Local Yum Repository vs public rocky repo issue

We use a local Yum Repository for updates as our systems are not permitted to have internet access. rocky-repos rpm places the public facing repo files in /etc/yum.repo.d folder and this is a problem. Currently we use Redhat Satellite and subscription-manager as our central repository. subscription-manager places all the repos in one file, but we are facing challenge with the public repo files. To resolve this challenge we removed the Rocky repo files from the yum.repo.d folder but on a yum update these files are re-introduced.

My question here is has anyone else run into this problem, is it necessary to install the rocky-repos rpm or have you used some other work around for this issue other than the one I mentioned above?

My suggestion is don’t remove the repo files. You should set enabled=0 instead on every repo config provided by the release package.

When you make changes to the repo files, they won’t be changed/altered/replaced as they are set to config(noreplace) in the spec file. We do this because we know there are users who have a wide range of different setups and we don’t want to replace their configurations.

This. A convenient method to do that edit is ‘dnf config-manager’:

dnf config-manager --disable appstream baseos extras

I do use Ansible task to keep multiple (AlmaLinux) hosts in desired config:

    - name: Disable upstream mirrors
      ini_file:
        dest: /etc/yum.repos.d/almalinux.repo
        section: "{{ item.repoid }}"
        option: enabled
        value: "0"
        create: false
      with_items:
      - { repoid: 'baseos' }
      - { repoid: 'appstream' }
      - { repoid: 'extras' }