|
|
Calling besson3c - Something like MacPorts for Linux?
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Hey, I haven't been around here much lately. Does besson3c still hang around here?
The situation is: I've got a VPS account with a web host. The server is running Linux (CentOS) and Cpanel. I want to install some stuff on the server, and I'd like to use some sort of package management program like RPM, port, etc. so I can easily keep things up to date. The OS naturally includes RPM, but I'm loath to use it, since I don't want to break the Cpanel / CentOS stuff, particularly since part of what I want to do is install later versions of certain libraries than what are pre-installed. So, I'm wondering if there's anything available that works the way MacPorts does, by which I mean installing everything in a separate tree (like MacPorts does in /opt/local, or Fink used to do in /sw), so that I could freely install anything I wanted without worrying about breaking anything, and nothing would affect anything that wasn't specifically looking for it there.
Is there anything like that for Linux-based operating systems?
Thanks!
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
A number of package managers, CentOS's being "yum" last I checked, include flags for alternate installation directories. You could then add this path to your shell's config file/profile. You will, of course, need root access to run most daemons.
Most/all Linux distros have their own included package managers, and most of them are more sophisticated and reliable than Macports/Fink/Homebrew.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
I've got root access, so no trouble with that. I'll have to look into whether yum can install in a separate directory. It would be nice to have something like MacPorts, though, where the entire system is all external and nothing has any chance of affecting anything outside its own little sandbox.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by CharlesS
I've got root access, so no trouble with that. I'll have to look into whether yum can install in a separate directory. It would be nice to have something like MacPorts, though, where the entire system is all external and nothing has any chance of affecting anything outside its own little sandbox.
Why though? Linux is not OS X.
The reason for doing it in OS X is because it is sometimes unclear what updating the stuff that Apple bundles will do to the rest of the system, and what GUIs it will break. In Linux, these bits are meant to be updated as often as you please - these bits *are* the system. The package manager repository is maintained by the same people that maintain the OS (or at least they are in close contact with each other), so any updates available are meant to be installed, and have been tested in advance.
These package managers also have flags for developers to indicate conflicts, so if there is something that would break the version of cPanel you have installed, it won't update until an update for cPanel is available (unless you force the update).
I think you are being too conservative. I don't update willy nilly for the sake of updating, if it ain't broke don't fix it and all that, but I haven't run into the sorts of problems you are describing in Redhat based OSes, Debian based OSes, or FreeBSD.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
That being said, I would suggest having a test VPS that is a live clone of your system. This VPS could be local if you don't want to pay for an additional VPS. The reason for this is testing the OS updates, but perhaps more importantly than that, test how they will fare with your homegrown application(s), if you have any.
There are also ways to downgrade components, but I usually don't bother with that when my VPS host provides snapshot capability. Taking a snapshot on a live system might be a good substitute for a cloned VPS, if you'd rather not do that, and an easy way to put things back the way they were before the upgrade.
The caveat though is that you want to put your applications/binaries on a separate partition than your user data so that your snapshot will only restore your apps/binaries without touching the user data. As you've probably noticed, Linux practices make pretty frequent use of multiple partitions, and you can allocate additional space to these partitions if they are LVM formatted.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Originally Posted by besson3c
Why though? Linux is not OS X.
The reason for doing it in OS X is because it is sometimes unclear what updating the stuff that Apple bundles will do to the rest of the system, and what GUIs it will break. In Linux, these bits are meant to be updated as often as you please - these bits *are* the system. The package manager repository is maintained by the same people that maintain the OS (or at least they are in close contact with each other), so any updates available are meant to be installed, and have been tested in advance.
These package managers also have flags for developers to indicate conflicts, so if there is something that would break the version of cPanel you have installed, it won't update until an update for cPanel is available (unless you force the update).
I think you are being too conservative. I don't update willy nilly for the sake of updating, if it ain't broke don't fix it and all that, but I haven't run into the sorts of problems you are describing in Redhat based OSes, Debian based OSes, or FreeBSD.
Well, not only do I have CentOS and Cpanel, neither of which I understand well enough to feel truly comfortable with messing with their underpinnings, but also I talked to a person at the web host about specifically what I want to do, and he told me it would probably break something so I dunno, I'd rather play this conservatively if I can.
Part of this involves installing OpenSSL 1.0.1f (the server currently has 0.9.8 on it), and that's one of those things that not only do I know the interface changed a few times in various updates, but also that a lot of stuff on the web server relies on it. I do not want to mess with the OpenSSL that the server currently has...
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
If your VPS provider doesn't provide snapshot capabilities, LVM can also snapshot, although I haven't really played around with that...
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
It does, but if I've already been told something's probably going to break something, I'd rather just go about doing this the right way the first time rather than hose things and have to restore the backup.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by CharlesS
Well, not only do I have CentOS and Cpanel, neither of which I understand well enough to feel truly comfortable with messing with their underpinnings, but also I talked to a person at the web host about specifically what I want to do, and he told me it would probably break something so I dunno, I'd rather play this conservatively if I can.
Part of this involves installing OpenSSL 1.0.1f (the server currently has 0.9.8 on it), and that's one of those things that not only do I know the interface changed a few times in various updates, but also that a lot of stuff on the web server relies on it. I do not want to mess with the OpenSSL that the server currently has...
Perhaps he hand-installed cPanel (i.e. it wasn't installed through package management), which might be the reasoning behind his warning. Having some sort of backpedaling ability or a full-fledged clone/test environment would probably be handy to have, and I would imagine that either of my suggestions would be easier than trying to create yourself a sandbox with all the stuff you need. There are people that do that sort of thing for security reasons (Google "chroot jail"), but this generally considered a more geeky thing to do.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by CharlesS
It does, but if I've already been told something's probably going to break something, I'd rather just go about doing this the right way the first time rather than hose things and have to restore the backup.
I definitely understand your thinking, it makes sense. I might be over-estimating the difficulty of creating that sandbox...
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
MacPorts allows you to specify the directory it installs into, and it's just a matter of one setting in the configuration (I actually had two of them in parallel at one point on my Mac, one for 32-bit binaries and one for 64-bit. I had reasons).
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by CharlesS
MacPorts allows you to specify the directory it installs into, and it's just a matter of one setting in the configuration (I actually had two of them in parallel at one point on my Mac, one for 32-bit binaries and one for 64-bit. I had reasons).
If you are going to create yourself that sandbox, you might want to look at chroot jail techniques, which seems to be basically what you are looking for with a more security-centric approach.
Let us know what you decide to do, and how it goes...
I haven't really used cPanel much, but I've heard it is temperamental. Usually updating stuff doesn't require much consternation with some basic planning, but you're probably right to play it safe!
It looks like --installroot is the yum argument you want.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
yum --installroot does look promising. Do you know if, after you've installed something that way, future invocations of yum update will also update the stuff in your separate installroot, or whether you'd need to add a yum --installroot /blah/blah update to the crontab?
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by CharlesS
yum --installroot does look promising. Do you know if, after you've installed something that way, future invocations of yum update will also update the stuff in your separate installroot, or whether you'd need to add a yum --installroot /blah/blah update to the crontab?
I would imagine that every invocation of yum would need --installroot, but perhaps what you could do is add an alias to your shell so that yum is always invoked as yum --installroot?
There are cronjobs that update yum definitions, and probably a utility to email you notifications of important updates that would need to be tweaked to add this flag too.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Hmm, that sounds good. Maybe I'll have to set up another VMWare VM with a CentOS distro on it to play around a bit and familiarize myself with how everything works.
Thanks.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
No problem!
If you do, I suggest disabling SELInux at least at first, and going with a multi LVM partition setup.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|