Yum Plugins
1. Enabling yum plugins
The yum plugins discussed on this page are seperate packages in CentOS-4. They are called protectbase and fastestmirror. In order to use any plugins with yum, you must first edit the file /etc/yum.conf and add the following line:
plugins=1
Once plugins are enabled in yum.conf, you may yum plugins and use them.
2. protectbase
The purpose of the protectbase plugin is to protect certian repositories from updates from other repositories. Repositories that are to be protected will not be updated by newer files from non protected repositories. This plugin is recommended for anyone who routinely enables 3rd party repositories, as these non-CentOS repositories may update certian system files, potentially causing your CentOS installation to become unstable.
To install the protectbase plugin, ensure that the CentOS extras repository is enabled (it is enabled by default) and issue this command:
yum install yum-plugin-protectbase
After the plugin is installed, make sure that it is enabled. Edit the file/etc/yum/pluginconf.d/protectbase.conf and ensure that it contains the following:
[main] enabled = 1
Next you need to edit all .repo files in /etc/yum.repos.d/ and add either:
protect=1
or
protect=0
for each repository. Here is an example of protecting only the [base] and [update] repositories in the CentOS-Base.repo file:
[base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 protect=1 #released updates [update] name=CentOS-$releasever - Updates mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 protect=1 #packages used/produced in the build but not released [addons] name=CentOS-$releasever - Addons mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons #baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 protect=0 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras #baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 protect=0 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 protect=0 #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib #baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 protect=0
You MUST add protect=0 to all repos in all .repo files or any repos that you have in /etc/yum.conf if you want them unprotected, otherwise they belong to the protect=1 group.
When doing updates after editing your files, only repositories that have protect=1 group can update other protect=1 repositories. In our example, yum will only update the [base] or [update] directories with rpms from [base] or [update]. If there were and updated RPM in the [addons] directory for a file in [base], it would not be updated.
3. fastestmirror
The fastest mirror plugin is designed for use in repository configurations where you have more than 1 mirror in a repo configuration. It makes a connection to each mirror, timing the connection and then sorts the mirrors by fastest to slowest for use by yum.
If you are using the default CentOS configuration, and if you are not behind a proxy server, fastestmirror is highly recommended.
To install fastestmirror use this command:
yum install yum-plugin-fastestmirror
After fastestmirror is installed, make sure that it is enabled. Edit the file /etc/yum/pluginconf.d/fastestmirror.conf and ensure that it contains the following:
[main] verbose = 0 socket_timeout = 3 enabled = 1 hostfilepath = /var/cache/yum/timedhosts.txt maxhostfileage = 1
- With both the protectbase and fastestmirror yum plugins installed, you should get the fastest updates with maximum protection from accidental damage from 3rd party repositories.