Results 1 to 10 of 10

Thread: Recent yum update kills SSH + solution

  1. #1
    Join Date
    May 2006
    Location
    GMT +10
    Posts
    375

    Exclamation Recent yum update kills SSH + solution

    I ran a yum update recently, as I do from time to time to keep things up to date. Normally yum is very polite and harmless.

    But the most recent yum update was huge - 230+ package updates, 10 package installs. And it was messy.

    Aside from installing a load of new crap I didn't need as startup daemons (easily disabled), it also ended up killing SSHD, which completely refused to start, and then once I did manage to start it, also generated errors for clients trying to connect.

    It seems that this yum update plays around with various mount points - like /dev/null and others - that cause problems for SSHD starting.

    1 - Getting SSH daemon to start

    Getting SSHD to start involved fixing this error:

    fatal: daemon() failed: No such device
    which was fixed by:

    deleting the FILE:
    /dev/null

    that yum or something had created, and then running the command:

    Code:
    mknod /dev/null c 1 3
    Once that was done, SSHD started up OK again.

    2. Getting SSH logins to work again.

    Although SSHD now started, it would only allow SFTP access, not command-line SSH.

    The error "openpty: No such file or directory" appeared when I tried to login to SSH

    This was solved by executing the following commands:

    Code:
    /sbin/MAKEDEV tty and then
    /sbin/MAKEDEV pty
    (Thank you http://forum.openvz.org/index.php?t=...o=192&#msg_192)

    After that was done, SSH command line logins worked again.

    Just FYI.

    Be alert to the possibility that this might happen to you at your next yum update.

    I was reminded by this experience of what a real drag it is trying to admin a server without being able to login via SSH.

  2. #2
    Join Date
    Jun 2006
    Location
    Labrador, Canada
    Posts
    266

    Default

    Is this CentOS? CentOS 4.5 was released in the last few days. I also updated via yum. Haven't had any issues, but I haven't restarted the VPS. I did restart individual services, including SSH, without any problem.

    Was it when you restarted your VPS that you ran into problems?
    D. Robbins
    vpsinfo : server status in your browser
    loadavg : lightweight load, memory & transfer monitoring

  3. #3
    Join Date
    May 2006
    Location
    GMT +10
    Posts
    375

    Default

    No. There were some immediate problems I noticed with individual services.

    After yum ran, I re-started Apache, since there were some httpd and php updates, but it barfed on a SSL initiation issue.

    So only then did I re-start the VPS, and then Apache came up OK but SSH started to have its problems.

    It is possible that some of those mount points changes won't go active until a re-start. Try it and see

    I still have to look into the package versions to see what I was bumped up to.

    I was on 4.4, who knows now there is probably a lot of 4.5 in there. I also want to look into its other changes - a few .conf files were replaced too.

    Fun fun fun.

    Edit - now for example the OpenSS server is 3.9p1-8.RHEL4.20, which matches the files in the CentOS 4.5 distribution, whereas in 4.4 it was 3.9p1-8.RHEL4.15. Ditto Apache: before 2.0.52-28, now 2.0.52-32.

    So I guess the VPS was effectively yummed up to CentOS 4.5.

    Full (big) changelog is here, FYI, which is worth glancing at before doing the update.

    http://mirror.centos.org/centos/4/do...TES-U4-en.html
    Last edited by bfp; 05-20-2007 at 10:34 AM.

  4. #4
    Join Date
    Jun 2006
    Location
    Labrador, Canada
    Posts
    266

    Default

    Think I'll wait awhile before trying a restart Maybe VPSLink will have some comments.

    yum doesn't usually rewrite config files if they've been modified. Instead it installs a new version alongside. For example I have /etc/dovecot.conf and after the update I also have /etc/dovecot.conf.rpmnew, which is the (default) config file supplied with the updated dovecot package.

    Here's what was updated for me (from logwatch, resorted alphabetically):

