====== CentOS ======
===== Description =====
Cette page me sers de mémo concernant l'utilisation de la distrib CentOS
Pour connaitre ça version de centos => http://www.binarytides.com/command-check-centos-version/
===== ls et les couleurs =====
Les couleurs de centos via un xterm font mal aux yeux. Les répertoires sont en bleu foncé sur du noir c'est pas terrible.\\
Bizarrement, les couleurs sont bien configuré mais toutes les options de brillance ont été désactivé pour les xterm.\\
Sur le net on trouve beaucoup de solution disant qu'il faut modifier ce qui suit
vi /etc/DIR_COLORS.xterm
Changer
DIR 00;34
Par
DIR 01;34
Mais le plus simple est de copier le fichier /etc/DIR_COLORS sur /etc/DIR_COLORS.xterm. Faite un backup si vous le souhaitez.
cp /etc/DIR_COLORS.xterm /etc/DIR_COLORS.xterm_save
cp /etc/DIR_COLORS /etc/DIR_COLORS.xterm
Pour mieux comprendre voici la table de correspondance
ISO 6429 color sequences are composed of sequences of numbers separated by semicolons. The most common codes are:
0 to restore default color
1 for brighter colors
4 for underlined text
5 for flashing text
30 for black foreground
31 for red foreground
32 for green foreground
33 for yellow (or brown) foreground
34 for blue foreground
35 for purple foreground
36 for cyan foreground
37 for white (or gray) foreground
40 for black background
41 for red background
42 for green background
43 for yellow (or brown) background
44 for blue background
45 for purple background
46 for cyan background
47 for white (or gray) background
===== Package =====
La doc en français => http://doc.fedora-fr.org/wiki/YUM_:_Configuration_du_gestionnaire_de_paquets
YUM est l'équivalent de apt-get
yum install paquet
yum search paquet
yum remove paquet
yum info paquet
yum update
Connaitre les dépôts configurés
yum repolist all
Faire le ménage dans les caches
yum clean all
ou
yum make cache
Chercher un package soit :
* sur ce site => http://pkgs.org/
* avec ''yum search mot'' le mot sera recherché n'importe ou dans le nom du paquet
* avec ''yum list mot*'' pour afficher tous les paquets qui commencent par mot
Afficher toutes les versions disponibles pour un paquet
yum --showduplicate list nom_du_paquet
Installer une version spécifique
yum install NOMPAQUET-VERSION
yum install wxGTK-2.8.12-1.el5.x86_64
Pour être sûr d'installer un paquet qui ne sera pas téléchargé sur un repo
yum --disablerepo=rpmforge install wxGTK-2.8.12-1.el5.x86_64
Télécharger et installer un paquet
yum localinstall https://serveur.com/paquet.rpm
ou avec rpm mais l'avantage de yum est qu'il nous proposera automatiquement d'installer toutes les dépendances qui vont bien.
rpm -hvi nomDuPaquet.rpm
( l'équivalent sous debian de **yum localinstall** est **gdebi** )
Rechercher quel paquet contient un fichier
yum whatprovides */libasound.so.2
Si vous rencontrez des problèmes, essayez la commande suivante
yum clean all
rpm --rebuilddb
Il existe des groupes de packages
yum grouplist
Pour avoir le détail d'un groupe
yum groupinfo "Nom du groupe de paquet"
Par exemple pour installer le système graphique X et les polices
yum -y groupinstall "X Window System" "Fonts"
===== Le réseau =====
==== Fichier /etc/sysconfig/network ====
Ce fichier utilisé pour spécifier les informations relatives à la configuration réseau est bien configuré par défaut et, à mon avis, n'est pas à modifier :
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server1.example.com
GATEWAY=192.168.0.254
Toutefois, si vous modifiez ce fichier, le service réseau doit étre redémarré à l'aide de la commande suivante :
service network restart
==== Fichier /etc/sysconfig/network-scripts/ifcfg-eth0 ====
Ce fichier représente l'un des fichiers d'interfaces les plus courants; il contrôle la première carte d'interface réseau Ethernet du système. La configuration générée dans ce fichier est correcte et n'est à modifier qu'en cas de besoin :
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.0.255
HWADDR=00:0C:29:A7:0F:D7
IPADDR=192.168.0.1
NETMASK=255.255.255.0
NETWORK=192.168.0.0
ONBOOT=yes
Si vous modifiez la configuration renseignée dans ce fichier, l'interface réseau "eth0" doit être désactivé, puis réactivé pour que le changement soit prise en compte :
ifdown eth0
ifup eth0
==== routage ====
http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-networkscripts-static-routes.html
===== Créer un dépôt =====
yum install createrepo
Configurer votre serveur web pour qu'il pointe sur le répertoire contenant vos rpm, placez vous dans ce répertoire et lancez la commande ''createrepo''
Lorsque vous ajouterez ou modifirez vos rpm, relancez simplement la commande ''createrepo'' dans le répertoire pour mettre à jour l'index.
