We are stuck at lest temporarily on 9.1 due to kernel support by third parties. Unfortunately I run today sudo dnf update and it upgraded our server to 9.2 which at the same time updated the kernel.
Is it possible to somehow restrict update in dnf (or freeze the minor version) to make sure nobody upgrades the OS to 9.2?
OS pinning is something supported by RHEL. It is not supported or possible for Rocky, Alma or whatever.
Theoretically, you can edit the /etc/yum.repos.d/*.repo files and change the URL to use the Rocky vault url’s to stop it from being upgraded - assuming of course that they are then fixed to 9.1 and not eg: 9 - else when 9.2 gets moved to the vault, you’ll then end up being upgraded.
Obviously that isn’t recommended to do, so the responsibility for any issues later by using that method wouldn’t be the responsibility of Rocky. Updates are to ensure that a server is secure with the appropriate security patches applied etc.
It’s probably better if anything, just to fix the kernel so that it doesn’t upgrade by excluding it in /etc/dnf/dnf.conf - at least that way you won’t have the kernel upgrade issue, but at least the rest of the system will have updates applied and be more secure.
I mentioned generally, since it’s something RHEL supports - obviously they have EUS versions that don’t apply to all versions. However, looks like it works for me:
[root@rhel9 ~]# subscription-manager release --show
Release not set
[root@rhel9 ~]# subscription-manager release --list
+-------------------------------------------+
Available Releases
+-------------------------------------------+
9
9.0
9.1
9.2
[root@rhel9 ~]# subscription-manager release --set=9.1
Release set to: 9.1
[root@rhel9 ~]# subscription-manager release --show
Release: 9.1
for EUS channels, then yes updates will be able to be applied. But I can still pin to a particular version, even if it’s not EUS, it just won’t get any extended updates if it’s not an EUS channel.
I saw the old kernel indeed is still installed but the problem is with package kernel-devel - we require certain headers to be present and that package it’s not available for the 9.1 kernel. After the upgrade I can only see 5.14.0-284.11.1.el9_2.x86_64 headers available
I have a question that relates to this topic, we went from 9.0 to 9.2 we are having issues with third party also. I need to downgrade to 9.1 I have not found a way that will roll everything back to 9.1. While we do a have a way to lock the version already this was a new build and we did not have the lock in place.
The version lock is on RHEL - it doesn’t work on Rocky/Alma or any other EL derivatives.
You have to edit the /etc/yum.repos.d/*.repo files manually and change the URL’s to use the Rocky Vault URL’s for where the archived versions of Rocky exist to be able to pin it to 9.1 or whatever. But it’s not recommended to do that as previously mentioned but you have the choice if you so wish
Index of /vault/rocky/9.1/ if you go into rocky.repo you will see everything has a variable. osversion release all this stuff you just need to change the baseurl not mirror to this static site url for baseOS, extras, appstream