How to Pin Versions in Yum or Dnf for RHEL or CentOS Linux

CentOS, RHEL (Red Hat Enterprise Linux), Fedora and other clones of RHEL, such as Oracle, Alma, and Rocky, offer support for version pinning. This feature allows developers and system administrators to lock a particular package to a specific version, preventing it from being automatically updated by yum or dnf commands. Sometimes, it is necessary to protect packages from being updated to newer versions to avoid incompatibility issues with your applications. For example, you can lock down PHP version 8.3.6 and avoid using updated PHP version 8.4. Let us see how to lock a package to a specific version, only exclude a package from yum update or dnf update on a CentOS, RHEL, Fedora, and friends.

Advertisement

How to restrict a package to a fixed version number with dnf command and yum command

You need to install python3-dnf-plugin-versionlock package for RHEL 8.x/9.x (or yum-plugin-versionlock for RHEL 7.x).

Tutorial details
Difficulty level Easy
Root privileges Yes
Requirements Linux terminal
Category Package Manager
Prerequisites python3-dnf-plugin-versionlock
OS compatibility AlmaLinux Amazon Linux CentOS Fedora RHEL Rocky Stream
Est. reading time 3 minutes

Pining Versions in Yum or Dnf for RHEL or CentOS Linux

  1. Open the terminal application.
  2. Use the ssh command for remote server login.
  3. Install python3-dnf-plugin-versionlock package, type ‘yum‘ / dnf command as follows:
    {nixcraft@rockylinux9:~}# dnf install python3-dnf-plugin-versionlock
    ## OR ##
    {nixcraft@rockylinux9:~}# yum install 'dnf-command(versionlock)'

    Installing yum-versionlock plugin to restrict a Package to a Fixed Version Number with yum

    Step 01 – Install the Plugin (click to enlarge)

  4. List package versions:
    {nixcraft@rockylinux9:~}# yum list
    {nixcraft@rockylinux9:~}# yum list | more
    {nixcraft@rockylinux9:~}# yum php
    {nixcraft@rockylinux9:~}# yum list | grep 'pkg_name'
  5. To install or lock the version of the php group of packages, type:
    {nixcraft@rockylinux9:~}# yum versionlock php*
    How to pin or install or lock the version of the php group of packages on a RHEL or CentOS Linux using Yum or DNF

    Step 02 – Pin php* Packages to Version Lock List (click to enlarge)

    You can view or edit the /etc/yum/pluginconf.d/versionlock.list file. You can add lines for each package you want to pin, followed by the version. In this example, here is how it will look when viewed using the cat command or more/less commands:
    {nixcraft@rockylinux9:~}# cat /etc/yum/pluginconf.d/versionlock.list
    Outputs:

    # Added lock on Tue May  7 08:27:23 2024
    php-pdo-0:8.3.6-1.el9.remi.*
    php-common-0:8.3.6-1.el9.remi.*
    php-gd-0:8.3.6-1.el9.remi.*
    php-mysqlnd-0:8.3.6-1.el9.remi.*
    php-opcache-0:8.3.6-1.el9.remi.*
    php-phpiredis-0:1.0.1-6.el9.remi.8.3.*
    php-pecl-igbinary-0:3.2.15-1.el9.remi.8.3.*
    php-pecl-imagick-im7-0:3.7.0-9.el9.remi.8.3.*
    php-pecl-zip-0:1.22.3-1.el9.remi.8.3.*
    php-pecl-msgpack-0:2.2.0-2.el9.remi.8.3.*
    php-fpm-0:8.3.6-1.el9.remi.*
    php-intl-0:8.3.6-1.el9.remi.*
    php-mbstring-0:8.3.6-1.el9.remi.*
    php-xml-0:8.3.6-1.el9.remi.*
    php-pecl-redis6-0:6.0.2-1.el9.remi.8.3.*

    In other words, yum update/dnf update won’t update all PHP packages beyond version 8.3.6-1.el9.remi.

  6. Want to display the list of locked packages? Try:
    {nixcraft@rockylinux9:~}# yum versionlock list
  7. Here is to remove and dell all list of locked packages, type:
    {nixcraft@rockylinux9:~}# yum versionlock clear
  8. Want to list any available updates that are currently blocked by versionlock? Try:
    {nixcraft@rockylinux9:~}# yum versionlock status
  9. It is possible to delete the lock on a specific package as follows:
    {nixcraft@rockylinux9:~}# yum versionlock delete 'pkg_name'
    {nixcraft@rockylinux9:~}# yum versionlock delete nginx

    Outputs:

    Last metadata expiration check: 3:52:40 ago on Tue May  7 04:47:58 2024.
    Deleting versionlock for: nginx-1:1.22.1-5.module+el9.3.0+15865+c068dd99.*
  10. You can disallow (exclude) currently available versions of the packages matching the given wildcards. The syntax is:
    {nixcraft@rockylinux9:~}# yum versionlock exclude pkg1*

Example: Pinning the nginx package using dnf/yum

Let us see one more examples:

  • List available package versions: dnf list nginx
  • Add nginx to the /etc/yum/pluginconf.d/versionlock.list file or type: dnf versionlock nginx*
  • Now, yum update won’t update nginx beyond version 1.22.1-5.
  • List it: dnf versionlock list
  • See blocked package status: dnf versionlock status
  • Delete it: dnf versionlock delete nginx*
  • Verify it: dnf versionlock list

For more info see the docs using the man command or help command:
$ man dnf
$ dnf versionlock --help
$ man dnf-versionlock

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

0 comments… add one

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.