Product SiteDocumentation Site

6.3. Configuring DNF and DNF Repositories

The configuration file for DNF and related utilities is located at /etc/dnf/dnf.conf. This file contains one mandatory [main] section, which allows you to set DNF options that have global effect, and may also contain one or more [repository] sections, which allow you to set repository-specific options. However, it is recommended to define individual repositories in new or existing .repo files in the /etc/yum.repos.d/ directory. The values you define in individual [repository] sections of the /etc/dnf/dnf.conf file override values set in the [main] section.
This section shows you how to:

6.3.1. Setting [main] Options

The /etc/dnf/dnf.conf configuration file contains exactly one [main] section, and while some of the key-value pairs in this section affect how dnf operates, others affect how DNF treats repositories. You can add many additional options under the [main] section heading in /etc/dnf/dnf.conf.
A sample /etc/dnf/dnf.conf configuration file can look like this:
The following are the most commonly-used options in the [main] section:
…where value is an integer between 0 and 10. Setting a higher debuglevel value causes dnf to display more detailed debugging output. debuglevel=0 disables debugging output, and debuglevel=2 is the default.
exclude=package_name [more_package_names]
This option allows you to exclude packages by keyword during installation and updates. Listing multiple packages for exclusion can be accomplished by quoting a space-delimited list of packages. Shell globs using wildcards (for example, * and ?) are allowed.
…where value is one of:
0 — Disable GPG signature-checking on packages in all repositories, including local package installation.
1 — Enable GPG signature-checking on all packages in all repositories, including local package installation. gpgcheck=1 is the default, and thus all packages' signatures are checked.
If this option is set in the [main] section of the /etc/dnf/dnf.conf file, it sets the GPG-checking rule for all repositories. However, you can also set gpgcheck=value for individual repositories instead; you can enable GPG-checking on one repository while disabling it on another. Setting gpgcheck=value for an individual repository in its corresponding .repo file overrides the default if it is present in /etc/dnf/dnf.conf.
For more information on GPG signature-checking, refer to Section A.3.2, “Checking Package Signatures”.
installonlypkgs=space separated list of packages
Here you can provide a space-separated list of packages which dnf can install, but will never update. See the dnf.conf(5) manual page for the list of packages which are install-only by default.
If you add the installonlypkgs directive to /etc/dnf/dnf.conf, you should ensure that you list all of the packages that should be install-only, including any of those listed under the installonlypkgs section of dnf.conf(5). In particular, kernel packages should always be listed in installonlypkgs (as they are by default), and installonly_limit should always be set to a value greater than 2 so that a backup kernel is always available in case the default one fails to boot.
…where value is an integer representing the maximum number of versions that can be installed simultaneously for any single package listed in the installonlypkgs directive.
The defaults for the installonlypkgs directive include several different kernel packages, so be aware that changing the value of installonly_limit will also affect the maximum number of installed versions of any single kernel package. The default value listed in /etc/dnf/dnf.conf is installonly_limit=3, and it is not recommended to decrease this value, particularly below 2.
…where value is one of:
0 — Do not retain the cache of headers and packages after a successful installation. This is the default.
1 — Retain the cache after a successful installation.
For a complete list of available [main] options, refer to the [MAIN] OPTIONS section of the dnf.conf(5) manual page.