HOWTO
In this article, we will examine a play used to change the root password using Ansible. It will also encrypt the file the password is stored
man yum), there are 35 standard YUM commands. That number increases to the hundreds when you factor in the various options and flags available with the yum utility. YUM, which stands for Yellowdog Modified Updater, is a better and more interactive way to utilize Linux-based Redhat Package Manager (RPM). It was developed and released by Seth Vidal back in June of 2002, and he continued to contribute to it up until his untimely demise in July of 2013 from a bicycle accident in Durham, North Carolina.
YUM allows the user to do so many things easier in package management such as install, update or upgrade, remove, sort dependencies, search, and so on. However, for the purposes of this article, we will go over a few of the most commonly used yum commands in a Linux environment and provide examples.
A Linux Systems Administrator or Engineer is most certainly familiar with–if not used all of the following yum commands.
$ sudo yum update
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
* base: mirror.wdc1.us.leaseweb.net
* extras: mirror.atlanticmetro.net
* updates: ewr.edge.kernel.org
Resolving Dependencies
--> Running transaction check
---> Package polkit.x86_64 0:0.112-26.el7 will be updated
---> Package polkit.x86_64 0:0.112-26.el7_9.1 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================================================
Package Arch Version Repository Size
======================================================================================================
Updating:
polkit x86_64 0.112-26.el7_9.1 updates 170 k
Transaction Summary
======================================================================================================
Upgrade 1 Package
Total download size: 170 k
Is this ok [y/d/N]: y
As you can see (above), this particular VM has been patched recently so there are no security updates. Instead, polkit is the only package needing an update. How do you check for security updates you ask? Run the following command (below):
$ sudo yum update --security
* base: mirror.wdc1.us.leaseweb.net
* extras: mirror.atlanticmetro.net
* updates: ewr.edge.kernel.org
--> polkit-0.112-26.el7.x86_64 from @anaconda removed (updateinfo)
--> polkit-0.112-26.el7_9.1.x86_64 from updates removed (updateinfo)
No packages needed for security; 1 packages available
Resolving Dependencies
...output omitted...
To check for all of the available packages queued to be updated, run the following (below):
You may be asking what is the polkit package. You can find some information about it by running the next commonly used yum command (below):
$ sudo yum info polkit
Loading mirror speeds from cached hostfile
* base: mirror.centos.iad1.serverforge.org
* extras: mirror.atlanticmetro.net
* updates: ewr.edge.kernel.org
Installed Packages
Name : polkit
Arch : x86_64
Version : 0.112
Release : 26.el7
Size : 476 k
Repo : installed
From repo : anaconda
Summary : An authorization framework
URL : http://www.freedesktop.org/wiki/Software/polkit
License : LGPLv2+
Description : polkit is a toolkit for defining and handling authorizations. It is
: used for allowing unprivileged processes to speak to privileged
: processes.
As you can see in the output (above), the description section provides one or two sentences describing what polkit is and its function.
This should probably be number two if not number one on this list of commonly used yum commands. The yum install command allow users to seamlessly install new applications on their machines with dependencies accounted for.
$ sudo yum install epel-release
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
Loading mirror speeds from cached hostfile
* base: mirror.umd.edu
* extras: mirror.ash.fastserv.com
* updates: mirror.ash.fastserv.com
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================================
Package Arch Version Repository Size
===================================================================================================
Installing:
epel-release noarch 7-11 extras 15 k
Transaction Summary
===================================================================================================
Install 1 Package
Total download size: 15 k
Installed size: 24 k
Is this ok [y/d/N]: y
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-11.noarch 1/1
Verifying : epel-release-7-11.noarch 1/1
Installed:
epel-release.noarch 0:7-11
Complete!
The yum remove or yum erase command should naturally follow the yum install command. This command is used to remove packages from a Linux machine.
$ sudo yum remove epel-release
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-14 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================================================
Package Arch Version Repository Size
======================================================================================================
Removing:
epel-release noarch 7-14 @epel 25 k
Transaction Summary
======================================================================================================
Remove 1 Package
Installed size: 25 k
Is this ok [y/N]: y
This one could arguably make the top three of most commonly used yum commands. All sysadmins and systems engineers are familiar with it because often times, this command is required to clear the yum cache of all metadata and previous package data, in order to begin fresh install.
