Table des matières

CentOS

Description

Cette page me sers de mémo concernant l’utilisation de la distrib CentOS

Pour connaitre ça version de centos ⇒ http://www.binarytides.com/command-check-centos-version/

ls et les couleurs

Les couleurs de centos via un xterm font mal aux yeux. Les répertoires sont en bleu foncé sur du noir c’est pas terrible.
Bizarrement, les couleurs sont bien configuré mais toutes les options de brillance ont été désactivé pour les xterm.
Sur le net on trouve beaucoup de solution disant qu’il faut modifier ce qui suit

vi /etc/DIR_COLORS.xterm

Changer

DIR 00;34

Par

DIR 01;34

Mais le plus simple est de copier le fichier /etc/DIR_COLORS sur /etc/DIR_COLORS.xterm. Faite un backup si vous le souhaitez.

cp /etc/DIR_COLORS.xterm /etc/DIR_COLORS.xterm_save
cp /etc/DIR_COLORS /etc/DIR_COLORS.xterm

Pour mieux comprendre voici la table de correspondance

ISO 6429 color sequences are composed of sequences of numbers separated by semicolons. The most common codes are:

 0     to restore default color
 1     for brighter colors
 4     for underlined text
 5     for flashing text
30     for black foreground
31     for red foreground
32     for green foreground
33     for yellow (or brown) foreground
34     for blue foreground
35     for purple foreground
36     for cyan foreground
37     for white (or gray) foreground
40     for black background
41     for red background
42     for green background
43     for yellow (or brown) background
44     for blue background
45     for purple background
46     for cyan background
47     for white (or gray) background

Package

La doc en français ⇒ http://doc.fedora-fr.org/wiki/YUM_:_Configuration_du_gestionnaire_de_paquets

YUM est l’équivalent de apt-get

yum install paquet
yum search paquet
yum remove paquet
yum info paquet
yum update

Connaitre les dépôts configurés

yum repolist all

Faire le ménage dans les caches

yum clean all

ou

yum make cache

Chercher un package soit :

Afficher toutes les versions disponibles pour un paquet

yum --showduplicate list nom_du_paquet

Installer une version spécifique

yum install NOMPAQUET-VERSION
yum install wxGTK-2.8.12-1.el5.x86_64

Pour être sûr d’installer un paquet qui ne sera pas téléchargé sur un repo

yum --disablerepo=rpmforge install wxGTK-2.8.12-1.el5.x86_64

Télécharger et installer un paquet

yum localinstall https://serveur.com/paquet.rpm

ou avec rpm mais l’avantage de yum est qu’il nous proposera automatiquement d’installer toutes les dépendances qui vont bien.

rpm -hvi nomDuPaquet.rpm

( l’équivalent sous debian de yum localinstall est gdebi )

Rechercher quel paquet contient un fichier

yum whatprovides */libasound.so.2

Si vous rencontrez des problèmes, essayez la commande suivante

yum clean all
rpm --rebuilddb

Il existe des groupes de packages

yum grouplist

Pour avoir le détail d’un groupe

yum groupinfo "Nom du groupe de paquet"

Par exemple pour installer le système graphique X et les polices

yum -y groupinstall "X Window System" "Fonts"

Le réseau

Fichier /etc/sysconfig/network

Ce fichier utilisé pour spécifier les informations relatives à la configuration réseau est bien configuré par défaut et, à mon avis, n’est pas à modifier :

NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server1.example.com
GATEWAY=192.168.0.254

Toutefois, si vous modifiez ce fichier, le service réseau doit étre redémarré à l’aide de la commande suivante :

service network restart

Fichier /etc/sysconfig/network-scripts/ifcfg-eth0

Ce fichier représente l’un des fichiers d’interfaces les plus courants; il contrôle la première carte d’interface réseau Ethernet du système. La configuration générée dans ce fichier est correcte et n’est à modifier qu’en cas de besoin :

DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.0.255
HWADDR=00:0C:29:A7:0F:D7
IPADDR=192.168.0.1
NETMASK=255.255.255.0
NETWORK=192.168.0.0
ONBOOT=yes

Si vous modifiez la configuration renseignée dans ce fichier, l’interface réseau “eth0” doit être désactivé, puis réactivé pour que le changement soit prise en compte :

ifdown eth0
ifup eth0

routage

http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-networkscripts-static-routes.html

Créer un dépôt

yum install createrepo

Configurer votre serveur web pour qu’il pointe sur le répertoire contenant vos rpm, placez vous dans ce répertoire et lancez la commande createrepo

Lorsque vous ajouterez ou modifirez vos rpm, relancez simplement la commande createrepo dans le répertoire pour mettre à jour l’index.

Pour accéder au dépôt, créer un fichier mon_depot.repo dans /etc/yum/yum.repos.d

C’est vraiment un exemple simplifié, sans clé gpg, sans sous arborescence par architecture

[mon_depot]
name=Mon_depot
baseurl=http://mon_serveur/
enabled=1
#failovermethod=priority
gpgcheck=0
priority=1

Problèmes rencontrés

Base de données RPM cassée ⇒ http://major.io/2007/05/27/rpmdb-lock-table-is-out-of-available-locker-entries/

un yum install retourne segmentation fault ⇒ http://www.doxer.org/resolved-yum-returned-segmentation-fault-error-on-centos/

Yum update qui échoue / Impossible de supprimer un package

Je voulais faire un yum update et impossible à cause du message suivant

Running rpm_check_debug
ERROR with rpm_check_debug vs depsolve:
perl(DBD::Pg) is needed by munin-node-2.0.21-1.el6.noarch
perl(DBI) is needed by munin-node-2.0.21-1.el6.noarch
perl(LWP::Simple) is needed by munin-node-2.0.21-1.el6.noarch
perl(LWP::UserAgent) is needed by munin-node-2.0.21-1.el6.noarch
perl(LWP::UserAgent) is needed by munin-node-2.0.21-1.el6.noarch
perl(List::MoreUtils) is needed by munin-node-2.0.21-1.el6.noarch
perl(Net::SNMP) is needed by munin-node-2.0.21-1.el6.noarch
perl(XML::LibXML) is needed by munin-node-2.0.21-1.el6.noarch
perl(XML::Parser) is needed by munin-node-2.0.21-1.el6.noarch
** Found 23 pre-existing rpmdb problem(s), 'yum check' output follows:
intel-idb-common-146-13.0-2.noarch has missing requires of intel-compilerpro-common-146 = ('0', '13.0', None)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(DBD::Pg)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(DBI)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::Simple)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::UserAgent)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(LWP::UserAgent)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(List::MoreUtils)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(Net::SNMP)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(XML::LibXML)
munin-node-2.0.10-1.el6.noarch has missing requires of perl(XML::Parser)

Je décide alors de supprimer le paquet qui pose problème à savoir munin-node.noarch

# yum remove munin-node.noarch
Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package munin-node.noarch 0:2.0.10-1.el6 will be erased
--> Finished Dependency Resolution
Repository 'epel' is missing name in configuration, using id

Dependencies Resolved

===============================================================================================================================================================================================================
 Package                                           Arch                                          Version                                                Repository                                        Size
===============================================================================================================================================================================================================
Removing:
 munin-node                                        noarch                                        2.0.10-1.el6                                           installed                                        1.3 M

Transaction Summary
===============================================================================================================================================================================================================
Remove        1 Package(s)

Installed size: 1.3 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Error in PREUN scriptlet in rpm package munin-node
munin-node-2.0.10-1.el6.noarch was supposed to be removed but is not!
  Verifying  : munin-node-2.0.10-1.el6.noarch                                                                                                                                                              1/1 

Failed:
  munin-node.noarch 0:2.0.10-1.el6                                                                                                                                                                             

Complete!

