I ran "sudo yum -y update" on a shared server (centos 6.5) without understanding it would update sw and not only indexes. I was told the update command failed because of outdated repository mirrors. The link below has the command output and I want to confirm that no updates happened and the updates will not happen if the server is rebooted, right? Thanks!
Here is a copy of the terminal output: https://pastebin.com/v92YUJbT (text file was too big for attachment in this forum).
Confirming no harm done
-
- Posts: 3
- Joined: 2020/02/06 17:46:11
Confirming no harm done
Last edited by compneurodev on 2020/02/07 01:12:13, edited 1 time in total.
Re: Confirming no harm done
Your text file failed to post but by the sounds of it, unfortunately, it sounds as though it did not work. You really do need to update that box and sooner rather than later. CentOS 6.5 is from late 2013 so is now 7 whole years out of date. In that time there have been more security vulnerabilities than I can count that were judged to be so important that they deserved their own name and website. Your current server can be trivially compromised by anyone that cares to try. So you do indeed absolutely need to get yum update to work so I would suggest running yum clean all first to clean out all the old stale metadata and then the update should work.
The only supported version of CentOS 6 is the current one: 6.10. And even that only has until the end of November before it goes out of support entirely. You also need to start planning to migrate to something newer and with more support life left. CentOS 7 goes EOL in 2024, CentOS 8 in 2029.
The only supported version of CentOS 6 is the current one: 6.10. And even that only has until the end of November before it goes out of support entirely. You also need to start planning to migrate to something newer and with more support life left. CentOS 7 goes EOL in 2024, CentOS 8 in 2029.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 3
- Joined: 2020/02/06 17:46:11
Re: Confirming no harm done
@TrevorH Thanks for the feedback. I have copied the output into a pastebin link I now have in the original post. If you or anyone else gets a chance can you please look at the output records to confirm no update occurred and none are scheduled to? I will certainly think through what you recommended about any potential future update @TrevorH, thanks for the advice.
-
- Posts: 519
- Joined: 2012/06/26 14:20:47
Re: Confirming no harm done
No updates happened. As Trevor says you MUST update the server before it's compromised, if it hasn't already been.
Re: Confirming no harm done
It sort of helps if you share the pastebin link. If using the CentOS paste.centos.org, you also need to be aware that posts have a lifetime of 24 hours (or less if you select less) so you need to paste it then share the url as quickly as possible,
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 3
- Joined: 2020/02/06 17:46:11
Re: Confirming no harm done
@stevemowbray thanks! @TrevorH Here is the link: https://pastebin.com/v92YUJbT . I had posted it in an edit of the original message but I could have also posted it in the replay message. Apologies for the confusion and thanks again for the advice and help!
Re: Confirming no harm done
This error is a symptom of your system being so out of date. The EPEL repo uses an SSL setup that is not suported by such an old CentOS 6 so you will need to disable EPEL (yum --disablerepo=epel\* on each command until it's fixed) to get the update to proceed.Could not get metalink https://mirrors.fedoraproject.org/metal ... rch=x86_64 error was 14: problem making ssl connection
If your update fails when using --disablerepo-epel\* then you may need to update in several runs. I'd start with something like yum --disablerepo=epel\* update glibc\* yum\* rpm\* openssl\* which should update the components required to allow it to talk a more modern SSL. This command will almost certainly offer to update more than just those packages since many others will be dependent on the newer versions of those and will need to update at the same time.
Since your system is so backlevel, I would really recommend that you read all the release notes for all intervening versions between your current one and 6.10. There are release notes for both CentOS and for RHEL and you should read both. In addition, you should make sure that your backups are up to date and are verified to work. Updating from such an old version is not done often (if at all) so there may be things that are lurking that are not currently known.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke