[CentOS] "yum --security" and staying with 5.0

Clint Dilks clintd at scms.waikato.ac.nz
Wed Dec 12 04:54:58 UTC 2007


Amos Shapira wrote:
> On 12/12/2007, Karanbir Singh <mail-lists at karan.org> wrote:
>   
>> Amos Shapira wrote:
>>     
>>> Context - I'd like to stick to 5.0 at least for a while until the dust
>>> around 5.1 settles down (and I'm back from holidays).
>>>       
>> ok, so what do you mean by sticking to 5.0 ? you mean you dont want any
>> updates at all for those machines, even if they might be security issues ?
>>     
>
> (I also replied to David's message)
>
> No. I'm trying to understand where does 5.0 stand now that 5.1 is out
> - should I abandon 5.0 and upgrade to 5.1 if I want to stick to
> secure, stable releases or is 5.0 going to be maintained in parallel
> to 5.0 for security issues?
>
> >From your response so far I suspect that it's the former (must upgrade to 5.1).
>
>   
>>> As an example - In Debian, as long as I stick to "stable" I can be
>>> sure that the only updates I receive there are for heavily tested very
>>> important bugs and security issues, so I should generally apply them.
>>>       
>> CentOS does not follow the debian release model.
>>     
>
> This idea is beginning to sink in :^).
>
> I just though that RHEL/CentOS is all about providing rock-solid,
> tested stable releases but there are some noises on the net that the
> new release might be giving early adopters some rough time.
>
>   
>>> 1. If I read the FAQ correctly, in order to force yum to stay with 5.0
>>> should I just manually edit /etc/redhat-release from:
>>>
>>> CentOS release 5 (Final)
>>> to:
>>> CentOS release 5.0 (Final)
>>>       
>> no, there is no such mention abut anything in the FAQ or anywhere else
>> that I can find. What made you believe that changing stuff in that text
>> file will change the repo's your machine is looking at ?
>>     
>
> It doesn't explicitly say so but as David pointed out,
> http://wiki.centos.org/FAQ/CentOS5#q8 talks about the content of this
> file as a way to know where the system thinks it belongs to now.
>
> I now noticed the last sentence saying "you are in the update release
> stream for the 5.1 series and you will not move to a newer release
> without making changes to the yum config.". What kind of changes does
> this refer to? Overriding the $releasever in the repository URL's to
> hard-coded "5.0" or what?
>
> Thanks,
>
> --Amos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>   
Hi Amos

My understanding is that unless you choose not to update your system at 
all you can not freeze on a point release.  So install from any 5.* 
media and when you update you will go to the latest point release.

What I would suggest if you are really worried about this is to 
configure /etc/yum.conf with a keepcache higher than 1 so that if an 
update is done you can roll back the rpm

I hope this helps



More information about the CentOS mailing list