NAME¶
yum.conf - Configuration file for
yum(8).
DESCRIPTION¶
Yum uses a configuration file at
/etc/yum/yum.conf.
Additional configuration files are also read from the directories set by the
reposdir option (default is `/etc/yum/repos.d'). See the
reposdir option below for further details.
PARAMETERS¶
There are two types of sections in the yum configuration file(s): main and
repository. Main defines all global configuration options. There should be
only one main section. The repository section(s) define the configuration for
each repository/server. There should be one or more repository sections.
[main] OPTIONS¶
The [main] section must exist for yum to do anything. It consists of the
following options:
- cachedir Directory where yum should store its cache
and db files. The default is `/var/cache/yum'.
- persistdir Directory where yum should store
information that should persist over multiple runs. The default is
`/var/lib/yum'.
- keepcache Either `1' or `0'. Determines whether or
not yum keeps the cache of headers and packages after successful
installation. Default is '1' (keep files)
- reposdir A list of directories where yum should look
for .repo files which define repositories to use. Default is
`/etc/yum/repos.d'. Each file in this directory should contain one or more
repository sections as documented in [repository] options below.
These will be merged with the repositories defined in /etc/yum/yum.conf to
form the complete set of repositories that yum will use.
- debuglevel Debug message output level. Practical
range is 0-10. Default is `2'.
- errorlevel Error message output level. Practical
range is 0-10. Default is `2'.
- rpmverbosity Debug scriptlet output level. 'info' is
the default, other options are: 'critical', 'emergency', 'error', 'warn'
and 'debug'.
- protected_packages This is a list of packages that
yum should never completely remove. They are protected via. Obsoletes as
well as user/plugin removals.
The default is: yum glob:/etc/yum/protected.d/*.conf So any packages which
should be protected can do so by including a file in /etc/yum/protected.d
with their package name in it.
Also if this configuration is set to anything, then yum will protect the
package corresponding to the running version of the kernel.
- protected_multilib Either `1' or `0'. This tells yum
whether or not it should perform a check to make sure that multilib
packages are the same version. For example, if this option is off (rpm
behaviour) pkgA-1.x86_64 and pkgA-2.i386 can be installed at the same
time. However this is very rarely desired. Install only packages, like the
kernel, are exempt from this check. The default is `1'.
- logfile Full directory and file name for where yum
should write its log file.
- gpgcheck Either `1' or `0'. This tells yum whether
or not it should perform a GPG signature check on packages. When this is
set in the [main] section it sets the default for all repositories. The
default is `0'.
localpkg_gpgcheck Either `1' or `0'. This tells yum whether or not
it should perform a GPG signature check on local packages (packages in a
file, not in a repositoy). The default is `0'.
- repo_gpgcheck Either `1' or `0'. This tells yum
whether or not it should perform a GPG signature check on the repodata.
When this is set in the [main] section it sets the default for all
repositories. The default is `0'.
- skip_broken Either `1' or `0'. Resolve depsolve
problems by removing packages that are causing problems from the
transaction.
- assumeyes Either `1' or `0'. Determines whether or
not yum prompts for confirmation of critical actions. Default is `0' (do
prompt).
Command-line option: -y
- alwaysprompt Either `1' or `0'. Without this option,
yum will not prompt for confirmation when the list of packages to be
installed exactly matches those given on the command line. Unless
assumeyes is enabled, it will still prompt for package removal, or
when additional packages need to be installed to fulfill dependencies.
Default is `1'.
- tolerant Either `1' or `0'. If enabled, then yum
will be tolerant of errors on the command line with regard to packages.
For example: if you request to install foo, bar and baz and baz is
installed; yum won't error out complaining that baz is already installed.
Default to `0' (not tolerant).
Command-line option: -t
- exclude List of packages to exclude from updates or
installs. This should be a space separated list. Shell globs using
wildcards (eg. * and ?) are allowed.
- exactarch Either `1' or `0'. Set to `1' to make yum
update only update the architectures of packages that you have installed.
ie: with this enabled yum will not install an i686 package to update an
i386 package. Default is `1'.
- installonlypkgs List of package provides that
should only ever be installed, never updated. Kernels in particular fall
into this category. Defaults to kernel, kernel-bigmem, kernel-enterprise,
kernel-smp, kernel-modules, kernel-debug, kernel-unsupported,
kernel-source, kernel-devel, kernel-PAE, kernel-PAE-debug.
