FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-02-2008, 03:13 PM
Dave Feustel
 
Default Upgrading to next version of Fedora

What is involved in upgrading from one version of Fedora to the next?
(eg from Fedora 9 to Fedora 10 when F-10 becomes available)

Thanks.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-02-2008, 04:09 PM
Bruno Wolff III
 
Default Upgrading to next version of Fedora

On Sat, Aug 02, 2008 at 11:13:56 -0400,
Dave Feustel <dfeustel@mindspring.com> wrote:
> What is involved in upgrading from one version of Fedora to the next?
> (eg from Fedora 9 to Fedora 10 when F-10 becomes available)

There are several ways to do that. The two main variants are booting off an
install image and doing an out of band upgrade or doing a yum upgrade.
The out of band upgrade is supported and the yum upgrade isn't. yum upgrades
have been getting better over time and have the advantage of being usable
while your system is up. The downside is occassionally there can be things
that can't handled by yum properly. (For example when I tried to do a yum
upgrade from FC5 to F9 the kernels were different enough that mkinitrd
wasn't loading the right modules for the updated kernel.)

Start by looking at the release notes for F10. That should give you a heads
up about possible issues with upgrading.

However you upgrade you'll want to use yum to look for orphans afterwards.
You'll also want to check all of the *.rpm* files in /etc to see if you
need to make config changes.

It would probably also be a good time to run rpm -Va (though that will have
some noise) to make sure packages are properly installed.

And another option you might not have considered is to back up your data,
do a fresh install (instead of an upgrade) and then restore your data.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-02-2008, 06:07 PM
Dave Feustel
 
Default Upgrading to next version of Fedora

On Sat, Aug 02, 2008 at 11:09:08AM -0500, Bruno Wolff III wrote:
> On Sat, Aug 02, 2008 at 11:13:56 -0400,
> Dave Feustel <dfeustel@mindspring.com> wrote:
> > What is involved in upgrading from one version of Fedora to the next?
> > (eg from Fedora 9 to Fedora 10 when F-10 becomes available)
>
> There are several ways to do that. The two main variants are booting off an
> install image and doing an out of band upgrade or doing a yum upgrade.
> The out of band upgrade is supported and the yum upgrade isn't. yum upgrades
> have been getting better over time and have the advantage of being usable
> while your system is up. The downside is occassionally there can be things
> that can't handled by yum properly. (For example when I tried to do a yum
> upgrade from FC5 to F9 the kernels were different enough that mkinitrd
> wasn't loading the right modules for the updated kernel.)
>
> Start by looking at the release notes for F10. That should give you a heads
> up about possible issues with upgrading.
>
> However you upgrade you'll want to use yum to look for orphans afterwards.
> You'll also want to check all of the *.rpm* files in /etc to see if you
> need to make config changes.
>
> It would probably also be a good time to run rpm -Va (though that will have
> some noise) to make sure packages are properly installed.
>
> And another option you might not have considered is to back up your data,
> do a fresh install (instead of an upgrade) and then restore your data.

Thanks Very Much for the info.

Actually, this last option is one I am hoping to avoid, although data
backup is definitely a good thing in any case. But a quick, simple
upgrade from F9 to F0 would be really nice. I've been running F9 for
less than a week in parallel with OpenBSD and FreeBSD, and Fedora has
already become my main system. Yum upgrades are amazingly easy so far,
although I don;t yet fully understand what is going on during refresh &
upgrade. I'm looking forward to upgrading to KDE 4.1.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-02-2008, 06:09 PM
Richard England
 
Default Upgrading to next version of Fedora

Dave Feustel wrote:

What is involved in upgrading from one version of Fedora to the next?
(eg from Fedora 9 to Fedora 10 when F-10 becomes available)

Thanks.


You might look into preupgrade


https://fedorahosted.org/preupgrade

yum install preupgrade

I did my 8 to 9 upgrade on a desktop and laptop and it went very smoothly.

~~R

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-02-2008, 06:37 PM
Björn Persson
 
Default Upgrading to next version of Fedora

Richard England wrote:
> Dave Feustel wrote:
> > What is involved in upgrading from one version of Fedora to the next?
> > (eg from Fedora 9 to Fedora 10 when F-10 becomes available)
>
> You might look into preupgrade

But you should be aware that Preupgrade is a possible attack vector if someone
is trying to sneak malware into your computer. It doesn't check the files it
downloads for tampering.

Yum checks all the packages it installs, and for CD images there are signed
checksums so that you can verify them manually.

Björn Persson
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-02-2008, 09:01 PM
Richard England
 
Default Upgrading to next version of Fedora

Björn Persson wrote:

Richard England wrote:


Dave Feustel wrote:


What is involved in upgrading from one version of Fedora to the next?
(eg from Fedora 9 to Fedora 10 when F-10 becomes available)


You might look into preupgrade



But you should be aware that Preupgrade is a possible attack vector if someone
is trying to sneak malware into your computer. It doesn't check the files it
downloads for tampering.


Yum checks all the packages it installs, and for CD images there are signed
checksums so that you can verify them manually.


Björn Persson

I was under the impression that RPM was still used by Anaconda and the
MD5 was still checked by RPM at installation time.


