yum.conf (5)
NAME
yum.conf - Configuration file for yum(8).
DESCRIPTION
Yum uses a configuration file at /etc/yum/yum.conf.
Additional configuration files are also read from the directories set by the
reposdir option (default is `/etc/yum/repos.d').
See the reposdir option below for further details.
PARAMETERS
There are two types of sections in the yum configuration file(s): main and
repository. Main defines all global configuration options. There should be only
one main section. The repository section(s) define the configuration for each
repository/server. There should be one or more repository sections.
[main] OPTIONS
The [main] section must exist for yum to do anything. It consists of the
following options:
-
cachedir
Directory where yum should store its cache and db files. The default is
`/var/cache/yum'.
-
persistdir
Directory where yum should store information that should persist over multiple
runs. The default is `/var/lib/yum'.
-
keepcache
Either `1' or `0'. Determines whether or not yum keeps the cache
of headers and packages after successful installation. Default is '1'
(keep files)
-
reposdir
A list of directories where yum should look for .repo files which define
repositories to use. Default is `/etc/yum/repos.d'. Each
file in this directory should contain one or more repository sections as
documented in [repository] options below. These will be merged with the
repositories defined in /etc/yum/yum.conf to form the complete set of
repositories that yum will use.
-
debuglevel
Debug message output level. Practical range is 0-10. Default is `2'.
-
errorlevel
Error message output level. Practical range is 0-10. Default is `2'.
-
rpmverbosity
Debug scriptlet output level. 'info' is the default, other
options are: 'critical', 'emergency', 'error', 'warn' and 'debug'.
-
protected_packages
This is a list of packages that yum should never completely remove. They are
protected via. Obsoletes as well as user/plugin removals.
The default is: yum glob:/etc/yum/protected.d/*.conf So any packages which should be protected can do so by including a file in /etc/yum/protected.d with their package name in it.
Also if this configuration is set to anything, then yum will protect the package corresponding to the running version of the kernel.
-
protected_multilib
Either `1' or `0'. This tells yum whether or not it should perform a check to
make sure that multilib packages are the same version. For example, if this
option is off (rpm behaviour) pkgA-1.x86_64 and pkgA-2.i386 can be installed
at the same time. However this is very rarely desired.
Install only packages, like the kernel, are exempt from this check.
The default is `1'.
-
logfile
Full directory and file name for where yum should write its log file.
-
gpgcheck
Either `1' or `0'. This tells yum whether or not it should perform a GPG
signature check on packages. When this is set in the [main] section it sets the
default for all repositories.
The default is `0'.
localpkg_gpgcheck Either `1' or `0'. This tells yum whether or not it should perform a GPG signature check on local packages (packages in a file, not in a repositoy). The default is `0'.
-
repo_gpgcheck
Either `1' or `0'. This tells yum whether or not it should perform a GPG
signature check on the repodata. When this is set in the [main] section it sets the
default for all repositories. The default is `0'.
-
skip_broken
Either `1' or `0'. Resolve depsolve problems by removing packages that
are causing problems from the transaction.
-
assumeyes
Either `1' or `0'. Determines whether or not yum prompts for confirmation of
critical actions. Default is `0' (do prompt).
Command-line option: -y
-
alwaysprompt
Either `1' or `0'. Without this option, yum will not prompt for confirmation
when the list of packages to be installed exactly matches those given on the
command line. Unless assumeyes is enabled, it will still prompt for
package removal, or when additional packages need to be installed to fulfill
dependencies. Default is `1'.
-
tolerant
Either `1' or `0'. If enabled, then yum will be tolerant of errors on the
command line with regard to packages. For example: if you request to install
foo, bar and baz and baz is installed; yum won't error out complaining that baz
is already installed. Default to `0' (not tolerant).
Command-line option: -t
-
exclude
List of packages to exclude from updates or installs. This should be a space
separated list.
Shell globs using wildcards (eg. * and ?) are allowed.
-
exactarch
Either `1' or `0'. Set to `1' to make yum update only update the architectures
of packages that you have installed. ie: with this enabled yum will not install
an i686 package to update an i386 package. Default is `1'.
-
installonlypkgs
List of package provides that should only ever be installed, never updated.