$ sudo yum clean all
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
Cleaning repos: base epel extras updates
Cleaning up list of fastest mirrors
Just like the name suggests, this yum command is used for downloading packages. It belongs to a long list of utilities for the yum package manager and becomes accessible when the yum-utils package is installed. Other yum-utils package tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco,verifytree, yum-builddep, yum-complete-transaction, yum-config-manager,yum-debug-dump, yum-debug-restore, and yum-groups-manager.
$ sudo yumdownloader nethogs
Loading mirror speeds from cached hostfile
* base: mirror.datto.com
* epel: mirror.cogentco.com
* extras: packages.oit.ncsu.edu
* updates: mirror.jaleco.com
nethogs-0.8.5-1.el7.x86_64.rpm | 38 kB 00:00:00
This is the “do-over” option most sysadmins swear by. It allows the sysadmin to go back in time and undo or redo a yum transaction. A yum transaction is just a fancy way of saying “yum command executions” (e.g. yum install, yum remove, yum update, etc… are all examples of yum transactions). If a yum transaction is interrupted for any reason (e.g power outage, network outage, corrupt yum database, etc, you can find a transaction entry with a timestamp referring to a snapshot of that error, listed under the /var/lib/yum directory.
$ sudo yum history
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
ID | Login user | Date and time | Action(s) | Altered
-------------------------------------------------------------------------------
7 | root | 2022-01-28 15:07 | Install | 2
6 | root | 2022-01-28 15:06 | Update | 2
5 | root | 2022-01-28 15:06 | Install | 1
4 | root | 2022-01-24 23:45 | Install | 36
3 | root | 2022-01-24 04:16 | I, U | 107
2 | root | 2022-01-24 04:11 | I, U | 7
1 | System | 2022-01-24 03:58 | Install | 304
history list
In the example output (above), we can see when transactions ran on this machine and what user initiated those transactions. In this case, all of the yum transactions on this machine were initiated by the root user. In the output (below) will take a closer look at the second transaction on the list or Transaction ID #6. This will help us gain a better understanding of what we can accomplish with the yum history command.
$ sudo yum history info 6
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Transaction ID : 6
Begin time : Fri Jan 28 15:06:53 2022
Begin rpmdb : 348:da7cc2c438fe6f20b9ef2abd04cb74f1b2ff7b67
End time : 15:06:56 2022 (3 seconds)
End rpmdb : 348:0fc393e263bbe83621fea48641ec64be2591e2e9
User : root
Return-Code : Success
Command Line : update -y
Transaction performed with:
Installed rpm-4.11.3-48.el7_9.x86_64 @updates
Installed subscription-manager-1.24.50-1.el7.centos.x86_64 @updates
Installed yum-3.4.3-168.el7.centos.noarch @anaconda
Installed yum-plugin-fastestmirror-1.1.31-54.el7_8.noarch @anaconda
Packages Altered:
Updated epel-release-7-11.noarch @extras
Update 7-14.noarch @epel
Updated polkit-0.112-26.el7.x86_64 @anaconda
Update 0.112-26.el7_9.1.x86_64 @updates
history info
As we can see in the output (above), when we add the info and the Transaction ID number to the yum history command, we find out all kinds of information about yum transactions that occurred and when they occurred. Or simply put, what packages were installed, updated, or removed from this machine over time.
This is another command that arguably belongs higher on this list because of its utility to systems administrators. Often times end-users (developers, testers) will open incident or service tickets inquiring about a ‘missing library, binary, or executable’ error they are receiving when running applications, tests, or builds on a machine. For the purposes of this example, let’s say the missing library error is displaying a “no /usr/lib64/libcap.so.1.10 found” output to your terminal.
Using the yum whatprovides command, we can determine what package provides this particular library as shown in the output below.
$ sudo yum whatprovides '*/usr/lib64/libcap.so.1.10*'
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
* base: mirror.umd.edu
* epel: dl.fedoraproject.org
* extras: nyc.mirrors.clouvider.net
* updates: ewr.edge.kernel.org
compat-libcap1-1.10-7.el7.x86_64 : Library for getting and setting POSIX.1e capabilities
Repo : base
Matched from:
Filename : /usr/lib64/libcap.so.1.10
From the output (above), we know that installing the compat-libcap1 package or rpm will provide the missing library.
Again, like the name suggests, the yum downgrade command will downgrade a recently installed package to its previous version. Sysadmins find this command useful when it is determined that a patch or upgrade of a particular package is breaking an application’s functionality. This is a temporary measure that can be utilized to restore functionality until the developers can resolve the underlying code issue and ensure the application can run successfully with the patch applied.
The output below shows an example of a downgrade to the polkit package we installed earlier.
$ sudo yum downgrade polkit
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
Loading mirror speeds from cached hostfile
* base: mirror.umd.edu
* epel: dl.fedoraproject.org
* extras: nyc.mirrors.clouvider.net
* updates: ewr.edge.kernel.org
Resolving Dependencies
--> Running transaction check
---> Package polkit.x86_64 0:0.112-26.el7 will be a downgrade
---> Package polkit.x86_64 0:0.112-26.el7_9.1 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================================================
Package Arch Version Repository Size
=========================================================================================================
Downgrading:
polkit x86_64 0.112-26.el7 base 170 k
Transaction Summary
==================================================================================================================================================
Downgrade 1 Package
Total download size: 170 k
Is this ok [y/d/N]: y
Downloading packages:
polkit-0.112-26.el7.x86_64.rpm | 170 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : polkit-0.112-26.el7.x86_64 1/2
Cleanup : polkit-0.112-26.el7_9.1.x86_64 2/2
Verifying : polkit-0.112-26.el7.x86_64 1/2
Verifying : polkit-0.112-26.el7_9.1.x86_64 2/2
Removed:
polkit.x86_64 0:0.112-26.el7_9.1
Installed:
polkit.x86_64 0:0.112-26.el7
Complete!
In the example (above), the most recent polkit package was removed and replaced by the previous version.
Finally, last but not least, is the yum repolist command. Sysadmins rely on this command for managing yum repositories (repos). It simply displays all of the enabled repositories on your Linux machine. You can run other repo commands against a repository to do something with it such as running a repoinfo command to gather information about the repo. The output below shows an example output of running the yum repolist command and then running a repoinfo against the Extra Packages for Enterprise Linux 7 or EPEL repository.
$ sudo yum repolist
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
Loading mirror speeds from cached hostfile
* base: mirror.umd.edu
* epel: dl.fedoraproject.org
* extras: nyc.mirrors.clouvider.net
* updates: ewr.edge.kernel.org
repo id repo name status
base/7/x86_64 CentOS-7 - Base 10,072
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,720
extras/7/x86_64 CentOS-7 - Extras 500
updates/7/x86_64 CentOS-7 - Updates 3,369
repolist: 27,661
The example (below), displays repository information for epel.
$ sudo yum repoinfo epel
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
Loading mirror speeds from cached hostfile
* base: mirror.umd.edu
* epel: dl.fedoraproject.org
* extras: nyc.mirrors.clouvider.net
* updates: ewr.edge.kernel.org
Repo-id : epel/x86_64
Repo-name : Extra Packages for Enterprise Linux 7 - x86_64
Repo-status : enabled
Repo-revision: 1643307813
Repo-updated : Thu Jan 27 13:42:34 2022
Repo-pkgs : 13,720
Repo-size : 16 G
Repo-metalink: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=x86_64&infra=stock&content=centos
Updated : Thu Jan 27 13:42:34 2022
Repo-baseurl : https://dl.fedoraproject.org/pub/epel/7/x86_64/ (38 more)
Repo-expire : 21,600 second(s) (last: Fri Jan 28 18:48:28 2022)
Filter : read-only:present
Repo-filename: /etc/yum.repos.d/epel.repo
repolist: 13,720
We’ve reviewed the most commonly used yum commands in Linux IT environments but these are only a fraction of what’s possible using YUM. Red Hat publicized a yum cheat sheet PDF that lists other yum-related commands we did not cover in this article. What do you think of our list? Are there yum commands you believe should belong on this list? If so, let us know in the comments section.
Related Posts
In this article, we will examine a play used to change the root password using Ansible. It will also encrypt the file the password is stored
In this article, we will review the most commonly used RPM commands in Linux. These commands play a pivotal role in package management, allowing users
Configuring autofs in Linux is a straightforward task. This article will guide you through the process of setting up and enabling the autofs service. Table