Centos – How to keep Centos at version 6.3

centosstabilityyum

I have the following:

  • Bunch of guest VM's that are running Centos 6.3
  • Host running Centos 6.3.
  • Recently I created a new Centos 6.3 VM to test out something
  • Ran yum update after a fresh install of a minimal server
  • Noticed Centos is now at 6.4

I would like to keep the version unchanged as I understand that untested changes have the ability to introduce instability (I'm learning server admin/Centos so that I can develop my own applications that automate various 'needs', one such need is to download data, another is to perform analysis on the downloaded data, and yet another need is to execute certain actions based on the analysis).

I'm in the Dev phase of Dev -> Test -> Prod with respect to implementing what I'm doing, so up-time and stability isn't "necessary" at this stage, however, I would like to ensure I've done all I can to ensure up-time/stability will be solid when time does come to have a Prod environment. So, I would like to keep my guest and host KM's running 6.3 until I decide that an upgrade is necessary and/or provides significant benefit(s).

A few questions:

  • How do I prevent automatic upgrades from occurring to versions of the server OS when performing yum update?
  • Is there a "standard" location on the internet for finding what changes occur in a version upgrade?
  • Am I being paranoid about server version changes with respect to stability?

Best Answer

How do I prevent automatic upgrades from occurring to versions of the server OS when performing yum update?

The upgrade from CentOS 6.3 to CentOS 6.4 is a point release. As the link says

Old point releases are never supported. If you want/need to "freeze" at an old point release you are on your own.

What this means is that if you want to stick at C6.3 then no updates will be provided so what you might as well do is disable all the yum repositories. You can do this by adding enabled=0 (or changing the enabled=1 to 0) to each of the [...] sections of the files in /etc/yum.repos.d.

This is a really bad idea. You're on your own. You don't get bug fixes, backported security fixes and updates etc.; you lose your herd immunity.

Is there a "standard" location on the internet for finding what changes occur in a version upgrade?

You can subscribe to the CentOS Announce mailing list which will provide you with a list of updates. The answer to this question is relevant here too. You can check the Centos release notes pages.

Am I being paranoid about server version changes with respect to stability?

No, like all software systems operating systems have their bugs and vulnerabilities. Just like any other piece of software you should evaluate and test proposed changes in your environment before deploying them to your production systems.

You need to evaluate the risks of 'fixing' your OS version and receiving no updates (which over time leaves you open to increased numbers of vulnerabilities) against the risks of updating via a testing process to ensure that nothing breaks when an update is applied.

Related Topic