PDA

View Full Version : upgrade from 9?



tarzy
26th October 2009, 03:27 AM
I just read that 9 is history, I've had it for a year, and it's flawless, including any security issues due to a mistake I made in setup. But I have always wondered about any upgrades that I may do. This machine is absolutely perfect in every way, and essentially is only a headless web server.

So my question to all here who likely know much more than I, is: should/can I upgrade without any problems? I must have all the webs running up other than a half hour or so offline.

Thanks, Craig

scottro
26th October 2009, 03:32 AM
Upgrade to 11 or 12? I don't believe you will be able to do so.

Upgrading with Fedora is getting smoother, but it's never been, as far as I can tell, treated in the same way that Debian, or Debian based, such as Ubuntu, treat it.. The old line about Debian was that it was harder to install (this was back in the 90's, I think), but you only have to install it once.

RedHat based systems haven't put as much emphasis on upgrading between versions. Sometimes you get lucky. But you would, I think, have to go from 9 to 10 to 11.

Fedora does seem, from what I can see, working on making this easier and easier. I suspect that eventually, it will be as smooth as Debian upgrades (which aren't, of course, always perfect), but not yet.

tarzy
26th October 2009, 03:50 AM
Thanks for the well read reply! So, if my 9 is only a web server, has absolutely no issues whatsoever, and runs like a Swiss Watch, would I not be best to simply leave it alone?

I'm not competent to get the mail server running yet, and use a Windows machine for my mail server. They try to hack it all the time, but it's secure too.

I should add that it took me around 4 months to get this machine working the way it does. I am self-taught with a local users group to assist me here and there.

scottro
26th October 2009, 05:13 AM
Hrrm, good question. The only reason to upgrade would be security updates, and I would guess that would depend upon the risks it faces.

(I'm also not up enough on all versions to know if F9 lacks some absolutely essential update--it's possible someone who does know will see this post and comment)

Finalzone
26th October 2009, 09:29 AM
Thanks for the well read reply! So, if my 9 is only a web server, has absolutely no issues whatsoever, and runs like a Swiss Watch, would I not be best to simply leave it alone?

You can leave alone. I have seen servers that still using older Fedora release. Should you really want to upgrade from Fedora 9, I suggest to check out the document about Yum upgrade FAQ (http://fedoraproject.org/wiki/YumUpgradeFaq). Make sure you have the latest version of installed packages on Fedora 9 and always backup data.

JohnVV
26th October 2009, 08:00 PM
for a server i would NOT use fedora
seeing as fedora 9 is unsupported , think about putting CentOS 5.4 on it
cent is the free RHEL and has a very long life 5 years vs. 13 months for fedora

Simian Man
26th October 2009, 08:05 PM
If this is a high volume, high risk type of server, then I'd definitely put CentOS on it like JohnVV says. For a home server that is not going to be much of a target, I honestly wouldn't worry about it. Some of our servers are still running Fedora Core 2! And they are perfectly fine.

Panoz
27th October 2009, 01:22 PM
Redhat RPM technology for upgrade is working since Redhat Linux 2.0. I really don't know why someone would have second thoughts about upgrading a system. We are talking about what? An almost 15 years technology?!?!

I was upgrading my Redhat Linux systems and now my Fedora systems without any problem. A couple of configuration problems are usually well documented or can be easily identified.

I'd definitely use Fedora as a server no matter what its mission might be. Even for a server machine, I'd love to use the latest technology and not to use old-fashioned non-flexible solutions.

JohnVV
28th October 2009, 02:27 AM
WELL seeing as Fedora IS NOT RHEL 5.? the upgrade for the VERY,VERY,very,very stable RHEL is just fine .BUT this DOSE NOT apply to Fedora -- Fedora is an ALWAYS beta and testing distro . upgrades often fail . I ( my self) have NEVER had a "upgrade" work correctly and i know what i am doing . A fresh install on fedora is almost always a MUST for example fedora 10 used ext3 fedora 11 uses ext4 THIS REQUIRES A FULL FRESH INSTALL !!!!!! a upgrade will not do it.