    Code:
    ImageMagick.i386 6.0.7.1-17
    SysVinit.i386 2.85-34.4
    audit-libs.i386 1.0.15-3.EL4
    audit.i386 1.0.15-3.EL4
    binutils.i386 2.15.92.0.2-22
    centos-release.i386 6:4-4.3
    chkconfig.i386 1.3.13.5.EL4-1
    coreutils.i386 5.2.1-31.6
    cpio.i386 2.5-13.RHEL4
    cpp.i386 3.4.6-8
    cracklib-dicts.i386 2.8.9-1.3
    cracklib.i386 2.8.9-1.3
    cups-libs.i386 1:1.1.22-0.rc1.9.20
    curl-devel.i386 7.12.1-11.el4
    curl.i386 7.12.1-11.el4
    dovecot.i386 0.99.11-8.EL4
    e2fsprogs-devel.i386 1.35-12.5.el4
    e2fsprogs.i386 1.35-12.5.el4
    elfutils-libelf.i386 0.97.1-4
    elfutils.i386 0.97.1-4
    findutils.i386 1:4.1.20-7.el4.3
    ftp.i386 0.17-23.EL4
    gcc-c++.i386 3.4.6-8
    gcc.i386 3.4.6-8
    gd.i386 2.0.28-5.4E
    glibc-common.i386 2.3.4-2.36
    glibc-devel.i386 2.3.4-2.36
    glibc-headers.i386 2.3.4-2.36
    glibc-kernheaders.i386 2.4-9.1.100.EL
    glibc.i686 2.3.4-2.36
    grep.i386 2.5.1-32.3
    initscripts.i386 7.93.29.EL-1.centos4
    iproute.i386 2.6.9-3.EL4.7
    iputils.i386 20020927-19.EL4.5
    krb5-devel.i386 1.3.4-47
    krb5-libs.i386 1.3.4-47
    less.i386 382-4.rhel4
    libacl.i386 2.2.23-5.3.el4
    libattr.i386 2.4.16-3.1.el4
    libgcc.i386 3.4.6-8
    libpng-devel.i386 2:1.2.7-3.el4
    libpng.i386 2:1.2.7-3.el4
    libselinux.i386 1.19.1-7.3
    libstdc++-devel.i386 3.4.6-8
    libstdc++.i386 3.4.6-8
    libxml2-devel.i386 2.6.16-10
    libxml2-python.i386 2.6.16-10
    libxml2.i386 2.6.16-10
    logrotate.i386 3.7.1-6.RHEL4
    mailx.i386 8.1.1-37.EL4
    man-pages.noarch 1.67-12.EL4
    man.i386 1.5o1-10.rhel4
    ncompress.i386 4.2.4-44.rhel4
    net-tools.i386 1.60-37.EL4.9
    netpbm.i386 10.25-2.EL4.6
    ntsysv.i386 1.3.13.5.EL4-1
    openldap.i386 2.2.13-7.4E
    openssh-clients.i386 3.9p1-8.RHEL4.20
    openssh-server.i386 3.9p1-8.RHEL4.20
    openssh.i386 3.9p1-8.RHEL4.20
    openssl-devel.i586 0.9.7a-43.16
    openssl.i686 0.9.7a-43.16
    pam-devel.i386 0.77-66.21
    pam.i386 0.77-66.21
    popt.i386 1.9.1-22_nonptl
    postfix.i386 2:2.2.10-1.1.el4
    postgresql-libs.i386 7.4.17-1.RHEL4.1
    procps.i386 3.2.3-8.6
    python-elementtree.i386 1.2.6-5.el4.centos
    python-sqlite.i386 1.1.7-1.2.1
    python.i386 2.3.4-14.4
    quota.i386 1:3.12-6.el4
    rpm-libs.i386 4.3.3-22_nonptl
    rpm-python.i386 4.3.3-22_nonptl
    rpm.i386 4.3.3-22_nonptl
    sed.i386 4.1.2-6.el4
    sendmail-cf.i386 8.13.1-3.2.el4
    sendmail-doc.i386 8.13.1-3.2.el4
    sendmail.i386 8.13.1-3.2.el4
    shadow-utils.i386 2:4.0.3-61.RHEL4
    sqlite.i386 3.3.6-2
    tcsh.i386 6.13-9.el4.1
    traceroute.i386 1.4a12-24.EL4.1
    ttmkfdir.i386 3.0.9-20.el4
    unzip.i386 5.51-9.EL4.5
    util-linux.i386 2.12a-16.EL4.25
    vixie-cron.i386 4:4.1-47.EL4
    words.noarch 3.0-3.2
    xorg-x11-Mesa-libGL.i386 6.8.2-1.EL.18
    xorg-x11-font-utils.i386 6.8.2-1.EL.18
    xorg-x11-libs.i386 6.8.2-1.EL.18
    xorg-x11-xfs.i386 6.8.2-1.EL.18
    yum.noarch 2.4.3-3.el4.centos
    D. Robbins
    vpsinfo : server status in your browser
    loadavg : lightweight load, memory & transfer monitoring

  5. #5
    Join Date
    May 2006
    Location
    GMT +10
    Posts
    375

    Default

    Yep, that's pretty much exactly what I got too.

    I trust the update doesn't cause angst to our VPSLink overlords. The update did want to play with things that perhaps it shouldn't on a VPS.

  6. #6
    Join Date
    Jun 2006
    Location
    Labrador, Canada
    Posts
    266

    Default

    Code:
    [root@vps:~] ls -l /dev/null
    crw-rw-rw-  1 root root 1, 3 Jun  1  2006 /dev/null
    [root@vps:~] ls -l /dev/tty
    crw-rw-rw-  1 root root 5, 0 Mar 24 08:47 /dev/tty
    [root@vps:~] ls -l /dev/pty
    ls: /dev/pty: No such file or directory
    /dev/null and /dev/tty look OK here. There's no /dev/pty but lots of /dev/pty** devices. For what it's worth, there's no /dev/pty on another VPS I have (Virtuosso) or on my dedicated boxes.
    D. Robbins
    vpsinfo : server status in your browser
    loadavg : lightweight load, memory & transfer monitoring

  7. #7

    Default

    Just an addon notes:

    If you deleted the /dev/null and recreate it with mknod /dev/null c 1 3, be sure to do chmod 666 /dev/null so that /dev/null is world writable and readable, which is the default, I suppose.

    Hope this helps some of you.

  8. #8
    Join Date
    Apr 2010
    Posts
    1

    Default

    Considering the fact we have no SSH access in this case how can we run the commands above on the remote server?

    I'm running a centOS5-i386 under hyperVM with Kloxo control panel.

  9. #9
    Join Date
    Mar 2009
    Posts
    137

    Default

    Quote Originally Posted by zeuss86 View Post
    Considering the fact we have no SSH access in this case how can we run the commands above on the remote server?

    I'm running a centOS5-i386 under hyperVM with Kloxo control panel.
    well with servers with vpslink we have console access.... have no idea about yours though..

  10. #10
    Join Date
    Jul 2010
    Location
    VN
    Posts
    1

    Default

    Is this CentOS? CentOS 4.5 was released in the last few days. I also updated via yum. Haven't had any issues, but I haven't restarted the VPS. I did restart individual services, including SSH, without any problem.

    Was it when you restarted your VPS that you ran into problems?

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •