Yum Rollbacks

Very occasionally installing a package or updates with yum can have unexpected results.  Fortunately yum provides the ability to roll back anything it installs.  Here is an example of what these commands look like:

# yum history
Loaded plugins: package_upload, product-id, search-disabled-repos, security, subscription-manager
ID | Login user | Date and time | Action(s) | Altered
 11 | root <root> | 2016-12-16 13:20 | Install | 8 
 10 | root <root> | 2016-12-16 10:38 | Install | 1 
 9 | root <root> | 2016-12-16 08:05 | Install | 1 
 8 | root <root> | 2016-12-15 15:37 | Install | 1 
 7 | root <root> | 2016-12-15 13:29 | Install | 10 
 6 | root <root> | 2016-12-15 12:55 | Install | 5 <
 5 | root <root> | 2016-12-08 14:51 | I, O, U | 381 >E
 4 | root <root> | 2016-12-08 14:45 | Install | 4 
 3 | root <root> | 2016-12-08 14:12 | I, U | 32 EE
 2 | root <root> | 2016-12-08 14:11 | Install | 1 
 1 | System <unset> | 2016-12-08 13:50 | Install | 644

To reverse any of these yum actions simply issue the command:

# yum history undo "#"

Where the trailing “#” is the ID number from the yum history output.

Good luck.

Working with Repositories

Pulling packages from multiple sources can lead to problems.  If you are running rhel and have epel enabled an update could inadvertently pull down a newer version from the wrong repository.  This doesn’t always cause a problem, but it can.  If you need to tfind all the epel packages on your system, here is how you: List all packages installed from repo “X”

yum list installed | grep @epel



To reboot or not to reboot?

You have patches to apply, we all know that if there are kernel patches that you need to (or at least should) restart/reboot the server.  But what about other packages?  There are a few non-kernel patches which can cause havoc if you spply them and do not reboot the server.  The biggest package that most people miss are libraries, specifically libraries used by the system, like glibc.  When the system is running it loads the libraries it needs into memory, updating does not force a reload of those libraries. Therefore after patching you will have the old version in memory and the new version on disk.  When a new subroutine or kernel process is called it will load the new version into memory, this is where the fun can start.  I say fun because you can see some really strange behavior.  Perhaps you have and in frustration rebooted, problem solved but you are perplexed, well now you know.

Since I deal mostly with Redhat these days here are the packages that require/highly recommend a reboot of the server.  (Caveat: If you can reload what is in memory you do not need to reboot.  This is what we do with services like tomcat or apache after a patch and that removes the old packages from memory and loads the new.)

While we all want to avoid interruptions to system uptime, when updating these packages a reboot is required.  Remember to use your own discretion as this list is provided as an informational guide only.  Redhat could introduce changes that increase or decrease this list.  You may be using packages not considered or functionality not examined.

Red Hat Enterprise Linux 5:

  • kernel
  • kernel-smp
  • kernel-PAE
  • kernel-xen
  • glibc
  • hal

Red Hat Enterprise Linux 6:

  • kernel
  • *-firmware-*
  • glibc
  • hal

Red Hat Enterprise Linux 7:

  • kernel
  • glibc
  • linux-firmware
  • systemd
  • udev

Remember if you don’t have to reboot you should restart the updated service.  Good Luck.

Yum that was useful!

Pardon the humor.  Just a collection of useful yum commands that are useful to have around but I don’t always remember off the top of my head.  I’ll be adding to this post over time.

How to list the files installed by a yum package

You will need ‘repoquery‘ which is part of ‘yum-utils‘.  If you don’t have ‘repoquery‘ install it first, then start using it:

# yum install yum-utils

# repoquery --list *package*

How to list/install a package from a specific repository

# yum repolist
# yum --disablerepo="*" --enablerepo="repo-name-here" list available
# yum --disablerepo="*" --enablerepo="repo-name-here" install package-name

Update (9/13/13):

Doing an update I ran across this error:

Error:  Multilib version problems found. This often means that the root
       cause is something else and multilib version checking is just
       pointing out that there is a problem. Eg.:
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

Of course the first command that is suggested is a bad idea, I mean talk about denial!  I ran the second, which did nothing, still got the same problem.  So I did a little digging and these two yum commands seem to have corrected the problem, though they do run for a while (10-30 minutes)

# yum check
# yum distro-sync

Update (08 Oct 2015):

Hunting down some system package inconsistencies and I figured out how to list all RPM packages installed from Repo X:

yum list installed | grep @epel