Missing the CentOS Stream 9 CRB repository – nothing provides python3-pyxattr needed by

CentOS Stream 9 CRB repository is the name of the repository, which replaces the old CentOS Stream 8 PowerTools repository.

main menu
enable CRB
The CRB is an official repository, which stands for CodeReady Linux Builder repository. It includes multiple important packages mainly for developer packages (those with “-devel” in the name). The CRB packages may be found here: https://mirror.stream.centos.org/9-stream/CRB/x86_64/os/Packages/.
When installing packages from community official or other repositories they may depend on packages in CRB repositories, but because it is not enabled by default, there will be a nasty error of broken dependencies like:

Error: 
 Problem: cannot install the best candidate for the job
  - nothing provides python3-pyxattr needed by glusterfs-server-11.0-2.el9s.x86_64 from centos-gluster11-test
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)

The package glusterfs-server-11.0-2.el9s.x86_64 needs the package python3-pyxattr, which cannot be found in all the enabled repositories on the system, so it appears the system is broken.

So the python3-pyxattr is part of the CRB repository so just enabling it will solve the problem:

[root@srv ~]# dnf config-manager --set-enabled crb
[root@srv ~]# dnf install -y glusterfs-server
CentOS Stream 9 - BaseOS                                                                 198 kB/s | 9.5 kB     00:00    
CentOS Stream 9 - AppStream                                                               26 kB/s |  10 kB     00:00    
CentOS Stream 9 - CRB                                                                    8.0 MB/s | 5.4 MB     00:00    
Dependencies resolved.
=========================================================================================================================
 Package                                Architecture    Version                     Repository                      Size
=========================================================================================================================
Installing:
 glusterfs-server                       x86_64          11.0-2.el9s                 centos-gluster11-test          1.2 M
Installing dependencies:
 attr                                   x86_64          2.5.1-3.el9                 baseos                          61 k
 device-mapper-event                    x86_64          9:1.02.195-1.el9            baseos                          33 k
 device-mapper-event-libs               x86_64          9:1.02.195-1.el9            baseos                          32 k
 device-mapper-persistent-data          x86_64          0.9.0-13.el9                baseos                         782 k
 glusterfs-cli                          x86_64          11.0-2.el9s                 centos-gluster11-test          185 k
 glusterfs-client-xlators               x86_64          11.0-2.el9s                 centos-gluster11-test          785 k
 glusterfs-fuse                         x86_64          11.0-2.el9s                 centos-gluster11-test          136 k
 glusterfs-selinux                      noarch          2.0.1-1.el9s                centos-gluster11                29 k
 libaio                                 x86_64          0.3.111-13.el9              baseos                          24 k
 libgfapi0                              x86_64          11.0-2.el9s                 centos-gluster11-test           95 k
 libgfchangelog0                        x86_64          11.0-2.el9s                 centos-gluster11-test           34 k
 lvm2                                   x86_64          9:2.03.21-1.el9             baseos                         1.5 M
 lvm2-libs                              x86_64          9:2.03.21-1.el9             baseos                         1.0 M
 python3-pyxattr                        x86_64          0.7.2-4.el9                 crb                             35 k
 rpcbind                                x86_64          1.2.6-5.el9                 baseos                          58 k

Transaction Summary
=========================================================================================================================
Install  16 Packages

Total download size: 6.0 M
.....
.....
  python3-pyxattr-0.7.2-4.el9.x86_64                         rpcbind-1.2.6-5.el9.x86_64                                 

Complete!

Listing packages of the CRB repository is simple enough.

[root@srv ~]# dnf repository-packages crb list
Last metadata expiration check: 1:26:16 ago on Mon 19 Jun 2023 12:50:59 PM UTC.
Installed Packages
python3-pyxattr.x86_64                       0.7.2-4.el9                        @crb
Available Packages
CUnit-devel.i686                             2.1.3-25.el9                       crb 
CUnit-devel.x86_64                           2.1.3-25.el9                       crb 
Judy-devel.i686                              1.0.5-28.el9                       crb 
Judy-devel.x86_64                            1.0.5-28.el9                       crb 
LibRaw-devel.i686                            0.20.2-6.el9                       crb 
LibRaw-devel.x86_64                          0.20.2-6.el9                       crb 
.....
.....

