Introduction
Scanner
- preupgrade-assistant-1.0.2-36.0.1.el6.centos
- preupgrade-assistant-contents-0.5.14-1.el6.centos
Target info
Targets
|
Addresses
|
Platforms
|
Results overview
Rule Results Summary
| pass | fixed | fail | needs inspection | needs action | error | not selected | not checked | not applicable | informational | unknown | total |
| 19 | 5 | 0 | 7 | 7 | 0 | 5 | 0 | 46 | 12 | 0 | 101 |
Rule results summary
Results details
Result for Configuration Files to Review
Result: needs_inspection
Rule ID: xccdf_preupg_rule_backup_NoverifyConfigs_noverifycfg
Time: 2020-08-22 10:07
This module stores some system configuration files that can have been modified by the user when it is not possible to automatically upgrade them.
Remediation instructions
Some packages do not track the possible performed changes to system configuration files; therefore, it cannot be easily determined if the files have been modified by the user or not. In order to allow for later examination, all configuration files not handled by the migration scripts are stored in the dirtyconf/ directory. The list of the stored files is available in the ./kickstart/noverifycfg file. The user is advised to verify the functionality of configuration files stored by this tool after a successful upgrade.
INPLACERISK: SLIGHT: We detected some files where modifications are not tracked in the rpms. You may need to check their functionality after successful upgrade.
Result for File Lists for Manual Migration
Result: needs_inspection
Rule ID: xccdf_preupg_rule_backup_UntrackedFiles_untracked
Time: 2020-08-22 10:07
This module generates lists of files, such as temporary, application, and user data files, which are not automatically migrated.
Remediation instructions
Some user data, such as user home directories and temporary files, are not tracked by the RPM database. This data will not be automatically migrated. To assist you with migrating the data, this module has generated the following three files.* The ./kickstart/untrackedsystem file lists the regular files on the system that will not be migrated. The list does not contain files mounted over the network, files created by runtime system operations, files in temporary locations, and user files in the /home/ or /root/ directory.
* The ./kickstart/untrackeduser file lists the regular local files in the /home/ and /root/ directories that will not be migrated. If the /home/ and /root/ directories are on a file system mounted over the network, this file can be empty.
* The ./kickstart/untrackedexpected file lists the regular files and symlinks created by runtime system operations (for example handling runlevels, alternatives and active SELinux modules). Most likely you don't need to care about them, list is available just for completeness.
* The ./kickstart/untrackedtemporary file lists all temporary local files on the system that will not be migrated. This is essentially everything in the /cgroup/, /tmp/, and /var/ directories. Most likely you don't need to care about them, list is available just for completeness.
It is recommended that you backup all data before proceeding with the upgrade to CentOS 7. This data can be quite large.
If you are performing an in-place upgrade, this data should remain in its current location after the upgrade. Configuration files and other data should be reviewed to determine if any modifications are needed for use with CentOS 7. You should verify that all data was successfully maintained.
If you are performing a migration upgrade, this data must be backed up to another storage medium. You will need to copy the data you wish to have on the new installation back into place after the upgrade is complete. Configuration files and other data should be reviewed to determine if any modifications are needed for use with CentOS 7.
INPLACERISK: SLIGHT: We detected some files untracked by rpms. Some of these may need manual check/migration after redhat-upgrade-tool and/or can cause conflicts or troubles during the installation. Try to reduce unnecessary untracked files before running redhat-upgrade-tool.
Result for BIND9 configuration compatibility check
Result: fixed
Rule ID: xccdf_preupg_rule_networking_bind_configuration_check_script
Time: 2020-08-22 10:07
Checks BIND9 configuration compatibility
File(s) affected:
/etc/named.conf
Remediation instructions
Some issues have been found in your BIND9 configuration.Use following solutions to fix them:
[FIXED] No 'pid-file' AND/OR 'session-keyfile' statement found:
-------------------------------------------------------
The directory used by named for runtime data has been moved from the BIND
default location, '/var/run/named/', to a new location '/run/named/'.
As a result, the PID file has been moved from the default location
'/var/run/named/named.pid' to the new location '/run/named/named.pid'.
In addition, the session-key file has been moved to '/run/named/session.key'.
These locations need to be specified by statements in the options section.
To fix this we added:
- 'pid-file "/run/named/named.pid";' statement into the options section of
your BIND9 configuration.
- 'session-keyfile "/run/named/session.key";' statement into the options
section of your BIND9 configuration.
