CentOS versions 5 and 6 are end-of-life (EOL) and no longer supported. Repositories for releases up to 5.11 and 6.10 are maintained at https://centos.vault.org (for CentOS Base) and http://archives.fedoraproject.org (for EPEL)
This document sets out tested-working procedures for updating CentOS from releases 5.x --> 5.11 and releases 6.x --> 6.10 using CentOS-EOL.repo and epel-EOL.repo files on x86_64 hosts.
Get the version and release of CentOS currently installed on your host.
> cat /etc/redhat-release
The output will include CentOS release 5.x
or CentOS release 6.x
where 'x' will be a number from 1 to 11. Following the instructions below you will perform a yum update
for each increment of 'x' until you reach release 5.11 or 6.10.
Create backups of the CentOS-Base.repo and epel.repo files.
> sudo cd /etc/yum/repos.d/
> sudo mv CentOS-Base.repo CentOS-Base.repo.bak
> sudo mv epel.repo epel.repo.bak
Ensure any other repositories are disabled by editing their respective *.repo
files and changing any line containing enabled=1
to enabled=0
. At this point no repository should be enabled.
Disable ssl/tls certificate verification for yum by adding the entry sslverify=false to /etc/yum.conf.
> sudo echo "sslverify=false" >> /etc/yum.conf
Create a new CentOS-EOL.repo file. In the template below replace VERSION with the current version number and VERSION.RELEASE with the current version number and the next release number of your CentOS installation. For example, if your current installation is at CentOS release 6.5 you will replace VERSION with 6 and VERSION.RELEASE with 6.6 in the template below. If your current installation is at CentOS release 5.7 you will replace VERSION with 5 and VERSION.RELEASE with 5.8 in the template below. Select a repository to download from and uncomment the corresponding baseurl entry (leave the remaining baseurl entries commented out). Selecting the vault.centos.org site may not work due to ssl/tls issues. If that is the case, select one of the other three sites.
> sudo -e /etc/yum.repos.d/CentOS-EOL.repo
[base]
name=CentOS-VERSION.RELEASE - Base
#baseurl=http://vault.centos.org/VERSION.RELEASE/os/$basearch/
baseurl=http://archive.kernel.org/centos-vault/VERSION.RELEASE/os/$basearch/
#baseurl=http://linuxsoft.cern.ch/centos-vault/VERSION.RELEASE/os/$basearch/
#baseurl=http://mirror.nsc.liu.se/centos-store/VERSION.RELEASE/os/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-VERSION
metadata_expire=never
[updates]
name=CentOS-VERSION.RELEASE - Updates
#baseurl=http://vault.centos.org/VERSION.RELEASE/updates/$basearch/
baseurl=http://archive.kernel.org/centos-vault/VERSION.RELEASE/updates/$basearch/
#baseurl=http://linuxsoft.cern.ch/centos-vault/VERSION.RELEASE/updates/$basearch/
#baseurl=http://mirror.nsc.liu.se/centos-store/VERSION.RELEASE/updates/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-VERSION
metadata_expire=never
[extras]
name=CentOS-VERSION.RELEASE - Extras
#baseurl=http://vault.centos.org/VERSION.RELEASE/extras/$basearch/
baseurl=http://archive.kernel.org/centos-vault/VERSION.RELEASE/extras/$basearch/
#baseurl=http://linuxsoft.cern.ch/centos-vault/VERSION.RELEASE/extras/$basearch/
#baseurl=http://mirror.nsc.liu.se/centos-store/VERSION.RELEASE/extras/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-VERSION
metadata_expire=never
Clean the cache before the first update and after each subsequent update.
> sudo yum clean all
For a bare-metal or qemu/kvm installation:
> sudo yum -y update
For a containerized installation:
> sudo yum -y --exclude=kernel-\* update
Edit /etc/yum.repos.d/CentOS-EOL.repo and increment the CentOS minor version number by one. For example, if you just updated from release 6.5 to release 6.6 and you now want to upgrade to release 6.7 you would edit the file as follows:
> sudo sed -i 's/6.6/6.7/g' /etc/yum.repos.d/CentOS-EOL.repo
If you just updated from release 5.7 to release 5.8 and you now want to upgrade to release 5.9 you would edit the file as follows:
> sudo sed -i 's/5.8/5.9/g' /etc/yum.repos.d/CentOS-EOL.repo
Clean the yum cache, run yum update and then increment the release number in the CentOS-EPEL.repo file. Repeat for each release increment until you reach the final release for your version of CentOS (CentOS 5.11 or CentOS 6.10).
At some point in the successive updates your installed CentOS release will have updated its CA certs, openssl and nss packages to a level sufficient to connect to the Centos Vault repository. At that point you can change the baseurl in /etc/yum.repos.d/CentOS-EOL.repo to point to vault.centos.org (instead of one of the other three sites) which will greatly speed up the update process.
Once you have reached that point (or finished your CentOS release updates altogether) you can create a new epel-EOL.repo file. In the template below replace VERSION with your installation's CentOS version number 5 or 6.
> sudo -e /etc/yum.repos.d/epel-EOL.repo
[epel]
name=Extra Packages for Enterprise Linux VERSION - $basearch
baseurl=https://archives.fedoraproject.org/pub/archive/epel/VERSION/$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-VERSION
Clean the yum cache and run yum update as described above. Once you have completed all updates you will be at the final release for your CentOS installation. No new packages are added to these repositories and no existing packages are updated; the only actions you can perform are to remove existing packages from your host or install existing packages to your host.