La dernière ligne nous dit “Complete!” sauf que la ligne précédente nous dit un beau Failed
La commande suivante m’a permis de me débarrasser de munin-node

rpm -e --noscripts munin-node-2.0.10-1.el6.noarch

J’ai pu ensuite lancer mon yum update sans soucis

Disque dur

Commande pour rescanner les devices

echo 1 > /sys/class/scsi_device/device/rescan

Les services

Pour lister tous les services avec leur état de lancement au démarrage

chkconfig --list

installer le minimum pour avoir du display par ssh

yum install xorg-x11-xinit

Upgrade centos 6 vers centos 7

Mettez à jour vos paquets

yum update

Ajoutez un dépot

vi /etc/yum.repos.d/upgradetool.repo
[upg]
name=CentOS-$releasever – Upgrade Tool
baseurl=https://buildlogs.centos.org/centos/6/upg/x86_64/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Supprimez la version actuelle de openscape

yum erase openscap

Puis installez la version du nouveau depot que l’on a ajouté https://buildlogs.centos.org/centos/6/upg/x86_64/Packages/

yum install openscap-1.0.8-1.0.1.el6.centos.x86_64

Installez les 2 paquets qui serviront à l’upgrade

yum install redhat-upgrade-tool preupgrade-assistant-contents

La commande suivante doit retourner ceci

preupg -l
CentOS6_7

Lancez ensuite la commande preupg qui va analyser le système pour voir si l’upgrade va bien se passer