Kernels in particular fall into this category. Defaults to kernel,
kernel-bigmem, kernel-enterprise, kernel-smp, kernel-modules, kernel-debug,
kernel-unsupported, kernel-source, kernel-devel, kernel-PAE, kernel-PAE-debug.
Note that because these are provides, and not just package names, kernel-devel will also apply to kernel-debug-devel, etc.
-
installonly_limit
Number of packages listed in installonlypkgs to keep installed at the same
time. Setting to 0 disables this feature. Default is '0'. Note that this
functionality used to be in the "installonlyn" plugin, where this option was
altered via. tokeep.
Note that as of version 3.2.24, yum will now look in the yumdb for a installonly
attribute on installed packages. If that attribute is "keep", then they will
never be removed.
-
kernelpkgnames
List of package names that are kernels. This is really only here for the
updating of kernel packages and should be removed out in the yum 2.1 series.
-
showdupesfromrepos
Either `0' or `1'. Set to `1' if you wish to show any duplicate packages from
any repository, from package listings like the info or list commands. Set
to `0' if you want only to see the newest packages from any repository.
Default is `0'.
-
obsoletes
This option only has affect during an update. It enables yum's
obsoletes processing logic. Useful when doing distribution level upgrades. See
also the yum upgrade command documentation for more details (yum(8)).
Default is `true'.
Command-line option: --obsoletes
-
overwrite_groups
Either `0' or `1'. Used to determine yum's behaviour if two or more
repositories offer the package groups with the same name. If
overwrite_groups is `1' then the group packages of the last matching
repository will be used. If overwrite_groups is `0' then the groups
from all matching repositories will be merged together as one large group.
-
groupremove_leaf_only
Either `0' or `1'. Used to determine yum's behaviour when the groupremove
command is run. If groupremove_leaf_only is `0' (default) then
all packages in the group will be removed. If groupremove_leaf_only is
`1' then only those packages in the group that aren't required by another
package will be removed.
-
enable_group_conditionals
Either `0' or `1'. Determines whether yum will allow the use of conditionals
packages. Default is `1' (package conditionals are allowed).
-
group_package_types
List of the following: optional, default, mandatory. Tells yum which type
of packages in groups will be installed when 'groupinstall' is called.
Default is: default, mandatory
-
installroot
Specifies an alternative installroot, relative to which all packages will be
installed.
Command-line option: --installroot
-
distroverpkg
The package used by yum to determine the "version" of the distribution. This
can be any installed package. Default is `redhat-release'. You can see what
provides this manually by using: "yum whatprovides redhat-release".
-
diskspacecheck
Either `0' or `1'. Set this to `0' to disable the checking for sufficient
diskspace before a RPM transaction is run. Default is `1' (perform the check).
-
tsflags
Comma or space separated list of transaction flags to pass to the rpm
transaction set. These include 'noscripts', 'notriggers', 'nodocs', 'test', 'justdb' and 'nocontexts'. 'repackage' is also available but that does nothing
with newer rpm versions.
You can set all/any of them. However, if you don't know what these do in the
context of an rpm transaction set you're best leaving it alone. Default is
an empty list.
-
recent
Number of days back to look for `recent' packages added to a repository.
Used by the list recent command. Default is `7'.
-
retries
Set the number of times any attempt to retrieve a file should retry before
returning an error. Setting this to `0' makes yum try forever. Default is `10'.
-
keepalive
Either `0' or `1'. Set whether HTTP keepalive should be used for HTTP/1.1
servers that support it. This can improve transfer speeds by using one
connection when downloading multiple files from a repository. Default is `1'.
-
timeout
Number of seconds to wait for a connection before timing out. Defaults to
30 seconds. This may be too short of a time for extremely overloaded
sites.
-
http_caching
Determines how upstream HTTP caches are instructed to handle any HTTP downloads
that Yum does. This option can take the following values:
`all' means that all HTTP downloads should be cached.
`packages' means that only RPM package downloads should be cached (but not repository metadata downloads).
`none' means that no HTTP downloads should be cached.
The default is `all'. This is recommended unless you are experiencing caching related issues. Try to at least use `packages' to minimize load on repository servers.
-
throttle
Enable bandwidth throttling for downloads. This option can be expressed as a
absolute data rate in bytes/sec. An SI prefix (k, M or G) may be appended to the
bandwidth value (eg. `5.5k' is 5.5 kilobytes/sec, `2M' is 2 Megabytes/sec).
