Hi,
When I install a CentOS server/desktop/workstation, I usually start from scratch with a barebone minimal installation, then add packages as needed.
Some machines (like dedicated servers in a datacenter) come preconfigured by the hosting company, so I thought it wouldn't be a bad idea to start stripping that stuff first.
Here's a little script I wrote, which essentially strips down any CentOS-7 installation to a minimal core system:
https://github.com/kikinovak/centos/blob/master/7.x/scripts/00-elaguer-paque...
The script parses the 'minimal' package list and then just removes everything that's not on the list.
Now I tried running that on an existing CentOS-7 "Web Server" installation. I ran it, rebooted... and I got dropped to a console that suggested to run journalctl. Uh oh.
I'm currently catching up with systemd and its specificities, working through a bunch of online tutorials. But here's what I figured out so far. Before stripping down my system, I have to reduce services to a minimum. (On a Slackware system, which is what I'm using most of the time, that's where I would disable pretty much all services besides rc.syslog and rc.sshd.)
Now what would be the simple systemd equivalent of doing that? E. g. on any CentOS installation (be it graphical, "Web Server", "File Server", whatever), strip down services to the status that they're at just after installing a "Minimal Install"?
Cheers from the sunny South of France,
Niki
Le 06/05/2016 08:50, Nicolas Kovacs a écrit :
Now what would be the simple systemd equivalent of doing that? E. g. on any CentOS installation (be it graphical, "Web Server", "File Server", whatever), strip down services to the status that they're at just after installing a "Minimal Install"?
PS: I gave this a spin on two sandbox machines here. One with a full GNOME GUI installation, one with a "Web Server" profile. On both, I defined "systemctl set-default multi-user.target", then I stripped the system with my script. Upon reboot, startup hangs, and in my journal, I get a lot of "Failed to parse ACL" errors.
I don't know if it's related to this:
https://bugzilla.redhat.com/show_bug.cgi?id=1268628
From here on, I'm clueless.
Cheers,
Niki
On 05/06/2016 09:33 AM, Nicolas Kovacs wrote:
Le 06/05/2016 08:50, Nicolas Kovacs a écrit :
Now what would be the simple systemd equivalent of doing that? E. g. on any CentOS installation (be it graphical, "Web Server", "File Server", whatever), strip down services to the status that they're at just after installing a "Minimal Install"?
PS: I gave this a spin on two sandbox machines here. One with a full GNOME GUI installation, one with a "Web Server" profile. On both, I defined "systemctl set-default multi-user.target", then I stripped the system with my script. Upon reboot, startup hangs, and in my journal, I get a lot of "Failed to parse ACL" errors.
I don't know if it's related to this:
https://bugzilla.redhat.com/show_bug.cgi?id=1268628
From here on, I'm clueless.
you're probably removing too many packages, eg some key package is a dep of MINIMAL but not in MINIMAL, and "yum remove" removes it and all its dependants. Maybe add "yum install $MINIMAL" after your yum remove command. Or replace yum remove with "rpm -e" to see if and who in $SUPPRIMER has deps in MINIMAL.
Le 06/05/2016 11:13, Nicolas Thierry-Mieg a écrit :
you're probably removing too many packages, eg some key package is a dep of MINIMAL but not in MINIMAL, and "yum remove" removes it and all its dependants. Maybe add "yum install $MINIMAL" after your yum remove command. Or replace yum remove with "rpm -e" to see if and who in $SUPPRIMER has deps in MINIMAL.
I gave it another spin, this time with rpm -e $SUPPRIMER. Got no error messages, rpm -e simply wiped all non-essential packages. So I don't think the problem comes from some removed minimal package.
This time I activated startup messages. Booting gets stuck right after mounting /boot. I'll try to reproduce it, since I can't copy/paste it.
[ OK ] Mounted /boot. [ TIME ] Timed out waiting for device dev-mapper-centos_amandine\x2dhome.device. [DEPEND] Dependency failed for /home.
And then quite a few lines, and booting into emergency mode.
Any suggestions?
