On 05/10/2012 01:46 AM, Peter Kjellström wrote: > On Thursday 10 May 2012 17.36.07 Gregory Machin wrote: >> Hi. >> At the moment it seems my machines just update to the latest current >> release . I install a 6.0 machine and run yum update , and next thing >> its 6.2 . >> >> I have a requirement where I need machines to only upgrade to even >> numbered sub releases eg: 6.0 , 6.2, 6.4 and only on my approval. But >> will allow updates within a given release. > There is no provided functionality to do this, that is, CentOS doesn't > differentiate between what you call updates and upgrades. I want to point out that neither does Red Hat. If you are on the RHEL 6 channel and if you run an update after you install RHEL 6.0, you will be at RHEL 6.2. 6.0, 6.1, and 6.2 are really only point in time freezes of installation media. They are not separate entities or versions. It is like Windows and service packs. Windows 7 Service Pack 1 and Windows 7 Service Pack 2 are both Windows 7. Not many people want to freeze Windows 7 on Service Pack 1 ... and Microsoft does not provide the ability for you to freeze at that point. Nor does Red Hat provide the ability to freeze at 6.1 or 6.0. As I said, minor releases are about install media, not the distro. The Distribution is CentOS-6 it is not CentOS-6.1 or CentOS-6.2. If you stay on 6.0 then you do not get security updates. 6.0 + updates = 6.x (whatever that is at the time). If you want to test the updates before you deploy them (not an unwise thing to do), then you need to maintain separate repositories where you dump tested RPMs in and update your machines from that. The bottom line is, CentOS supports only CentOS-6 (or CentOS-5) ... if you want something different than that, you need to build your own repositories out of our packages. > >> How can I achieve this ? > Normally (default yum config) a machine fetches it's packages from URL.../6/.. > You can change this 6 to 6.x. That will prevent you from getting updates > belonging to 6.x+1 _but_ will have the negative side-effect of stopping to > work when 6.x+1 is released (6.x removed from normal mirrors). > > Keeping you own repo (rsynced without --delete) may be the best idea (but > requires more work). > >> If I sync the repositories for eg: 6.0 , 6.2, 6.4 separately in >> Spacewalk and only allow access to the ones I want to give access to, >> would that work ? >> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20120510/4e33495e/attachment-0003.sig>