Panoz
28th October 2009, 08:23 AM
I think there are already programs that convert the filesystem from ext3 to ext4. Anyway, the following steps works fine:

1. Upgrade
2. Backup your system
3. Format the partitions to ext4
4. Restore from the backup
5. WIN!

You do know that ext4 is not a requirement for F11, but just an option, right?

kennethsalerno
1st December 2009, 02:34 AM
Keeping your system up-to-date is essential for security as exploits including some root privilege escalations can be possible from kernel flaws and even some libraries you never thought of like Mozilla nspr!

The reason you want to stay up-to-date on the version of your distribution is so it is supported and actively receiving security updates. I had production Solaris webservers that were "reasonably" up to date that were broken into very easily because they had a libc exploit that allowed the attacker to execute a simple user command as the apache user (he came in by writing PHP errors containing PHP exec() statements in the error log through a URI POST, then including the error log in his next URI which read in and executed his PHP script and ultimately gave him root! ....check-mate...)

The previous posts suggesting you should use an Enterprise Operating System is just for the mere fact that they support their releases longer and continue to provide security patches for years. I would, like them, suggest you use an enterprise distribution for production, such as CentOS.

The suggestion that Debian was any easier to upgrade from previous releases to the next releases probably comes from a person that hasn't been using it very long. If you go back to releases of even the easy Ubuntu from 2005 or 2006 you will see plenty of pain getting configuration files in /etc diffed and retrofitted, updating portions of incompatible packages separately, etc. (admittedly doing the upgrade command-line) just like upgrading old Fedora releases to the next incremental release. But now, since Fedora 7, it has been a breeze, and I've gone all the way from Fedora Core 2 to Fedora 12 on one of my systems!


So, since you already have Fedora and want to upgrade it painlessly (I hate when people respond to posts suggesting you do something different rather than telling you how to do what it is you asked how to do!):


Try my scripts:

http://sourceforge.net/projects/yumupgrader/files/Release/KPSkenupdatetools-1.4-1.fc12.noarch.rpm/download

I've used this method to get an IMAP server at work from Fedora Core 2 all the way to Fedora 12 (one release at a time, and it is imperative you resolve all *.rpmnew config files! which my scripts ensure you do and helps you diff them).

steps

1) sudo rpm -ivh KPSkenupdatetools-1.4-1.fc12.noarch.rpm

2) sudo /usr/local/bin/KPSupdatefedora

3) sudo /usr/local/sbin/KPSgotonextversion 10 manual

4) sudo /sbin/grub-install /dev/sda

5) sudo reboot

6) sudo /usr/local/bin/KPSupdatefedora

7) sudo /usr/local/sbin/KPSgotonextversion 11 manual

8) sudo /sbin/grub-install /dev/sda

9) sudo reboot

10) sudo /usr/local/bin/KPSupdatefedora

11) sudo /usr/local/sbin/KPSgotonextversion 12 manual

12) sudo /sbin/grub-install /dev/sda

13) sudo reboot

14) sudo /usr/local/bin/KPSupdatefedora


done!

---------- Post added at 08:34 PM CST ---------- Previous post was at 08:17 PM CST ----------

bravo to panoz, I've run into so many old-fashioned limitations such as in EXT3's 8TB filesystem limitation in Red Hat Enterprise that is now non-existent with EXT4's almost XFS-like flexibility!

you just better stay up-to-date with your security patches (and I mean weekly!)

scottro
1st December 2009, 04:10 AM
@Kenneth, from what I've always heard, Debian worked pretty hard at making upgrades painless--the price was, (as in CentOS and friends) often being behind in packages. I've heard varying about Ubuntu--some saying upgrades are painless, but many others saying they're not not smooth at all.

Not working very much with either one, I can only repeat hearsay. As for Fedora, upgrading is getting better and better, but is still not always smooth--this is, of course, the case with almost any distribution, including, at times, those rolling releases such as Arch.