# preupg
Preupg tool doesn't do the actual upgrade.
Please ensure you have backed up your system and/or data in the event of a failed upgrade
 that would require a full re-install of the system from installation media.
Do you want to continue? y/n
y
Gathering logs used by preupgrade assistant:
All installed packages : 01/11 ...finished (time 00:00s)
All changed files      : 02/11 ...finished (time 00:39s)
Changed config files   : 03/11 ...finished (time 00:00s)
All users              : 04/11 ...finished (time 00:00s)
All groups             : 05/11 ...finished (time 00:00s)
Service statuses       : 06/11 ...finished (time 00:00s)
All installed files    : 07/11 ...finished (time 00:02s)
All local files        : 08/11 ...finished (time 00:06s)
All executable files   : 09/11 ...finished (time 00:04s)
RedHat signed packages : 10/11 ...finished (time 00:00s)
CentOS signed packages : 11/11 ...finished (time 00:00s)
Assessment of the system, running checks / SCE scripts:
001/096 ...done    (Configuration Files to Review)
002/096 ...done    (File Lists for Manual Migration)
003/096 ...done    (Bacula Backup Software)
004/096 ...done    (MySQL configuration)
005/096 ...done    (Migration of the MySQL data stack)
006/096 ...done    (Changes related to moving from MySQL to MariaDB)
007/096 ...done    (PostgreSQL upgrade content)
008/096 ...done    (GNOME Desktop Environment underwent several design modifications in CentOS 7 release)
009/096 ...done    (KDE Desktop Environment underwent several design modifications in CentOS 7 release)
010/096 ...done    (several graphic drivers not supported in CentOS 7)
011/096 ...done    (several input drivers not supported in CentOS 7)
012/096 ...done    (several kernel networking drivers not available in CentOS 7)
013/096 ...done    (several kernel storage drivers not available in CentOS 7)
014/096 ...done    (Names, Options and Output Format Changes in arptables)
015/096 ...done    (BIND9 running in a chroot environment check.)
016/096 ...done    (BIND9 configuration compatibility check)
017/096 ...done    (Move dhcpd/dhcprelay arguments from /etc/sysconfig/* to *.service files)
018/096 ...done    (DNSMASQ configuration compatibility check)
019/096 ...done    (Dovecot configuration compatibility check)
020/096 ...done    (Compatibility Between iptables and ip6tables)
021/096 ...done    (Net-SNMP check)
022/096 ...done    (Squid configuration compatibility check)
023/096 ...done    (Reusable Configuration Files)
024/096 ...done    (VCS repositories)
025/096 ...done    (Added and extended options for BIND9 configuration)
026/096 ...done    (Added options in DNSMASQ configuration)
027/096 ...done    (Packages not signed by CentOS)
028/096 ...done    (Obsoleted rpms)
029/096 ...done    (w3m not available in CentOS 7)
030/096 ...done    (report incompatibilities between CentOS 6 and 7 in qemu-guest-agent package)
031/096 ...done    (Removed options in coreutils binaries)
032/096 ...done    (Removed options in gawk binaries)
033/096 ...done    (Removed options in netstat binary)
034/096 ...done    (Removed options in quota tools)
035/096 ...done    (Removed rpms)
036/096 ...done    (Replaced rpms)
037/096 ...done    (GMP library incompatibilities)
038/096 ...done    (package downgrades)
039/096 ...done    (restore custom selinux configuration)
040/096 ...done    (General)
041/096 ...done    (samba shared directories selinux)
042/096 ...done    (CUPS Browsing/BrowsePoll configuration)
043/096 ...done    (CVS Package Split)
044/096 ...done    (FreeRADIUS Upgrade Verification)
045/096 ...done    (httpd configuration compatibility check)
046/096 ...done    (bind-dyndb-ldap)
047/096 ...done    (Identity Management Server compatibility check)
048/096 ...done    (IPA Server CA Verification)
049/096 ...done    (NTP configuration)
050/096 ...done    (Information on time-sync.target)
051/096 ...done    (OpenLDAP /etc/sysconfig and data compatibility)
052/096 ...done    (OpenSSH sshd_config migration content)
053/096 ...done    (OpenSSH sysconfig migration content)
054/096 ...done    (Configuration for quota_nld service)
055/096 ...done    (Disk quota netlink message daemon moved into quota-nld package)
056/096 ...done    (SSSD compatibility check)
057/096 ...done    (Luks encrypted partition)
058/096 ...done    (Clvmd and cmirrord daemon management.)
059/096 ...done    (State of LVM2 services.)
060/096 ...done    (device-mapper-multipath configuration compatibility check)
061/096 ...done    (Removal of scsi-target-utils)
062/096 ...done    (Configuration for warnquota tool)
063/096 ...done    (Disk quota tool warnquota moved into quota-warnquota package)
064/096 ...done    (Architecture Support)
065/096 ...done    (Binary rebuilds)
066/096 ...done    (Debuginfo packages)
067/096 ...done    (Cluster and High Availability)
068/096 ...done    (Quorum implementation)
069/096 ...done    (fix krb5kdc config file)
070/096 ...done    (File Systems, Partitions and Mounts Configuration Review)
071/096 ...done    (Read Only FHS directories)
072/096 ...done    (Sonamebumped libs)
073/096 ...done    (SonameKept Reusable Dynamic Libraries)
074/096 ...done    (Removed .so libs)
075/096 ...done    (In-place Upgrade Requirements for the /usr/ Directory)
076/096 ...done    (CA certificate bundles modified)
077/096 ...done    (Developer Tool Set packages)
078/096 ...done    (Hyper-V)
079/096 ...done    (Content for enabling and disabling services based on CentOS 6 system)
080/096 ...done    (Check for ethernet interface naming)
081/096 ...done    (User modification in /etc/rc.local and /etc/rc.d/rc.local)
082/096 ...done    (cgroups configuration compatibility check)
083/096 ...done    (Plugable authentication modules (PAM))
084/096 ...done    (Foreign Perl modules)
085/096 ...done    (Python 2.7.5)
086/096 ...done    (Ruby 2.0.0)
087/096 ...done    (SCL collections)
088/096 ...done    (System kickstart)
089/096 ...done    (YUM)
090/096 ...done    (Check for usage of dangerous range of UID/GIDs)
091/096 ...done    (Incorrect usage of reserved UID/GIDs)
092/096 ...done    (NIS ypbind config files back-up)
093/096 ...done    (NIS Makefile back-up)
