Centos 5.3 updates safe?

J

JustinHoMi

New Member
Joined
Apr 14, 2008
Messages
20
Reaction score
0
I just got a notification from the yum daemon letting me know that there are 189 updates available. I assume this is the Centos 5.2 -> 5.3 update.

Has anyone does this yet? Any problems?

I'm running a slightly older version of PBX in a Flash... 1.1 or 1.2? I installed it last summer.

Justin
 
Hi

Unless you have something to fix, or you have overdosed on "Brave" Pills, I'd leave well alone.

Joe
 
True, but bear in mind that the system is protected by IPtables, so one hopes that the potential black hat will not get close enough to any application with a security hole in it.

Lets take the open ports in turn.

  • 22 - SSH - well tested, well used, probably very safe.
  • t*f*t*p - Should not have this open to the outside world
  • NTP, should not be open to the outside world
  • 80 - Apache well tested, debatable as to whether it should be open to the outside world.
  • SIP and IAX - Asterisk, yum update is not going to fix that.
  • 9080 and 9022 - see 22 and 80
  • 9001 Webmin - not covered by yum update.
So the only things that would be updated by yum which are exposed to the outside world are SSH and Apache and its dependencies.

The last time yum update was run from 5.1. to 5.2. PHP was upgraded and reset permissions on the php session variables, which caused a lot of people a lot of problems.

There are unforseen things that can happen with a yum update, that you are going to have to fix if things go awry, and because 5.3 is relatively new, there is going to be little information on google purtaining to your problems.

Meanwhile your users may become a little peevish if the phones are not working.

There is no pressing need to have the latest and greatest.

This is a telephone system, not an ordinary everyday file server.

Joe
 
My generalflow in regards to updates:

Is it broken?
No: keep your sticky fingers off of it
Yes: Why did you put your sticky fingers on it.
:)

Make sure whatever you do back up
 
:iagree: with James, but... I just ran yum update on a clean PIAF 1.4 install with no problems. In order to get the updates, you'll need to add enabled=1 to the [updates] section of /etc/yum.repos.d/CentOS-Base.repo. Hold off doing this unless you really, really need something in particular. We'll do some more careful testing in the coming days and report more detailed results.

P.S.

:beta1b: We hope to have a new PIAF 1.5 beta with CentOS 5.3 available by this weekend. :D Never dull in VoIPland.
 
Grrr so much for scuba diving this weekend....... I have found a few differences already. but am still testing it. I may release a beta of the iso this weekend, if I can fix a few small problems that have already cropped up, so fresh eyes can look at it.

BTW THE STATUS PROGRAM WILL NOT SHOW PIAF VERSION 1.5 BETA SO DON'T ASK!!!!

Sorry to shout but everyone seems to whine about this!


Tom

Also I would leave your existing systems alone just in case it breaks everything. Generally there is no official way to upgrade between Centos versions and the only approved way is to reinstall. Just like going between asterisk 1.4 and 1.6. If you run a yum -y update you are on your own I am afraid.
 
:lol::lol::lol:

The last time yum update was run from 5.1. to 5.2. PHP was upgraded and reset permissions on the php session variables, which caused a lot of people a lot of problems.
Click to expand...

Just the same as it was last time.

I think that line is in update-fixes ? Is this still the case?

Joe
 
yup run update-fixes and it is well. there are some other things that are more ominous however.......


tom
 
1.5 Beta Festivities

To coincide with Tom's release of the 1.5 beta, we are putting the finishing touches on a script to install most of the Orgasmatron build. For those that test the 1.5 beta for us, we'll also let you take the Orgasmatron Installer for a whirl as well.

To participate in the betas, please send us a request ASAP. Thanks in advance.
--wm
 
yum -y update worked for me. But I also ran -

After running yum -y update I rebooted. Then I recompiled zaptel and ran update-source; update-scripts; update-fixes and rebooted again.

Now I am at Centos5.3. But this system was just installed in Jan so there was not too much entropy in the system. Status now looks like this:
PBX in a Flash Version 1.2 Daemon Status
********************************************************************
* Asterisk * ONLINE * Zaptel * ONLINE * MySQL * ONLINE *
* SSH * ONLINE * Apache * ONLINE * Iptables * ONLINE *
* Fail2ban * ONLINE * IP Connect* ONLINE * Ip6tables * ONLINE *
* BlueTooth * ONLINE * Hidd * ONLINE * NTPD * ONLINE *
* Sendmail * ONLINE * Samba * OFFLINE * Webmin * ONLINE *
* Ethernet0 * ONLINE * Ethernet1 * N/A * Wlan0 * N/A *
********************************************************************
* Running Asterisk Version : Asterisk 1.4.21.2
* Asterisk Source Version : 1.4.21.2
* Zaptel Source Version : 1.4.12.1
* Libpri Source Version : 1.4.8
* Addons Source Version : 1.4.7
********************************************************************
wyz2 on 192.168.1.5 - eth0
CentOS release 5.3 (Final) :32 Bit Kernel: 2.6.18-92.1.6.el5

I'll get back to you if I find any snafus.

Cheers,
Dan
 
Anyone able to get the update to centos 5.3 to work on a Ceros II box running PAIF. We have tried several times without success. I have to capture the extact error message, but it refers to something to do with a graphic image.
 
CentOS 5.3 phpsysinfo screenshot

I've had no problems...

pbxss.jpg
 
update-source updates to 5.3 as well

I have recently installed PIAF 1.4 (first time using it), and let the "update-source" script update run all the updates, which also brings the system to CentOS 5.3. Everything is fine with it.

Since the 5.2 -> 5.3 update was done by update-source, the PBX components were downloaded and re-compiled again immediately following.

Since it's potentially a problem, my suggestion would be to restrict updates to the same version out of the box, by changing "$releasever" to "5.2" or whatever's appropriate in /etc/yum.repos.d/CentOS-Base.repo (several lines will need to be changed).

Staying with the same major/minor version will still let you get security updates, while avoiding risk of unnecessary breakage by installing other unneeded updates and other changes. Personally, I do find security updates important (though not all are necessarily applicable, and there are varying levels of importance). This being CentOS, based on RHEL, the number of updates is very moderate compared to some other, more "cutting edge" distributions.

Lastly, yes, always have current backups. For systems like this, I personally like to have a recent disk image on hand in case something really breaks (hardware failure or other). If you have that, and a periodically scheduled "regular" backup kept on another machine and/or offsite, you can be up and running pretty quickly with very minimal or no data loss at all in case disaster strikes.

Anton
 
have they fixed the manually inputting DNS server IP addresses in 5.3 guys ?

Its good that PIAF has the "netconfig" script to get around that but my ISP has 2 DNS boxes and they arent the most reliable , it would be good to get back primary and secondary DNS server IPs other than by hacking .conf files

regards

BB
 
You must log in or register to reply here.

Members online

Total: 39 (members: 2, guests: 37)

Latest Posts

Forum statistics

Threads
26,688
Messages
174,412
Members
20,257
Latest member
Dempan
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Back
Top