CentOS/RHEL 5 Notes

CentOS 5 has been out for about a week now, and in this time I’ve installed 3 new servers with it – one i386 and two x86_64.

Again, the CentOS developers have done an excellent job of rebuilding Redhat’s SRPMs, and as usual Redhat have developed an outstanding distribution.

I’ve found a few quirks in the new release, as well as a few interesting changes from CentOS 4. This post just details some of my notes, from the perspective as a server administrator (ie: some of this isn’t relevant for a desktop user).

Installation
You will note that there are a large number of CDROMs to download – 6CDs for i386 and 7CDs for x86_64. Don’t be alarmed, you can get by with much less.

The installer will tell you want CDROMs you need at install time – I found for a typical LAMP build, I needed #1, #2, #3 (with only a few packages taken from #2 & #3)

However, you may find it easier & less data-cap hungry to download just CD #1, and perform a minimal installation, and then download everything else you need via yum. Plus, remember that you will also get any updates installed at the same time this way.

Speaking of updates… there are also quite a few updates for download, due to the freeze time before release. I was setting up an x86_64 mirror, and downloaded 1.3GB in updates! Fortunately most people will have far less than that. :-)

Note about OpenOffice.org
OpenOffice.org now has x86_64 RPMs, so there is no need to install i386 RPMs to support it on 64bit systems.*

* TBH, I haven’t installed it myself, but I’ve seen the RPM list showing it.

Yum & Repositories
I noticed this issue with both CentOS 4 and 5 – Yum will often choose bad mirrors from the mirrorlist file – for example, choosing overseas servers, when an official NZ server exists. And in some cases, the servers it has chosen are horribly slow.

You will probably find that you get better download speeds by editing /etc/yum.repos.d/CentOS-Base.repo and commenting out the mirrorlist lines and setting the baseurl line to point to your preferred local mirror.

Yum-updatesd
CentOS 5 has a new daemon called yum-updatesd, which replaces the old cron job yum update scripts. This script will check frequently for updates, and can be configured to download and/or install them.

However, this daemon is bad for a server, since it doesn’t run at a fixed time – I really don’t want my server downloading and updating software during the busiest time of day thank-you-very-much!

So, it’s bad for a server. Let’s disable it with:

service yum-updatesd stop
chkconfig --level 2345 yum-updatesd off

Plus I don’t like the idea of having a full blown daemon where a simple cronjob will do the trick perfectly fine – seems like overkill. (although it appears yum-updatesd has some useful features like dbus integration for desktop users)

So, I replace it with my favorite cronjob script approach, by running the following (as root of course):

cat << "EOF" > /etc/cron.daily/yumupdate
 #!/bin/sh
 # install any yum updates
/usr/bin/yum -R 10 -e 0 -d 1 -y update yum > /var/log/yum.cron.log 2>&1
/usr/bin/yum -R 120 -e 0 -d 1 -y update  >> /var/log/yum.cron.log 2>&1
if [ -s /var/log/yum.cron.log ]; then
        /bin/cat /var/log/yum.cron.log | mail root -s "Yum update information" 2>&1
fi
EOF

and if you want to clear up the package cache every week:

cat << "EOF" > /etc/cron.weekly/yumclean
 #!/bin/sh
 # remove downloaded packages
/usr/bin/yum -e 0 -d 0 clean packages
EOF

(please excuse the leading space infront of the comments ( #) – it is to work around a limitation in my site, which I will fix shortly. Just copy the lines into a text editor and remove the space, before pasting into the terminal)

This will install 2 scripts that get run around 4:00am (as set in /etc/crontab) which will check for updates and download and install any automatically. If there were any updates, it will send out an email, if there were none, it doesn’t send anything.

(of course, you need sendmail/whatever_fucking_email_server_you_like configured correctly to get the alerts!)

You can change yum to just download and not install the updates (just RTFM), but I’ve never had a update break anything – update compatibility and quality is always very high – so I use automatic updates.

CentOS 4 had something very similar to this, with the addition of a bootscript to turn the cronjobs on and off.

* Please check out the update at the bottom of this page for futher information on this.

Apache Quirks
If you are using indexing in apache (indexing is when you can browse folders/files), you may find that the browsing page looks small and nasty.

The fix is to edit /etc/httpd/conf/httpd.conf and change the following line:

IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable

to

IndexOptions FancyIndexing VersionSort NameWidth=*

This should make the index full screen again. I’m not sure if this is an apache bug, a distro bug or some other weird issue, because I’m sure HTMLTable isn’t supposed to be all small like that.

(FYI: CentOS 4 did not have the HTMLTable option active)

SSL Certificates
Redhat have moved things around with SSL certificates a lot. What it seems like happened (I have only had a quick look into this), is that they were going to provide a new tool to generate SSL certificates called “genkey” but pulled it out before release.

To make things more fun, they also removed the good old Makefile that was in /etc/httpd/conf/ that allowed you to generate SSL certificates & keys.

However, I found the same Makefile again in /etc/pki/tls/certs/

Vi vs. Vim
If you use vi/vim, you should check this posting out.

That’s all the issues that I’ve come across for now – if I find any more things to note, I’ll update this page with the information and put a note on my blog.

UPDATE – 1st May 2007

A reader has informed me that the old RHEL 4 style cronjobs can be found in a package called ‘yum-cron’. Just like in RHEL 4, it installs a service called “yum” which you can enable with:

chkconfig --level 2345 yum on
service yum start

However, I will point out a small difference with the Redhat cron script vs. my cron script – the Redhat one will send the list of updates as an email from cron (as cron simply emails the output the script produces). My version allows you to change the subject, and the destination email address. This may/may not be useful to you.

The same reader also points out that there is another package in the CentOS extras repository called ‘yum-updateonboot’, which installs bootscripts which update your system when you boot it, and will then reboot if there are any kernel updates needed.

You should be able to (I haven’t tried myself) enable it with:

chkconfig --level 2345 yum-updateonboot on
This entry was posted in Uncategorized and tagged . Bookmark the permalink.