Note that because these are provides, and not just package names,
kernel-devel will also apply to kernel-debug-devel, etc.
- installonly_limit Number of packages listed in
installonlypkgs to keep installed at the same time. Setting to 0 disables
this feature. Default is '0'. Note that this functionality used to be in
the "installonlyn" plugin, where this option was altered via.
tokeep. Note that as of version 3.2.24, yum will now look in the yumdb for
a installonly attribute on installed packages. If that attribute is
"keep", then they will never be removed.
- kernelpkgnames List of package names that are
kernels. This is really only here for the updating of kernel packages and
should be removed out in the yum 2.1 series.
- showdupesfromrepos Either `0' or `1'. Set to `1' if
you wish to show any duplicate packages from any repository, from package
listings like the info or list commands. Set to `0' if you want only to
see the newest packages from any repository. Default is `0'.
- obsoletes This option only has affect during an
update. It enables yum's obsoletes processing logic. Useful when
doing distribution level upgrades. See also the yum upgrade command
documentation for more details (yum(8)). Default is `true'.
Command-line option: --obsoletes
- overwrite_groups Either `0' or `1'. Used to
determine yum's behaviour if two or more repositories offer the package
groups with the same name. If overwrite_groups is `1' then the
group packages of the last matching repository will be used. If
overwrite_groups is `0' then the groups from all matching
repositories will be merged together as one large group.
- groupremove_leaf_only Either `0' or `1'. Used to
determine yum's behaviour when the groupremove command is run. If
groupremove_leaf_only is `0' (default) then all packages in the
group will be removed. If groupremove_leaf_only is `1' then only
those packages in the group that aren't required by another package will
be removed.
- enable_group_conditionals Either `0' or `1'.
Determines whether yum will allow the use of conditionals packages.
Default is `1' (package conditionals are allowed).
- group_package_types List of the following: optional,
default, mandatory. Tells yum which type of packages in groups will be
installed when 'groupinstall' is called. Default is: default, mandatory
- installroot Specifies an alternative installroot,
relative to which all packages will be installed.
Command-line option: --installroot
- distroverpkg The package used by yum to determine
the "version" of the distribution. This can be any installed
package. Default is `redhat-release'. You can see what provides this
manually by using: "yum whatprovides redhat-release".
- diskspacecheck Either `0' or `1'. Set this to `0' to
disable the checking for sufficient diskspace before a RPM transaction is
run. Default is `1' (perform the check).
- tsflags Comma or space separated list of transaction
flags to pass to the rpm transaction set. These include 'noscripts',
'notriggers', 'nodocs', 'test', 'justdb' and 'nocontexts'. 'repackage' is
also available but that does nothing with newer rpm versions. You can set
all/any of them. However, if you don't know what these do in the context
of an rpm transaction set you're best leaving it alone. Default is an
empty list.
- recent Number of days back to look for `recent'
packages added to a repository. Used by the list recent command.
Default is `7'.
- retries Set the number of times any attempt to
retrieve a file should retry before returning an error. Setting this to
`0' makes yum try forever. Default is `10'.
- keepalive Either `0' or `1'. Set whether HTTP
keepalive should be used for HTTP/1.1 servers that support it. This can
improve transfer speeds by using one connection when downloading multiple
files from a repository. Default is `1'.
- timeout Number of seconds to wait for a connection
before timing out. Defaults to 30 seconds. This may be too short of a time
for extremely overloaded sites.
- http_caching Determines how upstream HTTP caches are
instructed to handle any HTTP downloads that Yum does. This option can
take the following values:
`all' means that all HTTP downloads should be cached.
`packages' means that only RPM package downloads should be cached (but not
repository metadata downloads).
`none' means that no HTTP downloads should be cached.
The default is `all'. This is recommended unless you are experiencing
caching related issues. Try to at least use `packages' to minimize load on
repository servers.
- throttle Enable bandwidth throttling for downloads.
This option can be expressed as a absolute data rate in bytes/sec. An SI
prefix (k, M or G) may be appended to the bandwidth value (eg. `5.5k' is
5.5 kilobytes/sec, `2M' is 2 Megabytes/sec).
