centos_8_migration_notes
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
centos_8_migration_notes [2020/09/29 18:50] – created juckins | centos_8_migration_notes [2021/06/11 14:48] – juckins | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ==== CentOS8 Migration Notes ==== | + | ==== CentOS 8 Migration Notes ==== |
+ | |||
+ | Fix php for phpmyadmin: | ||
+ | |||
+ | dnf install php-gd php-ldap php-mysqlnd php-pecl-mcrypt php-pecl-zip | ||
+ | |||
+ | Also comment out the cookie validity setting in config.inc.php | ||
+ | |||
+ | Secure the mariadb | ||
+ | |||
+ | Fix php.ini from known good config | ||
+ | |||
+ | Configure $HOME/ | ||
+ | |||
+ | autocmd FileType * setlocal formatoptions-=c formatoptions-=r formatoptions-=o | ||
+ | |||
+ | # python3 -m pip install --upgrade pip | ||
+ | # python3 -m pip install dictor | ||
+ | # python3 -m pip install wheel | ||
+ | # python3 -m pip install httplib2 | ||
+ | # python3 -m pip install PyMySQL | ||
+ | |||
+ | PyMySQL v0.9.3 has been upgraded to v1.0.2 and requires modification to " | ||
+ | |||
+ | Other fixes: | ||
+ | |||
+ | * Disable WiFi LAN connection with ''# | ||
+ | * [[https:// | ||
+ | |||
+ | For migrating a system from a different OS, take note of this info first: | ||
+ | * Make a test user on CentOS7 and one on CentOS8 | ||
+ | * Compare hidden files to see if anything changed between OSs | ||
+ | * This allows for easy migrating of data for users' $HOME directories | ||
+ | * ensure all scripts make their own log file directory | ||
+ | * $log_dir = "/ | ||
+ | * mkdir (" | ||
+ | * should crons write to /tmp and then have a daily script that checks cron logs for errors? | ||
+ | |||
+ | |||
+ | ---- | ||
+ | |||
+ | |||
+ | * Get inventory of users | ||
+ | * /// | ||
+ | * Check that PHP is working correctly, localhost/ | ||
+ | * check httpd.conf | ||
+ | * /// | ||
+ | * Clear all history from Firefox before testing phpmyadmin | ||
+ | * Check httpd logs for any errors, such as mod security | ||
+ | * uninstall [[https:// | ||
+ | * [[https:// | ||
+ | * '' | ||
+ | * '' | ||
+ | * <color # | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * Note that the restore of mysql does not use " | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * They can be exported from phpmyadmin (but don't include root) | ||
+ | * export MySQL databases with mysqldump | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * list of installed perl modules | ||
+ | * grep all .pl script and look for the "use " calls | ||
+ | * Copy the following to accessible location for restore after upgrade | ||
+ | * users' $HOME | ||
+ | * crons should be in each user's $HOME/ | ||
+ | * various processing log files from /var/tmp/ | ||
+ | * / | ||
+ | * / | ||
+ | * / | ||
+ | * Samba users, passwords, shares (for security cameras) | ||
+ | * / | ||
+ | * / | ||
+ | * / | ||
+ | * Make sure service is running and will start at boot. | ||
+ | * Check output with: testparm -v | ||
+ | * nxclient-3.5.0-7.x86_64.rpm | ||
+ | * nxnode-3.5.0-9.x86_64.rpm | ||
+ | * nxserver-3.5.0-11.x86_64.rpm | ||
+ | * < | ||
+ | * verify services that should be installed/ | ||
+ | * Note firewall rules | ||
+ | * [[https:// | ||
+ | |||
+ | <color # | ||
+ | |||
+ | Must-Have functionality: | ||
+ | * Apache, MySQL, PHP, Perl | ||
+ | * [[https:// | ||
+ | * edit / | ||
+ | * Check logs: # cat / | ||
+ | * Ensure service is running: | ||
+ | * ''# | ||
+ | * ''# | ||
+ | * [[gmail_as_a_relay_on_linux|Set up Gmail Relay and test]] | ||
+ | * Disable SELinux | ||
+ | * VSFTP (for security cameras) | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * As root: setsebool -P allow_ftpd_full_access on | ||
+ | * As root: systemctl restart vsftpd | ||
