packages without installing them:
yum install yum-plugin-changelog yum-plugin-downloadonly
People coming from Debian based distros may as well miss the wizard/dialog when an upgraded package ships with a new configuration file version. Don't worry, it is no included in the core version of yum
- but that doesn't mean it is not available at all:
yum install yum-plugin-merge-conf
Additionally, it is nice to get an email when a package update is available. That way one does not have to daily login and do a manual check. For that, we can follow the blog post found here: http://samdoran.com/2013/05/17/automatic-updates-in-rhel-6-and-cent-os-6/.
We start by downloading the package:
yum install yum-cron
chkconfig yum-cron on
Personally I like to review updates before they get applied. Therefor, we change the default yum-cron
configuration:
nano /etc/sysconfig/yum-cron
# Don't install, just check (valid: yes|no)
CHECK_ONLY=yes
# Check to see if you can reach the repos before updating (valid: yes|no)
CHECK_FIRST=yes
MAILTO=root
Warning: It is very important to keep your system up-to-date. A lot of attacks nowaday use vulnerabilities "included" in old packages. Most distros therefor release a hotfix update quite quickly whenever one has been found - make sure to apply them.
Beside EPEL we can add some more repositories to get more (up-to-date) packages:
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm && rpm -ivh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
Make sure the repo files in /etc/yum.repos.d
have lower priority than CentOS base:
priority = X
For this to work, the yum package yum-plugin-priorities
needs to be installed and enabled.
Other interesting repositories are
Atomic
,REMI
andWebtatic
.
Unliken Debian, which supports a set of smart commands like apt-get autoremove
, yum
does not remove leftover (unneeded) package dependencies by default. Personally I always try to keep my systems clean, so I enable the following setting that enables that feature on CentOS:
nano /etc/yum.conf
clean_requirements_on_remove=1
Source: http://skvidal.wordpress.com/2010/11/09/orphaned-dep-cleanup-in-yum/