James B. Byrne wrote:
> On Wed, May 18, 2016 07:39, Mauricio Tavares wrote:
>> On Wed, May 18, 2016 at 4:32 AM, James Hogarth
>> <james.hogarth@xxxxxxxxx> wrote:
>>> On 17 May 2016 20:52, "Mauricio Tavares" <raubvogel@xxxxxxxxx>
>>> wrote:
>>>>
>>>> On Tue, May 17, 2016 at 3:04 PM, <cpolish@xxxxxxxxxxxx> wrote:
>>>> > On 2016-05-17 12:09, jd1008 wrote:
>>>> >> Has anybody enabled this repo?
>>>> >> I understand that it can really mess up updates and upgrades
>>>> >> as the dependencies are rather different.
> . . .
>>>> Why not leave all the extra repos disabled, say
<snip>
>>>> yum install -y libmcrypt --enablerepo=epel
>>>
>>> Doing this means you won't get notified of updates in that repo.
>>> This is not a good idea.
<snip>
> Having been bitten by this on several occasions I finally adopted the
> policy of using the -- includepkgs= -- option and specifically naming
> the packages that I want from a non-standard repo; and also using --
> exclude= -- in the standard repo naming exactly the same packages as
> those included elsewhere. You can use globbing in the package names
> in both cases.
>
> It is a little more work to set up but it is a lot safer to my way of
> thinking, particularly where there are multiple sysadmins involved.
Agreed. This is what I do on the systems with NVidia cards, and I want
kmod-nvidia - I have include= in the /etc/yum.repos.d/elrepo.repo.
Then, to protect production systems from "update everywhere!!!", in
/etc/yum.conf, *just* on those systems, I'll have thinks like
exclude=httpd,kernel. When I have my maintenance window to really update,
I do a yum update --disableexcludes=all. Gives me a fine-grained control.
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