Alternatively, this option can specify the percentage of total bandwidth to
use (eg. `60%'). In this case the bandwidth option should be used
to specify the maximum available bandwidth.
Set to `0' to disable bandwidth throttling. This is the default.
- bandwidth Use to specify the maximum available
network bandwidth in bytes/second. Used with the throttle option
(above). If throttle is a percentage and bandwidth is `0'
then bandwidth throttling will be disabled. If throttle is
expressed as a data rate (bytes/sec) then this option is ignored. Default
is `0' (no bandwidth throttling).
- sslcacert Path to the directory containing the
databases of the certificate authorities yum should use to verify SSL
certificates. Defaults to none - uses system default
- sslverify Boolean - should yum verify SSL
certificates/hosts at all. Defaults to True.
Note that the plugin yum-rhn-plugin will force this value to true, and may
alter other ssl settings (like hostname checking), even if it the machine
is not registered.
- sslclientcert Path to the SSL client certificate
yum should use to connect to repos/remote sites Defaults to none.
Note that if you are using curl compiled against NSS (default in
Fedora/RHEL), curl treats sslclientcert values with the same basename as
_identical_. This version of yum will check that this isn't true and
output an error when the repositories "foo" and "bar"
violate this, like so:
sslclientcert basename shared between foo and bar
- sslclientkey Path to the SSL client key yum should
use to connect to repos/remote sites Defaults to none.
- history_record Boolean - should yum record history
entries for transactions. This takes some disk space, and some extra time
in the transactions. But it allows how to know a lot of information about
what has happened before, and display it to the user with the history
info/list/summary commands. yum also provides the history undo/redo
commands. Defaults to True.
Note that if history is recorded, yum uses that information to see if any
modifications to the rpmdb have been done outside of yum. These are always
bad, from yum's point of view, and so yum will issue a warning and
automatically run some of "yum check" to try and find some of
the worst problems altering the rpmdb might have caused.
- This means that turning this option off will stop yum from
being able to detect when the rpmdb has changed and thus. it will never
warn you or automatically run "yum check". The problems will
likely still be there, and yumdb etc. will still be wrong but yum will not
warn you about it.
- history_record_packages This is a list of package
names that should be recorded as having helped the transaction. yum
plugins have an API to add themselves to this, so it should not normally
be necessary to add packages here. Not that this is also used for the
packages to look for in --version. Defaults to rpm, yum,
yum-metadata-parser.
- history_list_view Which column of information to
display in the "yum history list" command. There are currently
three options: users, cmds (or commands), auto.
Older versions of yum acted like "users", which always outputs the
user who initiated the yum transaction. You can now specify
"commands" which will instead always output the command line of
the transaction. You can also specify "single-user-commands"
which will display the users if there are more than one, otherwise it will
display the command line.
You can also specify "default" which currently selects
"single-user-commands".
- commands List of functional commands to run if no
functional commands are specified on the command line (eg. "update
foo bar baz quux"). None of the short options (eg. -y, -e, -d) are
accepted for this option.
- syslog_ident Identification (program name) for
syslog messages.
- syslog_facility Facility name for syslog messages,
see syslog(3). Default is `LOG_USER'.
- syslog_device Where to log syslog messages. Can be
a local device (path) or a host:port string to use a remote syslog. If
empty or points to a nonexistent device, syslog logging is disabled.
Default is `/dev/log'.
- proxy URL to the proxy server that yum should use.
- proxy_username username to use for proxy
- proxy_password password for this proxy
- username username to use for basic authentication
to a repo or really any url.
- password password to use with the username for
basic authentication.
- plugins Either `0' or `1'. Global switch to enable
or disable yum plugins. Default is `0' (plugins disabled). See the
PLUGINS section of the yum(8) man for more information on
installing yum plugins.
- pluginpath A list of directories where yum should
look for plugin modules. Default is `/usr/share/yum-plugins' and
`/usr/lib/yum-plugins'.
- pluginconfpath A list of directories where yum
should look for plugin configuration files. Default is
`/etc/yum/pluginconf.d'.
