Re: Upgrading to next version of Fedora
On Sat, 2008-08-02 at 14:07 -0400, Dave Feustel wrote: But a quick, simple upgrade from F9 to F0 would be really nice. From past experience, upgrades are neither quick, nor simple. They've got to work out what files need upgrading, rather than just install a preselected list of files, and that's slow in itself. Installs and upgrades have to work out dependencies, so that's slow either way (the install list hasn't pre-selected all the dependencies, nor does it bypass checking them during the install process). Then there's the manual sorting out of conflicts, afterwards. It has been quicker and simpler to just install. You can preserve prior homespace data by not re-formatting during installs. If your home is on a separate partition, this is easy. If it shares partitions with other parts of the directory tree, the easiest solution is to rm -rfd the *other* directories before installing. Backups are always advised. -- [EMAIL PROTECTED] ~]$ uname -r 2.6.25.11-97.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
On Sat, Aug 02, 2008 at 11:13:56 -0400, Dave Feustel [EMAIL PROTECTED] wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) There are several ways to do that. The two main variants are booting off an install image and doing an out of band upgrade or doing a yum upgrade. The out of band upgrade is supported and the yum upgrade isn't. yum upgrades have been getting better over time and have the advantage of being usable while your system is up. The downside is occassionally there can be things that can't handled by yum properly. (For example when I tried to do a yum upgrade from FC5 to F9 the kernels were different enough that mkinitrd wasn't loading the right modules for the updated kernel.) Start by looking at the release notes for F10. That should give you a heads up about possible issues with upgrading. However you upgrade you'll want to use yum to look for orphans afterwards. You'll also want to check all of the *.rpm* files in /etc to see if you need to make config changes. It would probably also be a good time to run rpm -Va (though that will have some noise) to make sure packages are properly installed. And another option you might not have considered is to back up your data, do a fresh install (instead of an upgrade) and then restore your data. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
On Sat, Aug 02, 2008 at 11:09:08AM -0500, Bruno Wolff III wrote: On Sat, Aug 02, 2008 at 11:13:56 -0400, Dave Feustel [EMAIL PROTECTED] wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) There are several ways to do that. The two main variants are booting off an install image and doing an out of band upgrade or doing a yum upgrade. The out of band upgrade is supported and the yum upgrade isn't. yum upgrades have been getting better over time and have the advantage of being usable while your system is up. The downside is occassionally there can be things that can't handled by yum properly. (For example when I tried to do a yum upgrade from FC5 to F9 the kernels were different enough that mkinitrd wasn't loading the right modules for the updated kernel.) Start by looking at the release notes for F10. That should give you a heads up about possible issues with upgrading. However you upgrade you'll want to use yum to look for orphans afterwards. You'll also want to check all of the *.rpm* files in /etc to see if you need to make config changes. It would probably also be a good time to run rpm -Va (though that will have some noise) to make sure packages are properly installed. And another option you might not have considered is to back up your data, do a fresh install (instead of an upgrade) and then restore your data. Thanks Very Much for the info. Actually, this last option is one I am hoping to avoid, although data backup is definitely a good thing in any case. But a quick, simple upgrade from F9 to F0 would be really nice. I've been running F9 for less than a week in parallel with OpenBSD and FreeBSD, and Fedora has already become my main system. Yum upgrades are amazingly easy so far, although I don;t yet fully understand what is going on during refresh upgrade. I'm looking forward to upgrading to KDE 4.1. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
Dave Feustel wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) Thanks. You might look into preupgrade https://fedorahosted.org/preupgrade yum install preupgrade I did my 8 to 9 upgrade on a desktop and laptop and it went very smoothly. ~~R -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
Richard England wrote: Dave Feustel wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) You might look into preupgrade But you should be aware that Preupgrade is a possible attack vector if someone is trying to sneak malware into your computer. It doesn't check the files it downloads for tampering. Yum checks all the packages it installs, and for CD images there are signed checksums so that you can verify them manually. Björn Persson signature.asc Description: This is a digitally signed message part. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