+ | * As root: systemctl enable vsftpd | ||
+ | * Samba | ||
+ | * [[samba_file_sharing|Samba File Sharing]] | ||
+ | * < | ||
+ | * Virtual Box | ||
+ | * Working crontabs for each user | ||
+ | * [[python_notes|Install Python 3]] | ||
+ | |||
+ | Customize MATE Desktop displays | ||
+ | * Adjust System > Preferences > Look and Feel > Appearance | ||
+ | * Under Fonts tab, set all to size 8 | ||
+ | * Click Details, set resolution to 96 dpi, Smoothing Grayscale, Hinting Slight, Subpixel order RGB | ||
+ | * Firefox has large bullets for password masking. | ||
+ | * [[http:// | ||
+ | * Set up gnome-terminal preferences | ||
+ | * General: Font Monospace 9, No terminal bell | ||
+ | * Colors: Use colors from system theme | ||
+ | * Scrolling: unlimited | ||
+ | * Edit > Keyboard Shortcuts > Reset and Clear > F2 | ||
+ | * Disable Vim auto-indent following [[vim_tips|Vi and Vim Tips]] | ||
+ | |||
+ | Change setting on screensaver | ||
+ | * System > Preferences > Look and Feel > Screensaver | ||
+ | |||
+ | System Monitor (needs mate-system-monitor and mate-applets RPMs): | ||
+ | * Right-click top panel > Add to Panel | ||
+ | * In the "Find an item to add to the panel:" | ||
+ | * Moving display of current CPU usage should appear | ||
+ | |||
+ | ---- | ||
+ | |||
+ | Database work: | ||
+ | * Backup / | ||
+ | * Add this line under [mysqld] | ||
+ | * default-storage-engine=MyISAM | ||
+ | * Add other database users with phpMyAdmin GUI | ||
+ | * set username | ||
+ | * set password | ||
+ | * select "Grant all privileges on wildcard name (username\_%)." | ||
+ | * Dump all databases from source server to sql file then import on target server | ||
+ | * mysqldump -u USER -p' | ||
+ | * Ensure database on target server exists; create if necessary | ||
+ | * Tables migrated should be MyISAM | ||
+ | * Default database engine is InnoDB as<color # | ||
+ | * [[https:// | ||
+ | * The exact number of rows of InnoDB tables cannot be shown | ||
+ | * Need to monitor / | ||
+ | * <color # | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * Alternatively, | ||
+ | * systemctl start mariadb.service | ||
+ | * systemctl enable mariadb.service | ||
+ | * mysql DATABASE -h localhost -u USER -p' | ||
+ | |||
+ | Setup ddclient: | ||
+ | * https:// | ||
+ | * dnf -y install ddclient | ||
+ | * Use / | ||
+ | |||
+ | Setup duckdns: | ||
+ | * crontab is < | ||
+ | |||
+ | Setup ydns: | ||
+ | * crontab is < | ||
+ | |||
+ | Firewall notes: | ||
+ | * Using firewall-config to close rules from previous machine | ||
+ | |||
+ | rsync / | ||
+ | * test pages for proper display | ||
+ | * check soft link to phpmy is correct and current | ||
+ | |||
+ | Restore and test crons | ||
+ | * check that each cron job runs and the specified log directory exists | ||
+ | |||
+ | Backup / | ||
+ | |||
+ | Restore /etc/hosts from previous machine as needed | ||
+ | |||
+ | Then, edit the network connections and make sure the " | ||
+ | |||
+ | Download sample .png, .gif, .jpg images and test / | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | |||
+ | [[http:// | ||
+ | |||
+ | Install X2Go | ||
+ | |||
+ | Restore Thunderbird profile | ||
+ | |||
+ | Restore Firefox profile | ||
+ | |||
+ | Restore VirtualBox and all machines | ||
+ | |||
+ | Test ASMAD for processing end-to-end | ||
+ | |||
+ | SSH issues | ||
+ | * Cannot ssh to yourself passwordlessly with default / | ||
+ | * Comment out the following line, like this: | ||
+ | * # | ||
+ | * This allows you to NX into the CentOS7 machine | ||
+ | * Update to openssh seems to require RSA keys now and authorized_keys file instead of DSA keys and authorized_keys2 file | ||
+ | * Set " | ||
+ | * < | ||
+ | * < | ||
+ | * < | ||
+ | * Additional tips: http:// | ||
+ | * systemctl restart sshd.service | ||