Apparently, CentOS Stream 9 installation should include EPEL and CRB repositories in addition to the base ones.
Almost half of the files are developments files (i.e. “-devel”) packages and others are additional libraries, mainly Python 3 and Perl modules, OpenJDK 17, 11, 1.8.0 slow debug and fast debug, and more.

Install CentOS Stream 9 booting VNC installer with kexec

Lately, dedicated servers come with Remote management consoles like IPMI KVM or iLO, or DRAC, but they are still slow to initiate the process of installing a system.

main menu
kexec execute

Consider a server (dedicated or not) should be installed in a remote colocation with the help of only the server’s network. The system administrator just receives an administrative shell access and nothing more and the server should be installed with the proper and secured software, in this case, the CentOS Stream 9. Using kexec the user can boot a new kernel from a different Linux Distribution and initiate automated network installation of the system and it is not needed any Remote management consoles. The only thing needed is the ability of the current system/kernel to be able to use kexec, which is pretty standard for 8 to 10 years old Linux systems. There is a good chance the colocations’ rescue CD/DVD/USB flash drives or the PXE rescue images support kexec, because they tend to upgrade their rescue systems, which the user may boot if he has problems.
Still, using kexec to initiate another kernel or Linux Distribution like CentOS Stream 9 with VNC installer, for example, it a powerful tool to safely replace a currently running system with only shell access.
This article has chosen to start the CentOS Stream 9 VNC installer just for demonstration purposes. Booting a downloaded kernel may be used for just anything from booting a system over the network, booting an installer, booting an unattended automation installation, and so on. There are a couple of simple things to check before booting the new kernel.
This article will show just one use case – reinstalling a system with CentOS Stream 9 over the network using the CentOS VNC Install. The purpose is to show how simple, fast, and easy is to install a modern Linux system only by having console access. No scripts are required if manual installation is performed.
To boot a CentOS Stream 9 VNC Installer the kexec command needs the following options.

The kexec commands need the following options:

  • Networkingdevice interface name, IP, netmask, gateway and DNS servers
  • Kernel options – these options will initiate scripts from the initramfs.
  • inst.vnc – a kernel option, which will start a VNC server with no password on the default port and network device. Using it with another inst.vncpassword=[PASSWORD] the VNC server will require the password – [PASSWORD]. The password should be a maximum of 8 characters because the VNC server will not start if it is with more!
  • inst.repo=[HTTP/HTTPS://repository] – a kernel option, which sets the CentOS HTTP/HTTPS repository.

The kexec command to boot the CentOS Stream 9 VNC Installer is:

kexec --initrd=./initrd.img -l ./vmlinuz --command-line="bootdev=eno1 ip=10.10.10.20::10.10.10.1:24:srv.example.com:eno1:none nameserver=8.8.8.8 inst.vnc inst.vncpassword=cha3hae4ahZaqueev1ee inst.repo=https://mirror.stream.centos.org/9-stream/BaseOS/x86_64/os/"

The kernel (i.e. vmlinuz) and the initramfs (i.e. initrd.img) should be downloaded in the current directory before executing the above command. The above line will order the kernel to load the new kernel, but to boot it another command must be executed:

kexec -e

Keep on reading!

Moving existing Elasticsearch and Kibana installation from CentOS 7 to CentOS Stream 9

main menu
install Elasticsearch and Kibana

Despite having only two additional installed software under CentOS 7 it is not a good idea to just try upgrading only CentOS 7 to CentOS Stream 9. There is no clear and supported path for upgrading from CentOS 7 to CentOS Stream 9 and even to the older one CentOS 8 (or CentOS Stream 8). The best way is to just make a clean install of CentOS Stream 9 and copy all the Elasticsearch and Kibana files and this article is how to do it without problems.
Here is the plan to move the existing installation of Elasticsearch and Kibana services from CentOS 7 to CentOS Stream 9:

  1. Make a clean install of CentOS Stream 9
  2. Update the current Elasticsearch and Kibana installations to their last versions (from their branch or minor versions).
  3. Add Elasticsearch and Kibana repositories to the new system. Tune the system crypto policies.
  4. Install Elasticsearch and Kibana software packages, but do not start the services.
  5. Copy Elasticsearch and Kibana important files such as the index directory and the configuration directories. Check the user and group IDs of the files.
  6. Start the Elasticsearch and Kibana services.

