Locking a Linux System to a Specific OS Version
CentOS Linux
To prevent CentOS from being updated beyond some release level, it’s necessary to appropriate set the $releasever parameter. Create a new file, /etc/yum/vars/releasever, containing the value of the highest point release to which an update is acceptable.
There are two ways we can do this.
head -n1 /etc/centos-release | awk '{print $4}' > /etc/yum/vars/releasever
echo '7.2.1511' > /etc/yum/vars/releasever
Some will prefer the first, as it automatically restricts to whatever release is currently running.
Red Hat Enterprise Linux
RHEL is a bit more complicated, as there are many possible options, which are detailed here: https://access.redhat.com/solutions/238533. To summarize all but the EUS Subscription details:
Systems not registered to Customer Portal or Satellite
Any of the following will work.
-
Modify the
/etc/yum.conffile under the [main] heading:[main] distroverpkg=7.2 -
Create the var file to override $releasever:
head -n1 /etc/redhat-release | awk '{print $7}' > /etc/yum/vars/releasever -
Alternatively …
echo '7.2' > /etc/yum/vars/releasever
Systems registered to Customer Portal or Satellite
-
See a list of possible releases:
subscription-manager release --list -
Set the release:
subscription-manager release --set=7.2 -
Clean your yum cache:
yum clean all -
Verify the system is set to the correct release:
subscription-manager release --show