Introduction
Oracle Linux uses the RPM package format and yum to interact with both the free Oracle Linux yum server and Unbreakable Linux Network for customers with a support subscription. This post covers a few useful yum commands.
Show Information About Installed and Available Packages
yum info <package name> displays information about both installed and available packages.
$ yum info kernel-uek Loaded plugins: security Installed Packages Name : kernel-uek Arch : x86_64 Version : 4.1.12 Release : 61.1.33.el6uek Size : 208 M Repo : installed Summary : The Linux kernelURL : http://www.kernel.org/License : GPLv2Description : The kernel package contains the Linux kernel (vmlinuz), the core of any : Linux operating system. The kernel handles the basic functions : of the operating system: memory allocation, process allocation, device : input and output, etc.
Available PackagesName : kernel-uekArch : x86_64Version : 4.1.12Release : 94.1.8.el6uekSize : 50 MRepo : public_ol6_UEKR4Summary : The Linux kernelURL : http://www.kernel.org/License : GPLv2Description : The kernel package contains the Linux kernel (vmlinuz), the core of any : Linux operating system. The kernel handles the basic functions : of the operating system: memory allocation, process allocation, device
yum list <package name> will show available and installed packages by that name. To show older versions than the one currently installed or available to install, use --show-duplicates
$ yum list openssl --show-duplicates
Installed Packages
openssl.x86_64 1:1.0.2k-16.0.1.el7 installed
Available Packages
openssl.x86_64 1:1.0.2k-12.0.1.el7 ol7_latest
openssl.x86_64 1:1.0.2k-12.0.3.el7 ol7_latest
openssl.x86_64 1:1.0.2k-16.0.1.el7 ol7_latest
Working with Yum Repositories: Enabling and Disabling
Listing Enabled and Disabled Repositories
The command yum repolist here lists two enabled repositories: public_ol6_UEKR4 and public_ol6_latest
$ yum repolistLoaded plugins: securitypublic_ol6_UEKR4 | 1.2 kB 00:00 public_ol6_latest | 1.4 kB 00:00 repo id repo name statuspublic_ol6_UEKR4 Latest Unbreakable Enterprise Kernel Release 4 ... 244+73public_ol6_latest Oracle Linux 6Server Latest (x86_64) 31,595+7,370repolist: 31,839
List Disabled Repositories
To list disabled repositories, based on the yum configuration file in /etc/yum.repos.d, use the yum repolist disabled command:
$ yum repolist disabledLoaded plugins: securityrepo id repo name public_ol6_MySQL MySQL 5.5 for Oracle Linux 6 (x86_64) public_ol6_MySQL56 MySQL 5.6 for Oracle Linux 6 (x86_64) public_ol6_MySQL57 MySQL 5.7 for Oracle Linux 6 (x86_64) public_ol6_UEKR3_latest Unbreakable Enterprise Kernel Release 3 for Oracle ... (x86_64) public_ol6_UEKR4_OFED OFED supporting tool packages for... (x86_6)public_ol6_UEK_base Unbreakable Enterprise Kernel for Oracle Linux 6Server (x86_64) public_ol6_UEK_latest Latest Unbreakable Enterprise Kernel for Oracle Linux 6Server (x86_64) public_ol6_addons Oracle Linux 6Server Add ons (x86_64) public_ol6_ceph10 Ceph Storage for Oracle Linux Release 1.0 - Oracle ... (x86_64) public_ol6_ga_base Oracle Linux 6Server GA installation media copy (x86_64) ... repolist: 0
Enabling and Disabling a Repository
To enable and disable repositories, you can either edit the appropriate configuration file in /etc/yum.repos.d/ or you can use the yum-config-manager tool provided by the yum-utils package
$ sudo yum -y install yum-utils
To enable a repository, use the yum-config-manager --enable command <repo name> command. For example to enable the Addons repository for Oracle Linux 6:
$ sudo yum-config-manager --enable public_ol6_addons
You will see output that includes the following. Notice that enabled = 1.
