In Progress CPANEL-34951 - checkyum excludes various kernel packages, but not kernel*

Ryan Burke

Member
PartnerNOC
Feb 4, 2017
8
3
3
Tampa, Fl
cPanel Access Level
DataCenter Provider
On several of our deployments (internal and customer) we have R1Soft installed for backups. One of the required packages is kernel-devel, so it can locally build a driver for their backup agent.

While kernel is excluded from upcp, kernel-devel is not. And what will happen is upcp will run, update a ton of things that are needed to be updated, but that will generally include any kernel-devel package updates. Having this newer than the booted/installed kernel packages tends to be an issue.

My question is this:

Is there a configuration file or filter list we can add packages to for exclusion from yum when upcp runs? We know we can use exclude= in /etc/yum.conf but the issue with that is that once there, it's excluded when when yum update is ran. That's when we need it to be included. We just need to get it excluded from when upcp runs.
 
Last edited by a moderator:

cPanelChristine

Technical Analyst
Staff member
Aug 10, 2018
57
11
83
Houston, TX
cPanel Access Level
Root Administrator
Hello,

When /scripts/upcp runs, the /scripts/checkyum script is passed to it. This script will add excludes into the /etc/yum.conf file just for upcp to run. It excludes most kernel packages, though it doesn't exclude kernel* in its entirety. I discussed this with the team and it appears that we may need this clarified, so we filed the case CPANEL-34951. If and when changes are performed regarding this case they will appear on our change logs at Change Logs | cPanel & WHM Documentation.

Though that said, we don't recommend updating any configuration files outside of /etc/yum.conf if you're trying to exclude packages from updates. In this situation, since you're trying to make it such that kernel and kernel-devel on yum update, what I would recommend that you disable the /scripts/checkyum script with:

Code:
touch /etc/checkyumdisable
This is the script that runs and adds excludes to /etc/yum.conf. Any excludes that you add into your /etc/yum.conf pertaining to the kernel should not be touched then. Disabling kernel* in /etc/yum.conf should stick then and you would only need to remove the option when you need to update youer kerlen packages.

Another option that you could take is to set the RPMUP option in cpupdate.conf to "manual", such that when upcp runs it doesn't perform yum update. In doing so, only manual upcp runs will perform yum update. The nightly cron updates won't touch these options. This is an example of how it would look in cpupdate.conf:

Code:
RPMUP=manual
This isn't recommended, as it prevents yum update from running during upcp entirely.
With RPMUP set to "manual" you could run yum update whenever you need to.
 

Ryan Burke

Member
PartnerNOC
Feb 4, 2017
8
3
3
Tampa, Fl
cPanel Access Level
DataCenter Provider
Hello,

When /scripts/upcp runs, the /scripts/checkyum script is passed to it. This script will add excludes into the /etc/yum.conf file just for upcp to run. It excludes most kernel packages, though it doesn't exclude kernel* in its entirety. I discussed this with the team and it appears that we may need this clarified, so we filed the case CPANEL-34951. If and when changes are performed regarding this case they will appear on our change logs at Change Logs | cPanel & WHM Documentation.

Though that said, we don't recommend updating any configuration files outside of /etc/yum.conf if you're trying to exclude packages from updates. In this situation, since you're trying to make it such that kernel and kernel-devel on yum update, what I would recommend that you disable the /scripts/checkyum script with:

Code:
touch /etc/checkyumdisable
This is the script that runs and adds excludes to /etc/yum.conf. Any excludes that you add into your /etc/yum.conf pertaining to the kernel should not be touched then. Disabling kernel* in /etc/yum.conf should stick then and you would only need to remove the option when you need to update youer kerlen packages.

Another option that you could take is to set the RPMUP option in cpupdate.conf to "manual", such that when upcp runs it doesn't perform yum update. In doing so, only manual upcp runs will perform yum update. The nightly cron updates won't touch these options. This is an example of how it would look in cpupdate.conf:

Code:
RPMUP=manual
This isn't recommended, as it prevents yum update from running during upcp entirely.
With RPMUP set to "manual" you could run yum update whenever you need to.

We'll try the checkyumdisable and see how it goes, and maybe I'll check for/submit a FR for an option to include kernel in upcp runs, which is fine with us, and would keep R1Soft from having a conniption fit.
 
  • Like
Reactions: cPRex