yum
package and all packages it depends on from being purposefully or accidentally removed. This simple scheme prevents many of the most important packages necessary for your system to run from being removed. In addition, you can list more packages, one per line, in the /etc/sysconfig/protected-packages
file[1] (which you should create if it does not exist), and protect-packages will extend protection-from-removal to those packages as well. To temporarily override package protection, use the --override-protection
option with an applicable yum
command.
Red Hat Network
(RHN). Systems registered with RHN
are able to update and install packages from Red Hat Network
.
man rhnplugin
for more information.
yum
with a set of highly-useful security-related commands, subcommands and options.
~]# yum check-update --security
Loaded plugins: presto, refresh-packagekit, security
Limiting package lists to security relevant ones
Needed 3 of 7 packages, for security
elinks.x86_64 0.12-0.13.el6 rhel
kernel.x86_64 2.6.30.8-64.el6 rhel
kernel-headers.x86_64 2.6.30.8-64.el6 rhel
yum update --security
or yum update-minimal --security
to update those packages which are affected by security advisories. Both of these commands update all packages on the system for which a security advisiory has been issued. yum update-minimal --security
updates them to the latest packages which were released as part of a security advisory, while yum update --security
will update all packages affected by a security advisory to the latest version of that package available.
yum update-minimal --security
will update you to kernel-2.6.30.8-32, and yum update --security
will update you to kernel-2.6.30.8-64. Conservative system administrators may want to use update-minimal
to reduce the risk incurred by updating packages as much as possible.
man yum-security
for usage details and further explanation of the enhancements the security plugin adds to yum
.
[1]
You can also place files with the extension .list
in the /etc/sysconfig/protected-packages.d/
directory (which you should create if it does not exist), and list packages—one per line—in these files. protect-packages will protect these too.