Update CentOS 4 to CentOS 5 remotely

CentOS-5 LogoI just successfully updated my Dell PowerEdge 1850 from CentOS 4.8 to CentOS 5.4, luckily the issues I faced were not so rare. The steps I used are listed below, may it helpful for you as well! Although this post is mainly intended for CentOS it should work on RHEL systems as well.

Before you start, A word of advice i believe most experienced RHEL/CentOS users will show you regarding what you’re thinking:

Upgrade between minor versions (i.e. CentOS 5.2 -> 5.3 -> 5.4, or even 5.0 -> 5.4) YES
Upgrade between major system versions (i.e. CentOS 4.8 to CentOS 5.4) NO

As far as I recall, not even Red Hat recommends this – although they do guarantee the miner updates will go smoothly. Even if you manage to hammer that 4.8 to 5.4 upgrade into place, you might end up with a mess that will be very difficult to maintain. Before processing the system update, it’s suggested to create a backup!

If you are currently running a version of RHEL/CentOS earlier than 4.8 (cat /etc/redhat-release), then please do a proper ‘yum update‘ and get your current system updated to 4.8 before we start.

Then the first thing we need to do is to make sure none of our core binaries, libraries or other content is immutable as it causes package installation failures. If you use immutable bits on system paths then you should run these commands:

chattr -Ria /bin
chattr -Ria /etc
chattr -Ria /etc
chattr -Ria /include
chattr -Ria /lib
chattr -Ria /sbin
chattr -Ria /usr/bin
chattr -Ria /usr/include
chattr -Ria /usr/lib
chattr -Ria /usr/libexec
chattr -Ria /usr/local/bin
chattr -Ria /usr/local/include
chattr -Ria /usr/local/lib
chattr -Ria /usr/local/sbin
chattr -Ria /usr/sbin
chattr -Ria /usr/share
chattr -Ria /var/lib
chattr -Ria /var/lock
chattr -Ria /var/log
chattr -Ria /var/run
chattr -Ria /var/spool/repackage

Once finished, go ahead and have a quick run through of cleaning up yum cache, double check that any pending updates are installed and rebuild the rpmdb:

yum clean all && yum update

If you run into any dependency issues for packages that are not essential, such as syslinux and lftp then you can either exclude them or better just remove them. If the denpency issue is openssh-server related, you can enable telnet login during update by modifing /etc/xinetd.d/telnet.

rpm -e lftp syslinux mkboot

OR (but not recommended)

yum update --exclude=syslinux --exclude=lftp --exclude=mkboot

At this point you should be able to run a ‘yum update‘ command with optional exclude and receive no errors. Now we are ready to get going, please google around, find and download these packages, they mostly available at CentOS official mirror site:

# ls
centos-release-5-4.el5.centos.1.i386.rpm    python-elementtree-1.2.6-5.el4.centos.i386.rpm
centos-release-notes-5.4-4.i386.rpm       python-elementtree-1.2.6-5.el5.i386.rpm
kernel-2.6.18-164.el5.i686.rpm            python-elementtree-1.2.6-5.i386.rpm
kernel-devel-2.6.18-164.el5.i686.rpm      python-sqlite-1.1.7-1.2.1.i386.rpm

We need to go ahead and setup the centos-release package as follows:

rpm -Uhv centos-release-*.rpm

If you see that CentOS-Base.repo was created as /etc/yum.repos.d/CentOS-Base.repo.rpmnew then move it to the right place:

# mv /etc/yum.repos.d/CentOS-Base.repo.rpmnew /etc/yum.repos.d/CentOS-Base.repo

Now we are ready to go with kernel changes, this is an important part so pay attention. The key to successful upgrade is that you remove ALL OLD KERNELS as many packages will fail to install during the upgrade if they detect a release 4.x kernel due to minimum kernel version dependency checks. We will first start with installing the new CentOS 5.4 kernel so it preserves grub templating:

rpm -ivh kernel-2.6.18-164.el5.i686.rpm kernel-devel-2.6.18-164.el5.i686.rpm --nodeps

NOTE: release 5.x has smp support integrated into the standard kernel, so no *-smp version is required for multi-processor systems.

If you are running an older system the chances are you got allot of older kernel packages installed, so make sure you get them all out of the way:

rpm -e $(rpm -qa | grep kernel | grep -v 2.6.18 | tr 'n' ' ') --nodeps

That said and done you should now only have 2 kernel packages installed which are the 2.6.18 release 5.x kernels. DO NOT under any circumstance continue if you still got 2.6.9 release 4.x kernels packages installed, remove them ALL!