The config file(s) have been completely fixed.
Written Fixed config file to '/root/preupgrade/cleanconf/etc/named.conf'
For more information, please see the BIND9 Administrator Reference
Manual located in '/usr/share/doc/bind-9.9.4/Bv9ARM.pdf' and 'DNS Servers'
section of CentOS 7 Networking Guide.
Result for Dovecot configuration compatibility check
Result: needs_inspection
Rule ID: xccdf_preupg_rule_networking_dovecot_check_script
Time: 2020-08-22 10:07
Checks Dovecot configuration compatibility
File(s) affected:
/etc/dovecot/dovecot.conf
Remediation instructions
grep: /root/preupgrade/dirtyconf/etc/dovecot/conf.d/10-auth.conf: No such file or directory
/usr/share/preupgrade/CentOS6_7/networking/dovecot/check_script.sh: line 82: /root/preupgrade/dirtyconf/etc/dovecot/conf.d/10-auth.conf: No such file or directory
INFO dovecot: Config files from /etc/dovecot/ will be fixed by postupgrade script
Result for Compatibility Between iptables and ip6tables
Result: pass
Rule ID: xccdf_preupg_rule_networking_iptables_check_script
Time: 2020-08-22 10:07
The firewalld service is now the default firewall service.
File(s) affected:
/etc/sysconfig/iptables
/etc/sysconfig/ip6tables
Result for Net-SNMP check
Result: pass
Rule ID: xccdf_preupg_rule_networking_net-snmp_check_script
Time: 2020-08-22 10:07
Check if Net-SNMP daemon (snmpd) is enabled.
Result for Reusable Configuration Files
Result: fixed
Rule ID: xccdf_preupg_rule_others_NoVersionChangeEtc_nochange
Time: 2020-08-22 10:07
The module provides a list of the configuration files that can be reused in CentOS 7.
Remediation instructions
Some packages are the same in CentOS 7 and CentOS 6, therefore the current configuration files for these packages can be safely reused. This module stores these files in the /root/preupgrade/cleanconf/etc/ directory.Result for VCS repositories
Result: informational
Rule ID: xccdf_preupg_rule_others_vcsrepos_check_script
Time: 2020-08-22 10:07
Find Versin Control System repositories in /home and /root - git, svn, cvs, bzr.
Remediation instructions
VCS repositories not found.Result for Added and extended options for BIND9 configuration
Result: informational
Rule ID: xccdf_preupg_rule_packages_AddedOptions_bind_addedoptions
Time: 2020-08-22 10:07
Some useful options have been added or extended in the configuration of the Berkeley Internet Name Domain (BIND9) utility on CentOS 7. This module provides overview of the changes in the options between CentOS 6 and CentOS 7.
Remediation instructions
The following options have been extended or added to the BIND utility version 9.9.4:* inline-signing
This option can be used in zone Statement. If set to "yes", the unsecured zone, which is either loaded from the disk or transferred, is signed in real time and served as signed.
* request-ixfr
This option can now also be used in a zone block of the configuration. Setting this option overrides the global setting or the view setting for the respective zone.
* serial-update-method
This new option can be used to specify an automatic zone serial number for zones configured for a dynamic DNS (DDNS). The available options are "increment" for incrementing the serial number by one after each zone update, or "unixtime" for setting the serial number to the number of seconds since the UNIX epoch.
* also-notify
This option now has the same syntax as the zone's "master" option. This means it is now possible to specify which transaction signature (TSIG) key to use when sending an update to a remote server or to include an explicit named masters list.
* dnssec-loadkeys-interval
This new option can be used to set the frequency of the checks for new keys if the zone has been configured with the "auto-dnssec maintain;" option. The time is specified in minutes with the default value set to 60 minutes. The minimum value is 1 minute and the maximum is 1440 minutes (24 hours). Any greater value is silently reduced to 1440 minutes.
For more information, see the BIND9 Administrator Reference Manual located in the /usr/share/doc/bind-9.9.4/ directory.
Result for Packages not signed by CentOS
Result: needs_action
Rule ID: xccdf_preupg_rule_packages_NonCentOSSignedPkg_noncentospkg
Time: 2020-08-22 10:07
Packages not signed by CentOS will not be upgraded
Remediation instructions
Packages which are not signed with the official CentOS keys will not be upgraded. These packages are typically provided by third parties or have been modified in some way. There is a high risk of incompatibility with these packages as they have not been verified by CentOS. For upgrade assistance, contact the vendors of these packages.You can find a list of all unsigned packages including the vendor names in the kickstart/noncentospkgs file.
