Documentation

dnf - Manages packages with the dnf package manager

New in version 1.9.

Synopsis

  • Installs, upgrade, removes, and lists packages and groups with the dnf package manager.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6
  • python-dnf
  • for the autoremove option you need dnf >= 2.0.1”

Parameters

Parameter Choices/Defaults Comments
allow_downgrade
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
Specify if the named package and version is allowed to downgrade a maybe already installed higher version of that package. Note that setting allow_downgrade=True can make this module behave in a non-idempotent way. The task could end up with a set of packages that does not match the complete list of specified packages to install (because dependencies between the downgraded package and others can cause changes to the packages which were in the earlier transaction).
autoremove
bool

(added in 2.4)
    Choices:
  • no ←
  • yes
If yes, removes all "leaf" packages from the system that were originally installed as dependencies of user-installed packages but which are no longer required by any such package. Should be used alone or when state is absent
bugfix
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
If set to yes, and state=latest then only installs updates that have been marked bugfix related.
conf_file
The remote dnf configuration file to use for the transaction.
disable_excludes
(added in 2.7)
Disable the excludes defined in DNF config files.
If set to all, disables all excludes.
If set to main, disable excludes defined in [main] in yum.conf.
If set to repoid, disable excludes defined for given repo id.
disable_gpg_check
bool
    Choices:
  • no ←
  • yes
Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is present or latest.
disable_plugin
(added in 2.7)
Plugin name to disable for the install/update operation. The disabled plugins will not persist beyond the transaction.
disablerepo
Repoid of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",".
download_only
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
Only download the packages, do not install them.
enable_plugin
(added in 2.7)
Plugin name to enable for the install/update operation. The enabled plugin will not persist beyond the transaction.
enablerepo
Repoid of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",".
exclude
(added in 2.7)
Package name(s) to exclude when state=present, or latest. This can be a list or a comma separated string.
install_repoquery
bool

(added in 2.7)
    Choices:
  • no
  • yes ←
This is effectively a no-op in DNF as it is not needed with DNF, but is an accepted parameter for feature parity/compatibility with the yum module.
installroot
(added in 2.3)
Default:
/
Specifies an alternative installroot, relative to which all packages will be installed.
list
Various (non-idempotent) commands for usage with /usr/bin/ansible and not playbooks. See examples.
name
required
A package name or package specifier with version, like name-1.0. When using state=latest, this can be '*' which means run: dnf -y update. You can also pass a url or a local path to a rpm file. To operate on several packages this can accept a comma separated string of packages or a list of packages.

aliases: pkg
releasever
(added in 2.6)
Default:
None
Specifies an alternative release from which all packages will be installed.
security
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
If set to yes, and state=latest then only installs updates that have been marked security related.
skip_broken
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
Skip packages with broken dependencies(devsolve) and are causing problems.
state
    Choices:
  • absent
  • present
  • installed
  • removed
  • latest
Whether to install (present, latest), or remove (absent) a package.
Default is None, however in effect the default action is present unless the autoremove option is enabled for this module, then absent is inferred.
update_cache
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
Force yum to check if cache is out of date and redownload if needed. Has an effect only if state is present or latest.

aliases: expire-cache
update_only
bool

(added in 2.7)
    Choices:
  • no ←
  • yes
When using latest, only update installed packages. Do not install packages.
Has an effect only if state is latest
validate_certs
bool

(added in 2.7)
    Choices:
  • no
  • yes ←
This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to no, the SSL certificates will not be validated.
This should only set to no used on personally controlled sites using self-signed certificates as it avoids verifying the source site.

Notes

Note

  • When used with a loop: each package will be processed individually, it is much more efficient to pass the list directly to the name option.
  • Group removal doesn’t work if the group was installed with Ansible because upstream dnf’s API doesn’t properly mark groups as installed, therefore upon removal the module is unable to detect that the group is installed (https://bugzilla.redhat.com/show_bug.cgi?id=1620324)

Examples

- name: install the latest version of Apache
  dnf:
    name: httpd
    state: latest

- name: remove the Apache package
  dnf:
    name: httpd
    state: absent

- name: install the latest version of Apache from the testing repo
  dnf:
    name: httpd
    enablerepo: testing
    state: present

- name: upgrade all packages
  dnf:
    name: "*"
    state: latest

- name: install the nginx rpm from a remote repo
  dnf:
    name: 'http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm'
    state: present

- name: install nginx rpm from a local file
  dnf:
    name: /usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm
    state: present

- name: install the 'Development tools' package group
  dnf:
    name: '@Development tools'
    state: present

- name: Autoremove unneeded packages installed as dependencies
  dnf:
    autoremove: yes

- name: Uninstall httpd but keep its dependencies
  dnf:
    name: httpd
    state: absent
    autoremove: no

Status

This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.

Maintenance

This module is flagged as core which means that it is maintained by the Ansible Core Team. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Core Team, see here.

Support

For more information about Red Hat’s support of this module, please refer to this Knowledge Base article

Author

Hint

If you notice any issues in this documentation you can edit this document to improve it.