- metadata_expire Time (in seconds) after which the
metadata will expire. So that if the current metadata downloaded is less
than this many seconds old then yum will not update the metadata against
the repository. If you find that yum is not downloading information on
updates as often as you would like lower the value of this option. You can
also change from the default of using seconds to using days, hours or
minutes by appending a d, h or m respectively. The default is 6 hours, to
compliment yum-updatesd running once an hour. It's also possible to use
the word "never", meaning that the metadata will never expire.
Note that when using a metalink file the metalink must always be newer
than the metadata for the repository, due to the validation, so this
timeout also applies to the metalink file.
- mirrorlist_expire Time (in seconds) after which the
mirrorlist locally cached will expire. If the current mirrorlist is less
than this many seconds old then yum will not download another copy of the
mirrorlist, it has the same extra format as metadata_expire. If you find
that yum is not downloading the mirrorlists as often as you would like
lower the value of this option.
- mdpolicy You can select from different metadata
download policies depending on how much data you want to download with the
main repository metadata index. The advantages of downloading more
metadata with the index is that you can't get into situations where you
need to use that metadata later and the versions available aren't
compatible (or the user lacks privileges) and that if the metadata is
corrupt in any way yum will revert to the previous metadata.
`instant' - Just download the new metadata index, this is roughly what yum
always did, however it now does some checking on the index and reverts if
it classifies it as bad.
`group:primary' - Download the primary metadata with the index. This
contains most of the package information and so is almost always required
anyway. This is the default.
`group:small' - With the primary also download the updateinfo metadata, this
is required for yum-security operations and it also used in the graphical
clients. This file also tends to be significantly smaller than most
others.
`group:main' - With the primary and updateinfo download the filelists
metadata and the group metadata. The filelists data is required for
operations like "yum install /bin/bash", and also some
dependency resolutions require it. The group data is used in some
graphical clients and for group operations like "yum grouplist
Base".
`group:all' - Download all metadata listed in the index, currently the only
one not listed above is the other metadata, which contains the changelog
information which is used by yum-changelog. This is what "yum
makecache" uses.
- multilib_policy Can be set to 'all' or 'best'. All
means install all possible arches for any package you want to install.
Therefore yum install foo will install foo.i386 and foo.x86_64 on x86_64,
if it is available. Best means install the best arch for this platform,
only.
- bugtracker_url URL where bugs should be filed for
yum. Configurable for local versions or distro-specific bugtrackers.
- color Whether to display colorized output
automatically, depending on the output terminal, can be changed to always
(using ANSI codes) or never. Default is `auto'. Possible values are: auto,
never, always. Command-line option: --color
- color_list_installed_older The
colorization/highlighting for packages in list/info installed which are
older than the latest available package with the same name and arch.
Default is `bold'. Possible values are a comma separated list containing:
bold, blink, dim, reverse, underline, fg:black, fg:red, fg:green,
fg:yellow, fg:blue, fg:magenta, fg:cyan, fg:white, bg:black, bg:red,
bg:green, bg:yellow, bg:blue, bg:magenta, bg:cyan, bg:white.
- color_list_installed_newer The
colorization/highlighting for packages in list/info installed which are
newer than the latest available package with the same name and arch.
Default is `bold,yellow'. See color_list_installed_older for possible
values.
- color_list_installed_reinstall The
colorization/highlighting for packages in list/info installed which is the
same version as the latest available package with the same name and arch.
Default is `normal'. See color_list_installed_older for possible values.
- color_list_installed_extra The
colorization/highlighting for packages in list/info installed which has no
available package with the same name and arch. Default is `bold,red'. See
color_list_installed_older for possible values.
- color_list_available_upgrade The
colorization/highlighting for packages in list/info available which is an
upgrade for the latest installed package with the same name and arch.
Default is `bold,blue'. See color_list_installed_older for possible
values.
- color_list_available_downgrade The
colorization/highlighting for packages in list/info available which is a
downgrade for the latest installed package with the same name and arch.
Default is `dim,cyan'. See color_list_installed_older for possible values.
- color_list_available_install The
colorization/highlighting for packages in list/info available which has no
installed package with the same name and arch. Default is `normal'. See
color_list_installed_older for possible values.
- color_list_available_reinstall The
colorization/highlighting for packages in list/info available which is the
same version as the installed package with the same name and arch. Default
is `bold,underline,green. See color_list_installed_older for possible
values.
- color_search_match The colorization/highlighting
for text matches in search. Default is `bold'. See
color_list_installed_older for possible values.
