[LON-CAPA-admin] OS upgrade

Neubauer, Paul pneubauer at bsu.edu
Thu Apr 21 13:39:31 EDT 2016

Hi All,

I'm about to do an OS upgrade (to the latest CentOS version) on our LON-CAPA server. We have a single (virtual) server as both access server and library server. We do also have a test system that I have tried to keep more or less in sync with the production server, missing mostly "just" the content. I haven't upgraded the OS on a LON-CAPA system for some time and I don't seem to have my old notes, so I'm trying to get my ducks in a row beforehand. 

Both the "Operating System Upgrade" page http://www.lon-capa.org/fedoracoreupdate.html and the "Hardware Upgrade" page http://www.lon-capa.org/hardwareupgrade.html that it refers you to are pretty vague with respect to what needs to be saved from the old system, so I want to post what I expect to do here and see if anyone has suggestions for either things that I should be doing that I'm not or things that I plan to do but should not.

I plan to do an upgrade on our test server first and then do the same thing to production. 

	all of the /home filesystem
	/etc/passwd	(so that not only passwords, but file ownerships will remain with the proper users and groups)
	/etc/group  (same reasoning)
	everything in /root/.ssh/ (so I can log in with my ssh key)
	our ssl cert(s) from /etc/pki/tls
	What about /etc/httpd/conf/httpd.conf and the files from /etc/httpd/conf.d, particularly ssl.conf and shib.conf?
	our shibboleth certs and metadata: 
		(or should I save more or even all of /etc/shibboleth?)
	local modifications to iptables /etc/sysconfig/iptables (e.g., so the backup server can connect :-) )
	ssh host keys from /etc/ssh/

I'm guessing I don't want /etc/yum.repos.d/security:shibboleth.repo since that refers to CentOS-6. Does LON-CAPA install a version-specific security:shibboleth.repo file or should I plan on recreating that manually?

Then follow the steps from the "CentOS Linux 7 Install" page http://install.lon-capa.org/centos7_install.html restoring the saved files between steps 3 and 4 so that all the user and group id's will be the proper ids to maintain file ownership.

Does anyone see anything I've missed? 


More information about the LON-CAPA-admin mailing list