Page 1 of 1
Migration from RHEL7 to CentOS 8
Posted: 2020/09/11 01:50:09
by afewgoodman
Hi,
I have migrate my server from RHEL7 to CentOS8 manually. by the way, when I did backup /etc/ssh and restore to CentOS8. I found owner change from ssh_key to systemd-bus-proxy.
But I would not install systemd-bus-proxy intentionally and I can not find such a unit on my /usr/lib/systemd/system.
Where can I find systemd-bus-proxy package and how can I migrate it without issue?
BR.
Re: Migration from RHEL7 to CentOS 8
Posted: 2020/09/11 06:59:30
by jlehtone
afewgoodman wrote: ↑2020/09/11 01:50:09
migrate manually ... backup and restore
I found owner change from ssh_key to systemd-bus-proxy
I take you installed CentOS 8 and then copied files?
Installation of packages does add accounts, but most of them do have dynamic uid; next available uid taken from pool.
Therefore, even order of package installations can affect the uid's.
What accounts did installed systemd* packages add?
Code: Select all
rpm -qa --scripts systemd\* | grep useradd
Your RHEL 7 had account "ssh_key" with some uid. The CentOS 8 has account "systemd-bus-proxy" with that uid.
Maintaining uid of file on restore from backup is therefore a logical error.
My CentOS 8 does not have "ssh_key" nor "systemd-bus-proxy". (There are systemd-coredump and systemd-resolve.)
Re: Migration from RHEL7 to CentOS 8
Posted: 2020/09/11 07:54:13
by afewgoodman
Hi jlehtone,
Many thanks for reply.
Yes, I installed CentOS 8.2 then copied files in /etc/ssh from RHEL7.
The below is ownership that I installed CentOS 8.2 normally. I think you can see it also your CentOS 8.2 systems.
[bchoi@localhost ssh]$ cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core)
[bchoi@localhost ssh]$ pwd
/etc/ssh
[bchoi@localhost ssh]$ ll
total 600
-rw-r--r--. 1 root root 577388 Feb 5 2020 moduli
-rw-r--r--. 1 root root 1716 Feb 5 2020 ssh_config
drwxr-xr-x. 2 root root 28 Jul 31 11:11 ssh_config.d
-rw-------. 1 root root 4425 Feb 5 2020 sshd_config
-rw-r-----. 1 root ssh_keys 492 Jul 31 11:26 ssh_host_ecdsa_key
-rw-r--r--. 1 root root 162 Jul 31 11:26 ssh_host_ecdsa_key.pub
-rw-r-----. 1 root ssh_keys 387 Jul 31 11:26 ssh_host_ed25519_key
-rw-r--r--. 1 root root 82 Jul 31 11:26 ssh_host_ed25519_key.pub
-rw-r-----. 1 root ssh_keys 2578 Jul 31 11:26 ssh_host_rsa_key
-rw-r--r--. 1 root root 554 Jul 31 11:26 ssh_host_rsa_key.pub
[bchoi@localhost ssh]$ cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core)
[bchoi@localhost ssh]$ rpm -qa --scripts systemd\* | grep useradd
getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || :
getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || :
As you explained I also can not find any such accounts on the /etc/passwd file. I don't know where ssh_keys comes from.
BR.
Re: Migration from RHEL7 to CentOS 8
Posted: 2020/09/11 08:27:08
by TrevorH
Code: Select all
[root@centos7 ~]# getent group ssh_keys
ssh_keys:x:993:
That also works in reverse so you can getent group 993 and get the same result. Try those on both systems and you should be able to see why it does it.
File ownership/group is done by numerical uid so if you have the same uid number pointing to different group names on two systems then transferring a file from one to the other and preserving ownership will show the "wrong" user.
Re: Migration from RHEL7 to CentOS 8
Posted: 2020/09/11 08:27:16
by KernelOops
Look closer, its not a user account, its actually a group account and it can be found under /etc/group.
It is not advisable to use old and possibly compromised and/or weak keys from an older server, it's a better practice to use the newly generated ones.
Re: Migration from RHEL7 to CentOS 8
Posted: 2020/09/11 08:40:50
by afewgoodman
Hi all,
Many thanks for reply.
It's a group name, I miss-understood. and RHEL7 has group name systemd-bus-proxy by default.
Sorry for my mistake.
BR.