====== CentOS ====== ===== Description ===== Cette page me sers de mémo concernant l'utilisation de la distrib CentOS Pour connaitre ça version de centos => http://www.binarytides.com/command-check-centos-version/ ===== ls et les couleurs ===== Les couleurs de centos via un xterm font mal aux yeux. Les répertoires sont en bleu foncé sur du noir c'est pas terrible.\\ Bizarrement, les couleurs sont bien configuré mais toutes les options de brillance ont été désactivé pour les xterm.\\ Sur le net on trouve beaucoup de solution disant qu'il faut modifier ce qui suit vi /etc/DIR_COLORS.xterm Changer DIR 00;34 Par DIR 01;34 Mais le plus simple est de copier le fichier /etc/DIR_COLORS sur /etc/DIR_COLORS.xterm. Faite un backup si vous le souhaitez. cp /etc/DIR_COLORS.xterm /etc/DIR_COLORS.xterm_save cp /etc/DIR_COLORS /etc/DIR_COLORS.xterm Pour mieux comprendre voici la table de correspondance ISO 6429 color sequences are composed of sequences of numbers separated by semicolons. The most common codes are: 0 to restore default color 1 for brighter colors 4 for underlined text 5 for flashing text 30 for black foreground 31 for red foreground 32 for green foreground 33 for yellow (or brown) foreground 34 for blue foreground 35 for purple foreground 36 for cyan foreground 37 for white (or gray) foreground 40 for black background 41 for red background 42 for green background 43 for yellow (or brown) background 44 for blue background 45 for purple background 46 for cyan background 47 for white (or gray) background ===== Package ===== La doc en français => http://doc.fedora-fr.org/wiki/YUM_:_Configuration_du_gestionnaire_de_paquets YUM est l'équivalent de apt-get yum install paquet yum search paquet yum remove paquet yum info paquet yum update Connaitre les dépôts configurés yum repolist all Faire le ménage dans les caches yum clean all ou yum make cache Chercher un package soit : * sur ce site => http://pkgs.org/ * avec ''yum search mot'' le mot sera recherché n'importe ou dans le nom du paquet * avec ''yum list mot*'' pour afficher tous les paquets qui commencent par mot Afficher toutes les versions disponibles pour un paquet yum --showduplicate list nom_du_paquet Installer une version spécifique yum install NOMPAQUET-VERSION yum install wxGTK-2.8.12-1.el5.x86_64 Pour être sûr d'installer un paquet qui ne sera pas téléchargé sur un repo yum --disablerepo=rpmforge install wxGTK-2.8.12-1.el5.x86_64 Télécharger et installer un paquet yum localinstall https://serveur.com/paquet.rpm ou avec rpm mais l'avantage de yum est qu'il nous proposera automatiquement d'installer toutes les dépendances qui vont bien. rpm -hvi nomDuPaquet.rpm ( l'équivalent sous debian de **yum localinstall** est **gdebi** ) Rechercher quel paquet contient un fichier yum whatprovides */libasound.so.2 Si vous rencontrez des problèmes, essayez la commande suivante yum clean all rpm --rebuilddb Il existe des groupes de packages yum grouplist Pour avoir le détail d'un groupe yum groupinfo "Nom du groupe de paquet" Par exemple pour installer le système graphique X et les polices yum -y groupinstall "X Window System" "Fonts" ===== Le réseau ===== ==== Fichier /etc/sysconfig/network ==== Ce fichier utilisé pour spécifier les informations relatives à la configuration réseau est bien configuré par défaut et, à mon avis, n'est pas à modifier : NETWORKING=yes NETWORKING_IPV6=no HOSTNAME=server1.example.com GATEWAY=192.168.0.254 Toutefois, si vous modifiez ce fichier, le service réseau doit étre redémarré à l'aide de la commande suivante : service network restart ==== Fichier /etc/sysconfig/network-scripts/ifcfg-eth0 ==== Ce fichier représente l'un des fichiers d'interfaces les plus courants; il contrôle la première carte d'interface réseau Ethernet du système. La configuration générée dans ce fichier est correcte et n'est à modifier qu'en cas de besoin : DEVICE=eth0 BOOTPROTO=static BROADCAST=192.168.0.255 HWADDR=00:0C:29:A7:0F:D7 IPADDR=192.168.0.1 NETMASK=255.255.255.0 NETWORK=192.168.0.0 ONBOOT=yes Si vous modifiez la configuration renseignée dans ce fichier, l'interface réseau "eth0" doit être désactivé, puis réactivé pour que le changement soit prise en compte : ifdown eth0 ifup eth0 ==== routage ==== http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-networkscripts-static-routes.html ===== Créer un dépôt ===== yum install