- color_update_installed The
colorization/highlighting for packages in the "updates list"
which are installed. The updates list is what is printed when you run
"yum update", "yum list updates", "yum list
obsoletes" and "yum check-update". Default is `normal'. See
color_list_installed_older for possible values.
- color_update_local The colorization/highlighting
for packages in the "updates list" which are already downloaded.
The updates list is what is printed when you run "yum update",
"yum list updates", "yum list obsoletes" and "yum
check-update". Default is `bold'. See color_list_installed_older for
possible values.
- color_update_remote The colorization/highlighting
for packages in the "updates list" which need to be downloaded.
The updates list is what is printed when you run "yum update",
"yum list updates", "yum list obsoletes" and "yum
check-update". Default is `normal'. See color_list_installed_older
for possible values.
- clean_requirements_on_remove When removing packages
(by removal, update or obsoletion) go through each package's dependencies.
If any of them are no longer required by any other package then also mark
them to be removed. Boolean (1, 0, True, False, yes,no) Defaults to False
[repository] OPTIONS¶
The repository section(s) take the following form:
- Example: [repositoryid]
name=Some name for this repository
baseurl=url://path/to/repository/
- repositoryid Must be a unique name for each
repository, one word.
- name A human readable string describing the
repository.
- baseurl Must be a URL to the directory where the yum
repository's `repodata' directory lives. Can be an http://, ftp:// or
file:// URL. You can specify multiple URLs in one baseurl statement. The
best way to do this is like this:
[repositoryid]
name=Some name for this repository
baseurl=url://server1/path/to/repository/
url://server2/path/to/repository/
url://server3/path/to/repository/
If you list more than one baseurl= statement in a repository you will find
yum will ignore the earlier ones and probably act bizarrely. Don't do
this, you've been warned.
You can use HTTP basic auth by prepending "user:password@" to the
server name in the baseurl line. For example:
"baseurl=http://user:passwd@example.com/".
- metalink Specifies a URL to a metalink file for the
repomd.xml, a list of mirrors for the entire repository are generated by
converting the mirrors for the repomd.xml file to a baseurl. The metalink
file also contains the latest timestamp from the data in the repomd.xml,
the length of the repomd.xml and checksum data. This data is checked
against any downloaded repomd.xml file and all of the information from the
metalink file must match. This can be used instead of or with the
baseurl option. Substitution variables, described below, can be
used with this option. This option disables the mirrorlist option. As a
special hack is the mirrorlist URL contains the word "metalink"
then the value of mirrorlist is copied to metalink (if metalink is not
set).
- mirrorlist Specifies a URL to a file containing a
list of baseurls. This can be used instead of or with the baseurl
option. Substitution variables, described below, can be used with this
option. As a special hack is the mirrorlist URL contains the word
"metalink" then the value of mirrorlist is copied to metalink
(if metalink is not set).
- enabled Either `1' or `0'. This tells yum whether or
not use this repository.
- gpgcheck Either `1' or `0'. This tells yum whether
or not it should perform a GPG signature check on the packages gotten from
this repository.
- repo_gpgcheck Either `1' or `0'. This tells yum
whether or not it should perform a GPG signature check on the repodata
from this repository.
- gpgkey A URL pointing to the ASCII-armored GPG key
file for the repository. This option is used if yum needs a public key to
verify a package and the required key hasn't been imported into the RPM
database. If this option is set, yum will automatically import the key
from the specified URL. You will be prompted before the key is installed
unless the assumeyes option is set.
Multiple URLs may be specified here in the same manner as the baseurl
option (above). If a GPG key is required to install a package from a
repository, all keys specified for that repository will be installed.
- gpgcakey A URL pointing to the ASCII-armored CA key
file for the repository. This is a normal gpg public key - but this key
will be used to validate detached signatures of all other keys. The idea
is you are asked to confirm import for this key. After that any other gpg
key needed for package or repository verification, if it has a detached
signature which matches this key will be automatically imported without
user confirmation.
- exclude Same as the [main] exclude option but
only for this repository. Substitution variables, described below, are
honored here.
- includepkgs Inverse of exclude. This is a list of
packages you want to use from a repository. If this option lists only one
package then that is all yum will ever see from the repository. Defaults
to an empty list. Substitution variables, described below, are honored
here.