094/096 ...done    (NIS server maps check)
095/096 ...done    (NIS server MAXUID and MAXGID limits check)
096/096 ...done    (NIS server config file back-up)
Assessment finished (time 14:02s)
Result table with checks and their results for main contents:
---------------------------------------------------------------------------------------------------------------
|Bacula Backup Software                                                                    |notapplicable     |
|Migration of the MySQL data stack                                                         |notapplicable     |
|Changes related to moving from MySQL to MariaDB                                           |notapplicable     |
|PostgreSQL upgrade content                                                                |notapplicable     |
|several graphic drivers not supported in CentOS 7                                         |notapplicable     |
|several input drivers not supported in CentOS 7                                           |notapplicable     |
|Names, Options and Output Format Changes in arptables                                     |notapplicable     |
|BIND9 running in a chroot environment check.                                              |notapplicable     |
|BIND9 configuration compatibility check                                                   |notapplicable     |
|Move dhcpd/dhcprelay arguments from /etc/sysconfig/* to *.service files                   |notapplicable     |
|DNSMASQ configuration compatibility check                                                 |notapplicable     |
|Dovecot configuration compatibility check                                                 |notapplicable     |
|Net-SNMP check                                                                            |notapplicable     |
|Squid configuration compatibility check                                                   |notapplicable     |
|Added and extended options for BIND9 configuration                                        |notapplicable     |
|Added options in DNSMASQ configuration                                                    |notapplicable     |
|report incompatibilities between CentOS 6 and 7 in qemu-guest-agent package               |notapplicable     |
|Removed options in quota tools                                                            |notapplicable     |
|restore custom selinux configuration                                                      |notapplicable     |
|samba shared directories selinux                                                          |notapplicable     |
|FreeRADIUS Upgrade Verification                                                           |notapplicable     |
|httpd configuration compatibility check                                                   |notapplicable     |
|bind-dyndb-ldap                                                                           |notapplicable     |
|Identity Management Server compatibility check                                            |notapplicable     |
|IPA Server CA Verification                                                                |notapplicable     |
|OpenLDAP /etc/sysconfig and data compatibility                                            |notapplicable     |
|Configuration for quota_nld service                                                       |notapplicable     |
|Disk quota netlink message daemon moved into quota-nld package                            |notapplicable     |
|SSSD compatibility check                                                                  |notapplicable     |
|Clvmd and cmirrord daemon management.                                                     |notapplicable     |
|Removal of scsi-target-utils                                                              |notapplicable     |
|Configuration for warnquota tool                                                          |notapplicable     |
|Disk quota tool warnquota moved into quota-warnquota package                              |notapplicable     |
|Quorum implementation                                                                     |notapplicable     |
|fix krb5kdc config file                                                                   |notapplicable     |
|cgroups configuration compatibility check                                                 |notapplicable     |
|SCL collections                                                                           |notapplicable     |
|NIS Makefile back-up                                                                      |notapplicable     |
|NIS server maps check                                                                     |notapplicable     |
|NIS server MAXUID and MAXGID limits check                                                 |notapplicable     |
|NIS server config file back-up                                                            |notapplicable     |
|KDE Desktop Environment underwent several design modifications in CentOS 7 release        |pass              |
|several kernel networking drivers not available in CentOS 7                               |pass              |
|several kernel storage drivers not available in CentOS 7                                  |pass              |
|Compatibility Between iptables and ip6tables                                              |pass              |
|Information on time-sync.target                                                           |pass              |
|OpenSSH sshd_config migration content                                                     |pass              |
|Luks encrypted partition                                                                  |pass              |
|Architecture Support                                                                      |pass              |
|Debuginfo packages                                                                        |pass              |
|Cluster and High Availability                                                             |pass              |
|Read Only FHS directories                                                                 |pass              |