In this example, the installation of the new server is just starting a new LXC container, which will host the Elasticsearch and Kibana services. There is no difference between using a container or a physical machine. With LXC container it is easier to copy the needed files such as the Elasticsearch index files, which may be tens of terabytes or more, and various configuration files.

STEP 1) Make a clean install of CentOS Stream 9

Check out the following article on the purpose – Network installation of CentOS Stream 9 (20220606.0) – minimal server installation or if LXC container is preferred – Run LXC CentOS Stream 9 container with bridged network under CentOS Stream 9.

Creating a LXC container of CentOS Stream 9 is really simple and fast:

[root@srv ~]# lxc-create --template download -n kibana.u1x2.com -- --dist centos --release 9-Stream --arch amd64
The cached copy has expired, re-downloading...
Downloading the image index
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs

---
You just created a Centos 9-Stream x86_64 (20230511_19:27) container.

Then tune the network following the above article. It is a good idea when configuring the network to preserve the original UUIDs and network addresses (MAC address, too) of the LXC containers network and the inner container’s interface.
So copy the UUID from /var/lib/lxc/loganalyzer-old/rootfs/etc/sysconfig/network-scripts/ifcfg-eth0 to the CentOS Stream 9 network configuration – /var/lib/lxc/loganalyzer/rootfs/etc/NetworkManager/system-connections/ethernet-eth0.nmconnection, which uses NetworkManager. And the LXC container’s MAC address: the variable lxc.net.0.hwaddr from /var/lib/lxc/loganalyzer/config to /var/lib/lxc/loganalyzer/config.
The last step is to run the newly installed system. No errors in the output signals for a successful start-up of the LXC container with the name loganalyzer.

[root@srv ~]# lxc-start -n loganalyzer
[root@srv ~]# 

STEP 2) Upgrade the current Elasticsearch and Kibana installations to their last versions (from their branch or minor versions).

For example, if the current Elasticsearch is version 7. It is good to upgrade it to the latest version from 7.x before proceeding with the next steps.
The current installed versions of Elasticsearch and Kibana software are from the branch 77.17.4-1 and the latest version is 7.17.10-1.
Check in the old system with (CentOS 7):

[root@loganalyzer-old ~]# yum list installed|egrep -e "(elasticsearch|kibana)"
elasticsearch.x86_64               7.17.4-1                               @elasticsearch
kibana.x86_64                      7.17.4-1                               @elasticsearch

Keep on reading!

List all rules and IPs when using firewalld under CentOS

CentOS 7, CentOS 8, CentOS Stream 8, CentOS Stream 9 use firewalld service for the firewall of the machine. Firewalld service is easily controlled by the command-line tool firewall-cmd, which has a relatively simple syntax. It imposes an abstraction layer over the much more complex Linux kernels backends like iptables, ip6tables, arptables, ebtables, ipsetand, and nftables. The Firewalld organizes the firewall rules with the help of policies and zones, but there is a catch – it is not possible to list all the firewall rules to check whether an IP, network, or ethernet interface takes part in some rule or policy.

main menu
nft list ruleset

Yes, it is possible to list all rules of a firewalld zone (firewall-cmd –list-all), but what if there are multiple zones? First, get all the zone names and then enumerate all the zones with a list command to check for an IP. It is not practical and fast.
There is the other trick, searching through the Firewalld configuration files in the directory /etc/firewalld/, which saves all the permanent rules. But what if there are temporary rules, which are not saved in the configuration?
From CentOS 8.2 (RHEL 8.2) firewalld backend defaults to nftables instead of “iptables”. By using the nftables tools we can list all the rules applied in text or JSON format. It is like a snapshot of all the running rules applied by the Linux kernel firewall infrastructure no matter in which zone and policy. There is no such command with the firewall-cmd tool.

CentOS 8.2 (RHEL 8.2) and above including CentOS Stream 9

There is an export command using the nfs command line tool.

nft list ruleset

Keep on reading!

Monitor and analyze with Grafana, influxdb 1.8 and collectd under CentOS Stream 9

This article describes how to build a modern analytic and monitoring solutions for system and application performance metrics. A solution, which may host all the server’s metrics and a sophisticated application, allows easy analyses of the data and powerful graphs to visualize the data.
A brief introduction to the main three software used to build the proposed solution:

  1. Grafana – an analytics and a web visualization tool. It supports dashboards, charts, graphs, alerts, and many more.
  2. influxdb – a time series database. Bleeding fast reads and writes and optimized for time.
  3. collectd – a data collection daemon, which obtain metrics from the host it is started and sends the metrics to the database (i.e. influxdb). It has around 170 plugins to collect metrics.

What is the task of each tool:

  1. collectd – gathers metrics and statistics using its plugins every 10 seconds on the host it runs and then sends the data over UDP to the influxdb using a simple text-based protocol.
  2. influxdb – listens on an open UDP port for data coming from multiple collectd instances installed on many different devices. In this case, a Linux server running CentOS Stream 9.
  3. Grafana – an analytics and a web visualization tool. A web application, which connects to the InfluxDB and visualizes the time series metrics in graphs organized in dashboards. Graphs for CPU, memory, network, storage usage, and many more.
  4. nginx to enable SSL and proxy in front of the Grafana.

The whole solution uses the CentOS Stream 9 Linux distro. Installing the CentOS Stream 9 is a mandatory step to proceed further with this article – Network installation of CentOS Stream 9 (20220606.0) – minimal server installation
The UDP influxdb port should be open per IP basis and web port of the web server (nginx) is up to the purpose of the solution – it can be behind a VPN or openly accessible by Internet.

STEP 1) Install additional repositories for Grafana, influxdb and collectd.

Install CentOS official EPEL and OpsTools repositories. EPEL provides additional packages to the base CentOS packages and OpsTools provides collectd and more collectd plugins than the ones included in the built-in repositories.

dnf install -y epel-release centos-release-opstools

Add the InfluxDB repository by creating a file in /etc/yum.repos.d/influxdb.repo

[influxdb]
name = InfluxDB Repository - RHEL $releasever
baseurl = https://repos.influxdata.com/centos/$releasever/$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdb.key

Finally, add the Grafana repository in file /etc/yum.repos.d/grafana.repo

[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt

Keep on reading!

DNF install and conflicting requests – nothing provides module(platform:el8) needed by module

Here there are broken modules in the DNF package manager. It was a result of an upgrade, but it may occur if some unofficial repositories mess up with them:
On every DNF command, there are multiple problem-reporting lines about conflicts in different DNF modules.

[root@srv ~]# dnf info epel-release
Last metadata expiration check: 0:13:42 ago on Tue Oct 11 13:11:51 2022.
Modular dependency problems:

 Problem 1: conflicting requests
  - nothing provides module(platform:el8) needed by module httpd:2.4:8050020211112043353:b4937e53.x86_64
 Problem 2: conflicting requests
  - nothing provides module(platform:el8) needed by module nginx:1.14:8000020191007205758:55190bc5.x86_64
 Problem 3: conflicting requests
  - nothing provides module(platform:el8) needed by module nodejs:10:8030020210304194401:30b713e6.x86_64
 Problem 4: conflicting requests
  - nothing provides module(platform:el8) needed by module perl:5.26:8000020190628020724:55190bc5.x86_64
 Problem 5: conflicting requests
  - nothing provides module(platform:el8) needed by module perl-IO-Socket-SSL:2.066:8030020201222215140:1e4bbb35.x86_64
 Problem 6: conflicting requests
  - nothing provides module(platform:el8) needed by module perl-libwww-perl:6.34:8030020201223164340:b967a9a2.x86_64
 Problem 7: conflicting requests
  - nothing provides module(platform:el8) needed by module php:7.2:8020020200507003613:2c7ca891.x86_64
 Problem 8: conflicting requests
  - nothing provides module(platform:el8) needed by module satellite-5-client:1.0:8010020191114035551:cdc1202b.x86_64
 Problem 9: conflicting requests
  - nothing provides module(platform:el8) needed by module virt:rhel:8050020211221192853:b4937e53.x86_64
Installed Packages
Name         : epel-release
Version      : 9
Release      : 4.el9
Architecture : noarch
Size         : 25 k
Source       : epel-release-9-4.el9.src.rpm
Repository   : @System
From repo    : epel
Summary      : Extra Packages for Enterprise Linux repository configuration
URL          : http://download.fedoraproject.org/pub/epel
License      : GPLv2
Description  : This package contains the Extra Packages for Enterprise Linux (EPEL) repository
             : GPG key as well as configuration for yum.

