Hello everyone!
I set up a local repository for almalinux 9 packages and it works well so far, all clients can download packages and do regular updates.
The problem is that yum update --security --bugfix
comes back empty, despite copying all metadata from official repos and mirrors.
Example of configuration i’m using:
[baseos]
name= AlmaLinux baseos
baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/
enabled=1
gpgcheck=1
countme=1
enabled_metadata=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
reposync -g -a x86_64 -p /srv/repo_alma/ --downloadcomps --download-metadata --security --bugfix --repo baseos
createrepo -v /srv/repo_alma/baseos/ --keep-all-metadata
Doesn’t seem to find a updateinfo.xml on my local repo, are there extra steps to copy it? Another method?
Thank you in advance,
Why not simply dnf update
? Why “cherry-pick” just some packages? That does not lead to anything beneficial.
Workplace policy, we don’t want to update httpd if it’s not for security/bugfix.
Understandable.
RHEL (and Alma) does receive a point update every six months. That contains fixes and new features.
Between point updates only some packages (of current point update) do get updates. These are practically always security/bugfixes by design, aren’t they?
I doubt they would satisfied with an update every six months.
I found a workaround with copying the updateinfo.xml manually from the official, but there got to be a more direct way to do that, is there?
I do use rsync
to create local copies of some repos. No reposync nor createrepo. That gives me “whole copies”, presumably including updateinfo too. (I never use the --security
filter.)
My point was that updates within each six months are mostly security or bugfixes, so something that your policy demands to be installed.
It is the point updates that introduce non-fixes.