INPLACERISK: HIGH: We detected some non-CentOS signed packages, you can find the list in /root/preupgrade/./kickstart/noncentospkgs. You need to handle them yourself!
Result for Obsoleted rpms
Result: needs_action
Rule ID: xccdf_preupg_rule_packages_ObsoletedPackages_ObsoletedPkg
Time: 2020-08-22 10:07
Some rpms were obsoleted from the set of the packages between CentOS 6 and CentOS 7. This content checks for the package obsoletes from your set of CentOS packages.
Remediation instructions
Some of the packages were obsoleted between CentOS 6 and CentOS 7. This meansCentOS provides some alternative for them, but these alternatives may be
not 100% compatible - thus we don't replace them automatically. For some of
the obsoletes you will get the incompatibilities from separate preupgrade
contents and you can adjust your workflow according to the changes. Sometimes,
package might be replaced by several others.
Following packages were obsoleted by different ones:
ConsoleKit was obsoleted by systemd
eggdbus was obsoleted by glib2
mingetty was obsoleted by util-linux
udev (required by NonCentOS signed package(s):vzdev ) was obsoleted by systemd
upstart was obsoleted by systemd
If some NonCentOS signed package requires these packages, you may need to check if the
alternative solution provided by CentOS does work for you or get the missing package
from different sources than CentOS. You need to install these new packages yourself
after the assessment, as CentOS can't assess the compatibility for you.
INPLACERISK: HIGH: Package udev (required by NonCentOS signed package(s):vzdev ) removed (obsoleted) between CentOS 6 and CentOS 7
INPLACERISK: MEDIUM: We detected some packages installed on the system were removed (obsoleted) between CentOS 6 and CentOS 7. This may break the functionality of the packages depending on them.
Result for Removed options in coreutils binaries
Result: informational
Rule ID: xccdf_preupg_rule_packages_RemovedOptions_coreutils_removedoptions
Time: 2020-08-22 10:07
Some options and binaries were removed from coreutils package between CentOS 6 and CentOS 7. This informative content lists the incompatibilities.
Remediation instructions
Some options and binaries were removed from coreutils package betweenCentOS 6 and CentOS 7. This may break functionality of some of your scripts.
All option/binaries removals with solutions are listed bellow.
factor : --verbose renamed to --debug
install : --preserve_context is removed, --preserve-context can be used
instead
nl : CentOS 6 deprecated option --page-increment removed, --line-increment
can be used instead
runuser and su binaries moved to util-linux rpm
stat: -Z / --context option support was removed, SELinux context is now
part of the default format. Formatting changed, though.
touch: undocumented and deprecated --file option support removed,
--reference should be used instead.
mkdir,mknod,mkfifo,cp,install: short -Z option no longer accepts the argument
and sets default SELinux context, --context=CTX long option has to be used
for setting context to CTX
Please check that your scripts are aware of these changes.
Result for Removed options in gawk binaries
Result: informational
Rule ID: xccdf_preupg_rule_packages_RemovedOptions_gawk_removedoptions
Time: 2020-08-22 10:07
Some options and binaries were removed from gawk package between CentOS 6 and CentOS 7. This informative content lists the incompatibilities.
Remediation instructions
Some options were removed from gawk package binaries between CentOS 6and CentOS 7. This may break functionality of some of your scripts.
All option removals with solutions are listed bellow.
awk/gawk/pgawk: --compat - option was removed, alternative is
--traditional
--copyleft - option was removed, alternative is
--copyright/-C
--gen-po - option was replaced by --gen-pot option
--usage
-D - short form of --parsedebug was changed to -Y
Please check that your scripts are aware of these changes.
Result for Removed options in netstat binary
Result: informational
Rule ID: xccdf_preupg_rule_packages_RemovedOptions_nettools_removedoptions
Time: 2020-08-22 10:07
Some options were removed from netstat binary between CentOS 6 and CentOS 7. This informative content lists the incompatibilities.
Remediation instructions
Some options were removed from netstat binary of net-tools package betweenCentOS 6 and CentOS 7. This may break functionality of some of your scripts.
All option removals with solutions are listed bellow.
netstat : -T/--notrim renamed to -W/--wide
Please check that your scripts are aware of these changes.
