SLAC CPE Software Engineering Group

How to Setup YUM

SLAC Detailed
SLAC Computing
Software Home
Software Detailed



To prevent yum from running on our taylor'd hosts put "yum" into the /etc/ file


This document describes how to set up yum to upgrade our standalone RHEL servers.


Update the YUM repository:

OPI00NAS03     -User: admin

Our yum repository is kept under package/RedHat on opi00nas03, a network attached storage which has two IPs : and172.19.55.39. We use rsync program to keep our repository on opi00nas03 in sync with SLAC maintained repository which is in /afs/ The program is run on mcclx01, a taylored Linux mahcine that has an acess to both AFS and the NFS storage area provided by opi00nas03.

Make sure the storage is mounted on mcclx01. If not, mount it via

mount -t nfs /nas03

Run the following commands (note: this will be autotamted with a script):

#RHEL3 32bit

rsync -aLv /afs/ /nas03/package/RedHat/RHEL3/i386/RedHat

rsync -aLv /afs/ /nas03/package/RedHat/RHEL3/security

rsync -aLv /afs/ /nas03/package/RedHat/RHEL3/updates

# RHEL4 32 bit

rsync -aLv /afs/ /nas03/package/RedHat/RHEL4/i386/RedHat

rsync -aLv /afs/ /nas03/package/RedHat/RHEL4/security

rsync -aLv /afs/ /nas03/package/RedHat/RHEL4/updates

# RHEL4 64 bit

rsync -aLv /afs/ /nas03/package/RedHat/RHEL4/x86_64/RedHat

rsync -aLv /afs/ /nas03/package/RedHat/RHEL4/security

rsync -aLv /afs/ /nas03/package/RedHat/RHEL4/updates

# We have also included Solaris 8, 9 and 10 in repository and kept

# under package/Solaris, although it has nothing to do with yum.

rsync -aLv /afs/slac/sun4x_510/patches/Recommended /nas03/package/Solaris/sun4x_510/patches/

rsync -aLv /afs/slac/sun4x_59/patches/Recommended /nas03/package/Solaris/sun4x_59/patches/

rsync -aLv /afs/slac/sun4x_58/patches/Recommended /nas03/package/Solaris/sun4x_58/patches/

YUM configuration:

A set of yum configurations are defined and kept in /nfs/nas03/package/RedHat/yum, each corresponding to a system ARCH:

OS version OS bit Recommended Updated
RHEL 3 32 yum-recommended-rhel3-32.conf yum-update-rhel3-32.conf
RHEL 4 32 yum-recommended-rhel4-32.conf yum-update-rhel4-32.conf
RHEL 4 64 yum-recommended-rhel4-64.conf yum-update-rhel4-64.conf


The recommended yum configuration contains [base], [security], while the updated contains [base], [rh_updates], [security].

  • [security]: essential and required by SCCS security;
  • [base]: bug fixes and enhancements, necessary to keep our systems to the SCCS "recommended" level. [base] corresponds to a quaterly update;
  • [rh_updates]:  all updates, including ones between the quaterly updates. This is considered to be more aggressive, should be applied with care.

         The configurations should have a handling for kernel and glibc Errata, without exclude=kernel, glibc and etc.

         By default,   we use the recommended yum configuration; the updated one should be used only when needed

         (i.e., when the recommended is not completed or on a newly created a server).

         The example configuration for RHEL4 32 bit recommended is:


name=Red Hat Enterprise Linux 4 - $basearch - Base

name=Red Hat Enterprise Linux 4 - RHSA (RH Security Advisory RPMs)

YUM setup:


Each system will maintain a symbolic link (/etc/yum.conf), pointing to an appropriate version in /nfs/nas03/package/RedHat/yum; for example, on lcls-prod04 which is a RHEL4, 32 bit machine:

ln -s /nfs/nas03/package/RedHat/yum/yum-recommended-rhel4-32.conf /etc/yum.conf

It is very important to verify what a system ARCH is before creating the symbolic link. Check it via:

uname -i for OS bit

cat /etc/redhat-release for OS version.

With such a setup, there is no need to maintain yum.conf on each system, which can be very cumbersome otherwise. Make a change in /nfs/nas03/package/RedHat/yum if needed.

YUM setup:

Make sure the storage is mounted on /nfs/nas03. If not, mount it via

mount -t nfs /nfs/nas03

Make sure yum is installed in /usr/bin/yum. If not, install it on the system from /nfs/nas03/package/RedHat/yum/installation using rpm.

To see what needs updating:

yum check-update

To update:

yum -y update

Reboot the system after yum update.



RHEL5 Setup: (Production)

A note from Ken.

I performed a normal RHEL5.5 network install on lcls-archeg2.  I had to install, by hand, rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm.  I put a copy into /usr/local/admin/RHN.  I then asked net-admin to open up TCP port 443 between LCLSCA and rhupdate1 (RedHat Satellite server).  You have to register your server the RHN satellite server. I received the activation key from Karl Amrhein and ran:  ‘/usr/sbin/rhnreg_ks --activationkey 1-88c0901fb4ab94583dffe0cf2afc58f5’.  I then ran ‘yum check-update’, as root, to see what was going to be installed.  To perform the install I ran ‘yum –y update’


Created by Ken Brobeck and Jingchen Zhou on July 02, 2007.