rocky_linux_9_migration_notes
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
rocky_linux_9_migration_notes [2022/06/26 17:46] – juckins | rocky_linux_9_migration_notes [2024/01/11 11:21] (current) – juckins | ||
---|---|---|---|
Line 1: | Line 1: | ||
==== Rocky Linux 9 Migration Notes ==== | ==== Rocky Linux 9 Migration Notes ==== | ||
+ | NOTE 1: The fresh install instructions below were tested on Rocky Linux 9.3 | ||
- | <color #ed1c24>**Below is copied from [[centos_8_migration_notes|CentOS 8 Migration Notes]] so modify/refine as needed.**</color> | + | NOTE 2: Upgrading Rocky Linux 9.2 to 9.3 in late November 2023 resulted in ImageMagick errors. |
- | Check: Does ssh' | + | NOTE 3: To migrate from Rocky Linux 8.x to 9, [[https:// |
- | Consult | + | //The notes below have been combined from [[centos_8_migration_notes|CentOS 8 Migration Notes]] and [[centos_7_migration_notes|CentOS 7 Migration Notes]].// |
+ | //It is based on the **[[https:// | ||
+ | __Before Starting__ | ||
- | Fix php for phpmyadmin: | + | * Get inventory of users (see /home) |
+ | * Become familiar with what each one does and the crons they run | ||
+ | * Copy the following to external hard drive or other machine | ||
+ | * All users $HOME directories | ||
+ | * Ensure crons are in each user's $HOME/ | ||
+ | * ''/ | ||
+ | * ''/ | ||
+ | * ''/ | ||
+ | * ''/ | ||
+ | * ''/ | ||
- | dnf install php-gd php-ldap php-mysqlnd php-pecl-mcrypt php-pecl-zip | + | __Installation__ |
- | + | ||
- | Also comment out the cookie validity setting in config.inc.php | + | |
- | Secure | + | * Perform a minimal or basic install of Rocky Linux 9 |
+ | * Backup ''/ | ||
+ | * Run the [[dnf_installer_bash_script_rocky_linux_9|Rocky Linux 9 bash setup script]] to get the usual extras, add-ons and other packages | ||
+ | * Reboot target computer and login. | ||
- | Fix php.ini from known good config | + | * Since Xfce will be installed by running the bash script noted above, you can copy in pre-existing configs from another machine that already has Xfce installed. |
+ | * Copy files in '' | ||
+ | * '' | ||
+ | * See {{: | ||
+ | * [[https:// | ||
- | Configure $HOME/ | + | * Disable screensaver and power management |
+ | * If necessary, disable WiFi LAN connection | ||
+ | * [[https:// | ||
- | | + | * Create necessary user accounts |
+ | * '' | ||
+ | * Restore user's $HOME directories | ||
+ | * Copy over non-hidden files/ | ||
+ | * You can use rsync with the option to [[rsync_ignore_hidden_files|ignore hidden files]] | ||
+ | * Then rsync other hidden directories in each user's $HOME one-by-one, taking only what is needed | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
+ | * Ensure a php file loads correctly (localhost, 192.168.X.XX, | ||
+ | * Check httpd logs for any errors, such as mod security | ||
+ | * Uninstall [[https:// | ||
- | PyMySQL v0.9.3 has been upgraded | + | * Firewall configuration |
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * Can also try '' | ||
+ | * [[https:// | ||
+ | * '' | ||
+ | * '' | ||
+ | * [[https:// | ||
+ | * Edit ''/ | ||
+ | * Review ''/ | ||
+ | * As root, ensure service is running: | ||
+ | * '' | ||
+ | * '' | ||
- | Other fixes: | + | * MySQL / MariaDB Database - Installation |
+ | * [[https:// | ||
+ | * How to [[https:// | ||
- | * Disable WiFi LAN connection with ''# | + | * Install |
- | * [[https://unix.stackexchange.com/questions/ | + | * Merge in config.inc.php from previous machine |
+ | * Clear local browser history, then test | ||
+ | * To create the phpmyadmin database, use the " | ||
+ | * To move over users, export from phpMyAdmin on old machine and cut-past into the Import function on new machine. | ||
+ | * If problematic, | ||
- | For migrating a system from a different OS, take note of this info first: | + | |
- | | + | * [[http://www.uptimemadeeasy.com/linux/mysql-migrate-users-server-server/|Migrate MySQL users to new machine]] |
- | * Compare hidden files to see if anything changed between OSs | + | * They can be exported from phpMyAdmin (but don't include root) |
- | * This allows for easy migrating of data for users' $HOME directories | + | |
- | * ensure all scripts make their own log file directory | + | |
- | * $log_dir = "/ | + | |
- | * mkdir (" | + | |
- | * should crons write to /tmp and then have a daily script that checks cron logs for errors? | + | |
- | + | ||
- | + | ||
- | ---- | + | |
- | + | ||
- | + | ||
- | * Get inventory of users | + | |
- | * /// | + | |
- | * Check that PHP is working correctly, localhost/ | + | |
- | * check httpd.conf | + | |
- | * /// | + | |
- | * Clear all history from Firefox before testing phpmyadmin | + | |
- | * Check httpd logs for any errors, such as mod security | + | |
- | * uninstall [[https:// | + | |
- | * [[https:// | + | |
- | * '' | + | |
- | * '' | + | |
- | * <color #ed1c24>MySQL / MariaDB Database | + | |
- | * [[https://www.digitalocean.com/community/tutorials/ | + | |
- | * [[https:// | + | |
- | * [[https:// | + | |
* [[https:// | * [[https:// | ||
- | * Note that the restore of mysql does not use "--all-databases" | + | * Note that the restore of mysql does not use '' |
* [[https:// | * [[https:// | ||
- | * [[http:// | + | * Export |
- | * They can be exported from phpmyadmin (but don't include root) | + | * [[https:// |
- | * export | + | * [[http:// |
- | * [[https:// | + | * When done, check format |
- | * [[http:// | + | * To change database engine, see [[https://phoenixnap.com/kb/myisam-vs-innodb|these notes]] |
- | * list of installed perl modules | + | |
- | * grep all .pl script and look for the "use " calls | + | |
- | * Copy the following to accessible location for restore after upgrade | + | |
- | * users' $HOME | + | |
- | * crons should be in each user's $HOME/ | + | |
- | * various processing log files from /var/tmp/ | + | |
- | * / | + | |
- | * / | + | |
- | * / | + | |
- | * Samba users, passwords, shares (for security cameras) | + | |
- | * / | + | |
- | * / | + | |
- | * / | + | |
- | * Make sure service is running and will start at boot. | + | |
- | * Check output with: testparm -v | + | |
- | * nxclient-3.5.0-7.x86_64.rpm | + | |
- | * nxnode-3.5.0-9.x86_64.rpm | + | |
- | * nxserver-3.5.0-11.x86_64.rpm | + | |
- | * < | + | |
- | * verify services that should be installed/ | + | |
- | * Note firewall rules | + | |
- | * [[https://serverfault.com/questions/655851/is-there-a-simple-way-to-export-import-firewalld-settings|Export Firewall Rules to new server]] | + | |
- | <color #ed1c24>**Below is copied from [[centos_7_migration_notes|CentOS 7 Migration Notes]] so modify as needed.**</ | + | |
+ | | ||
+ | |||
+ | | ||
- | Must-Have functionality: | ||
- | * Apache, MySQL, PHP, Perl | ||
- | * [[https:// | ||
- | * edit / | ||
- | * Check logs: # cat / | ||
- | * Ensure service is running: | ||
- | * ''# | ||
- | * ''# | ||
* [[gmail_as_a_relay_on_linux|Set up Gmail Relay and test]] | * [[gmail_as_a_relay_on_linux|Set up Gmail Relay and test]] | ||
- | * Disable SELinux | + | * Set up [[samba_file_sharing|Samba]] users, passwords, shares (for security cameras) |
+ | * Credentials are stored in my secure password file | ||
+ | * command will be: '' | ||
+ | * Make sure service is running and will start at boot. | ||
+ | * Check output with: '' | ||
+ | * The security cameras will need to reformat their nas disk locations to store video files | ||
* VSFTP (for security cameras) | * VSFTP (for security cameras) | ||
- | * [[http:// | + | |
+ | | ||