Result for Removed options in quota tools
Result: informational
Rule ID: xccdf_preupg_rule_packages_RemovedOptions_quota_removedoptions
Time: 2020-08-22 10:07
Some options have been renamed at quota tools between CentOS and 7. This informative content lists the incompatibilities.
Remediation instructions
Some options were renamed at quota tools between CentOS6 and 7. This may break functionality of some of your scripts. The changes
are:
/usr/bin/quota: Option --nfs-all was corrected to --all-nfs in the usage help
output. Both versions still recognize the --all-nfs option.
/usr/sbin/quota_nld: Option --no-daemon was renamed to --foreground. Short
option -F is unchanged. This is not an issue if you run quota_nld as daemon,
e.g. via init script.
/usr/sbin/repquota: Option --batch-translation was corrected to --cache in the
usage help output. Both versions still recognize the --cache option.
/usr/sbin/repquota: Option --no-batch-translation was corrected to --no-cache
in the usage help output. Both versions still recognize the --no-cache option.
Please check that your scripts are aware of these changes.
Result for Removed rpms
Result: needs_action
Rule ID: xccdf_preupg_rule_packages_RemovedPackages_RemovedPkg
Time: 2020-08-22 10:07
Some rpms were removed from the set of the packages between CentOS 6 and CentOS 7. This content checks for the package removals from your set of CentOS packages.
Remediation instructions
Some of the packages were removed between CentOS 6 and CentOS 7. This may breakthe upgrade for some of your packages. We are not aware of any compatible
replacement for these packages.
Following packages are no longer available:
ConsoleKit-libs
MAKEDEV
cloog-ppl
compat-db42
compat-db43
lcms
lcms-devel
lcms-libs
libgcj
libgssglue
libnih
ppl
If some NonCentOS signed package requires these packages, you may need to ask your
vendor to provide alternative solution or get the missing package from
different sources than RHEL.
INPLACERISK: HIGH: After upgrading to CentOS 7 there are still some el6 packages left. Add --cleanup-post option to redhat-upgrade-tool if you want to remove them automatically.
INPLACERISK: MEDIUM: We detected some packages installed on the system were removed between CentOS 6 and CentOS 7. This may break the functionality of the packages depending on them.
Result for Replaced rpms
Result: fixed
Rule ID: xccdf_preupg_rule_packages_ReplacedPackages_ReplacedPkg
Time: 2020-08-22 10:07
Some rpms were replaced between CentOS 6 and CentOS 7. This content checks for the package replacements from your set of CentOS packages and generates the list of CentOS packages/yum groups for CentOS 7 kickstart.
Remediation instructions
Some of the packages were replaced between CentOS 6 and CentOS 7. This meanspackage with different name provides 100% compatible functionality, so we
can replace them automatically in the package set.
For some of the replacements provides were not handled by the packages,
therefore preupgrade asistant migrates them after the upgrade if necessary.
Following packages were replaced:
compat-db was replaced by compat-db47
coreutils-libs was replaced by coreutils
db4-devel was replaced by libdb-devel
db4-utils was replaced by libdb-utils
db4 was replaced by libdb
iptables-ipv6 was replaced by iptables-services
jwhois was replaced by whois
man was replaced by man-db
module-init-tools was replaced by kmod
perl-Compress-Zlib was replaced by perl-IO-Compress
perl-IO-Compress-Base was replaced by perl-IO-Compress
perl-IO-Compress-Bzip2 was replaced by perl-IO-Compress
perl-IO-Compress-Zlib was replaced by perl-IO-Compress
procps (required by NonCentOS signed package(s):cpanel-mailman mysql-community-server ) was replaced by procps-ng
util-linux-ng was replaced by util-linux
If some NonCentOS signed package requires these packages, you still may want
to monitor them closely. Although the replacement should be compatible,
it can have some minor differences expectable even in the case of common
application lifecycle.
Result for GMP library incompatibilities
Result: informational
Rule ID: xccdf_preupg_rule_packages_gmp_check_script
Time: 2020-08-22 10:07
Incompatibilities between GMP 4 and GMP 5.1 libraries.
Remediation instructions
GMP 5.1 is compatible with GMP 4 in major features. Incompatible changes affect only functions, which should not be used by user applications at all:- mpn_bdivmod function
- BSDMP-like interface libmp.so
Result for package downgrades
Result: fixed
Rule ID: xccdf_preupg_rule_packages_pkgdowngrades_pkgdowngrades
Time: 2020-08-22 10:07
detects package downgrades from CentOS6 to CentOS7
Remediation instructions
Some packages installed on your system have broken upgrade path fromCentOS version 6 to version 7 (the version of package is lower in
newer CentOS).
