yum-plugin-priorities
Note: This plugin is named yum-priorities on CentOS-5 and yum-plugin-priorities on CentOS-4. It functions the same in both places.
It can be installed with this command:
CentOS-4:
yum install yum-plugin-priorities
CentOS-5:
yum install yum-priorities
The priorities plugin can be used to enforce ordered protection of repositories, by associating priorities to repositories. Packages from repositories with a lower priority will never be used to upgrade packages that were installed from a repository with a higher priority. The priorities are also in effect when a new package is installed - if a package is in more than one repository, it will be installed from the repository with the highest priority. This plugin is particularly useful for anyone who uses one or more third-party repositories, as these repositories may update system files, which can potentially compromise the stability of your CentOS installation.
To be able to use this plugin, you must enable plugins in your /etc/yum.conf file, see Yum Plugins for details.
The priorities plugin is available from two locations:
Through the CentOS Extras repository. Since the CentOS Extras repository is enabled by default, you can install this plugin on CentOS 4 by installing the yum-plugin-priorities package. In the CentOS 5 Extras repository, the package name is yum-priorities. More information about the CentOS Extras repository can be found on the Repositories page.
The priorities plugin has been added to the upstream yum-utils sources since yum-utils 1.0.1. The version included with yum-utils works with both yum 2.4.x and 3.0.x. Installation instructions are provided in the README file that is included in the plugins/priorities directory of the archive.
After the plugin is installed, make sure that it is enabled. You can do this by editing the /etc/yum/pluginconf.d/priorities.conf file, and ensuring that it contains the following lines:
[main] enabled=1
Some packages specify obsoletes in their metadata. This property of a package specifies which old packages with a different name the package replaces. This can intefere with the priority protection of packages, if a package from a low-priority repository contains an obsoletion for package from a high-priority repository. For instance, if the gconfmm2 package was installed from a high-priority repository, and another package (say gconfmm20) claims to replace the obsolete gconfmm2 package, Yum will replace the gconfmm2 package with the gconfmm20 package. This plugin can prevent such upgrades, by adding the following line to the main section of /etc/yum/pluginconf.d/priorities.conf:
check_obsoletes=1
With the plugin enabled, you can add priorities to repositories by adding the line:
priority=N
to a repository entry, where N is an integer number from 1 to 99. The default priority for repositories is 99. The repositories with the lowest priority number have the highest priority. Usually, it is best to give at least the CentOS base and update repositories a very high priority. In the following example of the CentOS-Base.repo file, the CentOS base and update repositories are given the highest possible priority (1):
[base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 priority=1 #released updates [updates] name=CentOS-$releasever - Updates mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 priority=1 #packages used/produced in the build but not released [addons] name=CentOS-$releasever - Addons mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons #baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras #baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib #baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4
Note: The above example is for CentOS-4, the file name RPM-GPG-KEY-centos4 (in the gpgkey line) should be replaced with RPM-GPG-KEY-CentOS-5 for use with CentOS-5.
After making these changes to the CentOS-Base.repo file, Yum will never update packages from the base and update repositories with packages from repositories with lower priorities.
The recommended settings are:
[base], [addons], [updates], [extras] ... priority=1 [centosplus],[contrib] ... priority=2 Third Party Repos ... priority=N (where N is > 10 and based on your preference)