Pour accéder au dépôt, créer un fichier **mon_depot.repo** dans **/etc/yum/yum.repos.d**
C'est vraiment un exemple simplifié, sans clé gpg, sans sous arborescence par architecture
[mon_depot]
name=Mon_depot
baseurl=http://mon_serveur/
enabled=1
#failovermethod=priority
gpgcheck=0
priority=1
===== Problèmes rencontrés =====
Base de données RPM cassée => http://major.io/2007/05/27/rpmdb-lock-table-is-out-of-available-locker-entries/
un yum install retourne segmentation fault => http://www.doxer.org/resolved-yum-returned-segmentation-fault-error-on-centos/
==== Yum update qui échoue / Impossible de supprimer un package ====
Je voulais faire un **yum update** et impossible à cause du message suivant
Running rpm_check_debug
ERROR with rpm_check_debug vs depsolve:
perl(DBD::Pg) is needed by munin-node-2.0.21-1.el6.noarch
perl(DBI) is needed by munin-node-2.0.21-1.el6.noarch
perl(LWP::Simple) is needed by munin-node-2.0.21-1.el6.noarch
perl(LWP::UserAgent) is needed by munin-node-2.0.21-1.el6.noarch
perl(LWP::UserAgent) is needed by munin-node-2.0.21-1.el6.noarch
perl(List::MoreUtils) is needed by munin-node-2.0.21-1.el6.noarch
perl(Net::SNMP) is needed by munin-node-2.0.21-1.el6.noarch
perl(XML::LibXML) is needed by munin-node-2.0.21-1.el6.noarch
perl(XML::Parser) is needed by munin-node-2.0.21-1.el6.noarch
** Found 23 pre-existing rpmdb problem(s), 'yum check' output follows:
intel-idb-common-146-13.0-2.noarch has missing requires of intel-compilerpro-common-146 = ('0', '13.0', None)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(DBD::Pg)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(DBI)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::Simple)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::UserAgent)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::UserAgent)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(List::MoreUtils)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(Net::SNMP)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(XML::LibXML)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(XML::Parser)
Je décide alors de supprimer le paquet qui pose problème à savoir **munin-node.noarch**
# yum remove munin-node.noarch
Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package munin-node.noarch 0:2.0.10-1.el6 will be erased
--> Finished Dependency Resolution
Repository 'epel' is missing name in configuration, using id
Dependencies Resolved
===============================================================================================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================================================================================
Removing:
munin-node noarch 2.0.10-1.el6 installed 1.3 M
Transaction Summary
===============================================================================================================================================================================================================
Remove 1 Package(s)
Installed size: 1.3 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Error in PREUN scriptlet in rpm package munin-node
munin-node-2.0.10-1.el6.noarch was supposed to be removed but is not!
Verifying : munin-node-2.0.10-1.el6.noarch 1/1
Failed:
munin-node.noarch 0:2.0.10-1.el6
Complete!
La dernière ligne nous dit "Complete!" sauf que la ligne précédente nous dit un beau **Failed**\\
La commande suivante m'a permis de me débarrasser de munin-node
rpm -e --noscripts munin-node-2.0.10-1.el6.noarch
J'ai pu ensuite lancer mon **yum update** sans soucis
===== Disque dur =====
Commande pour rescanner les devices
echo 1 > /sys/class/scsi_device/device/rescan
===== Les services =====
Pour lister tous les services avec leur état de lancement au démarrage
chkconfig --list
===== installer le minimum pour avoir du display par ssh =====
yum install xorg-x11-xinit
===== Upgrade centos 6 vers centos 7 =====
Mettez à jour vos paquets
yum update
Ajoutez un dépot
vi /etc/yum.repos.d/upgradetool.repo
[upg]
name=CentOS-$releasever – Upgrade Tool
baseurl=https://buildlogs.centos.org/centos/6/upg/x86_64/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Supprimez la version actuelle de openscape
yum erase openscap
Puis installez la version du nouveau depot que l'on a ajouté https://buildlogs.centos.org/centos/6/upg/x86_64/Packages/
yum install openscap-1.0.8-1.0.1.el6.centos.x86_64
Installez les 2 paquets qui serviront à l'upgrade
yum install redhat-upgrade-tool preupgrade-assistant-contents
La commande suivante doit retourner ceci
preupg -l
CentOS6_7
Lancez ensuite la commande **preupg** qui va analyser le système pour voir si l'upgrade va bien se passer
# preupg
Preupg tool doesn't do the actual upgrade.
Please ensure you have backed up your system and/or data in the event of a failed upgrade
that would require a full re-install of the system from installation media.
Do you want to continue? y/n
y
Gathering logs used by preupgrade assistant:
All installed packages : 01/11 ...finished (time 00:00s)
All changed files : 02/11 ...finished (time 00:39s)
Changed config files : 03/11 ...finished (time 00:00s)
All users : 04/11 ...finished (time 00:00s)
All groups : 05/11 ...finished (time 00:00s)
Service statuses : 06/11 ...finished (time 00:00s)
All installed files : 07/11 ...finished (time 00:02s)
All local files : 08/11 ...finished (time 00:06s)
All executable files : 09/11 ...finished (time 00:04s)
RedHat signed packages : 10/11 ...finished (time 00:00s)
CentOS signed packages : 11/11 ...finished (time 00:00s)
Assessment of the system, running checks / SCE scripts:
001/096 ...done (Configuration Files to Review)
002/096 ...done (File Lists for Manual Migration)
003/096 ...done (Bacula Backup Software)
004/096 ...done (MySQL configuration)
005/096 ...done (Migration of the MySQL data stack)
006/096 ...done (Changes related to moving from MySQL to MariaDB)
007/096 ...done (PostgreSQL upgrade content)
008/096 ...done (GNOME Desktop Environment underwent several design modifications in CentOS 7 release)
009/096 ...done (KDE Desktop Environment underwent several design modifications in CentOS 7 release)
010/096 ...done (several graphic drivers not supported in CentOS 7)
011/096 ...done (several input drivers not supported in CentOS 7)
012/096 ...done (several kernel networking drivers not available in CentOS 7)
013/096 ...done (several kernel storage drivers not available in CentOS 7)
014/096 ...done (Names, Options and Output Format Changes in arptables)
015/096 ...done (BIND9 running in a chroot environment check.)
016/096 ...done (BIND9 configuration compatibility check)
017/096 ...done (Move dhcpd/dhcprelay arguments from /etc/sysconfig/* to *.service files)
018/096 ...done (DNSMASQ configuration compatibility check)
019/096 ...done (Dovecot configuration compatibility check)
020/096 ...done (Compatibility Between iptables and ip6tables)
021/096 ...done (Net-SNMP check)
022/096 ...done (Squid configuration compatibility check)
023/096 ...done (Reusable Configuration Files)
024/096 ...done (VCS repositories)
025/096 ...done (Added and extended options for BIND9 configuration)
026/096 ...done (Added options in DNSMASQ configuration)
027/096 ...done (Packages not signed by CentOS)
028/096 ...done (Obsoleted rpms)
029/096 ...done (w3m not available in CentOS 7)
030/096 ...done (report incompatibilities between CentOS 6 and 7 in qemu-guest-agent package)
031/096 ...done (Removed options in coreutils binaries)
032/096 ...done (Removed options in gawk binaries)
033/096 ...done (Removed options in netstat binary)
034/096 ...done (Removed options in quota tools)
035/096 ...done (Removed rpms)
036/096 ...done (Replaced rpms)
037/096 ...done (GMP library incompatibilities)
038/096 ...done (package downgrades)
039/096 ...done (restore custom selinux configuration)
040/096 ...done (General)
041/096 ...done (samba shared directories selinux)
042/096 ...done (CUPS Browsing/BrowsePoll configuration)
043/096 ...done (CVS Package Split)
044/096 ...done (FreeRADIUS Upgrade Verification)
045/096 ...done (httpd configuration compatibility check)
046/096 ...done (bind-dyndb-ldap)
047/096 ...done (Identity Management Server compatibility check)
048/096 ...done (IPA Server CA Verification)
049/096 ...done (NTP configuration)
050/096 ...done (Information on time-sync.target)
051/096 ...done (OpenLDAP /etc/sysconfig and data compatibility)
052/096 ...done (OpenSSH sshd_config migration content)
053/096 ...done (OpenSSH sysconfig migration content)
054/096 ...done (Configuration for quota_nld service)
055/096 ...done (Disk quota netlink message daemon moved into quota-nld package)
056/096 ...done (SSSD compatibility check)
057/096 ...done (Luks encrypted partition)
058/096 ...done (Clvmd and cmirrord daemon management.)
059/096 ...done (State of LVM2 services.)
060/096 ...done (device-mapper-multipath configuration compatibility check)
061/096 ...done (Removal of scsi-target-utils)
062/096 ...done (Configuration for warnquota tool)
063/096 ...done (Disk quota tool warnquota moved into quota-warnquota package)
064/096 ...done (Architecture Support)
065/096 ...done (Binary rebuilds)
066/096 ...done (Debuginfo packages)
067/096 ...done (Cluster and High Availability)
068/096 ...done (Quorum implementation)
069/096 ...done (fix krb5kdc config file)
070/096 ...done (File Systems, Partitions and Mounts Configuration Review)
071/096 ...done (Read Only FHS directories)
072/096 ...done (Sonamebumped libs)
073/096 ...done (SonameKept Reusable Dynamic Libraries)
074/096 ...done (Removed .so libs)
075/096 ...done (In-place Upgrade Requirements for the /usr/ Directory)
076/096 ...done (CA certificate bundles modified)
077/096 ...done (Developer Tool Set packages)
078/096 ...done (Hyper-V)
079/096 ...done (Content for enabling and disabling services based on CentOS 6 system)
080/096 ...done (Check for ethernet interface naming)
081/096 ...done (User modification in /etc/rc.local and /etc/rc.d/rc.local)
082/096 ...done (cgroups configuration compatibility check)
083/096 ...done (Plugable authentication modules (PAM))
084/096 ...done (Foreign Perl modules)
085/096 ...done (Python 2.7.5)
086/096 ...done (Ruby 2.0.0)
087/096 ...done (SCL collections)
088/096 ...done (System kickstart)
089/096 ...done (YUM)
090/096 ...done (Check for usage of dangerous range of UID/GIDs)
091/096 ...done (Incorrect usage of reserved UID/GIDs)
092/096 ...done (NIS ypbind config files back-up)
093/096 ...done (NIS Makefile back-up)
094/096 ...done (NIS server maps check)
095/096 ...done (NIS server MAXUID and MAXGID limits check)
096/096 ...done (NIS server config file back-up)
Assessment finished (time 14:02s)
Result table with checks and their results for main contents:
---------------------------------------------------------------------------------------------------------------
|Bacula Backup Software |notapplicable |
|Migration of the MySQL data stack |notapplicable |
|Changes related to moving from MySQL to MariaDB |notapplicable |
|PostgreSQL upgrade content |notapplicable |
|several graphic drivers not supported in CentOS 7 |notapplicable |
|several input drivers not supported in CentOS 7 |notapplicable |
|Names, Options and Output Format Changes in arptables |notapplicable |
|BIND9 running in a chroot environment check. |notapplicable |
|BIND9 configuration compatibility check |notapplicable |
|Move dhcpd/dhcprelay arguments from /etc/sysconfig/* to *.service files |notapplicable |
|DNSMASQ configuration compatibility check |notapplicable |
|Dovecot configuration compatibility check |notapplicable |
|Net-SNMP check |notapplicable |
|Squid configuration compatibility check |notapplicable |
|Added and extended options for BIND9 configuration |notapplicable |
|Added options in DNSMASQ configuration |notapplicable |
|report incompatibilities between CentOS 6 and 7 in qemu-guest-agent package |notapplicable |
|Removed options in quota tools |notapplicable |
|restore custom selinux configuration |notapplicable |
|samba shared directories selinux |notapplicable |
|FreeRADIUS Upgrade Verification |notapplicable |
|httpd configuration compatibility check |notapplicable |
|bind-dyndb-ldap |notapplicable |
|Identity Management Server compatibility check |notapplicable |
|IPA Server CA Verification |notapplicable |
|OpenLDAP /etc/sysconfig and data compatibility |notapplicable |
|Configuration for quota_nld service |notapplicable |
|Disk quota netlink message daemon moved into quota-nld package |notapplicable |
|SSSD compatibility check |notapplicable |
|Clvmd and cmirrord daemon management. |notapplicable |
|Removal of scsi-target-utils |notapplicable |
|Configuration for warnquota tool |notapplicable |
|Disk quota tool warnquota moved into quota-warnquota package |notapplicable |
|Quorum implementation |notapplicable |