This does not cause fail of redhat-upgrade-tool run. Packages with broken
upgrade path are fixed by postupgrade script.
~> Optionally, if possible, you may remove packages in question from CentOS 6
system.
Result for samba shared directories selinux
Result: pass
Rule ID: xccdf_preupg_rule_selinux_samba_check_script
Time: 2020-08-22 10:07
Samba shared directories that might need their selinux context restored.
Result for CVS Package Split
Result: informational
Rule ID: xccdf_preupg_rule_services_cvs_checkscript
Time: 2020-08-22 10:07
Some Concurrent Versions System (CVS) tools and documentation have been moved into separate packages and are no longer provided by the cvs packages.
Remediation instructions
The Concurrent Versions System (CVS) server and client have not been changed significantly and should be fully compatible. However, some tools and documentation have been moved to other packages which could concern some users.The rcs2log and contrib utilities have been moved into the new cvs-contrib packages in order to remove the cvs packages dependency on perl and reduce the size of the cvs packages. If you require the rcs2log and contrib tools, you can install the packages manually by running the "yum install cvs-contrib" command as root.
Additional documentation, such as books concerning CVS tools in the PDF format and revision control system (RCS) specification files, has been moved into the new cvs-doc package to reduce the size of the cvs packages. If you want to access this additional documentation, install the package manually by running the "yum install cvs-doc" command as root. The manual and Texinfo pages are still included in the cvs packages.
These utilities and the supplemental documentation are not used by the CVS client or server. Their absence does not pose a risk when upgrading the cvs packages.
Result for OpenSSH sshd_config migration content
Result: pass
Rule ID: xccdf_preupg_rule_services_openssh_sshd_openssh-sshd
Time: 2020-08-22 10:07
This content has a aim to convert /etc/ssh/sshd_config file from openssh-server package
File(s) affected:
/etc/ssh/sshd_config
Result for OpenSSH sysconfig migration content
Result: fixed
Rule ID: xccdf_preupg_rule_services_openssh_sysconfig_openssh-sysconfig
Time: 2020-08-22 10:07
This content has a aim to convert /etc/sysconfig/sshd file from openssh-server package
File(s) affected:
/etc/sysconfig/sshd
Remediation instructions
/etc/sysconfig/sshd will not be a shell script in CentOS 7 anymore so all 'export VARIABLE=VALUE' has to be changed to 'VARIABLE=VALUE'.# sed -i 's/^export //' /etc/sysconfig/sshd
There is the /root/preupgrade/cleanconf//etc/sysconfig/sshd with the fixed configuration.
Result for Configuration for quota_nld service
Result: pass
Rule ID: xccdf_preupg_rule_services_quota_nld_configuration_checkscript
Time: 2020-08-22 10:07
Back configuration for quota_nld service up
File(s) affected:
/etc/sysconfig/quota_nld
Result for Disk quota netlink message daemon moved into quota-nld package
Result: pass
Rule ID: xccdf_preupg_rule_services_quota_nld_new_package_checkscript
Time: 2020-08-22 10:07
Install quota-nld package if the quota_nld service is enabled
Result for Configuration for warnquota tool
Result: pass
Rule ID: xccdf_preupg_rule_storage_warnquota_configuration_checkscript
Time: 2020-08-22 10:07
Back configuration for warnquota tool up
File(s) affected:
/etc/quotagrpadmins
/etc/quotatab
/etc/warnquota.conf
Result for Disk quota tool warnquota moved into quota-warnquota package
Result: informational
Rule ID: xccdf_preupg_rule_storage_warnquota_new_package_checkscript
Time: 2020-08-22 10:07
Install quota-warnquota if need warnquota tool
Remediation instructions
Quota tool warnquota(8) has been moved from "quota" package into"quota-warnquota" package.
If you used warnquota on the old system, please install quota-warnquota
package with this command on the new system:
# yum --assumeyes install quota-warnquota
Please do not forget to check warnquota configutation files
(/etc/quotagrpadmins, /etc/quotatab, and /etc/warnquota.conf) before using
the tool.
Please do not forget to install a cron job to execute the warnquota tool
periodically, if you used it on the the old system.
Result for Architecture Support
Result: pass
Rule ID: xccdf_preupg_rule_system_Architecture_architecture
Time: 2020-08-22 10:07
CentOS 7 does not support installations on 32-bit architectures, and performing an in-place upgrade is not possible on 32-bit systems.
Result for Binary rebuilds
Result: needs_inspection
Rule ID: xccdf_preupg_rule_system_BinariesRebuild_check
Time: 2020-08-22 10:08
Check all binaries installed on the assessment system which needs to be rebuilded on the target system
Remediation instructions
This content generates the list of binaries which needs to be rebuiltYou can find the list at:
kickstart/binaries
INPLACERISK: SLIGHT: Some binaries untracked by RPM were discovered on the system and may need rebuild after upgrade.
INPLACERISK: SLIGHT: Some scripts untracked by RPM were discovered on the system and may not work properly after upgrade.
Result for Debuginfo packages
Result: pass
Rule ID: xccdf_preupg_rule_system_Debuginfo_debuginfo
Time: 2020-08-22 10:08
This content checks for debuginfo packages and inform about potential risks for in-place upgrade.
Result for Cluster and High Availability
Result: pass
Rule ID: xccdf_preupg_rule_system_HA-Cluster_ha-cluster_hacluster
Time: 2020-08-22 10:08
Content checks Cluster and High Availability solutions for upgrade.
Result for File Systems, Partitions and Mounts Configuration Review
Result: pass
Rule ID: xccdf_preupg_rule_system_PartitionMounts_partmounts
Time: 2020-08-22 10:08
This module describes the new default file system and stores the partitions and mounts configuration.
Result for Read Only FHS directories
Result: informational
Rule ID: xccdf_preupg_rule_system_ReadOnlyFHS_check_script
Time: 2020-08-22 10:08
Check that critical directories of Filesystem Hierarchy Standard are not mounted read-only.
Remediation instructions
Read-only paths in Filesystem Hierarchy Standard might cause in-place-upgrade to fail.
INPLACERISK: MEDIUM: Mount point /proc/sys is mounted read-only.
INPLACERISK: MEDIUM: Mount point /proc/sysrq-trigger is mounted read-only.
INPLACERISK: MEDIUM: Mount point /sys is mounted read-only.
INFO filesystem: Checking if /etc/mtab contains paths: ('/usr', '/var', '/var/run', '/var/lock')
Result for Sonamebumped libs
Result: needs_action
Rule ID: xccdf_preupg_rule_system_SonameBump_SonameBump
Time: 2020-08-22 10:08
If the dynamic library breaks the API/ABI compatibility, it is supposed to change its soname. This content checks for the soname bumps between CentOS 6 and CentOS 7 in your CentOS packages.
Remediation instructions
Application developed in C may use dynamic libraries (.so files) to reuse thecommon functions/symbols in the binary. If the library bumped its soname (
changed major version, API/ABI incompatibility), application that depends on
it may not run.
Some of the libraries changed the soname version between CentOS
6 and CentOS 7.
From your CentOS 6 packages, following libraries changed soname:
libIlmImf.so.6 from OpenEXR-libs changed to libIlmImf.so.7
libMagickCore.so.2 from ImageMagick changed to libMagickCore.so.5
libMagickWand.so.2 from ImageMagick changed to libMagickWand.so.5
libanonymous.so.2 from cyrus-sasl-lib changed to libanonymous.so.3
libbind9.so.80 from bind-libs changed to libbind9.so.90
libboost_program_options-mt.so.5 from boost-program-options changed to libboost_program_options-mt.so.1.53.0
libboost_program_options.so.5 from boost-program-options changed to libboost_program_options.so.1.53.0
libboost_serialization-mt.so.5 from boost-serialization changed to libboost_serialization-mt.so.1.53.0
libboost_serialization.so.5 from boost-serialization changed to libboost_serialization.so.1.53.0
libboost_wserialization-mt.so.5 from boost-serialization changed to libboost_wserialization-mt.so.1.53.0
libboost_wserialization.so.5 from boost-serialization changed to libboost_wserialization.so.1.53.0
libdns.so.81 from bind-libs changed to libdns.so.100
libdrm_nouveau.so.1 from libdrm changed to libdrm_nouveau.so.2
libffi.so.5 from libffi changed to libffi.so.6
libgdbm.so.2 from gdbm (required by NonCentOS signed package(s):cpanel-perl-530 ) changed to libgdbm.so.4
libgmp.so.3 from gmp (required by NonCentOS signed package(s):cpanel-perl-530-Math-BigInt-GMP ) changed to libgmp.so.10
libgnutls.so.26 from gnutls changed to libgnutls.so.28
libgnutlsxx.so.26 from gnutls changed to libgnutlsxx.so.28