Niki
On 05/06/2016 06:46 AM, Nicolas Kovacs wrote:
Le 06/05/2016 11:13, Nicolas Thierry-Mieg a écrit :
you're probably removing too many packages, eg some key package is a dep of MINIMAL but not in MINIMAL, and "yum remove" removes it and all its dependants. Maybe add "yum install $MINIMAL" after your yum remove command. Or replace yum remove with "rpm -e" to see if and who in $SUPPRIMER has deps in MINIMAL.
I gave it another spin, this time with rpm -e $SUPPRIMER. Got no error messages, rpm -e simply wiped all non-essential packages. So I don't think the problem comes from some removed minimal package.
This time I activated startup messages. Booting gets stuck right after mounting /boot. I'll try to reproduce it, since I can't copy/paste it.
[ OK ] Mounted /boot. [ TIME ] Timed out waiting for device dev-mapper-centos_amandine\x2dhome.device. [DEPEND] Dependency failed for /home.
And then quite a few lines, and booting into emergency mode.
Any suggestions?
Niki
Maybe add a:
yum groupinstall core
Le 06/05/2016 13:50, Johnny Hughes a écrit :
Maybe add a:
yum groupinstall core
That did add a handful of packages indeed (as was already suggested in the previous answer), but the problem still persists.
After rebooting, the system hangs after mounting the /boot partition and then exits into emergency mode.
I'm puzzled.
On 05/06/2016 11:18 AM, Nicolas Kovacs wrote:
Le 06/05/2016 13:50, Johnny Hughes a écrit :
Maybe add a:
yum groupinstall core
That did add a handful of packages indeed (as was already suggested in the previous answer), but the problem still persists.
After rebooting, the system hangs after mounting the /boot partition and then exits into emergency mode.
I'm puzzled.
There actually are a couple more things than core in a minimal install .. here is the current minimal list:
https://git.centos.org/blob/sig-core!comps.git/220ef7b59c95531d3752d4074ce67...
some of those might not get installed every time (ie, disk encrypt may not be on non-encrypted drives, etc.)
But it is a good starting point.
Le 06/05/2016 18:31, Johnny Hughes a écrit :
There actually are a couple more things than core in a minimal install .. here is the current minimal list:
https://git.centos.org/blob/sig-core!comps.git/220ef7b59c95531d3752d4074ce67...
some of those might not get installed every time (ie, disk encrypt may not be on non-encrypted drives, etc.)
But it is a good starting point.
After some more trial and error, I managed to resolve the problem in a pragmatic way by doing the following after purging the system:
# yum groupinstall "Core" # yum groupinstall "Base"
So the missing culprit(s) must have been somewhere in the "Base" package group, or at least a dependency to one or more of its packages.
Cheers,
Niki
On 07/05/16 23:16, Nicolas Kovacs wrote:
After some more trial and error, I managed to resolve the problem in a pragmatic way by doing the following after purging the system:
# yum groupinstall "Core" # yum groupinstall "Base"
So the missing culprit(s) must have been somewhere in the "Base" package group, or at least a dependency to one or more of its packages.
Rather than remove them and add them back use yum shell to just remove the packages not in base or core:
yum shell remove * install kernel @core @base run quit
Peter
Le 07/05/2016 14:57, Peter a écrit :
Rather than remove them and add them back use yum shell to just remove the packages not in base or core:
yum shell remove * install kernel @core @base run quit
Sounds interesting. Does this work in a script?
On 08/05/16 01:53, Nicolas Kovacs wrote:
Le 07/05/2016 14:57, Peter a écrit :
Rather than remove them and add them back use yum shell to just remove the packages not in base or core:
yum shell remove * install kernel @core @base run quit
Sounds interesting. Does this work in a script?
Yes, but you need to put the yum shell commands in a separate file. See yum-shell(8) for details.
Peter
Le 07/05/2016 16:02, Peter a écrit :
Yes, but you need to put the yum shell commands in a separate file. See yum-shell(8) for details.
Actually, I just gave your suggestion a spin on a sandbox machine. Yum gets stuck in a frantic dependency resolving loop which can only be interrupted by hitting Ctrl-C.
So it looks like my solution is the better one.
:o)
Niki
Le 06/05/2016 18:31, Johnny Hughes a écrit :
There actually are a couple more things than core in a minimal install .. here is the current minimal list:
https://git.centos.org/blob/sig-core!comps.git/220ef7b59c95531d3752d4074ce67...
some of those might not get installed every time (ie, disk encrypt may not be on non-encrypted drives, etc.)
But it is a good starting point.
After some more fiddling, my problem is solved. Here's my little script:
https://github.com/kikinovak/centos/blob/master/7.x/scripts/00-elaguer-paque...
Any existing CentOS installation (GNOME, KDE, Web Server, etc.) can be stripped down to a minimal install by simply running it. I've tried this with different scenarios, and it works perfectly.
Thank you everybody for your input.
Niki
On Wed, May 11, 2016 at 09:08:03PM +0200, Nicolas Kovacs wrote:
Le 06/05/2016 18:31, Johnny Hughes a écrit :
There actually are a couple more things than core in a minimal install .. here is the current minimal list:
https://git.centos.org/blob/sig-core!comps.git/220ef7b59c95531d3752d4074ce67...
some of those might not get installed every time (ie, disk encrypt may not be on non-encrypted drives, etc.)
But it is a good starting point.
After some more fiddling, my problem is solved. Here's my little script:
https://github.com/kikinovak/centos/blob/master/7.x/scripts/00-elaguer-paque...
Any existing CentOS installation (GNOME, KDE, Web Server, etc.) can be stripped down to a minimal install by simply running it. I've tried this with different scenarios, and it works perfectly.
Thank you everybody for your input.
Niki
not that I'm wanting to strip down my C7, I'm wondering how that works if one has installed the Mate desktop from epel ?
On Wed, May 11, 2016 at 2:49 PM, Fred Smith fredex@fcshome.stoneham.ma.us wrote:
not that I'm wanting to strip down my C7, I'm wondering how that works if one has installed the Mate desktop from epel ?
You can try it with a VBox VM and share your experience just the way Nicolas has done.
-- Arun Khan
Le 11/05/2016 23:49, Fred Smith a écrit :
not that I'm wanting to strip down my C7, I'm wondering how that works if one has installed the Mate desktop from epel ?
Everything that is *not* the CentOS Minimal System will simply be removed. You'll end up with what you get when you install from the Minimal CD. MATE, Xorg, all gone.
Cheers,
Niki
Nicolas Kovacs wrote:
Le 06/05/2016 13:50, Johnny Hughes a écrit :
Maybe add a:
yum groupinstall core
That did add a handful of packages indeed (as was already suggested in the previous answer), but the problem still persists.
After rebooting, the system hangs after mounting the /boot partition and then exits into emergency mode.
I'm puzzled.
Question (if I haven't asked this before): what's in fstab, and on the kernel grub2 line? A UUID, a /dev/sdx, or LABEL=? If the latter, there's a bug in grub? the boot process, so if you have a LABEL=/root or LABEL=/boot, it will fail, 100% of the time. Removing the leading / is the workaround.
mark
On Fri, May 06, 2016 at 11:13:10AM +0200, Nicolas Thierry-Mieg wrote:
you're probably removing too many packages, eg some key package is a dep of MINIMAL but not in MINIMAL, and "yum remove" removes it and all its dependants.
Just as an example of this, and one that RH may move into an update sooner or later. Fedora 24's minimal comes with NetworkManager. I always remove it and use network. So, on Fedora 24, which is admittedly in beta, /etc/resolv.conf is now a part of NetworkManager, a symbolic link to /var/run/NetworkManager/resolv.conf. So,if one removes NetworkManager or even disables it, name resolution no longer works.
It seems to me that the easiest thing would be to quickly run a minimal install in VirtualBox, and if you remove anything, keep an eye on it, or, as was suggested, below.
Or replace yum remove with "rpm -e" to see if and who in $SUPPRIMER has deps in MINIMAL.
-
Arun Khan -
Fred Smith -
Johnny Hughes -
m.roth@5-cent.us -
Nicolas Kovacs -
Nicolas Thierry-Mieg -
Peter -
Scott Robbins