[CentOS] CentosPlus

Thu May 19 14:30:10 UTC 2016
m.roth at 5-cent.us <m.roth at 5-cent.us>

James B. Byrne wrote:
> On Wed, May 18, 2016 07:39, Mauricio Tavares wrote:
>> On Wed, May 18, 2016 at 4:32 AM, James Hogarth
>> <james.hogarth at gmail.com> wrote:
>>> On 17 May 2016 20:52, "Mauricio Tavares" <raubvogel at gmail.com>
>>> wrote:
>>>> On Tue, May 17, 2016 at 3:04 PM,  <cpolish at surewest.net> wrote:
>>>> > On 2016-05-17 12:09, jd1008 wrote:
>>>> >> Has anybody enabled this repo?
>>>> >> I understand that it can really mess up updates and upgrades
>>>> >> as the dependencies are rather different.
> . . .
>>>>       Why not leave all the extra repos disabled, say
>>>> yum install -y libmcrypt --enablerepo=epel
>>> Doing this means you won't get notified of updates in that repo.
>>> This is not a good idea.
> Having been bitten by this on several occasions I finally adopted the
> policy of using the -- includepkgs= -- option and specifically naming
> the packages that I want from a non-standard repo; and also using --
> exclude= -- in the standard repo naming exactly the same packages as
> those included elsewhere.  You can use globbing in the package names
> in both cases.
> It is a little more work to set up but it is a lot safer to my way of
> thinking, particularly where there are multiple sysadmins involved.

Agreed. This is what I do on the systems with NVidia cards, and I want
kmod-nvidia - I have include= in the /etc/yum.repos.d/elrepo.repo.

Then, to protect production systems from "update everywhere!!!", in
/etc/yum.conf, *just* on those systems, I'll have thinks like
exclude=httpd,kernel. When I have my maintenance window to really update,
I do a yum update --disableexcludes=all. Gives me a fine-grained control.