===================================== repo: public_ol6_addons ======================================[public_ol6_addons]bandwidth = 0base_persistdir = /var/lib/yum/repos/x86_64/6Serverbaseurl = http://yum.oracle.com/repo/OracleLinux/OL6/addons/x86_64/cache = 0cachedir = /var/cache/yum/x86_64/6Server/public_ol6_addonscost = 1000enabled = 1enablegroups = Trueexclude =failovermethod = priorityftp_disable_epsv = False...
Similarly to disable a repository:
$ sudo yum-config-manager --disable public_ol6_addons
Temporarily Enabling and Disabling Repositories: enablerepo and disablerepo
Sometimes you want to perform yum commands while temporarily enabling or disabling repositories without changing the current yum configuration. Use the --enablerepo and --disablerepo arguments to achieve this. For example, to temporarily disable all currently enabled repositories while enabling a new repository, public_ol6_u9_base in order to search for the python binary only in that repository (in addition to any installed python binaries):
$ yum --disablerepo="*" --enablerepo=public_ol6_u9_base provides "*/bin/python"
For more information about the provides argument, see the separate topic below.
Security Notices and Bugfix Notices: updateinfo
Errata (security fixes, bug fixes and enhancements) for the base Oracle Linux operating system are available for free via the Oracle Linux yum server. You can view and search all errata advisories via linux.oracle.com/errata and CVEs (Common Vulnerabilities and Exposures) in particular via linux.oracle.com/cve The plugin yum-plugin-security is installed by default and lets you query security information.
List a Summary of Available Bugfix and Security Notices
$ yum updateinfoLoaded plugins: securityUpdates Information Summary: updates 2 Security notice(s) 1 Critical Security notice(s) 1 Important Security notice(s) 2 Bugfix notice(s)updateinfo summary done
List Available Security Advisories
To get a list of available security advisories use the yum updateinfo security command:
$ yum updateinfo securityLoaded plugins: securityELSA-2017-3539 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64ELSA-2017-3539 Important/Sec. kernel-uek-firmware-4.1.12-61.1.34.el6uek.noarchELSA-2017-1100 Critical/Sec. nss-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-sysinit-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-tools-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-util-3.28.4-1.el6_9.x86_64updateinfo list done
List Advisories by Severity
To list only Critical security advisories, use the --sec-severity=Critical flag
$ yum updateinfo list --sec-severity=CriticalLoaded plugins: securityELSA-2017-1100 Critical/Sec. nss-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-sysinit-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-tools-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-util-3.28.4-1.el6_9.x86_64updateinfo list done
Show Advisory Detail
To show detail for a particular advisory, use yum updateinfo <advisory ID>
$ yum updateinfo ELSA-2017-1100Loaded plugins: security======================================================================= nss and nss-util security update======================================================================= Update ID : ELSA-2017-1100 Release : Oracle Linux 6 Type : security Status : final Issued : 2017-04-20 CVEs : CVE-2017-5461Description : nss : [3.28.4-1.0.1] : - Added nss-vendor.patch to change vendor : - Temporarily disable some tests until expired : PayPalEE.cert is renewed : : [3.28.4-1] : - Rebase to 3.28.4 : : nss-util : [3.28.4-1] : - Rebase to NSS 3.28.4 to accommodate base64 : encoding fix Severity : Criticalupdateinfo info done
List Advisories by CVE
To list advisories that address a particular CVE, use yum updateinfo list --cve <CVE ID>
$ yum updateinfo list --cve CVE-2017-5461Loaded plugins: securityELSA-2017-1100 Critical/Sec. nss-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-sysinit-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-tools-3.28.4-1.0.1.el6_9.x86_64ELSA-2017-1100 Critical/Sec. nss-util-3.28.4-1.el6_9.x86_64updateinfo list done
List Vulnerabilities (CVEs) for Which Updates Are Available
To list CVEs that apply to your system use yum updateinfo list cves:
$ yum updateinfo list cvesLoaded plugins: securityCVE-2016-7910 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2017-2583 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2017-6214 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2017-6347 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2017-7184 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2016-10208 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2017-5986 Important/Sec. kernel-uek-4.1.12-61.1.34.el6uek.x86_64CVE-2016-7910 Important/Sec. kernel-uek-firmware-4.1.12-61.1.34.el6uek.noarch...
