Tested with tmux-1.8-4.el7.x86_64.
Default /etc/tmux.conf for CentOS 7 to:
set-option -g allow-rename off set-option -g default-path ~/
Sources:
Tested on CentOS 8 with CentOS' version of PostgreSQL 10.14 and PostgreSQL 12.4 from postgresql.org RPM repository.
When installing a PostgreSQL version from the YUM repository at https://yum.postgresql.org/repopackages/ next to an existing PostgreSQL version from the CentOS official repositories the following warnings appear:
failed to link /usr/bin/psql -> /etc/alternatives/pgsql-psql: /usr/bin/psql exists and it is not a symlink failed to link /usr/bin/clusterdb -> /etc/alternatives/pgsql-clusterdb: /usr/bin/clusterdb exists and it is not a symlink failed to link /usr/bin/createdb -> /etc/alternatives/pgsql-createdb: /usr/bin/createdb exists and it is not a symlink failed to link /usr/bin/createuser -> /etc/alternatives/pgsql-createuser: /usr/bin/createuser exists and it is not a symlink failed to link /usr/bin/dropdb -> /etc/alternatives/pgsql-dropdb: /usr/bin/dropdb exists and it is not a symlink failed to link /usr/bin/dropuser -> /etc/alternatives/pgsql-dropuser: /usr/bin/dropuser exists and it is not a symlink failed to link /usr/bin/pg_basebackup -> /etc/alternatives/pgsql-pg_basebackup: /usr/bin/pg_basebackup exists and it is not a symlink failed to link /usr/bin/pg_dump -> /etc/alternatives/pgsql-pg_dump: /usr/bin/pg_dump exists and it is not a symlink failed to link /usr/bin/pg_dumpall -> /etc/alternatives/pgsql-pg_dumpall: /usr/bin/pg_dumpall exists and it is not a symlink failed to link /usr/bin/pg_restore -> /etc/alternatives/pgsql-pg_restore: /usr/bin/pg_restore exists and it is not a symlink failed to link /usr/bin/reindexdb -> /etc/alternatives/pgsql-reindexdb: /usr/bin/reindexdb exists and it is not a symlink failed to link /usr/bin/vacuumdb -> /etc/alternatives/pgsql-vacuumdb: /usr/bin/vacuumdb exists and it is not a symlink
This is fine during a migration, but afterwards when the PostgreSQL version from the CentOS repositories is removed you are left with no PostgreSQL binaries in the path.
To create all pgsql-* alternatives symlinks for PostgreSQL run the following as root:
alternatives --list | grep ^pgsql | awk '{print $1}' | xargs -n 1 alternatives --auto
More info: Red Hat - Enable Sysadmin - Introduction to the alternatives command in Linux
Tested on CentOS 8.4.2105.
When your vulnerability scanner (e.g. GVM) complains that the SSH service on your CentOS/RHEL 8 server supports the weak aes128-cbc and aes256-cbc ciphers something more than just setting the Ciphers in sshd_config is required.
CentOS/RHEL 8 applies “system-wide cryptographic policies”. This means that by default the Ciphers setting in sshd_config is ignored.
To make sshd use a Ciphers setting in sshd_config we'll disable cryptographic policy support for sshd and set the Ciphers:
vi /etc/sysconfig/sshd
# System-wide crypto policy: # To opt-out, uncomment the following line # CRYPTO_POLICY=
# System-wide crypto policy: # To opt-out, uncomment the following line CRYPTO_POLICY=
vi /etc/ssh/sshd_config
Ciphers -aes128-cbc,-aes256-cbc
systemctl restart sshd
systemctl status sshd
ssh -c aes256-cbc localhost
Unable to negotiate with ::1 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
Sources:
By default CentOS 8 stores journald logs in memory (/run/log/journal/) if /var/log/journal/ does not exist, and /var/log/journal/ does not exist by default.
This means that after a reboot the logs from before that reboot are lost.
To set systemd-journald to preserve logs across reboots by storing them on disk:
dnf install psmisc
mkdir /var/log/journal
systemd-tmpfiles --create --prefix /var/log/journal
killall -s SIGUSR1 systemd-journald
Sources: