Centos 4.3

On my test server, I typed in yum update and let it run. When I went back and checked it, the server was at V 4.3 ;) Of course I did have to answer one question.
 
I think I'll wait till all you start finding the problems..lol
 
Any problem upgrading with up2date from CentOS 4.2 64 bit edition to 4.3 ? With DA installed of course.

Thanks
 
MyVPSHost-Susy said:
There is one big problem I am facing with CentOS 4.3 here:

http://bugs.centos.org/view.php?id=1245

Big security risk for me here, /bin/login , not taking any ssh logins, to w,/last, etc

The openssh upgrade mostly affects this that CentOS 4.2-4.3 does.

For now just got a small workaround.
Have you verified that you have the problem. It appears from the bug report that the problem only exists with certain VPS kernels, and with custom kernels compiled without auditing support.

We use standard kernels and no VPS and we don't see any problems here.

To test login through ssh, and then run the w command to see if your login is listed.

Jeff
 
jlasman said:
Have you verified that you have the problem. It appears from the bug report that the problem only exists with certain VPS kernels, and with custom kernels compiled without auditing support.

We use standard kernels and no VPS and we don't see any problems here.

To test login through ssh, and then run the w command to see if your login is listed.

Jeff

Yeah we did this a few weeks ago, after compiling the kernel with auditd on it fixes this issue for the domU VPSes. As the stock kernel compiles with it on by default, so it isn't really a CentOS issue.

So this is no longer a "bug", but everything else seems fine now with CentOS 4.3 .

Thanks
 
MyVPSHost-Susy said:
Yeah we did this a few weeks ago, after compiling the kernel with auditd on it fixes this issue for the domU VPSes. As the stock kernel compiles with it on by default, so it isn't really a CentOS issue.

So this is no longer a "bug", but everything else seems fine now with CentOS 4.3 .

Thanks

As far as I can see my kernel has audit support turned on and I still have the same problem. (Granted I'm on a kernel nearly 1 year old still) Not using VPS either

Probably going to upgrade within the next few days anyway as the server is being moved to a new rack anyway.
 
Last edited:
Kernel upgrade fixed the problem for me. Went from 2.6.12->2.6.16.12. Didn't change any options from the old cfg.
 
Hey,

You can do a :

yum -y update

That will update everything... HOWEVER

It is recommended (by me and probably others) to add the following line to your "yum.conf" file.

exclude=apache* caching-nameserver da_* exim* *ftp* httpd* kernel* mod_* mysql* MySQL* perl* php* sendmail*

That will keep yum from updating things that DA updates and a few others like the kernel and caching-nameserver.

Hope this helps.
David
 
Where can i find "yum.conf" file?


If I my apache, mysql and php update am I fearfully that I problems get with my serve. But this update also the OS?
 
Turkulerdiyari said:
Where can i find "yum.conf" file?


If I my apache, mysql and php update am I fearfully that I problems get with my serve. But this update also the OS?

nano /etc/yum.conf
 

[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=centos-release
tolerant=1
exactarch=1
retries=20
obsoletes=1
gpgcheck=1

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d


This is my yum.conf, where can i put this code :

exclude=apache* caching-nameserver da_* exim* *ftp* httpd* kernel* mod_* mysql* MySQL* perl* php* sendmail*
 
Hey,

I'd put it right after the line that reads:

gpgcheck=1


David
 
I have insert this code :

exclude=apache* caching-nameserver da_* exim* *ftp* httpd* kernel* mod_* mysql* MySQL* perl* php* sendmail*

But :

No Packages marked for Update/Obsoletion
 
Hey,

That's telling you nothing needs updated at this time.

David
 
Back
Top