==== CentOS 6 Migration Notes ==== RedHat Guides:\\ http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Migration_Planning_Guide/chap-Migration_Guide-Package_Changes.html Fedora Guides:\\ http://www.mjmwired.net/resources/ ---- **Jan 2016** Disable kdump by removing kdump and kexec-tools RPMs. ---- **Dec 2015** Set up VSFTPD * https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-on-centos-6--2 * http://serverfault.com/questions/243816/vsftpd-allow-access-only-for-certain-users * https://radu.cotescu.com/vsftpd-and-symbolic-links/ * Make the target directory at the location you want it as the desired user * Make the target directory in the desired user's $HOME * as root: mount --bind /real/directory /ideal/directory * restart vsftpd * Check all settings in /etc/vsftpd **July 2014:\\ 1) Kernel panic and boot failure on Dell Inspiron 6400: (VFS cannot open root device "UUID=xxxx)** Find the DVD+RW CentOS network install disc. It should be the 32-bit version as it was created from http://mirror.centos.org/centos/6/os/i386 Boot into rescue mode and follow steps to get a root prompt. \\ chroot /mnt/sysimage rpm -qa |grep kernel | sort Determine the last known good working kernel. Then issue a yum reinstall , such as: yum reinstall kernel-2.6.32-431.20.3.el6.i686 Reboot machine, make sure to choose that kernel at the grub menu. System may need to relabel SELinux, which can take a very long time. Then try to reinstall the other kernel which caused the initial problem. Other helpful links: http://dartron.wordpress.com/2014/06/06/kernel-panic-not-syncing-vfs-unable-to-mount-root-fs-on-unknown-block00/ https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sec-Verifying_the_Initial_RAM_Disk_Image.html http://bugs.centos.org/view.php?id=6310 ---- **February 2014:\\ 1) Kernel panic and boot failure on Dell Inspiron 6400: (VFS cannot open root device "UUID=xxxx)** Reinstall the latest kernel with: yum reinstall kernel-2.6.32-431.5.1.el6.i686 Tip from http://bugs.centos.org/view.php?id=6327 ---- From a DVD, install CentOS6 minimal or basic server * set network to local * choose proper time * remove logical volumes * /boot = 500MB * / = fill to max * swap = 2*(installed RAM) Boot 1st time Make sure network is up, then ssh to another device and get .bashrc settings for root and non-root users. Edit /boot/grub/grub.conf * make copy first * remove hiddenmenu * remove rhgb quiet * copy in preferred splash.xpm.gz file (CentOS 5?) * add vga=MODE at end of kernel parameter to initially boot into higher resolution * vga=0x317 is 16-bit 1024x768 * vga=0x375 is 16-bit 1600x1200 * other video modes listed at [[https://lkml.org/lkml/2006/8/5/15]] and [[http://www.gregfolkert.net/info/vesa-display-codes.html]] If you want to keep the yum cache of packages downloaded, installed, edit /etc/yum.conf and change the cache setting to "1" (verify that will save files) cd centos6 \\ get packages from Windows PS \\ Set up extra CentOS repositories in /etc/yum.repos.d \\ [[http://wiki.centos.org/AdditionalResources/Repositories]] epel.repo \\ [[http://www.rackspace.com/knowledge_center/article/installing-rhel-epel-repo-on-centos-5x-or-6x]] adobe-linux-i386.repo \\ adobe-linux-x86_64.repo \\ [[http://www.if-not-true-then-false.com/2010/install-adobe-acrobat-pdf-reader-on-fedora-centos-red-hat-rhel/]] epel-testing.repo \\ google-chrome.repo \\ google-talkplugin.repo \\ install and run install-my-yum-packages.bash - it needs the EPEL repository for last few packages #!/bin/bash # # install-my-yum-packages.bash echo "***************** UPDATING CURRENT PACKAGES ********************" echo "*****************************************************************" yum -y update echo "********************* NOW INSTALLING PACKAGE ********************" echo "Additional Development" echo "*****************************************************************" yum -y groupinstall "Additional Development" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Base" echo "*****************************************************************" yum -y groupinstall "Base" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Debugging Tools" echo "*****************************************************************" yum -y groupinstall "Debugging Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Compatibility libraries" echo "*****************************************************************" yum -y groupinstall "Compatibility libraries" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Console internet tools" echo "*****************************************************************" yum -y groupinstall "Console internet tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Desktop" echo "*****************************************************************" yum -y groupinstall "Desktop" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Desktop Debugging and Performance Tools" echo "*****************************************************************" yum -y groupinstall "Desktop Debugging and Performance Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Desktop Platform" echo "*****************************************************************" yum -y groupinstall "Desktop Platform" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Desktop Platform Development" echo "*****************************************************************" yum -y groupinstall "Desktop Platform Development" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Development tools" echo "*****************************************************************" yum -y groupinstall "Development tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Fonts" echo "*****************************************************************" yum -y groupinstall "Fonts" echo "********************* NOW INSTALLING PACKAGE ********************" echo "General Purpose Desktop" echo "*****************************************************************" yum -y groupinstall "General Purpose Desktop" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Graphical Administration Tools" echo "*****************************************************************" yum -y groupinstall "Graphical Administration Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Graphics Creation Tools" echo "*****************************************************************" yum -y groupinstall "Graphics Creation Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Hardware monitoring utilities" echo "*****************************************************************" yum -y groupinstall "Hardware monitoring utilities" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Input Methods" echo "*****************************************************************" yum -y groupinstall "Input Methods" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Internet Applications" echo "*****************************************************************" yum -y groupinstall "Internet Applications" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Internet Browser" echo "*****************************************************************" yum -y groupinstall "Internet Browser" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Java Platform" echo "*****************************************************************" yum -y groupinstall "Java Platform" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Legacy UNIX compatibility" echo "*****************************************************************" yum -y groupinstall "Legacy UNIX compatibility" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Legacy X Window System compatibility" echo "*****************************************************************" yum -y groupinstall "Legacy X Window System compatibility" echo "********************* NOW INSTALLING PACKAGE ********************" echo "MySQL Database client" echo "*****************************************************************" yum -y groupinstall "MySQL Database client" echo "********************* NOW INSTALLING PACKAGE ********************" echo "MySQL Database server" echo "*****************************************************************" yum -y groupinstall "MySQL Database server" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Networking Tools" echo "*****************************************************************" yum -y groupinstall "Networking Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Office Suite and Productivity" echo "*****************************************************************" yum -y groupinstall "Office Suite and Productivity" echo "********************* NOW INSTALLING PACKAGE ********************" echo "PHP Support" echo "*****************************************************************" yum -y groupinstall "PHP Support" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Performance Tools" echo "*****************************************************************" yum -y groupinstall "Performance Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Perl Support" echo "*****************************************************************" yum -y groupinstall "Perl Support" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Print Server" echo "*****************************************************************" yum -y groupinstall "Print Server" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Printing client" echo "*****************************************************************" yum -y groupinstall "Printing client" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Remote Desktop Clients" echo "*****************************************************************" yum -y groupinstall "Remote Desktop Clients" echo "********************* NOW INSTALLING PACKAGE ********************" echo "SNMP Support" echo "*****************************************************************" yum -y groupinstall "SNMP Support" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Scientific support" echo "*****************************************************************" yum -y groupinstall "Scientific support" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Security Tools" echo "*****************************************************************" yum -y groupinstall "Security Tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Server Platform" echo "*****************************************************************" yum -y groupinstall "Server Platform" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Server Platform Development" echo "*****************************************************************" yum -y groupinstall "Server Platform Development" echo "********************* NOW INSTALLING PACKAGE ********************" echo "System Management" echo "*****************************************************************" yum -y groupinstall "System Management" echo "********************* NOW INSTALLING PACKAGE ********************" echo "System administration tools" echo "*****************************************************************" yum -y groupinstall "System administration tools" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Systems Management Messaging Server support" echo "*****************************************************************" yum -y groupinstall "Systems Management Messaging Server support" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Web Server" echo "*****************************************************************" yum -y groupinstall "Web Server" echo "********************* NOW INSTALLING PACKAGE ********************" echo "Web Servlet Engine" echo "*****************************************************************" yum -y groupinstall "Web Servlet Engine" echo "********************* NOW INSTALLING PACKAGE ********************" echo "X Window System" echo "*****************************************************************" yum -y groupinstall "X Window System" echo "********************* NOW INSTALLING EXTRAS ********************" echo "*****************************************************************" yum -y install rdesktop yum -y install xorg-x11-fonts* yum -y install ImageMagick* yum -y install kdegraphics yum -y install lftp* yum -y install ssmtp* yum -y install ftp yum -y install mutt yum -y install NetworkManager* yum -y install openconnect* yum -y install *vpn* yum -y install ncftp yum -y install dkms ---- Install NVIDIA for Dell Inspiron 6400 - GeForce Go 7300 \\ For CENTOS6.4, the driver 304.64 works. Go to init 3, run NVIDIA installer, it is okay to add in DKMS kernel building, and accept all defaults. Build a new xorg.conf at the end. Helpful links: [[http://en.gentoo-wiki.com/wiki/Dell_Inspiron_6400#xorg-x11_7.4]] [[http://www.linuxquestions.org/questions/linux-newbie-8/xorg-1-6-5-cant-find-the-xorg-conf-file-to-configure-keyboard-776707/]] [[http://www.freebsd.org/doc/en/books/handbook/x-config.html]] For CENTOS6.3, the driver 275.43 works. Go to init 3, run NVIDIA installer and accept all defaults \\ init 5 \\ http://forums.opensuse.org/english/get-technical-help-here/hardware/469753-dell-latitude-d620-nvs110m-install-nvidia-g02-drivers-black-screen.html ---- edit /etc/inittab to run level 5 edit /etc/hosts to ensure the local IP and machine name is added reboot \\ answer first time GUI questions login as root to add non-root user \\ logout, login as non-root user informational - make a default xorg.conf \\ http://linuxscoop.blogspot.com/2010/12/missing-xorg-file-on-fedora-14.html \\ http://fedoraproject.org/wiki/How_to_create_xorg.conf informational - set /etc/X11/xorg.conf for non-blanking \\ http://www.x.org/releases/X11R7.6/doc/man/man5/xorg.conf.5.xhtml#heading5 \\ http://www.x.org/archive/X11R6.8.0/doc/xorg.conf.5.html \\ https://wiki.archlinux.org/index.php/Display_Power_Management_Signaling informational - yum-presto not needed as it uses the delta rpm feature to save bandwidth \\ ---- Fonts * System > Preferences > Appearance, Fonts * Change size as appropriate * The best resolution for 1600x1200 screen is 96 DPI (under Rendering > Details) * MS Fonts available at http://www.mjmwired.net/resources/mjm-fedora-f16.html#ttf (really not needed with RHEL6) Mouse pointer (change default black to white): \\ System > Preferences > Appearance, Theme, System > Customize > Pointer (dmz white) ---- Java: * http://www.mjmwired.net/resources/mjm-fedora-f16.html#java \\ * http://www.oracle.com/technetwork/java/javase/downloads/jre7u7-downloads-1836441.html