The DNF package manager offers modules to group software. Each module may have one or multiple streams, representing the major version of the software it groups in a single entity. As can be seen above from the DNF output, the module name is httpd and the stream is 2.4. It is clear the module httpd is responsible for the installation of Apache Web server. More on the subject here – https://docs.fedoraproject.org/en-US/modularity/using-modules/

To fix the problems above and clear the errors just reset the modules to their initial default state with:

dnf module reset httpd

Keep on reading!

How To Install Linux, Apache, MySQL (MariaDB), PHP-FPM (LAMP) Stack on CentOS Stream 9

main menu
PHP Version 8.0.20

This article describes how to install a Web server with application back-end PHP and database back-end MySQL using MariaDB. In continuing the same topic, but with different software from the previous article – How To Install Linux, Nginx, MySQL (MariaDB), PHP-FPM (LEMP) Stack on CentOS Stream 9, where the Web server is Nginx with application back-end PHP-FPM, which is a sort of CGI (FastCGI). In this article, the Web server is Apache and the application is again PHP-FPM, because since the CentOS 8 the Apache mod_php is deprecated.
All the software installed throughout this article is from the CentOS Stream 9 official repositories including the EPEL repository. The machine is installed with a minimal installation of CentOS Stream 9 and there is a how-to here – Network installation of CentOS Stream 9 (20220606.0) – minimal server installation.
Here are the steps to perform:

  1. Install, configure and start the database MariaDB.
  2. Install, configure and start the PHP-FPM and PHP cli.
  3. Install, configure and start the Web server Apache 2.x.
  4. Configure the system – firewall and SELinux.
  5. Test the installation with a phpMyAdmin installation.
  6. Bonus – Apache HTTPS with SSL certificate – self-signed and letsencrypt.

STEP 1) Install, configure and start the database MariaDB.

First, install the MariaDB server by:

dnf install -y mariadb-server

To configure the MariaDB server, the main file is /etc/my.cnf, which just includes all files under the folder /etc/my.cnf.d/

[root@srv ~]# cat /etc/my.cnf
#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]

#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

[root@srv ~]# ls -altr /etc/my.cnf.d/
total 32
-rw-r--r--.  1 root root  295 Mar 25  2022 client.cnf
-rw-r--r--.  1 root root  120 May 18 07:55 spider.cnf
-rw-r--r--.  1 root root  232 May 18 07:55 mysql-clients.cnf
-rw-r--r--.  1 root root  763 May 18 07:55 enable_encryption.preset
-rw-r--r--.  1 root root 1458 Jun 13 13:24 mariadb-server.cnf
-rw-r--r--.  1 root root   42 Jun 13 13:29 auth_gssapi.cnf
drwxr-xr-x.  2 root root 4096 Oct  6 06:34 .
drwxr-xr-x. 81 root root 4096 Oct  6 06:34 ..

The most important file for the MariaDB server is /etc/my.cnf.d/mariadb-server.cnf, where all the server options are included. Under section “[mysqld]” add options to tune the MariaDB server. Supported options could be found here: https://mariadb.com/kb/en/mysqld-options/
Add the following options under “[mysqld]” in /etc/my.cnf.d/mariadb-server.cnf
Keep on reading!

How To Install Linux, Nginx, MySQL (MariaDB), PHP-FPM (LEMP) Stack on CentOS Stream 9

main menu
dnf mariadb

This article presents how to install a Web server with application back-end PHP and database back-end MySQL using MariaDB. All the software installed throughout this article is from the CentOS Stream 9 official repositories including the EPEL repository. The machine is installed with a minimal installation of CentOS Stream 9 and there is a how-to here – Network installation of CentOS Stream 9 (20220606.0) – minimal server installation.
Here are the steps to perform:

  1. Install, configure and start the database MariaDB.
  2. Install, configure and start the PHP-FPM and PHP cli.
  3. Install, configure and start the Web server Nginx.
  4. Configure the system – firewall and SELinux.
  5. Test the installation with a phpMyAdmin installation.
  6. Bonus – Nginx HTTPS with SSL certificate – self-signed and letsencrypt.