* [[https:// | * [[https:// | ||
- | * As root: setsebool -P allow_ftpd_full_access on | + | * As root: '' |
- | * As root: systemctl restart vsftpd | + | * As root: '' |
- | * As root: systemctl enable vsftpd | + | * As root: '' |
- | * Samba | + | * Setup ddclient: |
- | * [[samba_file_sharing|Samba File Sharing]] | + | * https:// |
- | * < | + | * '' |
- | * Virtual Box | + | * Use '' |
- | * Working crontabs for each user | + | |
- | * [[python_notes|Install Python 3]] | + | * Setup ydns updater |
- | + | * Rsync over '' | |
- | Customize MATE Desktop displays | + | * Test pages for proper display |
- | * Adjust System > Preferences > Look and Feel > Appearance | + | * Check httpd logs for errors |
- | * Under Fonts tab, set all to size 8 | + | * Restore and test crons for each user |
- | * Click Details, set resolution to 96 dpi, Smoothing Grayscale, Hinting Slight, Subpixel order RGB | + | * Check that each cron job runs and the specified log directory exists |
- | * Firefox has large bullets for password masking. | + | * Modify '' |
- | * [[http:// | + | * Check network connections and make sure active connection |
- | * Set up gnome-terminal preferences | + | * Restore Thunderbird profile |
- | * General: Font Monospace 9, No terminal bell | + | * [[https://www.virtualbox.org/wiki/Linux_Downloads|Install VirtualBox]] |
- | * Colors: Use colors from system theme | + | * Migrate/ |
- | * Or, black background with text color #d3d7cf (from GNOME Dark in RHEL9) | + | * I had to create and self-sign MOK (Machine Owner Key) certificates. |
- | * Scrolling: unlimited | + | * My Google Doc "Linux Replacement 2024" has some crude notes |
- | * Edit > Keyboard Shortcuts > Reset and Clear > F2 | + | |
- | * Disable Vim auto-indent following [[vim_tips|Vi and Vim Tips]] | + | * '' |
- | + | | |
- | Change setting on screensaver | + | * All perl scripts |
- | * System > Preferences > Look and Feel > Screensaver | + | * Required modules should be included in the [[dnf_installer_bash_script_rocky_linux_9|dnf installer bash script]] |
- | + | * All python scripts | |
- | System Monitor (needs mate-system-monitor and mate-applets RPMs): | + | * Check my amtrak_status |
- | * Right-click top panel > Add to Panel | + | * Install [[clamav_antivirus|ClamAV]] |
- | * In the "Find an item to add to the panel:" | + | * Install local printer |
- | * Moving display of current CPU usage should appear | + | * Use http://localhost: |
- | + | * If you don't use root credentials, | |
- | ---- | + | * Then restart cups '' |
- | + | * Use AppSocket/ | |
- | Database work: | + | * Choose driver '' |
- | * Backup / | + | * Use option settings to make it the default printer and use 600x600 DPI quality |
- | * Add this line under [mysqld] | + | * Test using enscript filename.txt |
- | * default-storage-engine=MyISAM | + | * See if printer |
- | * Add other database users with phpMyAdmin GUI | + | * '' |
- | * set username | + | * Local RPMs |
- | * set password | + | * perl-Math-Round |
- | * select "Grant all privileges on wildcard name (username\_%)." | + | * Slack |
- | * Dump all databases from source server to sql file then import on target server | + | * sunwait |
- | * mysqldump -u USER -p'PASS' | + | |
- | * Ensure database on target server exists; create if necessary | + | * Check any remaining '' |
- | * Tables migrated should be MyISAM | + | * For example, |
- | * Default database engine is InnoDB as<color # | + | * Mount /disk2 (see [[adding_a_second_hard_drive]]) |
- | * [[https:// | + | * Install |
- | * The exact number of rows of InnoDB tables cannot be shown | + | * See repo at https:// |
- | * Need to monitor / | + | * Use this instead of [[https://gorilla.dp100.com/downloads/|Gorilla password manager]] |