- enablegroups Either `0' or `1'. Determines whether
yum will allow the use of package groups for this repository. Default is
`1' (package groups are allowed).
- failovermethod Either `roundrobin' or `priority'.
`roundrobin' randomly selects a URL out of the list of URLs to start with
and proceeds through each of them as it encounters a failure contacting
the host.
`priority' starts from the first baseurl listed and reads through them
sequentially.
failovermethod defaults to `roundrobin' if not specified.
- keepalive Either `1' or `0'. This tells yum whether
or not HTTP/1.1 keepalive should be used with this repository. See the
global option in the [main] section above for more information.
- timeout Overrides the timeout option from the
[main] section for this repository.
- http_caching Overrides the http_caching
option from the [main] section for this repository.
- retries Overrides the retries option from the
[main] section for this repository.
- throttle Overrides the throttle option from
the [main] section for this repository.
- bandwidth Overrides the bandwidth option from
the [main] section for this repository.
- sslcacert Overrides the sslcacert option
from the [main] section for this repository.
- sslverify Overrides the sslverify option
from the [main] section for this repository.
- sslclientcert Overrides the sslclientcert
option from the [main] section for this repository.
- sslclientkey Overrides the sslclientkey
option from the [main] section for this repository.
- metadata_expire Overrides the
metadata_expire option from the [main] section for this repository.
- mirrorlist_expire Overrides the
mirrorlist_expire option from the [main] section for this
repository.
- proxy URL to the proxy server for this repository.
Set to '_none_' to disable the global proxy setting for this repository.
If this is unset it inherits it from the global setting
- proxy_username username to use for proxy. If this
is unset it inherits it from the global setting
- proxy_password password for this proxy. If this is
unset it inherits it from the global setting
- username username to use for basic authentication
to a repo or really any url. If this is unset it inherits it from the
global setting
- password password to use with the username for
basic authentication. If this is unset it inherits it from the global
setting
- cost relative cost of accessing this repository.
Useful for weighing one repo's packages as greater/less than any other.
defaults to 1000
- skip_if_unavailable If set to True yum will
continue running if this repository cannot be contacted for any reason.
This should be set carefully as all repos are consulted for any given
command. Defaults to False.
-
URL INCLUDE SYNTAX¶
The inclusion of external configuration files is supported for /etc/yum/yum.conf
and the .repo files in the /etc/yum/repos.d directory. To include a URL, use a
line of the following format:
include=
url://to/some/location
The configuration file will be inserted at the position of the
"include=" line. Included files may contain further include lines.
Yum will abort with an error if an inclusion loop is detected.
GLOB: FOR LIST OPTIONS¶
Any of the configurations options which are a list of items can be specfied
using the glob syntax:
glob:/etc/path/somewhere.d/*.conf. This will
read in all files matching that glob and include all lines in each file
(excluding comments and blank lines) as items in the list.
VARIABLES¶
There are a number of variables you can use to ease maintenance of yum's
configuration files. They are available in the values of several options
including
name,
baseurl and
commands.
- $releasever This will be replaced with the value of
the version of the package listed in distroverpkg. This defaults to
the version of `redhat-release' package.
- $arch This will be replaced with your architecture
as listed by os.uname()[4] in Python.
- $basearch This will be replaced with your base
architecture in yum. For example, if your $arch is i686 your $basearch
will be i386.
- $uuid This will be replaced with a unique but
persistent uuid for this machine. The value that is first generated will
be stored in /var/lib/yum/uuid and reused until this file is deleted.
- $YUM0-$YUM9 These will be replaced with the value of
the shell environment variable of the same name. If the shell environment
variable does not exist then the configuration file variable will not be
replaced.
As of 3.2.28, any file in /etc/yum/vars is turned into a variable named after
the filename (or overrides any of the above variables).
Note that no warnings/errors are given if the files are unreadable, so creating
files that only root can read may be confusing for users.
Also note that only the first line will be read and all new line characters are
removed, as a convenience. However, no other checking is performed on the
data. This means it is possible to have bad character data in any value.
FILES¶
/etc/yum/yum.conf
/etc/yum/repos.d/
/etc/yum/pluginconf.d/
/etc/yum/protected.d
/etc/yum/vars
SEE ALSO¶
yum(8)