On 05/26/2017 09:26 AM, Rick Stevens wrote: > On 05/26/2017 08:04 AM, cen wrote: >> Hi >> >> I need OpenVPN 2.3 because the end router has an outdated OpenVPN >> version and OpenVPN 2.4 broke compatibility. >> >> 2 weeks ago I accidentally updated to 2.4 but I managed to do dnf >> downgrade. >> >> However, after I updated Fedora 25 today I can no longer downgrade, it >> says it is at lowest version. >> >> OpenVPN upgraded even tho I explicitely set >> >> exclude=openvpn >> >> in /etc/yum.repos.d/fedora.repo >> >> >> What is the correct way to avoid this in the future? How to properly >> prevent package from updating? > > Putting an exclude it in a specific .repo file or inside a "[repo-name]" > block excludes those RPMs _from that repo only_. The openvpn update most > likely came from the fedora-updates repo and your exclude wouldn't > have applied. > > I think what you really want to do is put the excludes in the > /etc/dnf/dnf.conf file in the "[main]" section. That way the exclude > works on ALL repos. I might also mention that the incompatibility of your router is probably due to it using a cipher that the newer OpenVPN no longer considers secure and is no longer part of the default set of ciphers it supports (I've run into similar problems with ssh and older hardware). The old cipher is probably there and could be added to the default set via an entry in the OpenVPN config file. You'd need to look at the system logs to see which cipher is causing the problem and where it's causing the issue. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - Blech! ACKth! Ooop! -- Bill the Cat (Outland) - ---------------------------------------------------------------------- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