Björn Persson wrote: Richard England wrote: Dave Feustel wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) You might look into preupgrade But you should be aware that Preupgrade is a possible attack vector if someone is trying to sneak malware into your computer. It doesn't check the files it downloads for tampering. Yum checks all the packages it installs, and for CD images there are signed checksums so that you can verify them manually. Björn Persson I was under the impression that RPM was still used by Anaconda and the MD5 was still checked by RPM at installation time. Does anyone that can speak to it know what security changes are planned / will be in place for F10? -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
lördagen den 2 augusti 2008 skrev Richard England: Björn Persson wrote: Richard England wrote: Dave Feustel wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) You might look into preupgrade But you should be aware that Preupgrade is a possible attack vector if someone is trying to sneak malware into your computer. It doesn't check the files it downloads for tampering. Yum checks all the packages it installs, and for CD images there are signed checksums so that you can verify them manually. Björn Persson I was under the impression that RPM was still used by Anaconda and the MD5 was still checked by RPM at installation time. 1: It's the PGP signature that needs to be checked, not the MD5 sum. RPM can check PGP signatures but Anaconda doesn't tell RPM to do that. 2: Installation time is too late in the case of Preupgrade. The installer needs to be checked before it is booted. After the reboot you have a possibly malicious RPM running on a possibly malicious Linux, and if signatures were to be checked in that stage it would be a possibly malicious GPG checking signatures against a possibly false PGP key. Does anyone that can speak to it know what security changes are planned / will be in place for F10? There are two enhancement tickets but no target dates: https://fedorahosted.org/preupgrade/ticket/7 gpg check downloaded packages For safety's sake, we should gpgcheck the packages as we download them. That's one important step but it doesn't include the installer, which is the next ticket: https://fedorahosted.org/preupgrade/ticket/8 Checksums and file sizes for boot images If anaconda .treeinfo included file size and checksums for initrd/vmlinuz/etc, we could provide more accurate download progress, resume interrupted downloads, and be sure we have the correct files. That's not enough. Checksums don't prevent tampering. The boot images need to be signed with PGP and Preupgrade needs to check those signatures. Björn Persson signature.asc Description: This is a digitally signed message part. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Upgrading to next version of Fedora
Björn Persson wrote: lördagen den 2 augusti 2008 skrev Richard England: Björn Persson wrote: Richard England wrote: Dave Feustel wrote: What is involved in upgrading from one version of Fedora to the next? (eg from Fedora 9 to Fedora 10 when F-10 becomes available) You might look into preupgrade But you should be aware that Preupgrade is a possible attack vector if someone is trying to sneak malware into your computer. It doesn't check the files it downloads for tampering. Yum checks all the packages it installs, and for CD images there are signed checksums so that you can verify them manually. Björn Persson I was under the impression that RPM was still used by Anaconda and the MD5 was still checked by RPM at installation time. 1: It's the PGP signature that needs to be checked, not the MD5 sum. RPM can check PGP signatures but Anaconda doesn't tell RPM to do that. 2: Installation time is too late in the case of Preupgrade. The installer needs to be checked before it is booted. After the reboot you have a possibly malicious RPM running on a possibly malicious Linux, and if signatures were to be checked in that stage it would be a possibly malicious GPG checking signatures against a possibly false PGP key. Does anyone that can speak to it know what security changes are planned / will be in place for F10? There are two enhancement tickets but no target dates: https://fedorahosted.org/preupgrade/ticket/7 gpg check downloaded packages For safety's sake, we should gpgcheck the packages as we download them. That's one important step but it doesn't include the installer, which is the next ticket: https://fedorahosted.org/preupgrade/ticket/8 Checksums and file sizes for boot images If anaconda .treeinfo included file size and checksums for initrd/vmlinuz/etc, we could provide more accurate download progress, resume interrupted downloads, and be sure we have the correct files. That's not enough. Checksums don't prevent tampering. The boot images need to be signed with PGP and Preupgrade needs to check those signatures. Björn Persson Thank you, Björn. ~~R -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