Alternatively, this option can specify the percentage of total bandwidth to use (eg. `60%'). In this case the bandwidth option should be used to specify the maximum available bandwidth.
Set to `0' to disable bandwidth throttling. This is the default.
-
bandwidth
Use to specify the maximum available network bandwidth in bytes/second. Used
with the throttle option (above). If throttle is a percentage and
bandwidth is `0' then bandwidth throttling will be disabled. If
throttle is expressed as a data rate (bytes/sec) then this option is
ignored. Default is `0' (no bandwidth throttling).
-
sslcacert
Path to the directory containing the databases of the certificate authorities
yum should use to verify SSL certificates. Defaults to none - uses system
default
-
sslverify
Boolean - should yum verify SSL certificates/hosts at all. Defaults to True.
Note that the plugin yum-rhn-plugin will force this value to true, and may alter other ssl settings (like hostname checking), even if it the machine is not registered.
-
sslclientcert
Path to the SSL client certificate yum should use to connect to repos/remote sites
Defaults to none.
Note that if you are using curl compiled against NSS (default in Fedora/RHEL), curl treats sslclientcert values with the same basename as _identical_. This version of yum will check that this isn't true and output an error when the repositories "foo" and "bar" violate this, like so:
sslclientcert basename shared between foo and bar
-
sslclientkey
Path to the SSL client key yum should use to connect to repos/remote sites
Defaults to none.
-
history_record
Boolean - should yum record history entries for transactions. This takes some
disk space, and some extra time in the transactions. But it allows how to know a
lot of information about what has happened before, and display it to the user
with the history info/list/summary commands. yum also provides the
history undo/redo commands. Defaults to True.
Note that if history is recorded, yum uses that information to see if any modifications to the rpmdb have been done outside of yum. These are always bad, from yum's point of view, and so yum will issue a warning and automatically run some of "yum check" to try and find some of the worst problems altering the rpmdb might have caused. -
This means that turning this option off will stop yum from being able to
detect when the rpmdb has changed and thus. it will never warn you or
automatically run "yum check". The problems will likely still be there, and
yumdb etc. will still be wrong but yum will not warn you about it.
-
history_record_packages
This is a list of package names that should be recorded as having helped the
transaction. yum plugins have an API to add themselves to this, so it should not
normally be necessary to add packages here. Not that this is also used for the
packages to look for in --version. Defaults to rpm, yum, yum-metadata-parser.
-
history_list_view
Which column of information to display in the "yum history list" command. There
are currently three options: users, cmds (or commands), auto.
Older versions of yum acted like "users", which always outputs the user who initiated the yum transaction. You can now specify "commands" which will instead always output the command line of the transaction. You can also specify "single-user-commands" which will display the users if there are more than one, otherwise it will display the command line.
You can also specify "default" which currently selects "single-user-commands".
-
commands
List of functional commands to run if no functional commands are specified
on the command line (eg. "update foo bar baz quux"). None of the short options
(eg. -y, -e, -d) are accepted for this option.
-
syslog_ident
Identification (program name) for syslog messages.
-
syslog_facility
Facility name for syslog messages, see syslog(3). Default is `LOG_USER'.
-
syslog_device
Where to log syslog messages. Can be a local device (path) or a host:port
string to use a remote syslog. If empty or points to a nonexistent device,
syslog logging is disabled. Default is `/dev/log'.
-
proxy
URL to the proxy server that yum should use.
-
proxy_username
username to use for proxy
-
proxy_password
password for this proxy
-
username
username to use for basic authentication to a repo or really any url.
-
password
password to use with the username for basic authentication.
-
plugins
Either `0' or `1'. Global switch to enable or disable yum plugins. Default is
`0' (plugins disabled). See the PLUGINS section of the yum(8) man
for more information on installing yum plugins.
-
pluginpath
A list of directories where yum should look for plugin modules. Default is
`/usr/share/yum-plugins' and `/usr/lib/yum-plugins'.
-
pluginconfpath
A list of directories where yum should look for plugin configuration files.
Default is `/etc/yum/pluginconf.d'.
-
metadata_expire
Time (in seconds) after which the metadata will expire. So that if the
current metadata downloaded is less than this many seconds old then yum will
not update the metadata against the repository. If you find that
yum is not downloading information on updates as often as you would like
lower the value of this option. You can also change from the default of using
seconds to using days, hours or minutes by appending a d, h or m respectively.
The default is 6 hours, to compliment yum-updatesd running once an hour.
It's also possible to use the word "never", meaning that the metadata will
never expire. Note that when using a metalink file the metalink must always
be newer than the metadata for the repository, due to the validation, so this
timeout also applies to the metalink file.
-
mirrorlist_expire
Time (in seconds) after which the mirrorlist locally cached will expire.
If the current mirrorlist is less than this many seconds old then yum
will not download another copy of the mirrorlist, it has the same extra format
as metadata_expire.
If you find that yum is not downloading the mirrorlists as
often as you would like lower the value of this option.
-
mdpolicy
You can select from different metadata download policies depending on how much
data you want to download with the main repository metadata index. The
advantages of downloading more metadata with the index is that you can't get
into situations where you need to use that metadata later and the versions
available aren't compatible (or the user lacks privileges) and that if the
metadata is corrupt in any way yum will revert to the previous metadata.
`instant' - Just download the new metadata index, this is roughly what yum always did, however it now does some checking on the index and reverts if it classifies it as bad.
`group:primary' - Download the primary metadata with the index. This contains most of the package information and so is almost always required anyway. This is the default.
`group:small' - With the primary also download the updateinfo metadata, this is required for yum-security operations and it also used in the graphical clients. This file also tends to be significantly smaller than most others.
`group:main' - With the primary and updateinfo download the filelists metadata and the group metadata. The filelists data is required for operations like "yum install /bin/bash", and also some dependency resolutions require it. The group data is used in some graphical clients and for group operations like "yum grouplist Base".
`group:all' - Download all metadata listed in the index, currently the only one not listed above is the other metadata, which contains the changelog information which is used by yum-changelog. This is what "yum makecache" uses.
-
multilib_policy
Can be set to 'all' or 'best'. All means install all possible arches for any package you
want to install. Therefore yum install foo will install foo.i386 and foo.x86_64 on x86_64,
if it is available. Best means install the best arch for this platform, only.
-
bugtracker_url
URL where bugs should be filed for yum. Configurable for local versions or distro-specific
bugtrackers.
-
color
Whether to display colorized output automatically, depending on the output
terminal, can be changed to always (using ANSI codes) or never.
Default is `auto'.
Possible values are: auto, never, always.
Command-line option: --color
-
color_list_installed_older
The colorization/highlighting for packages in list/info installed which are
older than the latest available package with the same name and arch.
Default is `bold'.
Possible values are a comma separated list containing: bold, blink, dim,
reverse, underline, fg:black, fg:red, fg:green, fg:yellow, fg:blue, fg:magenta,
fg:cyan, fg:white, bg:black, bg:red, bg:green, bg:yellow, bg:blue, bg:magenta,
bg:cyan, bg:white.
-
color_list_installed_newer
The colorization/highlighting for packages in list/info installed which are
newer than the latest available package with the same name and arch.
Default is `bold,yellow'.
See color_list_installed_older for possible values.
-
color_list_installed_reinstall
The colorization/highlighting for packages in list/info installed which is
the same version as the latest available package with the same name and arch.
Default is `normal'.
See color_list_installed_older for possible values.
-
color_list_installed_extra
The colorization/highlighting for packages in list/info installed which has
no available package with the same name and arch.
Default is `bold,red'.
See color_list_installed_older for possible values.
-
color_list_available_upgrade
The colorization/highlighting for packages in list/info available which is
an upgrade for the latest installed package with the same name and arch.
Default is `bold,blue'.
See color_list_installed_older for possible values.
-
color_list_available_downgrade
The colorization/highlighting for packages in list/info available which is
a downgrade for the latest installed package with the same name and arch.
Default is `dim,cyan'.
See color_list_installed_older for possible values.
-
color_list_available_install
The colorization/highlighting for packages in list/info available which has
no installed package with the same name and arch.
Default is `normal'.
See color_list_installed_older for possible values.
-
color_list_available_reinstall
The colorization/highlighting for packages in list/info available which is
the same version as the installed package with the same name and arch.
Default is `bold,underline,green.
See color_list_installed_older for possible values.
-
color_search_match
The colorization/highlighting for text matches in search.