STEP 1) Install, configure and start the database MariaDB.

First, install the MariaDB server by:

dnf install -y mariadb-server

To configure the MariaDB server, the main file is /etc/my.cnf, which just includes all files under the folder /etc/my.cnf.d/

[root@srv ~]# cat /etc/my.cnf
#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]

#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

[root@srv ~]# ls -altr /etc/my.cnf.d/
total 32
-rw-r--r--.  1 root root  295 Mar 25  2022 client.cnf
-rw-r--r--.  1 root root  120 May 18 07:55 spider.cnf
-rw-r--r--.  1 root root  232 May 18 07:55 mysql-clients.cnf
-rw-r--r--.  1 root root  763 May 18 07:55 enable_encryption.preset
-rw-r--r--.  1 root root 1458 Jun 13 13:24 mariadb-server.cnf
-rw-r--r--.  1 root root   42 Jun 13 13:29 auth_gssapi.cnf
drwxr-xr-x.  2 root root 4096 Oct  6 06:34 .
drwxr-xr-x. 81 root root 4096 Oct  6 06:34 ..

The most important file for the MariaDB server is /etc/my.cnf.d/mariadb-server.cnf, where all the server options are included. Under section “[mysqld]” add options to tune the MariaDB server. Supported options could be found here: https://mariadb.com/kb/en/mysqld-options/
Add the following options under “[mysqld]” in /etc/my.cnf.d/mariadb-server.cnf
Keep on reading!

How to upgrade to CentOS Stream 9 from CentOS Stream 8

This article will show how to update to CentOS Stream 9 from CentOS Stream 8.

main menu
grub entries

If only official repositories are used it is fairly easy to upgrade to the new rolling based CentOS Stream 9 release, which follows the Red Hat Enterprise Linux 9. Using unofficial or users’ repositories CentOS Stream 8 may lead to unstable system or break user’s system following this tutorial. First, check out for CentOS Stream 9 compatibility issues the currently installed repositories if some specific or unofficial are used.
The following article uses a CentOS Stream 9 with only the official default repositories and in addition, the EPEL repository, which has a CentOS Stream 9 support.
How to install – Network installation of CentOS Stream 9 (20220606.0) – minimal server installation with additional information about important CentOS Stream 9 URLs and links and what kind of software the user can expect to have Software and technical details of CentOS Stream 9 minimal install. Camparing the packages of the two systems – a clean install of CentOS Stream 9 and an upgrade from CentOS Stream 8, the clean install has 377 packages installed and the upgrade has 387 packages installed. The strated processes are the same except the chronyd service is not started on boot. chronyd daemon offers a time synchronization.

STEP 1) All installed packages should be updated to the latest versions.

[root@srv ~]# dnf update -y
Last metadata expiration check: 0:09:08 ago on Tue Oct  4 12:12:07 2022.
Dependencies resolved.
Nothing to do.
Complete!

The DNF tool reports that all packages are up-to-date, because there is nothing to upgrade.

STEP 2) A cleanup of all packages, which are not required anymore.

Check orphan and leaves packages. Some of the packages here may be used by the user explicitly, so it is important to know the system. Remove the packages if not used by the system and they are showed as an output of the following commands and they are not used by the user of the system.

[root@srv ~]# dnf repoquery --unneeded
Last metadata expiration check: 0:12:56 ago on Tue Oct  4 12:12:07 2022.
NetworkManager-initscripts-updown-1:1.40.0-1.el8.noarch
grub2-tools-efi-1:2.02-129.el8.x86_64
libmetalink-0:0.1.3-7.el8.x86_64
pciutils-0:3.7.0-1.el8.x86_64
python3-configobj-0:5.0.6-11.el8.noarch
python3-schedutils-0:0.6-6.el8.x86_64
rdma-core-0:41.0-1.el8.x86_64
[root@srv ~]# dnf repoquery --extras
Last metadata expiration check: 0:00:12 ago on Tue Oct  4 12:34:17 2022.

Remove the unneeded packages:
Keep on reading!