Does anyone that can speak to it know what security changes are planned
/ will be in place for F10?


--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-02-2008, 10:34 PM
Björn Persson
 
Default Upgrading to next version of Fedora

lördagen den 2 augusti 2008 skrev Richard England:
> Björn Persson wrote:
> > Richard England wrote:
> >> Dave Feustel wrote:
> >>> What is involved in upgrading from one version of Fedora to the next?
> >>> (eg from Fedora 9 to Fedora 10 when F-10 becomes available)
> >>
> >> You might look into preupgrade
> >
> > But you should be aware that Preupgrade is a possible attack vector if
> > someone is trying to sneak malware into your computer. It doesn't check
> > the files it downloads for tampering.
> >
> > Yum checks all the packages it installs, and for CD images there are
> > signed checksums so that you can verify them manually.
> >
> > Björn Persson
>
> I was under the impression that RPM was still used by Anaconda and the
> MD5 was still checked by RPM at installation time.

1: It's the PGP signature that needs to be checked, not the MD5 sum. RPM can
check PGP signatures but Anaconda doesn't tell RPM to do that.

2: Installation time is too late in the case of Preupgrade. The installer
needs to be checked before it is booted. After the reboot you have a possibly
malicious RPM running on a possibly malicious Linux, and if signatures were
to be checked in that stage it would be a possibly malicious GPG checking
signatures against a possibly false PGP key.

> Does anyone that can speak to it know what security changes are planned
> / will be in place for F10?

There are two enhancement tickets but no target dates:

https://fedorahosted.org/preupgrade/ticket/7
"gpg check downloaded packages"
"For safety's sake, we should gpgcheck the packages as we download them."

That's one important step but it doesn't include the installer, which is the
next ticket:

https://fedorahosted.org/preupgrade/ticket/8
"Checksums and file sizes for boot images"
"If anaconda .treeinfo included file size and checksums for
initrd/vmlinuz/etc, we could provide more accurate download progress, resume
interrupted downloads, and be sure we have the correct files."

That's not enough. Checksums don't prevent tampering. The boot images need to
be signed with PGP and Preupgrade needs to check those signatures.

Björn Persson
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-03-2008, 05:18 AM
Richard England
 
Default Upgrading to next version of Fedora

Björn Persson wrote:

lördagen den 2 augusti 2008 skrev Richard England:


Björn Persson wrote:


Richard England wrote:


Dave Feustel wrote:


What is involved in upgrading from one version of Fedora to the next?
(eg from Fedora 9 to Fedora 10 when F-10 becomes available)


You might look into preupgrade


But you should be aware that Preupgrade is a possible attack vector if
someone is trying to sneak malware into your computer. It doesn't check
the files it downloads for tampering.

Yum checks all the packages it installs, and for CD images there are
signed checksums so that you can verify them manually.

Björn Persson


I was under the impression that RPM was still used by Anaconda and the
MD5 was still checked by RPM at installation time.



1: It's the PGP signature that needs to be checked, not the MD5 sum. RPM can
check PGP signatures but Anaconda doesn't tell RPM to do that.


2: Installation time is too late in the case of Preupgrade. The installer
needs to be checked before it is booted. After the reboot you have a possibly
malicious RPM running on a possibly malicious Linux, and if signatures were
to be checked in that stage it would be a possibly malicious GPG checking
signatures against a possibly false PGP key.




Does anyone that can speak to it know what security changes are planned
/ will be in place for F10?



There are two enhancement tickets but no target dates:

https://fedorahosted.org/preupgrade/ticket/7
"gpg check downloaded packages"
"For safety's sake, we should gpgcheck the packages as we download them."

That's one important step but it doesn't include the installer, which is the
next ticket:


https://fedorahosted.org/preupgrade/ticket/8
"Checksums and file sizes for boot images"
"If anaconda .treeinfo included file size and checksums for
initrd/vmlinuz/etc, we could provide more accurate download progress, resume
interrupted downloads, and be sure we have the correct files."


That's not enough. Checksums don't prevent tampering. The boot images need to
be signed with PGP and Preupgrade needs to check those signatures.


Björn Persson


Thank you, Björn.

~~R

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-03-2008, 09:13 AM
Tim
 
Default Upgrading to next version of Fedora

On Sat, 2008-08-02 at 14:07 -0400, Dave Feustel wrote:
> But a quick, simple upgrade from F9 to F0 would be really nice.

>From past experience, upgrades are neither quick, nor simple. They've
got to work out what files need upgrading, rather than just install a
preselected list of files, and that's slow in itself. Installs and
upgrades have to work out dependencies, so that's slow either way (the
install list hasn't pre-selected all the dependencies, nor does it
bypass checking them during the install process). Then there's the
manual sorting out of conflicts, afterwards.

It has been quicker and simpler to just install. You can preserve prior
homespace data by not re-formatting during installs. If your home is on
a separate partition, this is easy. If it shares partitions with other
parts of the directory tree, the easiest solution is to rm -rfd the
*other* directories before installing.

Backups are always advised.

--
[tim@localhost ~]$ uname -r
2.6.25.11-97.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 10:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org