The dandified yum (DNF) command is the next-generation version of the YUM package manager for installing, upgrading, and removing packages from Fedora, CentOS, AlmaLinux, and other RHEL-based distributions.
Also Read: dnf-automatic: Enable Automatic Updates for RHEL-based distributions
While updating packages in your system, you might not want to allow specific packages from transactions, such as updates, for various reasons, such as bugs or instability in the latest release.
Packages such as Kernel, PHP, MySql, Apache, Nginx, Python, etc., are regularly used on the running server. Updating them into unstable releases might lead to a catastrophe event.
In such an event, it is recommended to pause/hold the update for such packages until a new version or fix is released.
For one time or permanently pausing/holding packages from updating to their latest release can be quickly done using the DNF or YUM package manager for RHEL-based distributions such as Fedora, CentOS, AlmaLinux, etc.
Exclude Packages from Update
The DNF command allows you to exclude specific packages from the transaction for a single event using the below command.
$ sudo dnf upgrade --exclude=kernel
The above command updates all the system packages, excluding the kernel packages specified in the
--exclude options. Next time, execute the same command if you still want to prevent transactions for the kernel package.
Execute the below command to exclude multiple packages from transactions using the DNF command.
$ sudo dnf upgrade --exclude=kernel --exclude=httpd
The above command will exclude kernel and httpd packages from transactions while updating the system.
Excluding relative packages from transactions can be done quickly. For example, if you want to exclude all the relative packages of Python, such as
python-libs, etc. As shown below, you can use a wildcard (e.g., * and ?) to prevent the transaction for all matching packages.
$ sudo dnf upgrade --exclude=python*
The above command will exclude Python and its relative packages from system updates. If you want to exclude multiple related packages of Apache and Python, use the following command.
$ sudo dnf upgrade --exclude=httpd* --exclude=python*
Exclude Packages Update Permanently
You can add the below line to the
/etc/dnf/dnf.conf configuration file to exclude/disable packages from updating until they are manually removed.
You can exclude or prevent multiple packages from updating by specifying each package with space as a separator.
exclude=package1 package2 package3
Adding the above line into the configuration will disable the update for
package3 until they are manually removed from the configuration file.
Also Read: How to use DNF Software Package Manager with Advance Examples
For example, you want to exclude three packages, Apache, PHP, and MySQL, from the transaction (update). First, open the configuration file using your choice of text editor.
$ nano /etc/yum.conf # For YUM Package Manager
$ nano /etc/dnf/dnf.conf # For DNF Package Manager
Now, add the below line specified with packages to separate them by space at the end of the configuration file.
exclude=httpd php mysql
Below is the output of the above command.
Whenever you execute
sudo dnf upgrade command will update all the system and manually installed packages except Apache, PHP, and MySQL.
Why should I’ve to exclude packages from updates?
There is no straightforward answer. If you have a small site with limited users, you do not have to worry about package updates. But mammoth-sized organisations run multiple nodes on the server, where the update of packages can cause serious issues. These packages are usually not compatible or have major configuration changes, etc.
What type of packages should be excluded?
If you think about the production environment, you might be using httpd (Apache), PHP, and MySQL packages for running websites. Now an improper update in these packages can cause a server error. It is recommended that you first check the update effect on the development environment before enrolling in the production environment.
I’ve updated the packages and the server is down
In such cases, if you have a backup or snapshot, then roll back to the older version.
Oops, I don’t even have a backup or snapshot
You are really careless or taking things too lightly. However, in this case, the reconfiguration with the latest release will do the job unless there are several changes. Otherwise, rolling back to the previous version and excluding the package update for a while will be a good idea.
I hope this guide will be useful for you. If you have any queries, let us know in the comment section.
Innovative tech mind with 12 years of experience working as a computer programmer, web developer, and security researcher. Capable of working with a variety of technology and software solutions, and managing databases.