- | * <color # | + | * v1.16 works with '' |
- | * [[http:// | + | * Binary is /usr/bin/pwsafe |
- | * [[http:// | + | * Add CPU graph and Weather Info to panel |
- | * [[https:// | + | * Packages are xfce4-cpugraph-plugin and xfce4-weather-plugin which are part of the bash install script noted near top of this page |
- | * Alternatively, | + | * Right-click top panel > Add New Items |
- | * systemctl start mariadb.service | + | * Add CPU Graph, Weather Info |
- | * systemctl enable mariadb.service | + | * Adjust top and bottom panels |
- | * mysql DATABASE -h localhost -u USER -p' | + | * Reverse positions |
- | + | * Make top panel 24px with icons at fixed 22px | |
- | Setup ddclient: | + | * Bottom panel 24px with icons at fixed 16px |
- | * https:// | + | * Top panel has these buttons: |
- | * dnf -y install ddclient | + | * Show desktop, separator, calculator, xterm, gedit, chrome, chrome beta, firefox, app finder, file manager, screenshot, password safe, keepassxc, shortcut to security cams, VirtualBox, Remmina, XfreeRDP |
- | * Use / | + | * Stop the Keyring popup GUI when starting Chrome |
- | + | * '' | |
- | Setup duckdns: | + | * Log out and log back in or reboot |
- | * crontab is < | + | |
- | + | ||
- | Setup ydns: | + | |
- | * crontab is < | + | |
- | + | ||
- | Firewall notes: | + | |
- | * Using firewall-config to close rules from previous machine | + | |
- | + | ||
- | rsync / | + | |
- | * test pages for proper display | + | |
- | * check soft link to phpmy is correct and current | + | |
- | + | ||
- | Restore and test crons | + | |
- | * check that each cron job runs and the specified log directory exists | + | |
- | + | ||
- | Backup | + | |
- | + | ||
- | Restore /etc/hosts from previous machine as needed | + | |
- | + | ||
- | Then, edit the network connections and make sure the " | + | |
- | + | ||
- | Download sample .png, .gif, .jpg images and test / | + | |
- | * [[http://juckins.net/dokuwiki/lib/ | + | |
- | * [[http://juckins.net/dokuwiki/lib/exe/fetch.php? | + | |
- | * [[http:// | + | |
- | + | ||
- | [[http://www.if-not-true-then-false.com/2014/ | + | |
- | + | ||
- | Install X2Go | + | |
- | + | ||
- | Restore | + | |
- | + | ||
- | Restore Firefox profile | + | |
- | + | ||
- | Restore VirtualBox | + | |
- | + | ||
- | Test ASMAD for processing end-to-end | + | |
- | + | ||
- | SSH issues | + | |
- | | + | |
- | * Comment out the following line, like this: | + | |
- | * # | + | |
- | * This allows you to NX into the CentOS7 machine | + | |
- | * Update to openssh seems to require RSA keys now and authorized_keys file instead of DSA keys and authorized_keys2 file | + | |
- | * Set "PermitRootLogin no" | + | |
- | * < | + | |
- | * < | + | |
- | * < | + | |
- | * Additional tips: http://ubuntuforums.org/archive/ | + | |
- | * systemctl restart | + | |
- | * User accounts at remove machines connecting | + | |
- | + | ||
- | Update GRUB and splash screen | + | |
- | * My saved splash images with varying resolutions are in / | + | |
- | * <color # | + | |
- | * cd /etc/ | + | |
- | * cp grub grub.YYYYMMDD | + | |
- | * vi grub | + | |
- | * remove "rhgb quiet" from the GRUB_CMDLINE_LINUX call | + | |
- | * add " | + | |
- | * comment out this line: GRUB_TERMINAL_OUTPUT=" | + | |
- | * add this line: GRUB_BACKGROUND="/ | + | |
- | * Ensure it is rw-r-r permissions | + | |
- | * [[http:// | + | |
- | * For VM/BIOS-based installs, | + | |
- | * For UEFI-based installs, as root: grub2-mkconfig -o / | + | |
- | * More info at [[https://access.redhat.com/documentation/ | + | |
- | * [[https://www.centos.org/forums/ | + | |
- | * [[https:// | + | |
- | * [[http:// | + | |
- | * [[https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/ | + | |
