Christopher Juckins

SysAdmin Tips, Tricks and other Software Tools

User Tools

Site Tools


rocky_linux_9_migration_notes

Rocky Linux 9 Migration Notes

NOTE: To migrate from Rocky Linux 8.x to 9, try these steps.

The notes below have been combined from CentOS 8 Migration Notes and CentOS 7 Migration Notes.
It is based on the Xfce Desktop Environment. MATE is available, see notes at bottom of the page.

Before Starting

  • Get inventory of users
    • Become familiar with what each one does and the crons they run
  • Ensure all scripts make their own log file directory
    • $log_dir = "/var/tmp/check_disk_space";
    • mkdir ("$log_dir", 0755);
  • Copy the following to external hard drive or other machine for restoration after upgrade
    • All users $HOME directories
    • Ensure crons are in each user's $HOME/crontab directory
    • Log files from /var/tmp/
    • /etc/ssh/*key*
      • Or, possibly the entire directory contents to prevent man-in-the-middle attack messages (testing needed)
    • /etc/hosts
    • /etc/samba/smb.conf
    • /var/lib/samba/private/passdb.tbd
    • /var/lib/samba/private/secrets.tbd
    • /etc/vsftpd/*

Installation

  • Perform a minimal or basic install of Rocky Linux 9
  • Backup /etc/selinux/config and change from enforcing to permissive. Reboot.
  • Run the Rocky Linux 9 bash setup script to get the usual extras, add-ons and other packages
  • Reboot target computer and login.
  • Since Xfce will be installed by running the bash script noted above, you can copy in pre-existing configs from another machine that already has Xfce installed.
  • Disable screensaver and power management
  • If necessary, disable WiFi LAN connection as root: nmcli radio wifi off
  • Create necessary user accounts
    • mate-user-admin is a graphical admin tool
  • Restore user's $HOME directories
    • Copy over non-hidden files/directories first
    • Then rsync other hidden directories in each user's $HOME one-by-one
  • Copy/merge in /etc/httpd/conf/httpd.conf (and all backup versions) from previous machine
  • Test password-restricted pages
  • Copy/merge in a known good /etc/php.ini file from previous machine
  • Ensure a php file loads correctly (localhost, 192.168.X.XX, 127.0.0.1)
  • Check httpd logs for any errors, such as mod security
    • Uninstall mod_security RPMs and restart apache if web pages cycle between Forbidden errors
  • Install phpMyAdmin and use these tips
    • Merge in config.inc.php from previous machine
    • Clear local browser history, then test
    • To create the phpmyadmin database, use the "Import" function and browse to the sql/create_tables.sql script (do this as root)
    • To move over users, export from phpMyAdmin on old machine and cut-past into the Import function on new machine.
      • If problematic, save to a .sql file locally and use the Import function.
  • Set up Samba users, passwords, shares (for security cameras)
    • Make sure service is running and will start at boot.
    • Check output with: testparm -v
    • The above still needs to be tested
  • VSFTP (for security cameras)
  • Setup ddclient:
  • Setup duckdns updater cron
  • Setup ydns updater cron
  • Rsync over /var/www/html/
    • Test pages for proper display
    • Check httpd logs for errors
  • Restore and test crons for each user
    • Check that each cron job runs and the specified log directory exists
  • Check network connections and make sure active connection comes up at boot time
  • Restore Thunderbird profile
  • Restore Firefox profile
  • Restore VirtualBox and all machines
  • Restore Remmina profiles
    • $HOME/.local/share/remmina and $HOME/.config/remmina
  • Test ASMAD for processing end-to-end
  • Install ClamAV
  • Install local printer
    • Use http://localhost:631/admin and my local username/password for credentials
    • Use AppSocket/HP JetDirect to add printer by IP address with socket nomenclature
    • Choose driver Foomatic/hl1250 en
    • Use option settings to make it the default printer and use 600x600 DPI quality
    • Test using enscript filename.txt (old a2ps command)
  • Local RPMs
    • NVIDIA
    • passwordsafe
    • Slack
    • sunwait
      • Test with /usr/bin/sunwait -v sun down -0:01:00 33.640411N 84.419853W
    • VirtualBox
  • Check any remaining /etc/yum.repos.d/* configuration setup
  • Mount /disk2 (see adding_a_second_hard_drive)
  • Add CPU graph and Weather Info to panel
    • Packages are xfce4-cpugraph-plugin and xfce4-weather-plugin which are part of the bash install script noted near top of this page
    • Right-click top panel > Add New Items
    • Add CPU Graph, Weather Info
  • Adjust top and bottom panels
    • Reverse positions
    • Make top panel 24px with icons at fixed 22px
    • Bottom panel 24px with icons at fixed 16px
    • Top panel has these buttons:
      • Show desktop, separator, calculator, xterm, gedit, chrome, chrome beta, firefox, app finder, file manager, screenshot, keepass, xfreerdp, shortcut to security cams, VirtualBox, Remmina
    • Stop the Keyring popup GUI when starting Chrome (see this post)
      • cd ~/.local/share/keyrings; mv login.keyring login.keyring.IGNORE
      • Log out and log back in or reboot

Post Installation

  • As root, use alpine to check email from crons that indicate any errors or failures

Other Notes

MATE is now available. See MATE Documentation

  • Add System Monitor to panel
    • dnf -y install mate-system-monitor
    • Right-click top panel > Add to Panel
    • In the "Find an item to add to the panel:" search box, enter "System Monitor" and click Add
    • Moving display of current CPU usage should appear

Known issues

  • SHA-1 security signing is not supported on RHEL9 (see RedHat blog post)
    • /etc/cron.daily/google-chrome fails because of this
      • Probably not a critical issue since Chrome can be updated via dnf
rocky_linux_9_migration_notes.txt · Last modified: 2023/07/18 17:41 by juckins