createrepo Configurer votre serveur web pour qu'il pointe sur le répertoire contenant vos rpm, placez vous dans ce répertoire et lancez la commande ''createrepo'' Lorsque vous ajouterez ou modifirez vos rpm, relancez simplement la commande ''createrepo'' dans le répertoire pour mettre à jour l'index. Pour accéder au dépôt, créer un fichier **mon_depot.repo** dans **/etc/yum/yum.repos.d** C'est vraiment un exemple simplifié, sans clé gpg, sans sous arborescence par architecture [mon_depot] name=Mon_depot baseurl=http://mon_serveur/ enabled=1 #failovermethod=priority gpgcheck=0 priority=1 ===== Problèmes rencontrés ===== Base de données RPM cassée => http://major.io/2007/05/27/rpmdb-lock-table-is-out-of-available-locker-entries/ un yum install retourne segmentation fault => http://www.doxer.org/resolved-yum-returned-segmentation-fault-error-on-centos/ ==== Yum update qui échoue / Impossible de supprimer un package ==== Je voulais faire un **yum update** et impossible à cause du message suivant Running rpm_check_debug ERROR with rpm_check_debug vs depsolve: perl(DBD::Pg) is needed by munin-node-2.0.21-1.el6.noarch perl(DBI) is needed by munin-node-2.0.21-1.el6.noarch perl(LWP::Simple) is needed by munin-node-2.0.21-1.el6.noarch perl(LWP::UserAgent) is needed by munin-node-2.0.21-1.el6.noarch perl(LWP::UserAgent) is needed by munin-node-2.0.21-1.el6.noarch perl(List::MoreUtils) is needed by munin-node-2.0.21-1.el6.noarch perl(Net::SNMP) is needed by munin-node-2.0.21-1.el6.noarch perl(XML::LibXML) is needed by munin-node-2.0.21-1.el6.noarch perl(XML::Parser) is needed by munin-node-2.0.21-1.el6.noarch ** Found 23 pre-existing rpmdb problem(s), 'yum check' output follows: intel-idb-common-146-13.0-2.noarch has missing requires of intel-compilerpro-common-146 = ('0', '13.0', None) munin-node-2.0.10-1.el6.noarch has missing requires of perl(DBD::Pg) munin-node-2.0.10-1.el6.noarch has missing requires of perl(DBI) munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::Simple) munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::UserAgent) munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::UserAgent) munin-node-2.0.10-1.el6.noarch has missing requires of perl(List::MoreUtils) munin-node-2.0.10-1.el6.noarch has missing requires of perl(Net::SNMP) munin-node-2.0.10-1.el6.noarch has missing requires of perl(XML::LibXML) munin-node-2.0.10-1.el6.noarch has missing requires of perl(XML::Parser) Je décide alors de supprimer le paquet qui pose problème à savoir **munin-node.noarch** # yum remove munin-node.noarch Loaded plugins: fastestmirror Setting up Remove Process Resolving Dependencies --> Running transaction check ---> Package munin-node.noarch 0:2.0.10-1.el6 will be erased --> Finished Dependency Resolution Repository 'epel' is missing name in configuration, using id Dependencies Resolved =============================================================================================================================================================================================================== Package Arch Version Repository Size =============================================================================================================================================================================================================== Removing: munin-node noarch 2.0.10-1.el6 installed 1.3 M Transaction Summary =============================================================================================================================================================================================================== Remove 1 Package(s) Installed size: 1.3 M Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Error in PREUN scriptlet in rpm package munin-node munin-node-2.0.10-1.el6.noarch was supposed to be removed but is not! Verifying : munin-node-2.0.10-1.el6.noarch 1/1 Failed: munin-node.noarch 0:2.0.10-1.el6 Complete! La dernière ligne nous dit "Complete!" sauf que la ligne précédente nous dit un beau **Failed**\\ La commande suivante m'a permis de me débarrasser de munin-node rpm -e --noscripts munin-node-2.0.10-1.el6.noarch J'ai pu ensuite lancer mon **yum update** sans soucis ===== Disque dur ===== Commande pour rescanner les devices echo 1 > /sys/class/scsi_device/device/rescan ===== Les services ===== Pour lister tous les services avec leur état de lancement au démarrage chkconfig --list ===== installer le minimum pour avoir du display par ssh ===== yum install xorg-x11-xinit ===== Upgrade centos 6 vers centos 7 ===== Mettez à jour vos paquets yum update Ajoutez un dépot vi /etc/yum.repos.d/upgradetool.repo [upg] name=CentOS-$releasever – Upgrade Tool baseurl=https://buildlogs.centos.org/centos/6/upg/x86_64/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 Supprimez la version actuelle de openscape yum erase openscap Puis installez la version du nouveau depot que l'on a ajouté https://buildlogs.centos.org/centos/6/upg/x86_64/Packages/ yum install openscap-1.0.8-1.0.1.el6.centos.x86_64 Installez les 2 paquets qui serviront à l'upgrade yum install redhat-upgrade-tool preupgrade-assistant-contents La commande suivante doit retourner ceci preupg -l CentOS6_7 Lancez ensuite la commande **preupg** qui va analyser le système pour voir si l'upgrade va bien se passer # preupg Preupg tool doesn't do the actual upgrade. Please ensure you have backed up your system and/or data in the event of a failed upgrade that would require a full re-install of the system from installation media. Do you want to continue? y/n y Gathering logs used by preupgrade assistant: All installed packages : 01/11 ...finished (time 00:00s) All changed files : 02/11 ...finished (time 00:39s) Changed config files : 03/11 ...finished (time 00:00s) All users : 04/11 ...finished (time 00:00s) All groups : 05/11 ...finished (time 00:00s) Service statuses : 06/11 ...finished (time 00:00s) All installed files : 07/11 ...finished (time 00:02s) All local files : 08/11 ...finished (time 00:06s) All executable files : 09/11 ...finished (time 00:04s) RedHat signed packages : 10/11 ...finished (time 00:00s) CentOS signed packages : 11/11 ...finished (time 00:00s) Assessment of the system, running checks / SCE scripts: 001/096 ...done (Configuration Files to Review) 002/096 ...done (File Lists for Manual Migration) 003/096 ...done (Bacula Backup Software) 004/096 ...done (MySQL configuration) 005/096 ...done (Migration of the MySQL data stack) 006/096 ...done (Changes related to moving from MySQL to MariaDB) 007/096 ...done (PostgreSQL upgrade content) 008/096 ...done (GNOME Desktop Environment underwent several design modifications in CentOS 7 release) 009/096 ...done (KDE Desktop Environment underwent several design modifications in CentOS 7 release) 010/096 ...done (several graphic drivers not supported in CentOS 7) 011/096 ...done (several input drivers not supported in CentOS 7) 012/096 ...done (several kernel networking drivers not available in CentOS 7) 013/096 ...done (several kernel storage drivers not available in CentOS 7) 014/096 ...done (Names, Options and Output Format Changes in arptables) 015/096 ...done (BIND9 running in a chroot environment check.) 016/096 ...done (BIND9 configuration compatibility check) 017/096 ...done (Move dhcpd/dhcprelay arguments from /etc/sysconfig/* to *.service files) 018/096 ...done (DNSMASQ configuration compatibility check) 019/096 ...done (Dovecot configuration compatibility check) 020/096 ...done (Compatibility Between iptables and ip6tables) 021/096 ...done (Net-SNMP check) 022/096 ...done (Squid configuration compatibility check) 023/096 ...done (Reusable Configuration Files) 024/096 ...done (VCS repositories) 025/096 ...done (Added and extended options for BIND9 configuration) 026/096 ...done (Added options in DNSMASQ configuration) 027/096 ...done (Packages not signed by CentOS) 028/096 ...done (Obsoleted rpms) 029/096 ...done (w3m not available in CentOS 7) 030/096 ...done (report incompatibilities between CentOS 6 and 7 in qemu-guest-agent package) 031/096 ...done (Removed options in coreutils binaries) 032/096 ...done (Removed options in gawk binaries) 033/096 ...done (Removed options in netstat binary) 034/096 ...done (Removed options in quota tools) 035/096 ...done (Removed rpms) 036/096 ...done (Replaced rpms) 037/096 ...done (GMP library incompatibilities) 038/096 ...done (package downgrades) 039/096 ...done (restore custom selinux configuration) 040/096 ...done (General) 041/096 ...done (samba shared directories selinux) 042/096 ...done (CUPS Browsing/BrowsePoll configuration) 043/096 ...done (CVS Package Split) 044/096 ...done (FreeRADIUS Upgrade Verification) 045/096 ...done (httpd configuration compatibility check) 046/096 ...done (bind-dyndb-ldap) 047/096 ...done (Identity Management Server compatibility check) 048/096 ...done (IPA Server CA Verification) 049/096 ...done (NTP configuration) 050/096 ...done (Information on time-sync.target) 051/096 ...done (OpenLDAP /etc/sysconfig and data compatibility) 052/096 ...done (OpenSSH sshd_config migration content) 053/096 ...done (OpenSSH sysconfig migration content) 054/096 ...done (Configuration for quota_nld service) 055/096 ...done (Disk quota netlink message daemon moved into quota-nld package) 056/096 ...done (SSSD compatibility check) 057/096 ...done (Luks encrypted partition) 058/096 ...done (Clvmd and cmirrord daemon management.) 059/096 ...done (State of LVM2 services.) 060/096 ...done (device-mapper-multipath configuration compatibility check) 061/096 ...done (Removal of scsi-target-utils) 062/096 ...done (Configuration for warnquota tool) 063/096 ...done (Disk quota tool warnquota moved into quota-warnquota package) 064/096 ...done (Architecture Support) 065/096 ...done (Binary rebuilds) 066/096 ...done (Debuginfo packages) 067/096 ...done (Cluster and High Availability) 068/096 ...done (Quorum implementation) 069/096 ...done (fix krb5kdc config file) 070/096 ...done (File Systems, Partitions and Mounts Configuration Review) 071/096 ...done (Read Only FHS directories) 072/096 ...done (Sonamebumped libs) 073/096 ...done (SonameKept Reusable Dynamic Libraries) 074/096 ...done (Removed .so libs) 075/096 ...done (In-place Upgrade Requirements for the /usr/ Directory) 076/096 ...done (CA certificate bundles modified) 077/096 ...done (Developer Tool Set packages) 078/096 ...done (Hyper-V) 079/096 ...done (Content for enabling and disabling services based on CentOS 6 system) 080/096 ...done (Check for ethernet interface naming) 081/096 ...done (User modification in /etc/rc.local and /etc/rc.d/rc.local) 082/096 ...done (cgroups configuration compatibility check) 083/096 ...done (Plugable authentication modules (PAM)) 084/096 ...done (Foreign Perl modules) 085/096 ...done (Python 2.7.5) 086/096 ...done (Ruby 2.0.0) 087/096 ...done (SCL collections) 088/096 ...done (System kickstart) 089/096 ...done (YUM) 090/096 ...done (Check for usage of dangerous range of UID/GIDs) 091/096 ...done (Incorrect usage of reserved UID/GIDs) 092/096 ...done (NIS ypbind config files back-up) 093/096 ...done (NIS Makefile back-up) 094/096 ...done (NIS server maps check) 095/096 ...done (NIS server MAXUID and MAXGID limits check) 096/096 ...done (NIS server config file back-up) Assessment finished (time 14:02s) Result table with checks and their results for main contents: --------------------------------------------------------------------------------------------------------------- |Bacula Backup Software |notapplicable | |Migration of the MySQL data stack |notapplicable | |Changes related to moving from MySQL to MariaDB |notapplicable | |PostgreSQL upgrade content |notapplicable | |several graphic drivers not supported in CentOS 7 |notapplicable | |several input drivers not supported in CentOS 7 |notapplicable | |Names, Options and Output Format Changes in arptables |notapplicable | |BIND9 running in a chroot environment check. |notapplicable | |BIND9 configuration compatibility check |notapplicable | |Move dhcpd/dhcprelay arguments from /etc/sysconfig/* to *.service files |notapplicable | |DNSMASQ configuration compatibility check |notapplicable | |Dovecot configuration compatibility check |notapplicable | |Net-SNMP check |notapplicable | |Squid configuration compatibility check |notapplicable | |Added and extended options for BIND9 configuration |notapplicable | |Added options in DNSMASQ configuration |notapplicable | |report incompatibilities between CentOS 6 and 7 in qemu-guest-agent package |notapplicable | |Removed options in quota tools |notapplicable | |restore custom selinux configuration |notapplicable | |samba shared directories selinux |notapplicable | |FreeRADIUS Upgrade Verification |notapplicable | |httpd configuration compatibility check |notapplicable | |bind-dyndb-ldap |notapplicable | |Identity Management Server compatibility check |notapplicable | |IPA Server CA Verification |notapplicable | |OpenLDAP /etc/sysconfig and data compatibility |notapplicable | |Configuration for quota_nld service |notapplicable | |Disk quota netlink message daemon moved into quota-nld package |notapplicable | |SSSD compatibility check |notapplicable | |Clvmd and cmirrord daemon management. |notapplicable | |Removal of scsi-target-utils |notapplicable | |Configuration for warnquota tool |notapplicable | |Disk quota tool warnquota moved into quota-warnquota package |notapplicable | |Quorum implementation |notapplicable | |fix krb5kdc config file |notapplicable | |cgroups configuration compatibility check |notapplicable | |SCL collections |notapplicable | |NIS Makefile back-up |notapplicable | |NIS server maps check |notapplicable | |NIS server MAXUID and MAXGID limits check |notapplicable | |NIS server config file back-up |notapplicable | |KDE Desktop Environment underwent several design modifications in CentOS 7 release |pass | |several kernel networking drivers not available in CentOS 7 |pass | |several kernel storage drivers not available in CentOS 7 |pass | |Compatibility Between iptables and ip6tables |pass | |Information on time-sync.target |pass | |OpenSSH sshd_config migration content |pass | |Luks encrypted partition |pass | |Architecture Support |pass | |Debuginfo packages |pass | |Cluster and High Availability |pass | |Read Only FHS directories |pass | |In-place Upgrade Requirements for the /usr/ Directory |pass | |CA certificate bundles modified |pass | |Developer Tool Set packages |pass | |Check for ethernet interface naming |pass | |User modification in /etc/rc.local and /etc/rc.d/rc.local |pass | |Plugable authentication modules (PAM) |pass | |System kickstart |pass | |Incorrect usage of reserved UID/GIDs |pass | |NIS ypbind config files back-up |pass | |MySQL configuration |informational | |VCS repositories |informational | |Removed options in coreutils binaries |informational | |Removed options in gawk binaries |informational | |Removed options in netstat binary |informational | |GMP library incompatibilities |informational | |CVS Package Split |informational | |NTP configuration |informational | |File Systems, Partitions and Mounts Configuration Review |informational | |SonameKept Reusable Dynamic Libraries |informational | |Removed .so libs |informational | |Foreign Perl modules |informational | |YUM |informational | |Reusable Configuration Files |fixed | |Replaced rpms |fixed | |package downgrades |fixed | |CUPS Browsing/BrowsePoll configuration |fixed | |OpenSSH sysconfig migration content |fixed | |State of LVM2 services. |fixed | |device-mapper-multipath configuration compatibility check |fixed | |Configuration Files to Review |needs_inspection | |File Lists for Manual Migration |needs_inspection | |Obsoleted rpms |needs_inspection | |w3m not available in CentOS 7 |needs_inspection | |Binary rebuilds |needs_inspection | |Python 2.7.5 |needs_inspection | |Ruby 2.0.0 |needs_inspection | |Check for usage of dangerous range of UID/GIDs |needs_inspection | |GNOME Desktop Environment underwent several design modifications in CentOS 7 release |needs_action | |Packages not signed by CentOS |needs_action | |Removed rpms |needs_action | |General |needs_action | |Sonamebumped libs |needs_action | |Content for enabling and disabling services based on CentOS 6 system |needs_action | |Hyper-V |fail | --------------------------------------------------------------------------------------------------------------- Tarball with results is stored here /root/preupgrade-results/preupg_results-200414105753.tar.gz . The latest assessment is stored in directory /root/preupgrade . Summary information: We found some critical issues. In-place upgrade is not advised. Read the file /root/preupgrade/result.html for more details. Upload results to UI by command: e.g. preupg -u http://127.0.0.1:8099/submit/ -r /root/preupgrade-results/preupg_results-*.tar.gz . Le résultat de l'analyse est enregistré dans un fichier html. Pour le lire installez **w3m** yum install w3m w3m-img w3m-el Puis [root@servername ~]# w3m preupgrade/result.html Ensuite, importez la clé CentOS 7 RPM rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7 Lancez l'upgrade centos-upgrade-tool-cli --network 7 --instrepo=http://mirror.centos.org/centos/7/os/x86_64 Si tout s'est bien passé, faite un reboot Mais ça n'a pas fonctionné pour moi... ===== Centos 8 ===== Ajouter Le dépot PowerTools yum install dnf-plugins-core yum config-manager --set-enabled PowerTools ou yum config-manager --set-enabled powertools yum repolist