Generate the rescue kernel boot entry in CentOS Stream 9

main menu
Generate the rescue kernel

Regenerating the vmlinuz and initramfs for the rescue kernel of currently installed kernel under CentOS Stream 9 is really simple. There is a package dracut-config-rescue, which delivers a bash script (/usr/lib/kernel/install.d/51-dracut-rescue.install) to help generate a rescue kernel.

STEP 1) Move the old rescue kernel in a backup directory.

Remove the current rescue kernel from the /boot.

[root@srv ~]# ls -altr /boot/|grep rescue
-rwxr-xr-x.  1 root root 10030216 Apr 12  2021 vmlinuz-0-rescue-b2a198ecbfdd451cb905f76f825af01e
-rw-------.  1 root root 77700560 Apr 12  2021 initramfs-0-rescue-b2a198ecbfdd451cb905f76f825af01e.img
[root@srv ~]# mkdir /tmp/old-rescue
[root@srv ~]# mv /boot/*-rescue-* /tmp/old-rescue/
[root@srv ~]# ls -altr /tmp/old-rescue/
total 85684
-rwxr-xr-x. 1 root root 10030216 Apr 12  2021 vmlinuz-0-rescue-b2a198ecbfdd451cb905f76f825af01e
-rw-------. 1 root root 77700560 Apr 12  2021 initramfs-0-rescue-b2a198ecbfdd451cb905f76f825af01e.img
drwxrwxrwt. 9 root root     4096 Oct  5 10:00 ..
drwxr-xr-x. 2 root root     4096 Oct  5 10:01 .
[root@srv ~]# mv /boot/loader/entries/b2a198ecbfdd451cb905f76f825af01e-0-rescue.conf /tmp/old-rescue/

STEP 2) Regenerate the rescue kernel and the Grub boot entry.

Regenerate the with the /usr/lib/kernel/install.d/51-dracut-rescue.install the rescue kernel and the Grub entry by executing the following command:

[root@srv ~]# /usr/lib/kernel/install.d/51-dracut-rescue.install add $(uname -r) /boot /boot/vmlinuz-$(uname -r)

The command does not output anything on successful generation, but there are 3 new files with rescue in the name:

[root@srv ~]# find /boot/ -name '*rescue*'
/boot/loader/entries/b2a198ecbfdd451cb905f76f825af01e-0-rescue.conf
/boot/vmlinuz-0-rescue-b2a198ecbfdd451cb905f76f825af01e
/boot/initramfs-0-rescue-b2a198ecbfdd451cb905f76f825af01e.img

Here are the valid arguments to generate the rescue kernel:

  1. add – the command what to do the script.
  2. kernel version – the kernel version, for which the script to generate the rescue kernel.
  3. boot directory – the boot directory, where the rescue kernel will be saved.
  4. kernel image – the kernel image against the script will produce the rescue kernel.

Bonus) Additional information.

It is interesting to mention, now, the script /usr/lib/kernel/install.d/51-dracut-rescue.install seems unfinished, because it does not include “USAGE” output and “remove” command is not implemented! The usage part is even stranger, because when the script is executed with wrong or without arguments it throws error for missing “usage command” (in fact, “usage” bash function):

[root@srv ~]# /usr/lib/kernel/install.d/51-dracut-rescue.install
/usr/lib/kernel/install.d/51-dracut-rescue.install: line 129: usage: command not found

The remove command is just not implemented and it exits the script with 0, which WILL NOT remove a kernel rescue entry.

[root@srv ~]# grep remove -A 4 /usr/lib/kernel/install.d/51-dracut-rescue.install
    remove)
        exit 0
        ;;

    *)

This is the situation for the latest version at present:

[root@srv ~]# dnf info dracut-config-rescue
Last metadata expiration check: 1:35:30 ago on Wed 05 Oct 2022 09:06:59 AM UTC.
Installed Packages
Name         : dracut-config-rescue
Version      : 057
Release      : 13.git20220816.el9
Architecture : x86_64
Size         : 3.5 k
Source       : dracut-057-13.git20220816.el9.src.rpm
Repository   : @System
From repo    : baseos
Summary      : dracut configuration to turn on rescue image generation
URL          : https://dracut.wiki.kernel.org/
License      : GPLv2+ and LGPLv2+ and GPLv2
Description  : This package provides the configuration to turn on the rescue initramfs
             : generation with dracut.

More topics on CentOS Stream 9 here.