=Start=
缘由:
线上的Linux机器直接升级kernel可能会导致服务器无法启动,所以对于非严重级别的高危漏洞,建议在升级对应软件补丁时排除内核升级。
正文:
参考解答:
方式一(临时):# yum update --exclude=kernel*方式二(永久):# vim /etc/yum.conf[main]cachedir=/var/cache/yum/$basearch/$releaseverkeepcache=0debuglevel=2logfile=/var/log/yum.logexclude=kernel* redhat-release* <====在[main]下增加exclude指令 |
如何用 yum 检查可用的更新包
https://unix.stackexchange.com/questions/75981/yum-check-available-package-updates
$ yum list available java\* |
Searching for Packages with yum
https://www.centos.org/docs/5/html/yum/sn-searching-packages.html
$ sudo yum search PalmPilot$ sudo yum provides libneon$ sudo yum list tsc\* |
参考链接:
- How do I exclude kernel or other packages from getting updated in Red Hat Enterprise Linux while updating system via yum?
- RHEL/CentOS: yum Update All Packages Except the Linux Kernel
- https://unix.stackexchange.com/questions/128515/is-there-a-way-to-permanently-exclude-the-kernel-from-updates
- https://www.howtogeek.com/50898/how-to-prevent-yum-from-updating-the-kernel/
=END=
《“用 yum 进行升级的同时如何避免 kernel 或其它软件包的升级?”》 有 1 条评论
在 RHEL/CentOS 系统上使用 yum history 命令回滚升级操作 | Linux 中国
https://mp.weixin.qq.com/s/c0c6jjfYB-BFNib7em2UpQ
https://www.2daygeek.com/rollback-fallback-updates-downgrade-packages-centos-rhel-fedora/