How to Force YUM to Exclude Certain Packages

YUM is the package management system for several Linux distributions, including three major server operating systems: Red Hat Enterprise Linux (RHEL), Fedora, and CentOS. Generally speaking, you can always safely perform updates to the latest software packages offered in the distribution repositories.

There are, however, instances when certain updates are acceptable but others may not be. This is especially true when updating major systems or services, such as the kernel, Apache HTTP Server, PHP, MySQL, and other mission-critical applications. If there is any fear that an update may break currently installed web applications on your dedicated server, you will want to delay updates until the applications can be patched. This is particularly relevant for Fedora and distributions like it that have a faster update cycle.

In order to exclude packages from YUM, edit the yum.conf file, and under the [main] section, add the following line:

exclude=package* otherpackage* singlepackage

In this example, all packages that begin with “package” or “otherpackage” will be excluded, as well as the specific package called “singlepackage”.

As a real-world example, if you wanted to exclude php packages and the specific package, python2.4, you would enter:

exclude=php* python2.4

This is for long-term exclusion. If you only want to exclude packages from a particular update, you can include it in the yum update command string:

yum --exclude=packagename* update

This is particularly useful if you want to perform updates of several packages but want to delay updating packages that require a reboot, such as the kernel, until your server’s low traffic hours.