|fix krb5kdc config file |notapplicable |
|cgroups configuration compatibility check |notapplicable |
|SCL collections |notapplicable |
|NIS Makefile back-up |notapplicable |
|NIS server maps check |notapplicable |
|NIS server MAXUID and MAXGID limits check |notapplicable |
|NIS server config file back-up |notapplicable |
|KDE Desktop Environment underwent several design modifications in CentOS 7 release |pass |
|several kernel networking drivers not available in CentOS 7 |pass |
|several kernel storage drivers not available in CentOS 7 |pass |
|Compatibility Between iptables and ip6tables |pass |
|Information on time-sync.target |pass |
|OpenSSH sshd_config migration content |pass |
|Luks encrypted partition |pass |
|Architecture Support |pass |
|Debuginfo packages |pass |
|Cluster and High Availability |pass |
|Read Only FHS directories |pass |
|In-place Upgrade Requirements for the /usr/ Directory |pass |
|CA certificate bundles modified |pass |
|Developer Tool Set packages |pass |
|Check for ethernet interface naming |pass |
|User modification in /etc/rc.local and /etc/rc.d/rc.local |pass |
|Plugable authentication modules (PAM) |pass |
|System kickstart |pass |
|Incorrect usage of reserved UID/GIDs |pass |
|NIS ypbind config files back-up |pass |
|MySQL configuration |informational |
|VCS repositories |informational |
|Removed options in coreutils binaries |informational |
|Removed options in gawk binaries |informational |
|Removed options in netstat binary |informational |
|GMP library incompatibilities |informational |
|CVS Package Split |informational |
|NTP configuration |informational |
|File Systems, Partitions and Mounts Configuration Review |informational |
|SonameKept Reusable Dynamic Libraries |informational |
|Removed .so libs |informational |
|Foreign Perl modules |informational |
|YUM |informational |
|Reusable Configuration Files |fixed |
|Replaced rpms |fixed |
|package downgrades |fixed |
|CUPS Browsing/BrowsePoll configuration |fixed |
|OpenSSH sysconfig migration content |fixed |
|State of LVM2 services. |fixed |
|device-mapper-multipath configuration compatibility check |fixed |
|Configuration Files to Review |needs_inspection |
|File Lists for Manual Migration |needs_inspection |
|Obsoleted rpms |needs_inspection |
|w3m not available in CentOS 7 |needs_inspection |
|Binary rebuilds |needs_inspection |
|Python 2.7.5 |needs_inspection |
|Ruby 2.0.0 |needs_inspection |
|Check for usage of dangerous range of UID/GIDs |needs_inspection |
|GNOME Desktop Environment underwent several design modifications in CentOS 7 release |needs_action |
|Packages not signed by CentOS |needs_action |
|Removed rpms |needs_action |
|General |needs_action |
|Sonamebumped libs |needs_action |
|Content for enabling and disabling services based on CentOS 6 system |needs_action |
|Hyper-V |fail |
---------------------------------------------------------------------------------------------------------------
Tarball with results is stored here /root/preupgrade-results/preupg_results-200414105753.tar.gz .
The latest assessment is stored in directory /root/preupgrade .
Summary information:
We found some critical issues. In-place upgrade is not advised.
Read the file /root/preupgrade/result.html for more details.
Upload results to UI by command:
e.g. preupg -u http://127.0.0.1:8099/submit/ -r /root/preupgrade-results/preupg_results-*.tar.gz .
Le résultat de l'analyse est enregistré dans un fichier html. Pour le lire installez **w3m**
yum install w3m w3m-img w3m-el
Puis
[root@servername ~]# w3m preupgrade/result.html
Ensuite, importez la clé CentOS 7 RPM
rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
Lancez l'upgrade
centos-upgrade-tool-cli --network 7 --instrepo=http://mirror.centos.org/centos/7/os/x86_64
Si tout s'est bien passé, faite un reboot
Mais ça n'a pas fonctionné pour moi...
===== Centos 8 =====
Ajouter Le dépot PowerTools
yum install dnf-plugins-core
yum config-manager --set-enabled PowerTools
ou
yum config-manager --set-enabled powertools
yum repolist