Default is `bold'.
See color_list_installed_older for possible values.
-
color_update_installed
The colorization/highlighting for packages in the "updates list" which are
installed. The updates list is what is printed when you run "yum update",
"yum list updates", "yum list obsoletes" and "yum check-update".
Default is `normal'.
See color_list_installed_older for possible values.
-
color_update_local
The colorization/highlighting for packages in the "updates list" which are
already downloaded. The updates list is what is printed when you run
"yum update", "yum list updates", "yum list obsoletes" and "yum check-update".
Default is `bold'.
See color_list_installed_older for possible values.
-
color_update_remote
The colorization/highlighting for packages in the "updates list" which need to
be downloaded. The updates list is what is printed when you run "yum update",
"yum list updates", "yum list obsoletes" and "yum check-update".
Default is `normal'.
See color_list_installed_older for possible values.
-
clean_requirements_on_remove
When removing packages (by removal, update or obsoletion) go through each
package's dependencies. If any of them are no longer required by any other
package then also mark them to be removed.
Boolean (1, 0, True, False, yes,no) Defaults to False
[repository] OPTIONS
The repository section(s) take the following form:
-
Example:
[repositoryid]
name=Some name for this repository
baseurl=url://path/to/repository/
-
repositoryid
Must be a unique name for each repository, one word.
-
name
A human readable string describing the repository.
-
baseurl
Must be a URL to the directory where the yum repository's `repodata' directory
lives. Can be an http://, ftp:// or file:// URL. You can specify multiple URLs
in one baseurl statement. The best way to do this is like this:
[repositoryid]
name=Some name for this repository
baseurl=url://server1/path/to/repository/
url://server2/path/to/repository/
url://server3/path/to/repository/
If you list more than one baseurl= statement in a repository you will find yum will ignore the earlier ones and probably act bizarrely. Don't do this, you've been warned.
You can use HTTP basic auth by prepending "user:password@" to the server name in the baseurl line. For example: "baseurl=user:passwd@example.com".
-
metalink
Specifies a URL to a metalink file for the repomd.xml, a list of mirrors for
the entire repository are generated by converting the mirrors for the
repomd.xml file to a baseurl. The metalink file also contains the latest
timestamp from the data in the repomd.xml, the length of the repomd.xml and
checksum data. This data is checked against any downloaded repomd.xml file
and all of the information from the metalink file must match. This can be used
instead of or with the baseurl option. Substitution variables, described
below, can be used with this option. This option disables the mirrorlist option.
As a special hack is the mirrorlist URL contains the word "metalink" then the
value of mirrorlist is copied to metalink (if metalink is not set).
-
mirrorlist
Specifies a URL to a file containing a list of baseurls. This can be used
instead of or with the baseurl option. Substitution variables, described
below, can be used with this option.
As a special hack is the mirrorlist URL contains the word "metalink" then the
value of mirrorlist is copied to metalink (if metalink is not set).
-
enabled
Either `1' or `0'. This tells yum whether or not use this repository.
-
gpgcheck
Either `1' or `0'. This tells yum whether or not it should perform a GPG
signature check on the packages gotten from this repository.
-
repo_gpgcheck
Either `1' or `0'. This tells yum whether or not it should perform a GPG
signature check on the repodata from this repository.
-
gpgkey
A URL pointing to the ASCII-armored GPG key file for the repository. This
option is used if yum needs a public key to verify a package and the required
key hasn't been imported into the RPM database. If this option is set, yum will
automatically import the key from the specified URL. You will be prompted before
the key is installed unless the assumeyes option is set.
Multiple URLs may be specified here in the same manner as the baseurl option (above). If a GPG key is required to install a package from a repository, all keys specified for that repository will be installed.
-
gpgcakey
A URL pointing to the ASCII-armored CA key file for the repository. This is a normal
gpg public key - but this key will be used to validate detached signatures of all
other keys. The idea is you are asked to confirm import for this key. After that any other
gpg key needed for package or repository verification, if it has a detached signature which matches this
key will be automatically imported without user confirmation.
-
exclude
Same as the [main] exclude option but only for this repository.
Substitution variables, described below, are honored here.
-
includepkgs
Inverse of exclude. This is a list of packages you want to use from a
repository. If this option lists only one package then that is all yum will
ever see from the repository. Defaults to an empty list. Substitution
variables, described below, are honored here.
