Table of Contents

YUM Versionlock - Essential Commands

Plugin Installation

# CentOS/RHEL 7-8
sudo yum install yum-plugin-versionlock
 
# CentOS/RHEL 9 / Rocky Linux / AlmaLinux
sudo dnf install python3-dnf-plugin-versionlock

Basic Commands

Lock Packages

# Lock currently installed version
sudo yum versionlock add package-name
 
# Lock specific version
sudo yum versionlock add package-name-1.2.3
 
# Lock with wildcard (all versions starting with...)
sudo yum versionlock add 'gitlab-ee-18*'
 
# Lock multiple packages at once
sudo yum versionlock add package1 package2 package3

View Locks

# List all locked packages
sudo yum versionlock list
 
# Check if specific package is locked
sudo yum versionlock list | grep package-name

Unlock Packages

# Unlock specific package
sudo yum versionlock delete package-name
 
# Unlock all packages
sudo yum versionlock clear
 
# Unlock with wildcard
sudo yum versionlock delete 'gitlab-ee-18*'

Practical Examples

GitLab - Block Major Version

# Block all 18.x versions
sudo yum versionlock add 'gitlab-ee-18*'
 
# Allow updates only within 17.x series
sudo yum update gitlab-ee

Kernel - Keep Stable Version

# Lock current kernel
sudo yum versionlock add kernel
 
# Check which version is locked
sudo yum versionlock list | grep kernel

Docker - Lock Compatible Version

# Lock Docker at current version
sudo yum versionlock add docker-ce docker-ce-cli containerd.io
 
# List Docker locks
sudo yum versionlock list | grep docker

Configuration Files

File Locations

# Locked packages list stored in:
/etc/yum/pluginconf.d/versionlock.list

# Plugin configuration:
/etc/yum/pluginconf.d/versionlock.conf

Manual Editing

# Edit list directly (not recommended)
sudo nano /etc/yum/pluginconf.d/versionlock.list
 
# Format: EPOCH:NAME-VERSION-RELEASE.ARCH
# Example: 0:gitlab-ee-17.11.6-ee.0.el8.x86_64

Useful Combined Commands

Selective Updates

# Update all packages except locked ones
sudo yum update
 
# Force update (temporarily ignore versionlock)
sudo yum update --disableplugin=versionlock
 
# Update only specific package (respects locks)
sudo yum update package-name

Pre-Update Verification

# See what would be updated (dry-run)
sudo yum check-update
 
# See which packages are locked
sudo yum versionlock list
 
# Combine - see available updates vs locked
sudo yum check-update && echo "--- BLOCKED ---" && sudo yum versionlock list

Tips & Best Practices

Useful Tips:
  • Use wildcards to block entire version families
  • Regularly check lock list with yum versionlock list
  • Test updates on staging systems before production
  • Document why you locked specific packages
Important Notes:
  • Versionlock doesn't work with yum remove
  • Locked packages may create unresolved dependencies
  • Check compatibility before locking critical packages

Troubleshooting

Common Issues

# Plugin not working
sudo yum clean all
sudo yum makecache
 
# Check if plugin is active
yum --help | grep versionlock
 
# Reset all locks if having issues
sudo yum versionlock clear

Plugin Status Check

# Check if plugin is installed
rpm -qa | grep versionlock
 
# Check configuration
cat /etc/yum/pluginconf.d/versionlock.conf