Coming from Debian/Ubuntu systems, the distinction between apt-get upgrade and apt-get dist-upgrade is well understood. However, in the RPM world with yum (or dnf on newer systems), the behavior differs:

# Debian style:
apt-get upgrade        # Conservative package updates
apt-get dist-upgrade   # Handles major version changes and dependencies

# RHEL/CentOS equivalent:
yum update             # Updates packages while preserving obsoletes
yum upgrade            # More aggressive (similar to dist-upgrade)

The crucial distinction lies in how each command handles obsoletes and dependencies:

• yum update: Performs conservative updates without processing obsoletes by default
• yum upgrade: Equivalent to yum update --obsoletes, allowing package replacements

For kernel updates specifically:

# To check what would be updated (dry-run)
yum update --obsoletes --assumeno

# To perform a conservative update excluding kernel
yum --exclude=kernel* update

# To perform a full system upgrade (similar to dist-upgrade)
yum upgrade

For those wanting fine-grained control similar to Debian systems:

# /etc/yum.conf configuration options:
[main]
exclude=kernel* centos-release*  # Exclude major components
obsoletes=0                     # Default for conservative updates

# Then explicitly enable when needed:
yum --disableexcludes=all --obsoletes update

Based on years of managing CentOS systems, here's my recommended workflow:

# First pass - conservative updates
yum update

# Second pass - check for held-back packages
yum update --obsoletes --assumeno

# Optional: explicit major component updates
yum update kernel
yum update centos-release

The key is understanding that yum's behavior is more dependent on configuration settings (obsoletes, excludes) than distinct commands. This differs from apt's more command-driven approach.

For Debian/Ubuntu administrators transitioning to CentOS/RHEL, the package management behaviors require special attention:

# Debian equivalents:
apt-get upgrade       → yum update
apt-get dist-upgrade  → yum upgrade

The critical distinction lies in how obsoleted packages are handled:

• yum update: Performs safe updates without removing obsolete packages (similar to apt-get upgrade)
• yum upgrade: Follows obsoletes rules in RPM metadata (similar to apt-get dist-upgrade)

To replicate Debian's controlled kernel updates:

# Temporary kernel exclusion
yum --exclude=kernel* update

# View available kernels without installing
yum list available kernel

Modify /etc/yum.conf for permanent exclusions:

[main]
exclude=kernel* php*

Here's how I implement controlled updates:

# Phase 1: Safe updates
yum update

# Phase 2: Check for held packages
yum update --obsoletes

For production systems requiring absolute stability:

# Install versionlock plugin
yum install yum-plugin-versionlock

# Lock specific package
yum versionlock add kernel

Example upgrade workflow for a web server:

# First check updates
yum check-update

# Apply security updates only
yum update --security

# Full system upgrade during maintenance window
yum upgrade