-
enablegroups
Either `0' or `1'. Determines whether yum will allow the use of package groups
for this repository. Default is `1' (package groups are allowed).
-
failovermethod
Either `roundrobin' or `priority'.
`roundrobin' randomly selects a URL out of the list of URLs to start with and proceeds through each of them as it encounters a failure contacting the host.
`priority' starts from the first baseurl listed and reads through them sequentially.
failovermethod defaults to `roundrobin' if not specified.
-
keepalive
Either `1' or `0'. This tells yum whether or not HTTP/1.1 keepalive should be
used with this repository. See the global option in the [main] section above
for more information.
-
timeout
Overrides the timeout option from the [main] section for this repository.
-
http_caching
Overrides the http_caching option from the [main] section for this repository.
-
retries
Overrides the retries option from the [main] section for this repository.
-
throttle
Overrides the throttle option from the [main] section for this
repository.
-
bandwidth
Overrides the bandwidth option from the [main] section for this
repository.
-
sslcacert
Overrides the sslcacert option from the [main] section for this
repository.
-
sslverify
Overrides the sslverify option from the [main] section for this
repository.
-
sslclientcert
Overrides the sslclientcert option from the [main] section for this
repository.
-
sslclientkey
Overrides the sslclientkey option from the [main] section for this
repository.
-
metadata_expire
Overrides the metadata_expire option from the [main] section for this
repository.
-
mirrorlist_expire
Overrides the mirrorlist_expire option from the [main] section for this
repository.
-
proxy
URL to the proxy server for this repository. Set to '_none_' to disable the
global proxy setting for this repository. If this is unset it
inherits it from the global setting
-
proxy_username
username to use for proxy.
If this is unset it inherits it from the global setting
-
proxy_password
password for this proxy.
If this is unset it inherits it from the global setting
-
username
username to use for basic authentication to a repo or really any url.
If this is unset it inherits it from the global setting
-
password
password to use with the username for basic authentication.
If this is unset it inherits it from the global setting
-
cost
relative cost of accessing this repository. Useful for weighing one repo's packages
as greater/less than any other. defaults to 1000
- skip_if_unavailable If set to True yum will continue running if this repository cannot be contacted for any reason. This should be set carefully as all repos are consulted for any given command. Defaults to False.
-
URL INCLUDE SYNTAX
The inclusion of external configuration files is supported for /etc/yum/yum.conf
and the .repo files in the /etc/yum/repos.d directory. To include a URL, use a
line of the following format:
include=url://to/some/location
The configuration file will be inserted at the position of the "include=" line.
Included files may contain further include lines. Yum will abort with an error
if an inclusion loop is detected.
GLOB: FOR LIST OPTIONS
Any of the configurations options which are a list of items can be specfied using the glob syntax: glob:/etc/path/somewhere.d/*.conf. This will read in all files matching that glob and include all lines in each file (excluding comments and blank lines) as items in the list.
VARIABLES
There are a number of variables you can use to ease maintenance of yum's configuration files. They are available in the values of several options including name, baseurl and commands.
-
$releasever
This will be replaced with the value of the version of the package listed
in distroverpkg. This defaults to the version of `redhat-release'
package.
-
$arch
This will be replaced with your architecture as listed by os.uname()[4] in
Python.
-
$basearch
This will be replaced with your base architecture in yum. For example, if
your $arch is i686 your $basearch will be i386.
-
$uuid
This will be replaced with a unique but persistent uuid for this machine.
The value that is first generated will be stored in /var/lib/yum/uuid and
reused until this file is deleted.
-
$YUM0-$YUM9
These will be replaced with the value of the shell environment variable of
the same name. If the shell environment variable does not exist then the
configuration file variable will not be replaced.
As of 3.2.28, any file in /etc/yum/vars is turned into a variable named after
the filename (or overrides any of the above variables).
Note that no warnings/errors are given if the files are unreadable, so creating
files that only root can read may be confusing for users.
Also note that only the first line will be read and all new line
characters are removed, as a convenience. However, no other checking is
performed on the data. This means it is possible to have bad character
data in any value.
FILES
/etc/yum/yum.conf /etc/yum/repos.d/ /etc/yum/pluginconf.d/ /etc/yum/protected.d /etc/yum/vars