# rpm -qa | grep -i kernel

A cleanup of /etc/grub.conf may be required, though the rpm command should have done this for you already, but review it anyways for good measure. You should find that 2.6.18-164.el5 is the only kernel in the file. When kernel updated, a reboot here is OK, but it’s not suggested.

Then we can continute the system updates. There is a known bug with python-elementtree package versions which cause yum/rpm to think the release 4.x version is newer than the 5.x version, to get around this without blowing up the entire python installation we need to remove the package from just the rpmdb as follows:

rpm -e --justdb python-elementtree --nodeps

We can now go ahead and use yum to start the upgrade process, this is a dry run and will take some minutes to compile list of available packages and associated dependency checks. You should carry the exclude options, if any, that you used during the ‘yum update’ process as so to avoid unresolvable dependencies:

yum clean all
yum upgrade

You will end up with a small list of dependency errors, these should be resolved by again evaluating a packages need as a critical system component and either removing it with ‘rpm -e‘ or excluding it with ‘–exclude‘ (remember to query description if you are unsure what something does). In my case the packages that threw up red flags were stuff I had manually installed over time such as nfs in addition to default installed samba, these can all safely be removed or excluded as you prefer.

    Error: Missing Dependency: perl(Convert::ASN1) is needed by package samba
    Error: Missing Dependency: libevent-1.1a.so.1 is needed bypackage nfs-utils

At this point you should be ready to do a final dry run and see where we stand on dependencies, rerun the earlier ‘yum upgrade‘ while making sure to carry over any exclude options you are using.

You should now end up with a summary of actions that yum needs to perform, go ahead and kick it off… this will take a bit time to complete.

    Transaction Summary
    Install 183 Package(s)
    Update 527 Package(s)
    Remove 0 Package(s)
    Total download size: 679 M
    Is this ok [y/N]:Y

Once yum has completed we need to fix a few things, the first is the rpmdb needs a rebuild due to version changes that will cause any rpm commands to fail:

rm -f /var/lib/rpm/__db.00*
rpm --rebuilddb
yum clean all

The next issue on the list is python-elementtree and python-sqlite, one or both of these may have ended up in a broken state that will cause all yum commands to break, so we will go ahead and reinstall both of them:

rpm -e --justdb python-elementtree --nodeps
rpm -ivh python-elementtree-1.2.6-5.el5.i386.rpm
rpm -ivh python-sqlite-1.1.7-1.2.1.i386.rpm --nodeps --force

The yum command should now work, go ahead and run it with no options, if you do not get any errors, you are all sorted!

Hopefully the install went well for you, the only thing left to do is go ahead and reboot the system:

shutdown -rf now

For the sake of avoiding a system raised fsck, we will reboot with the -f option to skip fsck.

16 thoughts on “Update CentOS 4 to CentOS 5 remotely

  1. I can confirm that this also works for CentOS 64bit with minor modifications like grabbing the x86_64 version of the packages.

    Generally all CentOS official packages “updated” from other repos (rpmforge, atrpms etc) will cause problems when upgrading, if possible these should be removed, and re-installed after upgrade.

    I also recommend removing all the orphan packages, those that were not updated in the upgrade process (hint: rpm -qa –last)

  2. Hi, I followed this tutorial to upgrade from Centos 4.9 to Centos 5.9 and everything seemed fine until after rebooting the server.

    Now I can not login to the server through shell access. I tried loging in through putty, WinSCP, the virtual terminal in cpanel, and also the virtual terminal in my solus panel but they all say “Connection refused”. I am able to ping my server and my websites are all accessible though.

    I’m guessing something went wrong with sshd during the upgrade. Is there any way to restart sshd or reinstall it?


  3. Can you run command from the panels?
    If not, you may need to ask hosting provider for help. Good luck!

  4. Do you have a spam problem on this blog; I also am
    a blogger, and I was curious about your situation; many of us have developed some nice practices and we are looking to exchange
    solutions with others, be sure to shoot me an email if interested.

  5. Hey! I just wanted to ask if you ever have any issues with hackers?
    My last blog (wordpress) was hacked and I ended up losing
    months of hard work due to no data backup. Do you have any methods to prevent hackers?

  6. Everyone loves what you guys are up too. Such clever work and coverage!

    Keep up the fantastic works guys I’ve added you guys to my personal blogroll.

  7. Have you ever considered about including a little bit more than just your articles?
    I mean, what you say is important and all. But just imagine if you added some great visuals or videos to give your posts more, “pop”!
    Your content is excellent but with pics and clips, this site could definitely be one of the greatest in its
    field. Amazing blog!

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.