libgs.so.8 from ghostscript changed to libgs.so.9
libicudata.so.42 from libicu changed to libicudata.so.50
libicui18n.so.42 from libicu changed to libicui18n.so.50
libicuio.so.42 from libicu changed to libicuio.so.50
libicule.so.42 from libicu changed to libicule.so.50
libiculx.so.42 from libicu changed to libiculx.so.50
libicutu.so.42 from libicu changed to libicutu.so.50
libicuuc.so.42 from libicu changed to libicuuc.so.50
libisc.so.83 from bind-libs changed to libisc.so.95
libisccc.so.80 from bind-libs changed to libisccc.so.90
libisccfg.so.82 from bind-libs changed to libisccfg.so.90
libkdb5.so.6 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) changed to libkdb5.so.7
liblwres.so.80 from bind-libs changed to liblwres.so.90
libmpfr.so.1 from mpfr changed to libmpfr.so.4
libnetsnmp.so.20 from net-snmp-libs changed to libnetsnmp.so.31
libnetsnmpagent.so.20 from net-snmp-libs changed to libnetsnmpagent.so.31
libnetsnmphelpers.so.20 from net-snmp-libs changed to libnetsnmphelpers.so.31
libnetsnmpmibs.so.20 from net-snmp-libs changed to libnetsnmpmibs.so.31
libnetsnmptrapd.so.20 from net-snmp-libs changed to libnetsnmptrapd.so.31
libpcre.so.0 from pcre (required by NonCentOS signed package(s):cpanel-git exim ) changed to libpcre.so.1
librpm.so.1 from rpm-libs changed to librpm.so.3
librpmbuild.so.1 from rpm-libs changed to librpmbuild.so.3
librpmio.so.1 from rpm-libs changed to librpmio.so.3
libsasl2.so.2 from cyrus-sasl-lib changed to libsasl2.so.3
libsasldb.so.2 from cyrus-sasl-lib changed to libsasldb.so.3
libtasn1.so.3 from libtasn1 changed to libtasn1.so.6
libtiff.so.3 from libtiff changed to libtiff.so.5
libtiffxx.so.3 from libtiff changed to libtiffxx.so.5
libverto.so.0 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) changed to libverto.so.1
libvpx.so.0 from libvpx changed to libvpx.so.1
libxtables.so.4 from iptables changed to libxtables.so.10
libzip.so.1 from libzip (required by NonCentOS signed package(s):cpanel-php73 ) changed to libzip.so.2
We checked the requirements in Non-CentOS signed packages, but for the non
rpm-packaged binaries, you should check the compatibility list yourself
by using e.g. ldd <binary> command.
If some of your application uses the library on the list above, you will
need to rebuild such package/application against new library.
CentOS applications available on the CentOS 7 will handle
these bumps automatically by the update/migration to new CentOS
as they were already built against these libraries.
INPLACERISK: HIGH: Library gdbm (required by NonCentOS signed package(s):cpanel-perl-530 ) changed soname between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library gmp (required by NonCentOS signed package(s):cpanel-perl-530-Math-BigInt-GMP ) changed soname between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) changed soname between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library pcre (required by NonCentOS signed package(s):cpanel-git exim ) changed soname between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) changed soname between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library libzip (required by NonCentOS signed package(s):cpanel-php73 ) changed soname between CentOS 6 and CentOS 7
libgdbm.so.2 from gdbm (required by NonCentOS signed package(s):cpanel-perl-530 ) changed to libgdbm.so.4
libgmp.so.3 from gmp (required by NonCentOS signed package(s):cpanel-perl-530-Math-BigInt-GMP ) changed to libgmp.so.10
libkdb5.so.6 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) changed to libkdb5.so.7
libpcre.so.0 from pcre (required by NonCentOS signed package(s):cpanel-git exim ) changed to libpcre.so.1
libverto.so.0 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) changed to libverto.so.1
libzip.so.1 from libzip (required by NonCentOS signed package(s):cpanel-php73 ) changed to libzip.so.2
INPLACERISK: MEDIUM: We detected some soname bumps in the libraries installed on the system. This may break the functionality of some of your 3rd party applications. They may need rebuild. Please check their requirements.