|In-place Upgrade Requirements for the /usr/ Directory                                     |pass              |
|CA certificate bundles modified                                                           |pass              |
|Developer Tool Set packages                                                               |pass              |
|Check for ethernet interface naming                                                       |pass              |
|User modification in /etc/rc.local and /etc/rc.d/rc.local                                 |pass              |
|Plugable authentication modules (PAM)                                                     |pass              |
|System kickstart                                                                          |pass              |
|Incorrect usage of reserved UID/GIDs                                                      |pass              |
|NIS ypbind config files back-up                                                           |pass              |
|MySQL configuration                                                                       |informational     |
|VCS repositories                                                                          |informational     |
|Removed options in coreutils binaries                                                     |informational     |
|Removed options in gawk binaries                                                          |informational     |
|Removed options in netstat binary                                                         |informational     |
|GMP library incompatibilities                                                             |informational     |
|CVS Package Split                                                                         |informational     |
|NTP configuration                                                                         |informational     |
|File Systems, Partitions and Mounts Configuration Review                                  |informational     |
|SonameKept Reusable Dynamic Libraries                                                     |informational     |
|Removed .so libs                                                                          |informational     |
|Foreign Perl modules                                                                      |informational     |
|YUM                                                                                       |informational     |
|Reusable Configuration Files                                                              |fixed             |
|Replaced rpms                                                                             |fixed             |
|package downgrades                                                                        |fixed             |
|CUPS Browsing/BrowsePoll configuration                                                    |fixed             |
|OpenSSH sysconfig migration content                                                       |fixed             |
|State of LVM2 services.                                                                   |fixed             |
|device-mapper-multipath configuration compatibility check                                 |fixed             |
|Configuration Files to Review                                                             |needs_inspection  |
|File Lists for Manual Migration                                                           |needs_inspection  |
|Obsoleted rpms                                                                            |needs_inspection  |
|w3m not available in CentOS 7                                                             |needs_inspection  |
|Binary rebuilds                                                                           |needs_inspection  |
|Python 2.7.5                                                                              |needs_inspection  |
|Ruby 2.0.0                                                                                |needs_inspection  |
|Check for usage of dangerous range of UID/GIDs                                            |needs_inspection  |
|GNOME Desktop Environment underwent several design modifications in CentOS 7 release      |needs_action      |
|Packages not signed by CentOS                                                             |needs_action      |
|Removed rpms                                                                              |needs_action      |
|General                                                                                   |needs_action      |
|Sonamebumped libs                                                                         |needs_action      |
|Content for enabling and disabling services based on CentOS 6 system                      |needs_action      |
|Hyper-V                                                                                   |fail              |
---------------------------------------------------------------------------------------------------------------
Tarball with results is stored here /root/preupgrade-results/preupg_results-200414105753.tar.gz .
The latest assessment is stored in directory /root/preupgrade .
Summary information:
We found some critical issues. In-place upgrade is not advised.
Read the file /root/preupgrade/result.html for more details.
Upload results to UI by command:
e.g. preupg -u http://127.0.0.1:8099/submit/ -r /root/preupgrade-results/preupg_results-*.tar.gz .

Le résultat de l’analyse est enregistré dans un fichier html. Pour le lire installez w3m

yum install w3m w3m-img w3m-el

Puis

[root@servername ~]# w3m preupgrade/result.html

Ensuite, importez la clé CentOS 7 RPM

rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7

Lancez l’upgrade

centos-upgrade-tool-cli --network 7 --instrepo=http://mirror.centos.org/centos/7/os/x86_64

Si tout s’est bien passé, faite un reboot

Mais ça n’a pas fonctionné pour moi…

Centos 8

Ajouter Le dépot PowerTools

yum install dnf-plugins-core
yum config-manager --set-enabled PowerTools

ou

yum config-manager --set-enabled powertools
yum repolist