Linux Notes
Here I record lessons learned for those desperately searching with
Google
for obscure answers - as I have done on many occasions.
When upgrading systems remotely, using the install CDs is not an
option. Instead, we install locally, then backup the system and transmit
the backup to the remote site and install on a spare partition.
I just started doing this for CentOS-4.4, and there is a snag with SELinux.
It seems that SELinux adds an attribute to files that is not
transferred via rsync. I haven't checked, but I suspect tar does not
save SELinux attributes either. The result is that SELinux does not
work on the restored system, and you have to disable it.
The only SELinux aware archiver I'm aware of is star. There is a star
package for CentOS-4.4. However, you have to have an SELinux kernel
to restore the star archive.
UPDATE: If you don't have any custom security attributes, you can restore
the defaults with fixfiles. It will restore defaults for a
package to the attributes stored in RPM, or restore files globally according
to the ruleset in /etc/selinux.
While figuring out the SELinux problem, I got a scare when I happened to check
some CentOS programs against the RPMs they were installed with. The program
files were about 5K bigger! Had we been owned? Well maybe, but it turns out
that there is a prelink package which adds extra info to all programs and
shared objects in the system. The extra info is supposed to help dynamically
linked programs load faster. RPM runs prelink with the
-u (undo) option to get the file with prelinking undone, so it
can check the unprelinked file against the RPM database.
