ansible.builtin.dnf – Manages packages with the dnf package manager
Note
This module is part of ansible-base
and included in all Ansible installations. In most cases, you can use the short module name dnf even without specifying the collections:
keyword. Despite that, we recommend you use the FQCN for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.
New in version 1.9: of ansible.builtin
Synopsis
- Installs, upgrade, removes, and lists packages and groups with the dnf package manager.
Requirements
The below requirements are needed on the host that executes this module.
- python >= 2.6
- python-dnf
- for the autoremove option you need dnf >= 2.0.1”
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
allow_downgrade boolean added in 2.7 of ansible.builtin |
| Specify if the named package and version is allowed to downgrade a maybe already installed higher version of that package. Note that setting allow_downgrade=True can make this module behave in a non-idempotent way. The task could end up with a set of packages that does not match the complete list of specified packages to install (because dependencies between the downgraded package and others can cause changes to the packages which were in the earlier transaction). |
allowerasing boolean added in 2.10 of ansible.builtin |
| If yes it allows erasing of installed packages to resolve dependencies. |
autoremove boolean added in 2.4 of ansible.builtin |
| If yes , removes all "leaf" packages from the system that were originally installed as dependencies of user-installed packages but which are no longer required by any such package. Should be used alone or when state is absent
|
bugfix boolean added in 2.7 of ansible.builtin |
| If set to yes , and state=latest then only installs updates that have been marked bugfix related.Note that, similar to ``dnf upgrade-minimal``, this filter applies to dependencies as well. |
conf_file string | The remote dnf configuration file to use for the transaction. | |
disable_excludes string added in 2.7 of ansible.builtin | Disable the excludes defined in DNF config files. If set to all , disables all excludes.If set to main , disable excludes defined in [main] in dnf.conf.If set to repoid , disable excludes defined for given repo id. | |
disable_gpg_check boolean |
| Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is present or latest. This setting affects packages installed from a repository as well as "local" packages installed from the filesystem or a URL. |
disable_plugin list / elements=string added in 2.7 of ansible.builtin |
Plugin name to disable for the install/update operation. The disabled plugins will not persist beyond the transaction. | |
disablerepo list / elements=string |
Repoid of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",". | |
download_dir string added in 2.8 of ansible.builtin | Specifies an alternate directory to store packages. Has an effect only if download_only is specified. | |
download_only boolean added in 2.7 of ansible.builtin |
| Only download the packages, do not install them. |
enable_plugin list / elements=string added in 2.7 of ansible.builtin |
Plugin name to enable for the install/update operation. The enabled plugin will not persist beyond the transaction. | |
enablerepo list / elements=string |
Repoid of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",". | |
exclude list / elements=string added in 2.7 of ansible.builtin | Package name(s) to exclude when state=present, or latest. This can be a list or a comma separated string. | |
install_repoquery boolean added in 2.7 of ansible.builtin |
| This is effectively a no-op in DNF as it is not needed with DNF, but is an accepted parameter for feature parity/compatibility with the yum module. |
install_weak_deps boolean added in 2.8 of ansible.builtin |
| Will also install all packages linked by a weak dependency relation. |
installroot string added in 2.3 of ansible.builtin | Default: "/" | Specifies an alternative installroot, relative to which all packages will be installed. |
list string | Various (non-idempotent) commands for usage with /usr/bin/ansible and not playbooks. See examples. | |
lock_timeout integer added in 2.8 of ansible.builtin | Default: 30 | Amount of time to wait for the dnf lockfile to be freed. |
name list / elements=string / required | A package name or package specifier with version, like name-1.0 . When using state=latest, this can be '*' which means run: dnf -y update. You can also pass a url or a local path to a rpm file. To operate on several packages this can accept a comma separated string of packages or a list of packages.Comparison operators for package version are valid here > , < , >= , <= . Example - name>=1.0
aliases: pkg | |
nobest boolean added in 2.11 of ansible.builtin |
| Set best option to False, so that transactions are not limited to best candidates only. |
releasever string added in 2.6 of ansible.builtin | Specifies an alternative release from which all packages will be installed. | |
security boolean added in 2.7 of ansible.builtin |
| If set to yes , and state=latest then only installs updates that have been marked security related.Note that, similar to ``dnf upgrade-minimal``, this filter applies to dependencies as well. |
skip_broken boolean added in 2.7 of ansible.builtin |
| Skip packages with broken dependencies(devsolve) and are causing problems. |
state string |
| Whether to install ( present , latest ), or remove (absent ) a package.Default is None , however in effect the default action is present unless the autoremove option is enabled for this module, then absent is inferred. |
update_cache boolean added in 2.7 of ansible.builtin |
| Force dnf to check if cache is out of date and redownload if needed. Has an effect only if state is present or latest. aliases: expire-cache |
update_only boolean added in 2.7 of ansible.builtin |
| When using latest, only update installed packages. Do not install packages. Has an effect only if state is latest
|
validate_certs boolean added in 2.7 of ansible.builtin |
| This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to no , the SSL certificates will not be validated.This should only set to no used on personally controlled sites using self-signed certificates as it avoids verifying the source site. |
Notes
Note
- When used with a
loop:
each package will be processed individually, it is much more efficient to pass the list directly to thename
option. - Group removal doesn’t work if the group was installed with Ansible because upstream dnf’s API doesn’t properly mark groups as installed, therefore upon removal the module is unable to detect that the group is installed (https://bugzilla.redhat.com/show_bug.cgi?id=1620324)
Examples
- name: Install the latest version of Apache dnf: name: httpd state: latest - name: Install Apache >= 2.4 dnf: name: httpd>=2.4 state: present - name: Install the latest version of Apache and MariaDB dnf: name: - httpd - mariadb-server state: latest - name: Remove the Apache package dnf: name: httpd state: absent - name: Install the latest version of Apache from the testing repo dnf: name: httpd enablerepo: testing state: present - name: Upgrade all packages dnf: name: "*" state: latest - name: Install the nginx rpm from a remote repo dnf: name: 'http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm' state: present - name: Install nginx rpm from a local file dnf: name: /usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm state: present - name: Install the 'Development tools' package group dnf: name: '@Development tools' state: present - name: Autoremove unneeded packages installed as dependencies dnf: autoremove: yes - name: Uninstall httpd but keep its dependencies dnf: name: httpd state: absent autoremove: no - name: Install a modularity appstream with defined stream and profile dnf: name: '@postgresql:9.6/client' state: present - name: Install a modularity appstream with defined stream dnf: name: '@postgresql:9.6' state: present - name: Install a modularity appstream with defined profile dnf: name: '@postgresql/client' state: present
Authors
- Igor Gnatenko (@ignatenkobrain) <i.gnatenko.brain@gmail.com>
- Cristian van Ee (@DJMuggs) <cristian at cvee.org>
- Berend De Schouwer (@berenddeschouwer)
- Adam Miller (@maxamillion) <admiller@redhat.com>
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/ansible/builtin/dnf_module.html