Freezing Rocky Linux Minor updates in Foreman mirrored repositories

Hi, I just need to confirm that when a new minor release comes out, that the previous one gets moved to the vault and the images get updated at the same time. I ask because twice now from 9.2 to 9.3 and then from 9.3 to 9.4 when I had foreman set up to image for instance 9.3, after 9.4 dropped my 9.3 template ended up imaging hosts as 9.4.

If this is the case, I’d like to freeze our mirrored repository as this has broken things in our environment a couple of times now. The 9.4 update resulted in glibc not being compatible with pipelinefx qube-worker and 9.4 hosts couldn’t submit jobs on our render farm. I had to find the testfix RPMs posted on a forum and through puppet had them installed rather than the appstream glibc. This has fixed the issue, but we can’t have our production environment getting broken like this in the future.

I set our sync schedule to off in 2026, but it’s a bit extreme to freeze every repo. I was wondering if I could separate Index of /pub/rocky/9.4/BaseOS/x86_64/os/ from the other repos and set that sync schedule and have the rest update nightly. I’m assuming baseos is where the changes are happening that is forcing these updates to the latest minor release?

Thanks.

Everything from old release gets moved to the vault when a new release is available. Everything is updated, including images.

Assume that all applicable repositories are updated each minor release. BaseOS is where it starts, but there will be deps in appstream and others requiring items in baseos.

1 Like

Okay.

Thank you for your reply.

This is just new to me as we were using Centos for the last 5 years and migrated to Rocky in early 2024. Centos never behaved that way with new minor versions. I do love to be up to date, but it’s a bit stressful when critical parts of our environment stop working.

I’ll be sure to read over the wiki and educate myself.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.