- | * Tried part about making a special font | + | |
- | * Tried installing all grub2* rpms | + | |
- | * Tried 640x480 small splash image | + | |
- | + | ||
- | < | + | |
- | GRUB_CMDLINE_LINUX_DEFAULT="video=1024x768" | + | |
- | GRUB_GFXMODE=1024x768 | + | |
- | GRUB_GFXPAYLOAD_LINUX=keep | + | |
- | </ | + | |
- | + | ||
- | Set default GRUB entry | + | |
- | * Download [[https:// | + | |
- | + | ||
- | If GRUB2 no longer finds other OS to boot (such as Windows 10) use [[https:// | + | |
- | + | ||
- | Install | + | |
- | + | ||
- | Set up local printer(s) | + | |
- | * Note that Brother has notes for the HL2170W at https://support.brother.com/g/b/ | + | |
- | * RPM #1: brhl2170wlpr-2.0.2-1.i386.rpm | + | |
- | * RPM #2: cupswrapperHL2170W-2.0.2-1.i386.rpm | + | |
- | * Use 'lpstat' | + | |
- | * [[https://access.redhat.com/documentation/ | + | |
- | | + | |
- | * service cups start | + | |
- | * systemctl enable cups | + | |
- | * Use System > Administration > Print Settings | + | |
- | | + | |
- | * Default printer driver works OK | + | |
- | * Or use web browser: | + | |
- | * # dnf install httpd | + | |
- | * # / | + | |
- | * # dnf install system-config-firewall | + | |
- | * # firewall-config (or System > Administration > Firewall) | + | |
- | * Allow http and https as rules | + | |
- | * Sometimes the firewall-config command will hang if trying | + | |
- | * To add a port manually follow [[http:// | + | |
- | * To close a port manually follow [[http:// | + | |
- | * # systemctl enable httpd | + | |
- | * Go to http:// | + | |
- | * Go to Administration tab | + | |
- | * Enter credentials for user root | + | |
- | * Add printer | + | |
- | + | ||
- | Firewall Notes | + | |
- | + | ||
- | | + | |
- | * Use this command to find your active zone(s): | + | |
- | + | ||
- | < | + | |
- | firewall-cmd --get-active-zones | + | |
- | </code> | + | |
- | + | ||
- | * It will say either public, dmz, or something else. You should only apply to the zones required. | + | |
- | + | ||
- | * If you want to add a port such as 8080 to your public zone: | + | |
- | + | ||
- | < | + | |
- | firewall-cmd --zone=public --add-port=8080/tcp --permanent | + | |
- | </code> | + | |
- | + | ||
- | * Then remember to reload the firewall for changes to take effect. | + | |
- | + | ||
- | < | + | |
- | firewall-cmd --reload | + | |
- | </ | + | |
- | + | ||
- | Managing runlevel settings | + | |
- | + | ||
- | * Switch to runlevel 5: | + | |
- | < | + | |
- | # systemctl isolate graphical.target | + | |
- | </ | + | |
- | + | ||
- | | + | |
- | < | + | __Post Installation__ |
- | # systemctl set-default graphical.target | + | |
- | </ | + | |
- | * Switch | + | * In /root/bin on old/new machines, see final_sync_for_new_server.txt |
- | < | + | * As root, use '' |
- | # systemctl isolate multi-user.target | + | * Cleanup old files in root, my $HOME |
- | </code> | + | * Fix date [[https:// |
+ | * Setting should be in .bashrc | ||
- | * Initiate runlevel 3 by default: | + | __Other Notes__ |
- | < | + | MATE is now available. See [[https:// |
- | # systemctl set-default multi-user.target | + | |
- | </code> | + | |
- | * For other run-level info, see [[https:// | + | * Add System Monitor to panel |
+ | * '' | ||
+ | * Right-click top panel > Add to Panel | ||
+ | * In the "Find an item to add to the panel:" | ||
+ | * Moving display of current CPU usage should appear | ||
- | After machine has been running for a few days, don't forget to use " | + | __Known issues__ |
+ | * SHA-1 security signing is not supported on RHEL9 ([[https:// | ||
+ | * / | ||
+ | * Probably not a critical issue since Chrome can be updated via dnf |
rocky_linux_9_migration_notes.1656279994.txt.gz · Last modified: 2022/06/26 17:46 by juckins