When you install or update packages on your system, then changes may occur that were not expected. A recent security update on a server and left Nagios in a failed state, but what exactly happend and can it be traced back as yum-cron installs all required security updates? Luckily YUM keeps a history database of all actions and with yum history can you list all transactions.

$ sudo yum history list all
Loaded plugins: fastestmirror
ID     | Login user               | Date and time    | Action(s)      | Altered
-------------------------------------------------------------------------------
    15 | root <root>              | 2019-02-02 07:30 | Update         |    2   
    14 | root <root>              | 2019-01-05 07:52 | Update         |   50   
    13 | System ... <sysadmin>    | 2018-11-04 20:45 | I, U           |   62   
    12 | Ansible ... <ansible>    | 2018-11-04 01:36 | Install        |    4   
    11 | root <root>              | 2018-10-20 04:21 | Update         |    2   
    10 | root <root>              | 2018-10-06 07:45 | Update         |    2   
     9 | System ... <sysadmin>    | 2018-09-15 08:06 | I, U           |    9   
     8 | System ... <sysadmin>    | 2018-09-12 03:19 | Install        |    1   
     7 | Ansible ... <ansible>    | 2018-09-09 13:19 | Install        |    1   
     6 | Ansible ... <ansible>    | 2018-09-09 13:14 | Install        |   29   
     5 | Ansible ... <ansible>    | 2018-09-06 14:11 | I, U           |   81   
     4 | Ansible ... <ansible>    | 2018-09-06 13:21 | Install        |    1   
     3 | Ansible ... <ansible>    | 2018-09-06 13:20 | Install        |   51   
     2 | Ansible ... <ansible>    | 2018-09-06 13:14 | Install        |    1   
     1 | System <unset>           | 2018-09-06 03:17 | Install        |  275   
history list

As transaction 15 was the latest and only transaction before the defect occurred it is the one to look into. With yum history info the details of the transaction can be shown. It show when and who triggered the transaction, but also with which version of RPM, YUM and which plugins for YUM were used. Most important it also shows which package were updated with versions used and from which repository. This narrows the search down to the packages shown as updated and see what they changed on the system.

$ sudo yum history info 15
Loaded plugins: fastestmirror
Transaction ID : 15
Begin time     : Sat Feb  2 07:30:58 2019
Begin rpmdb    : 450:5f24b4b6a7aaef9f42874d6c8643385133020181
End time       :            07:31:04 2019 (6 seconds)
End rpmdb      : 450:246b0b638aa8b6b851529eb1b040714b7149d0e9
User           : root <root>
Return-Code    : Success
Transaction performed with:
    Installed     rpm-4.11.3-32.el7.x86_64                        @anaconda
    Installed     yum-3.4.3-158.el7.centos.noarch                 @anaconda
    Installed     yum-plugin-fastestmirror-1.1.31-46.el7_5.noarch @updates
Packages Altered:
    Updated nagios-4.3.4-5.el7.x86_64        @epel
    Update         4.4.3-1.el7.x86_64        @epel
    Updated nagios-common-4.3.4-5.el7.x86_64 @epel
    Update                4.4.3-1.el7.x86_64 @epel
history info

Red Hat Linux 8 will be using dnf instead of yum like Fedora 18 and later, but you don’t have to relearning anything as you can use dnf in the same way as yum and with the same parameters for now.

Published by Hans Spaans

Unix & security consultant with a passion for Linux, Solaris, PostgreSQL, Perl and network services, but also a strong believer in open and free source, standards and content.