Apply an Update to Address a Particular CVE
To update your system to address a particular CVE:
$ sudo yum update --cve CVE-2017-5461Loaded plugins: securitySetting up Update ProcessResolving DependenciesLimiting packages to security relevant ones4 package(s) needed (+0 related) for security, out of 7 available--> Running transaction check---> Package nss.x86_64 0:3.28.3-3.0.1.el6_9 will be updated---> Package nss.x86_64 0:3.28.4-1.0.1.el6_9 will be an update---> Package nss-sysinit.x86_64 0:3.28.3-3.0.1.el6_9 will be updated---> Package nss-sysinit.x86_64 0:3.28.4-1.0.1.el6_9 will be an update---> Package nss-tools.x86_64 0:3.28.3-3.0.1.el6_9 will be updated---> Package nss-tools.x86_64 0:3.28.4-1.0.1.el6_9 will be an update...
Search for Installed and Available Packages: repoquery
Search For an Available Package By Name
Search for any package called ruby or ruby followed by a 3 digit version number and include the repository name in the results. Here %-32 is used for formatting:
$ repoquery -a {ruby,ruby[0-9][0-9][0-9]} --qf "%-32{repoid} %{name}"public_ol6_latest rubypublic_ol6_software_collections ruby193public_ol6_software_collections ruby200
Search For an Available Package in a Specific Repository
Use the --repoid option to limit your search to a particular repo:
$ repoquery -q python* --repoid public_ol6_software_collections
Find Which Package Contains a Particular File, Library or Executable: provides or whatprovides
To find out which package(s) contain a particular library, executable or any other file, use the provides or whatprovides option. For example, to find one or more packages that contain uuencode:
$ yum provides "*/uuencode" Loaded plugins: securityol6_UEK_latest/filelists | 20 MB 00:02 ol6_addons/filelists | 922 kB 00:00 ol6_latest/filelists | 68 MB 00:07 sharutils-4.7-6.1.el6.x86_64 : The GNU shar utilities for packaging and unpackaging shell : archivesRepo : ol6_latestMatched from:Filename : /usr/bin/uuencode
Even More Package Details: File Contents and Changelog
List the Contents of an Available Package
Use repoquery --list to list the file contents of a package, even if it's not installed.
$ repoquery --list jq /usr/bin/jq /usr/share/doc/jq/AUTHORS /usr/share/doc/jq/COPYING /usr/share/doc/jq/README /usr/share/doc/jq/README.md /usr/share/man/man1/jq.1.gz
Inspecting Package Changelogs with yum-plugin-changelog
To inspect package changelogs, install the changelog yum plugin:
$ sudo yum install -y yum-plugin-changelog
Show Changelog Starting with a Certain Date
$ yum changelog 2017-APR-10 kernel-uekLoaded plugins: changelog, securityListing changelogs since 2017-04-10==================== Available Packages ====================kernel-uek-4.1.12-94.1.8.el6uek.x86_64 public_ol6_UEKR4* Tue Apr 18 12:00:00 2017 Chuck Anderson <...@oracle.com> [4.1.12-94.1.8.el6uek]- qla2xxx: Fix NULL pointer deref in QLA interrupt (Bruno Prémont) [Orabug: 25894919] - sched/wait: Fix the signal handling fix (Peter Zijlstra) [Orabug: 25896852] - Change return value for notify_change() to EACCES (Dhaval Giani) [Orabug: 25897119]* Wed Apr 12 12:00:00 2017 Chuck Anderson <...@oracle.com> [4.1.12-94.1.7.el6uek]- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877496] {CVE-2016-7910}* Tue Apr 11 12:00:00 2017 Chuck Anderson <...@oracle.com> [4.1.12-94.1.6.el6uek]- net/mlx4_core: panic the system on unrecoverable errors (Santosh Shilimkar) [Orabug: 25225861]changelog stats. 2 pkgs, 2 source pkgs, 3 changelogs
References