Christopher Juckins

SysAdmin Tips, Tricks and other Software Tools

User Tools

Site Tools


centos_8_migration_notes

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Last revisionBoth sides next revision
centos_8_migration_notes [2020/10/15 18:33] juckinscentos_8_migration_notes [2021/10/24 16:37] juckins
Line 1: Line 1:
 ==== CentOS 8 Migration Notes ==== ==== CentOS 8 Migration Notes ====
  
-<color #ed1c24>**Below is copied from [[centos_7_migration_notes|CentOS 7 Migration Notes]] so modify as needed.**</color>+When ssh'ing into a CentOS 8 machine via ssh and xterm, slow logouts usually occur. The fix is to not include ssh -X or ssh -Y. 
 + 
 +Consult [[virtualbox_for_centos_stream_notes|Virtual Box running CentOS8 Stream]] notes if dnf updates are slow 
 + 
 + 
 +Fix php for phpmyadmin: 
 + 
 +  dnf install php-gd php-ldap php-mysqlnd php-pecl-mcrypt php-pecl-zip 
 +   
 +Also comment out the cookie validity setting in config.inc.php 
 + 
 +Secure the mariadb 
 + 
 +Fix php.ini from known good config 
 + 
 +Configure $HOME/.vimrc as the following: 
 + 
 +  autocmd FileType * setlocal formatoptions-=c formatoptions-=r formatoptions-=o 
 + 
 +  # python3 -m pip install --upgrade pip 
 +  # python3 -m pip install dictor 
 +  # python3 -m pip install wheel 
 +  # python3 -m pip install httplib2 
 +  # python3 -m pip install PyMySQL 
 + 
 +PyMySQL v0.9.3 has been upgraded to v1.0.2 and requires modification to "connect" statement.
  
 Other fixes: Other fixes:
Line 30: Line 55:
     * uninstall [[https://phoenixnap.com/kb/setup-configure-modsecurity-on-apache|mod_security]] if necessary     * uninstall [[https://phoenixnap.com/kb/setup-configure-modsecurity-on-apache|mod_security]] if necessary
   * [[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-8|Add https and http to firewall rules]]   * [[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-8|Add https and http to firewall rules]]
 +    * ''firewall-cmd --zone=public --add-service=http --permanent''
 +    * ''firewall-cmd --zone=public --add-service=https --permanent''
   * <color #ed1c24>MySQL / MariaDB Database and users</color>   * <color #ed1c24>MySQL / MariaDB Database and users</color>
     * [[https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password|Reset mysql root password]]     * [[https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password|Reset mysql root password]]
Line 64: Line 91:
   * Note firewall rules   * Note firewall rules
     * [[https://serverfault.com/questions/655851/is-there-a-simple-way-to-export-import-firewalld-settings|Export Firewall Rules to new server]]     * [[https://serverfault.com/questions/655851/is-there-a-simple-way-to-export-import-firewalld-settings|Export Firewall Rules to new server]]
 +
 +<color #ed1c24>**Below is copied from [[centos_7_migration_notes|CentOS 7 Migration Notes]] so modify as needed.**</color>
  
 Must-Have functionality: Must-Have functionality:
   * Apache, MySQL, PHP, Perl   * Apache, MySQL, PHP, Perl
-  * [[https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7|fail2ban]]+  * [[https://www.cyberciti.biz/faq/how-to-protect-ssh-with-fail2ban-on-centos-8/|fail2ban]]
     * edit /etc/fail2ban/jail.local to ban for longer than default of 1 hour     * edit /etc/fail2ban/jail.local to ban for longer than default of 1 hour
     * Check logs: # cat /var/log/fail2ban.log     * Check logs: # cat /var/log/fail2ban.log
Line 305: Line 334:
  
   * For other run-level info, see [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-Managing_Services_with_systemd-Targets.html#sect-Managing_Services_with_systemd-Targets-Change_Default|RHEL7 Working with Systemd Targets]]   * For other run-level info, see [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-Managing_Services_with_systemd-Targets.html#sect-Managing_Services_with_systemd-Targets-Change_Default|RHEL7 Working with Systemd Targets]]
 +
 +After machine has been running for a few days, don't forget to use "alpine" and check for local email from crons that indicate any errors or failures.
centos_8_migration_notes.txt · Last modified: 2022/06/08 16:03 by juckins