Christopher Juckins

SysAdmin Tips, Tricks and other Software Tools

User Tools

Site Tools


rocky_linux_9_migration_notes

Rocky Linux 9 Migration Notes

Below notes have been combined from CentOS 8 Migration Notes and CentOS 7 Migration Notes so modifications may be needed.

Before Starting

  • Get inventory of users
    • Become familiar with what each one does and the crons they run
  • Make a test user on Rocky Linux 8 and one on Rocky Linux 9
    • Compare hidden files to see if anything changed between OSs
    • This allows for easy migrating of data for users' $HOME directories
    • Alternatively, just copy over the non-hidden files content first. Then rsync other $HOME directories one-by-one
  • Ensure all scripts make their own log file directory
    • $log_dir = "/var/tmp/check_disk_space";
    • mkdir ("$log_dir", 0755);
    • Should crons write to /tmp and then have a daily script that checks cron logs for errors?
  • Copy the following to external hard drive or other machine for restoration after upgrade
    • All users $HOME directories
    • Ensure crons are in each user's $HOME/crontab directory
    • Log files from /var/tmp/
    • /etc/ssh/*key*
      • Or, possibly the entire directory contents to prevent man-in-the-middle attack messages (testing needed)
    • /etc/hosts
    • /etc/samba/smb.conf
    • /var/lib/samba/private/passdb.tbd
    • /var/lib/samba/private/secrets.tbd
    • /etc/vsftpd/*

Installation

  • Perform a minimal or basic install of Rocky Linux 9
  • Run the Rocky Linux 9 bash setup script to get the usual extras, add-ons and other packages
  • Backup /etc/selinux/config and change from enforcing to permissive. Reboot.
  • Copy over Xfce configs in ~/.config/xfce4/ from another pre-configured machine
    • Reboot target computer and login.
    • See Xfce Desktop image for suggested icons, placement, etc.
  • Disable screensaver
  • Skip custom java runtime installation (does not seem to be needed)
  • If necessary, disable WiFi LAN connection as root: nmcli radio wifi off
  • Copy/merge in /etc/httpd/conf/httpd.conf from previous machine
  • Copy/merge in a known good /etc/php.ini file from previous machine
  • Ensure a php file loads correctly (localhost, 192.168.X.XX, 127.0.0.1)
  • Check httpd logs for any errors, such as mod security
  • Firewall configuration
      • Can also try firewall-config to clone rules from previous machine
      • firewall-cmd –zone=public –add-service=http –permanent
      • firewall-cmd –zone=public –add-service=https –permanent
      • Edit /etc/fail2ban/jail.local to ban for longer than default of 1 hour
      • Review /var/log/fail2ban.log output
      • As root, ensure service is running:
        • systemctl enable fail2ban
        • systemctl restart fail2ban
  • Install phpMyAdmin
    • Merge in configs from previous machine
    • Clear local browser history, then test
    • May need to comment out the cookie validity setting in config.inc.php
  • Set up Samba users, passwords, shares (for security cameras)
    • Make sure service is running and will start at boot.
    • Check output with: testparm -v
  • VSFTP (for security cameras)
  • Setup ddclient:
  • Setup duckdns updater cron
  • Setup ydns updater cron
  • Rsync over /var/www/html/
    • Test pages for proper display
    • Check httpd logs for errors
  • Restore and test crons for each user
    • Check that each cron job runs and the specified log directory exists
  • Check network connections and make sure active connection comes up at boot time
  • Install NoMachine Desktop
  • Restore Thunderbird profile
  • Restore Firefox profile
  • Restore VirtualBox and all machines
  • Test ASMAD for processing end-to-end
  • Install ClamAV
  • Install local printer
  • Check any remaining /etc/yum.repos.d/* configuration setup
    • For example, Ookla Speedtest
  • Mount /disk2 (see adding_a_second_hard_drive)

Post Installation

  • As root, use alpine to check email from crons that indicate any errors or failures

Unsolved Issues

  • Add System Monitor to panel
    • Requires mate-system-monitor and mate-applets RPMs
    • Right-click top panel > Add to Panel
    • In the "Find an item to add to the panel:" search box, enter "System Monitor" and click Add
    • Moving display of current CPU usage should appear
rocky_linux_9_migration_notes.txt · Last modified: 2022/10/05 07:55 by juckins