2. Manage Software
πRed Hat Certified System Administrator (RHCSA β EX200)
In Red Hat-based Linux systems (like RHEL), software is installed using RPM packages. These packages are stored in repositories, which are servers containing software and updates. To manage software efficiently, you must configure access to these repositories.
1. What is a repository?
A repository is:
- A location (usually on the internet or local network) that stores software packages.
- Used by
yumordnf(package managers) to install, update, and remove software.
Why it matters:
Without a repository, youβd have to manually download and install RPM files, which is slow and error-prone. Repositories allow automatic installation and updates.
2. Repository Configuration Files
- Repositories are configured in files inside:
/etc/yum.repos.d/
- Each repository has a file ending with
.repo, e.g.,rhel-9-base.repo. - File structure:
[repo-id]
name=Repository Name
baseurl=http://server/path/to/repo
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Explanation of key fields
| Field | Meaning |
|---|---|
[repo-id] | Unique ID for the repo (used internally by yum/dnf) |
name | Friendly name for the repository |
baseurl | URL of the repository (can be HTTP, FTP, or local file path) |
enabled | 1 = active repo, 0 = inactive |
gpgcheck | 1 = verify package signature, 0 = skip verification |
gpgkey | Path to the GPG key used to sign packages |
3. Types of Repositories
- Official Red Hat repositories β provided by Red Hat Subscription.
- Examples: BaseOS, AppStream
- Custom/internal repositories β maintained by your organization
- Useful for internal packages or offline systems
- Third-party repositories β like EPEL (Extra Packages for Enterprise Linux)
- Adds extra software not included in Red Hat base
4. Enabling and Disabling Repositories
- List all configured repositories:
dnf repolist all
- Enable a repository:
dnf config-manager --set-enabled <repo-id>
- Disable a repository:
dnf config-manager --set-disabled <repo-id>
- Temporary usage without enabling permanently:
dnf --enablerepo=<repo-id> install package_name
Exam Tip: Knowing how to enable, disable, and temporarily use repos is crucial.
5. Adding a New Repository
There are two ways:
A. Using a .repo file
- Create a file in
/etc/yum.repos.d/:
sudo nano /etc/yum.repos.d/custom.repo
- Add content:
[customrepo]
name=My Custom Repository
baseurl=http://server/path/to/repo
enabled=1
gpgcheck=0
- Save and verify:
dnf repolist
B. Using dnf config-manager
sudo dnf config-manager --add-repo=http://server/path/to/repo
- This automatically creates a
.repofile. - Verify with
dnf repolist.
6. Repository Security β GPG Keys
- Packages are often signed using GPG keys to verify authenticity.
- Fields used:
gpgcheck=1β enable verificationgpgkey=file:///path/to/keyβ location of the key
- Importing a GPG key:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Always check
gpgcheck=1for production systems to avoid installing tampered packages.
7. Local Repositories
Sometimes, your server does not have internet access. You can create a local repo from ISO or downloaded packages:
- Mount the ISO:
sudo mount -o loop rhel9.iso /mnt
- Create
.repofile:
[localrepo]
name=Local RHEL 9 Repo
baseurl=file:///mnt
enabled=1
gpgcheck=0
- Verify:
dnf repolist
Local repos are often used in data centers or isolated environments.
8. Exam Tips for RHCSA
- Know the repo file location:
/etc/yum.repos.d/ - Be able to add a new repo using
.repofile ordnf config-manager - Enable/disable repos with
dnf config-manager - Understand GPG keys for package verification
- Verify repos using:
dnf repolist
dnf repolist all
- Temporary repo usage:
dnf --enablerepo=<repo-id> install <package>
- Local repository setup from ISO or local files
β Summary
- Repositories are software sources.
- Configured in
.repofiles under/etc/yum.repos.d/. - Can be enabled, disabled, or temporarily used.
- Use GPG keys to verify package authenticity.
- Local repos are useful for offline or internal networks.
- You donβt need to memorize URLs, but know how to configure and use them.
