I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH.
I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates.
Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else.
Ideas?
On Fri, Mar 27, 2015 at 1:45 PM, Mark Haney mark.haney@vifprogram.com wrote:
I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH.
I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates.
Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else.
Ideas?
Try something like "yum info kernel". It should show the repos it is checking, the installed version and the repo it is from, plus available newer versions. If your installed version isn't from anaconda, maybe you have automatic updates enabled and there is nothing newer when you check.
Yeah, I just don't get it. I've looked at several mirrors and haven't found /any/ updates dated this month. That's really odd, I would think. I'm not talking installed updates on my system, ANY updated packages on the mirrors from 3/2015. Has anyone else updated packages this month?
Also, as an aside, what's the difference between CentOS 7 and CentOS 7.1406? And does that make a difference? I know I don't have a ton of actual packages on this machine, it doesn't really need any more than what I have on it, which is pretty minimal, but I'm worried I'm missing security updates for some reason, and I don't want to have this system vulnerable even if it isn't accessible from outside my office.
On Fri, Mar 27, 2015 at 2:52 PM, Les Mikesell lesmikesell@gmail.com wrote:
On Fri, Mar 27, 2015 at 1:45 PM, Mark Haney mark.haney@vifprogram.com wrote:
I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH.
I have noticed over the last 3 months that I've not had ANY updates when
I
run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates.
Did something change that I'm not aware of? I'm even clueless how to
being
debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else.
Ideas?
Try something like "yum info kernel". It should show the repos it is checking, the installed version and the repo it is from, plus available newer versions. If your installed version isn't from anaconda, maybe you have automatic updates enabled and there is nothing newer when you check.
-- Les Mikesell lesmikesell@gmail.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Mark Haney wrote:
I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH.
I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates.
Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora
pretty
much everywhere else.
Ideas?
There's been a bunch. Two ideas: first, are the repos enabled (check in /etc/yum.repos.d, and make sure enabled=1, and second, do you have any excludes (and wildcards count) in /etc/yum.conf?
mark
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting.
But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly.
Does that makes sense?
On Fri, Mar 27, 2015 at 2:58 PM, m.roth@5-cent.us wrote:
Mark Haney wrote:
I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH.
I have noticed over the last 3 months that I've not had ANY updates when
I
run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates.
Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora
pretty
much everywhere else.
Ideas?
There's been a bunch. Two ideas: first, are the repos enabled (check in /etc/yum.repos.d, and make sure enabled=1, and second, do you have any excludes (and wildcards count) in /etc/yum.conf?
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On 3/27/2015 12:30 PM, Mark Haney wrote:
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting.
indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20
On 3/27/2015 12:36 PM, John R Pierce wrote:
On 3/27/2015 12:30 PM, Mark Haney wrote:
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting.
indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20
oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink.
in /7.0.1406/, I'm seeing files up to Feb 22.
fyi, I'm using...
$ more ~/lftp.sh #!/bin/sh echo "=========================================================" >> $HOME/lftp.log date -R >> $HOME/lftp.log /usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net && lcd /mnt/zbig/mirror && mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos' >> $HOME/lftp.log
on a freebsd (freenas) box to do the mirror. $ lftp --version LFTP | Version 4.6.1 | Copyright (c) 1996-2014 Alexander V. Lukyanov
On Fri, Mar 27, 2015 at 12:46:20PM -0700, John R Pierce wrote:
On 3/27/2015 12:36 PM, John R Pierce wrote:
On 3/27/2015 12:30 PM, Mark Haney wrote:
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting.
indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20
oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink.
in /7.0.1406/, I'm seeing files up to Feb 22.
/7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it.
On 3/27/2015 1:27 PM, Fred Smith wrote:
oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate
directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink.
in /7.0.1406/, I'm seeing files up to Feb 22.
/7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it.
ah, then my mirroring is broken.
I'm using...
/usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net && lcd /mnt/zbig/mirror && mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos'
(mirrors.sonic.net is relatively close to $job's main internet gateway).
On Fri, Mar 27, 2015 at 3:43 PM, John R Pierce pierce@hogranch.com wrote:
On 3/27/2015 1:27 PM, Fred Smith wrote:
oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate
directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink.
in /7.0.1406/, I'm seeing files up to Feb 22.
/7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it.
ah, then my mirroring is broken.
I thought Centos repos always worked that way - mostly so the mirrors only had to hold the updates for the latest release, whatever that might be.
ah, then my mirroring is broken.
I'm using...
/usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net && lcd /mnt/zbig/mirror && mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos'
(mirrors.sonic.net is relatively close to $job's main internet gateway).
ok, I deleted all the folders that were supposed to be symlinks on my mirror, and restarted the lftp job and NOW its creating symlinks.
maybe I screwed up when I rsync'd my old solaris-based mirror to my new freenas/freebsd based mirror.
On 03/27/2015 03:27 PM, Fred Smith wrote:
On Fri, Mar 27, 2015 at 12:46:20PM -0700, John R Pierce wrote:
On 3/27/2015 12:36 PM, John R Pierce wrote:
On 3/27/2015 12:30 PM, Mark Haney wrote:
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting.
indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20
oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink.
in /7.0.1406/, I'm seeing files up to Feb 22.
/7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it.
It is indeed a symlink ... and it will indeed be shifted.
People also really should use rsync with the -H option for hardlinks as that will save much space between releases as well. (Almost all the items in the 'cr' repo, 'os' repo, and 'fasttrack' repo from the 7.0.1406 tree will make up the new os repo in the newer 7.1.1503 tree.)
If you are not using -H, you have to download each RPM more than once.
On 3/27/2015 1:56 PM, Johnny Hughes wrote:
It is indeed a symlink ... and it will indeed be shifted.
People also really should use rsync with the -H option for hardlinks as that will save much space between releases as well. (Almost all the items in the 'cr' repo, 'os' repo, and 'fasttrack' repo from the 7.0.1406 tree will make up the new os repo in the newer 7.1.1503 tree.)
If you are not using -H, you have to download each RPM more than once.
rsync from $job is incredibly slow and unreliable and frequently errored out partway through the process. I switched to lftp some time ago but just realized that it wasn't handling symlinks properly (although all indications are that it should be). A possible complication may be that I just moved my local mirror from a old Solaris 10 system to a new FreeNAS (FreeBSD) system, and am using the lftp from freeBSD 9.3 'ports', whihc is lftp version 4.6.1. The old solaris system had LFTP 4.0.10
Johnny Hughes wrote:
On 03/27/2015 03:27 PM, Fred Smith wrote:
On Fri, Mar 27, 2015 at 12:46:20PM -0700, John R Pierce wrote:
On 3/27/2015 12:36 PM, John R Pierce wrote:
On 3/27/2015 12:30 PM, Mark Haney wrote:
<snip>
oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink.
in /7.0.1406/, I'm seeing files up to Feb 22.
/7/ is a link to the latest release, which at this point in timeis 7.0.1406.Once 7.1 is released, the 7 symlink will point to it.
It is indeed a symlink ... and it will indeed be shifted.
People also really should use rsync with the -H option for hardlinks as that will save much space between releases as well. (Almost all the items in the 'cr' repo, 'os' repo, and 'fasttrack' repo from the 7.0.1406 tree will make up the new os repo in the newer 7.1.1503 tree.)
If you are not using -H, you have to download each RPM more than once.
Absolutely, what Johnny said. We *always* use hard links for our backups, which is the only way we could (most of the time) keep 5 weeks of b/u of our home and project directories.
mark
Le 27/03/2015 20:30, Mark Haney a écrit :
But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly.
I've just setup a few CentOS 7 machines, using the minimal CD. After the initial reboot, I have 78 MB worth of updates. Everything looks quite normal.
Niki
On Fri, Mar 27, 2015 at 2:30 PM, Mark Haney mark.haney@vifprogram.com wrote:
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting.
I think all of the current work is being held in the cr repo while they are scrambling to get a full 7.1 release completed.
Am 27.03.15 um 20:30 schrieb Mark Haney: ....
But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly.
Does that makes sense?
yes it does - take a look at the centos announce mailinglist and see that the last update for centos 7 was pushed out on feb 25 you might want to have a look at the archives... http://lists.centos.org/pipermail/centos-announce/ or the announcement regarding the CR repo: http://lists.centos.org/pipermail/centos-announce/2015-March/020980.html
-
Fred Smith -
John R Pierce -
Johnny Hughes -
Les Mikesell -
m.roth@5-cent.us -
Mark Haney -
Niki Kovacs -
Sebastian Schubert