+ | * User accounts at remove machines connecting to the new machine will need their $HOME/ | ||
+ | |||
+ | Update GRUB and splash screen | ||
+ | * My saved splash images with varying resolutions are in / | ||
+ | * <color # | ||
+ | * cd / | ||
+ | * cp grub grub.YYYYMMDD | ||
+ | * vi grub | ||
+ | * remove "rhgb quiet" from the GRUB_CMDLINE_LINUX call | ||
+ | * add " | ||
+ | * comment out this line: GRUB_TERMINAL_OUTPUT=" | ||
+ | * add this line: GRUB_BACKGROUND="/ | ||
+ | * Ensure it is rw-r-r permissions | ||
+ | * [[http:// | ||
+ | * For VM/ | ||
+ | * For UEFI-based installs, as root: grub2-mkconfig -o / | ||
+ | * More info at [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * Tried part about making a special font | ||
+ | * Tried installing all grub2* rpms | ||
+ | * Tried 640x480 small splash image | ||
+ | |||
+ | < | ||
+ | GRUB_CMDLINE_LINUX_DEFAULT=" | ||
+ | GRUB_GFXMODE=1024x768 | ||
+ | GRUB_GFXPAYLOAD_LINUX=keep | ||
+ | </ | ||
+ | |||
+ | Set default GRUB entry | ||
+ | * Download [[https:// | ||
+ | |||
+ | If GRUB2 no longer finds other OS to boot (such as Windows 10) use [[https:// | ||
+ | |||
+ | Install [[clamav_antivirus|ClamAV]] | ||
+ | |||
+ | Set up local printer(s) | ||
+ | * Note that Brother has notes for the HL2170W at https:// | ||
+ | * RPM #1: brhl2170wlpr-2.0.2-1.i386.rpm | ||
+ | * RPM #2: cupswrapperHL2170W-2.0.2-1.i386.rpm | ||
+ | * Use ' | ||
+ | * [[https:// | ||
+ | * dnf install cups | ||
+ | * service cups start | ||
+ | * systemctl enable cups | ||
+ | * Use System > Administration > Print Settings | ||
+ | * Add printer with Network JetDirect by IP address | ||
+ | * Default printer driver works OK | ||
+ | * Or use web browser: | ||
+ | * # dnf install httpd | ||
+ | * # / | ||
+ | * # dnf install system-config-firewall | ||
+ | * # firewall-config (or System > Administration > Firewall) | ||
+ | * Allow http and https as rules | ||
+ | * Sometimes the firewall-config command will hang if trying to run via an SSH connection to a remote machine | ||
+ | * To add a port manually follow [[http:// | ||
+ | * To close a port manually follow [[http:// | ||
+ | * # systemctl enable httpd | ||
+ | * Go to http:// | ||
+ | * Go to Administration tab | ||
+ | * Enter credentials for user root | ||
+ | * Add printer with prompts | ||
+ | |||
+ | Firewall Notes | ||
+ | |||
+ | * Adding an allowed port at the command line (from [[http:// | ||
+ | * Use this command to find your active zone(s): | ||
+ | |||
+ | < | ||
+ | firewall-cmd --get-active-zones | ||
+ | </ | ||
+ | |||
+ | * It will say either public, dmz, or something else. You should only apply to the zones required. | ||
+ | |||
+ | * If you want to add a port such as 8080 to your public zone: | ||
+ | |||
+ | < | ||
+ | firewall-cmd --zone=public --add-port=8080/tcp --permanent | ||
+ | </ | ||
+ | |||
+ | * Then remember to reload the firewall for changes to take effect. | ||
+ | |||
+ | < | ||
+ | firewall-cmd --reload | ||
+ | </ | ||
+ | |||
+ | Managing runlevel settings | ||
+ | |||
+ | * Switch to runlevel 5: | ||
+ | < | ||
+ | # systemctl isolate graphical.target | ||
+ | </ | ||
+ | |||
+ | * Initiate runlevel 5 by default: | ||
+ | |||
+ | < | ||
+ | # systemctl set-default graphical.target | ||
+ | </ | ||
+ | |||
+ | * Switch to runlevel 3: | ||
+ | < | ||
+ | # systemctl isolate multi-user.target | ||
+ | </ | ||
+ | |||
+ | * Initiate runlevel 3 by default: | ||
+ | |||
+ | < | ||
+ | # systemctl set-default multi-user.target | ||
+ | </ | ||
+ | |||
+ | * For other run-level info, see [[https:// | ||
+ | |||
+ | After machine has been running for a few days, don't forget to use " |
centos_8_migration_notes.txt · Last modified: 2022/06/08 16:03 by juckins