As for suggesting something different rather than telling someone how to do what they want it to do--for these forums, this is tame. You should have seen when someone asked how to do something with parental controls and got a bunch of posts with well-meaning advice about how to raise a child. The person stayed remarkably calm.

However, all kidding aside, as is mentioned in Eric Raymond's well known How to Ask Questions the Smart Way, it's sometimes useful to realize that the question you are asking isn't really the question you want to ask. Sometimes, rather than saying, how do I use A to do B, the question should be, I want to do B. I'm trying to use A to do this and having issues. Can I fix these issues or is there a better way?

I'm actually just playing Devil's Advocate here, there are many, many times when I see threads and think exactly what you have written.

kennethsalerno
1st December 2009, 05:12 AM
Thanks for the reply, Scottro, I would tend to agree with you.

In this case it just seemed that there is actually a quick answer to the question, although the Fedora Project does discourage using YUM for upgrading they do admit it works. My scripts that I have provided a link for follow their Wiki and makes a pretty good attempt at making sure the user covers all of the important checks and diffing before that very exciting "reboot" following a full RPM package upgrade.

As for Debian: I was previously a DEC Alpha OSF/1 user in college, and before that an IBM AIX Systems Administrator - today I'm a SunOS and Red Hat Enterprise Systems Administrator for online stock trading websites. I have grown to appreciate FreeBSD and OpenBSD, and my first Linux experiences were SuSE and Slackware before moving to Red Hat 6.0. I've been a Fedora fan since Fedora Core 1... but my taste is for the UNIX world for scalability and performance, but Linux 2.6 is a great kernel that beats SunOS 5.10 any day. Basically I feel that Debian fans probably would be a lot happier with FreeBSD, it has a very very nice smooth "freebsd-update" script that updates the system without the need of recompiling (OpenBSD needs this feature badly) but the port system is somewhat primitive in the sense they don't always update the compiled packages so you need to recompile the ports yourself if you want to stay up-to-date on security patches. If you're a Gentoo fan, your "emerge" is a copy of the portupdate system of Free/NetBSD. It's cool if you have oodles of time and don't care about your system security, which I have learned is just too dangerous in today's Internet world of criminals. FreeBSD would make Debian fans happy because it has great performance and has otherwise great upgrade features since 6.3 (I'm on 7.2) and out-performs most other Unix clones, but most importantly it doesn't try to do too much for you in the way of System Administration, it tends to be esoteric which I feel Debian fans like. Ubuntu of course contradicts this, so maybe I'm wrong about Debian.

Anyway, that's my two cents about me being a huge UNIX and GNU/Linux fan and being a bigger fan of Fedora than Debian-based systems.

Ken

scottro
1st December 2009, 06:05 AM
I've used Debian, but not that frequently. My old job was mostly FreeBSD, and now it's all CentOS/Fedora.

You didn't mention Arch, which you might like if you like the BSDs. Very small base installation, gives control to the user, a wiki that rivals the FreeBSD handbook, mostly binary, but you are able to use the abs (Arch Build System, I think) to do source based installs.

Unfortunately, I haven't had time to keep up with the BSDs. I remember there were binary security upgrades, thanks to Colin Percival, but I don't know if they can actually replace buildworld. (Also, I used to run CURRENT, so pkg_add -r usually gave me a reply that there was no available package. Not at work of course, there I tended to use STABLE rather than RELEASE.)

Keeping up with any system becomes time consuming. There's a lot of things I really love about the BSDs vs. Linux, but I have to admit, the source based updates could take a long time. On the machine I'm using now, they were actually pretty quick, under a half hour, (quad core, 8 GB RAM), but I found that in VirtualBox, buildworld, even if I gave the system 2 CPUs and 4 GB of RAM, took close to 3 hours. :mad:

Actually, I think I was the one who whined about the fact that the freebsd-update script only worked with RELEASE and that wasn't in the man page. I think it got fixed the next day.

Some security patches, (this was actually a couple of years ago) did require a recompile of the kernel, though most of them didn't.
Ah, those were the days.