Note some errors may occur upon java install but performance does not seem to be affected: # rpm -Uvh jre-7u7-linux-x64.rpm Preparing... ########################################### [100%] 1:jre ########################################### [100%] Unpacking JAR files... rt.jar... Error: Could not open input file: /usr/java/jre1.7.0_07/lib/rt.pack jsse.jar... Error: Could not open input file: /usr/java/jre1.7.0_07/lib/jsse.pack charsets.jar... Error: Could not open input file: /usr/java/jre1.7.0_07/lib/charsets.pack localedata.jar... Error: Could not open input file: /usr/java/jre1.7.0_07/lib/ext/localedata.pack The following command worked to fix Java after upgrading from Firefox 3.x to 10.x; run command and restart Firefox. /usr/sbin/alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so libjavaplugin.so /usr/java/default/lib/i386/libnpjp2.so 20000 ---- Flash: * http://www.mjmwired.net/resources/mjm-fedora-f16.html#flash ---- Google Chrome: * [[http://www.if-not-true-then-false.com/2010/install-google-chrome-with-yum-on-fedora-red-hat-rhel/]] Load gmail, download google talk plugin * Check to see if a default communication device can be configured, or ring through the speakers ---- USB HEADSET: * Plugin to right-side lower USB jack on DELL Inspiron, type dmesg at root prompt to see if it was found by system usb 5-2: USB disconnect, address 2 \\ usb 5-1: new full speed USB device using uhci_hcd and address 3 \\ usb 5-1: New USB device found, idVendor=0d8c, idProduct=000c \\ usb 5-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 \\ usb 5-1: Product: C-Media USB Headphone Set \\ usb 5-1: configuration #1 chosen from 1 choice \\ input: C-Media USB Headphone Set as /devices/pci0000:00/0000:00:1d.3/usb5/5-1/5-1:1.3/input/input14 \\ generic-usb 0003:0D8C:000C.0005: input,hidraw3: USB HID v1.00 Device [C-Media USB Headphone Set ] on usb-0000:00:1d.3-1/input3 \\ System > Preferences > Sound \\ Sound effects: choose default theme, default alert sound, Enable window/button sounds checked \\ Hardware: highlight Audio Adapter 1 Output/1 Input, Profile: Analog Stereo Output + Analog Mono Input \\ Input: choose Audio Adapter Analog Mono \\ Output: choose Audio Adapter Analog Stereo, Connector is Analog Speakers Saving settings: ~/.pulse If using speakers, for Hardware: Profile for Internal Audio: Analog Stereo Duplex Informational, Fedora Making a Podcast: \\ http://fedoraproject.org/wiki/How_to_make_a_podcast \\ http://www.ehow.com/how_8594686_use-gigaware-headset-ubuntu.html Installed Google packages known to work with USB Headset: google-earth-stable-6.2.1.6014-0.i386 \\ google-chrome-stable-18.0.1025.151-130497.i386 \\ google-talkplugin-2.8.5.0-1.i386 Pulse Audio Volume Control (pavucontrol) is supposed to allow source output volume control: [[http://freedesktop.org/software/pulseaudio/pavucontrol/]] Installed libglademm24 from yum, pavucontrol-0.9.10-2.fc15.i686.rpm from website above. ---- [[vpn_notes|Open Source VPN software]] [[vpn_client|Cisco AnyConnect VPN software]] ---- [[CAC Authentication]] ---- Install SSMTP and mutt for GMail using notes at [[gmail_on_linux_with_ssmtp|]]\\ Install yum update email notification cron \\ ---- Set up MySQL and PHP * Configure iptables to allow ftp, ssh, http, https * Secure MySQL: [[http://www.if-not-true-then-false.com/2010/install-mysql-on-fedora-centos-red-hat-rhel/]] * edit php.ini to increase defaults for upload/POST size thresholds * install php-pear-MDB2-Driver-mysqli and restart mysqld/httpd * install php-mcrypt and restart mysqld/httpd * install php-mbstring and restart mysqld/httpd * Export current users, check permissions, export databases one-by-one from old system and import into new system using phpmyadmin If you need to see specific php settings, create a phpinfo.php page: ---- Install phpMyAdmin * Install from .tar.bz2 file * Upgrading from 4.2.10 on CentOS 6 to 4.3.9 on Centos 7 required reconciling the config files * Updating blowfish secret * Creating a missing "phpmyadmin" table (see .sql scripts in examples folder) * run phpmyadmin's special examples/script file which sets up its proper tables and databases * Close the web browser completely and clean history * Add phpmyadmin's control user * Additional phpmyadmin notes located at [[installing_phpmyadmin_tips|]] ---- Migrate web content to new httpd server * reconcile any changes to new httpd.conf * move over everything in web DocumentRoot directory ---- Turn off unneeded services * System > Administration > Services Links for security hardening: * [[http://sysadminwiki.net/wiki/index.php?title=Red_Hat_Hardening_Guide]] * [[http://www.cyberciti.biz/faq/linux-default-services-which-are-enabled-at-boot/]] * [[http://www.ihackforfun.eu/index.php?title=improve-security-by-removing-services&more=1&c=1&tb=1&pb=1]] * [[http://www.techrepublic.com/article/linux-101-a-comprehensive-list-of-available-linux-services/6018195]] * [[http://www.mjmwired.net/resources/mjm-services-f12.html]] These services have been turned off on Dell Inspiron 6400 laptop: abrt* (automated bug reporting tool) atd (very old cron daemon) avahi-daemon (apple bonjour, zero-conf) avahi-dnsconfd bluetooth fcoe (fiber over ethernet) iscsi iscsid jexec (Sun java helper, monitor java apps for trouble) lldpad (fiber channel over ethernet) lvm2-monitor (logical volume management) mdmonitor (software RAID and LVM) netfs (NFS) nfslock (NFS) ntpdate (functionality provided by ntpd – monitor for any clock issues) openct (PC smart card reader) pcscd (PC smart card reader) rpcgssd (NFS v4) rpcidmapd (NFS v4) These additional services have been turned off on HP Pavilion P7-1235: autofs kdump mcelogd (amd kernel module not supported except in debug kernel) These additional services have been turned off on ASUS UL30V laptop running virtual CentOS6 cachefilesd cgconfig edac isdn pppoe-server tog-pegasus trace-cmd ---- [[clamav_antivirus | Clam Antivirus Notes]] ---- How to Pimp out CentOS for Desktop use * [[http://www.dedoimedo.com/computers/centos-perfect-desktop.html]] ---- Install Skype for Linux - note that touch tones do not always work properly \\ * [[http://www.skype.com/intl/en-us/get-skype/on-your-computer/linux/]] ---- Thunderbird tweaks * Enigmail 1.4.4 ---- Firefox tweaks * Appearance * Qute 6++ (custom mod) 1.3.5 as of 11 Feb 2015 * Extensions (current) * Classic Theme Restorer 1.2.9.3 * ShowIP 2.7.7 * Web Developer 1.2.5 * Extensions (old) * Live HTTP Headers 0.17 * RSS Icon 1.0.6 * Status-4-Evar 2012.07.08.17 * wmlbrowser 0.7.26 * DownloadHelper 4.9.9 [[http://joelinoff.com/blog/?p=321]] edit ~/.mozilla/firefox/*.default/chrome/userChrome.css to include: /* set the URL bar font characteristics */ #urlbar { font-family: monospace !important; font-size: 18pt !important; color: #4665A2 !important; /* * This has a very interesting effect on my linux hosts, * it causes parts of the URL to be highlighted. * I tested it on Ubuntu 11.04 and CentOS 5.5. * Do NOT do this on windows. The effect is different. */ background-color: red !important; /* * You can change the width of your address bar using * max-width. If this is not specified it uses up * the maximum possible space. */ /* I prefer the default. */ /* max-width: 1024px !important; /* by pixels */ /* max-width: 80em !important; /* by characters */ } Restart firefox. Sometimes the toolbar icons don't line up properly; make sure to clean out ~/.mozilla/firefox completely (backup bookmarks first) ---- Install Brother HL2170-W printer * Make sure cups is turned on in chkconfig and service is running * Use System > Administration > Printing to add new printer * Follow prompts and add by IP address (use network JetDirect option) * Possibly helpful: [[https://wiki.archlinux.org/index.php/Brother_HL-2170W]] ---- Install Virtual Box, see [[virtualbox_notes|]] on separate page. ---- Install NX/NoMachine * If you try to connect and fails, make sure /etc/hosts has the machine's IP and name * [[http://forums.fedoraforum.org/showthread.php?t=223609]] ---- Make 'service ntpd restart' sync to a clock source each time: [[http://tech.darke.net/2011/12/19/ntp-force-update/]] and [[https://www.centos.org/modules/newbb/viewtopic.php?topic_id=8842]] ---- Disable direct ssh root login by editing PermitRootLogin in /etc/ssh/sshd_config ---- Specific hardware notes about HP P7-1235: The onboard LAN card did not work. Needed to use an external NIC card (see [[recommended_network_card_for_linux|]] ) The onboard sound card is producing very very low volumes; barely audible: $ lspci |grep Audio 00:14.2 Audio device: Advanced Micro Devices [AMD] Hudson Azalia Controller (rev 01) May need to install a dedicated sound card. ---- Screenshot of desktop {{:rhel6.4_desktop.png?200|}} ---- switchdesk package missing; how to set default window manager: [[http://grokbase.com/t/centos/centos/1197gpyx55/centos-6-making-kde-default]] \\ [[http://lists.centos.org/pipermail/centos/2007-January/031534.html]] When a user logs into the system, they can choose which desktop to load after they click their username but before entering their password (an icon will appear with the available desktops). The system will remember the last-selected desktop. ---- Install fail2ban https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-6 Tail /var/log/secure to view authentication attempts. Looking for blocked IP addresses: # iptables -L |grep REJE ; iptables -L |grep REJE |wc Disable email notifications so /var/log/maillog doens't keep filling up http://serverfault.com/questions/257439/stop-fail2ban-stop-start-notifications