Result for SonameKept Reusable Dynamic Libraries
Result: informational
Rule ID: xccdf_preupg_rule_system_SonameKept_SonameKept
Time: 2020-08-22 10:08
This module provides an overview of the dynamic libraries from CentOS 6 that can be reused in CentOS 7, as the dynamic libraries remain compatible with both the application programming interface (API) and the application binary interface (ABI).
Remediation instructions
Applications developed in the C programming language can use dynamic libraries (.so files) to reuse common functions and symbols in the binary. When the library changes its soname in a major version, the binaries normally need to be rebuilt for the new system. Some libraries have not changed their soname between CentOS 6 and CentOS 7 so it could be possible to reuse third party applications which use only these libraries without rebuilding.You can find the list of the unchanged dynamic libraries and their package names in the following file: ./kickstart/NoSonameBumpLibs
If it is not clear what libraries the third party binary or RPM uses, it is possible to use the ldd utility for the C binary, or run the "rpm -q --whatrequires SONAME" command for the whole RPM package. No problems are expected to occur if there are only .so files listed in the NoSonameBumpLibs file and unversioned shared libraries.
Result for Removed .so libs
Result: needs_action
Rule ID: xccdf_preupg_rule_system_SonameRemoval_SonameRemoval
Time: 2020-08-22 10:08
Dynamic libraries are used provides symbols/functions to binaries. Some of the libraries were removed between CentOS 6 and CentOS 7. This content checks for the .so libraries removal between CentOS 6 and CentOS 7 in your CentOS packages.
Remediation instructions
Application developed in C may use dynamic libraries (.so files) to reuse thecommon functions/symbols in the binary. If the library is missing, application
will not run. Some of the libraries were removed between CentOS 6 and CentOS 7.
From your CentOS 6 packages, following libraries disappeared:
_codecs_iso2022.so from python-libs
db2.so.0 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl )
libck-connector.so.0 from ConsoleKit-libs
libcloog.so.0 from cloog-ppl
libcupsdriver.so.1 from cups-libs
libdrm_nouveau2.so.2 from libdrm
libeggdbus-1.so.0 from eggdbus
libevent-1.4.so.2 from libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound )
libevent_core-1.4.so.2 from libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound )
libevent_extra-1.4.so.2 from libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound )
libgcj-tools.so.10 from libgcj
libgcj.so.10 from libgcj
libgcj_bc.so.1 from libgcj
libgij.so.10 from libgcj
libgnutls-extra.so.26 from gnutls
libgpgme-pth.so.11 from gpgme
libgssglue.so.1 from libgssglue
libhunspell-1.2.so.0 from hunspell
libipq.so.0 from iptables
liblcms.so.1 from lcms-libs
libldif-2.4.so.2 from openldap (required by NonCentOS signed package(s):cpanel-php73 )
libmp.so.3 from gmp (required by NonCentOS signed package(s):cpanel-perl-530-Math-BigInt-GMP )
libnih-dbus.so.1 from libnih
libnih.so.1 from libnih
libnss_winbind.so.2 from samba-winbind-clients
libnss_wins.so.2 from samba-winbind-clients
libpangox-1.0.so.0 from pango
libpolkit-backend-1.so.0 from polkit
libppl.so.7 from ppl
libppl_c.so.2 from ppl
libpython2.6.so.1.0 from python-libs
libsnmp.so.20 from net-snmp-libs
libstdc++-libc6.2-2.so.3 from libstdc++ (required by NonCentOS signed package(s):cpanel-splitlogs )
libusbpp-0.1.so.4 from libusb
libverto-k5ev.so.0 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl )
We checked the requirements in Non-CentOS signed packages, but for the non
rpm-packaged binaries, you should check the compatibility list yourself
by using e.g. ldd <binary> command.
If some of your application uses the library on the list above, you may need
to get the .so library from different place or search for an alternative.
INPLACERISK: HIGH: Library krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library openldap (required by NonCentOS signed package(s):cpanel-php73 ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library gmp (required by NonCentOS signed package(s):cpanel-perl-530-Math-BigInt-GMP ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library libstdc++ (required by NonCentOS signed package(s):cpanel-splitlogs ) removed between CentOS 6 and CentOS 7
INPLACERISK: HIGH: Library krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl ) removed between CentOS 6 and CentOS 7
db2.so.0 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl )
libevent-1.4.so.2 from libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound )
libevent_core-1.4.so.2 from libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound )
libevent_extra-1.4.so.2 from libevent (required by NonCentOS signed package(s):cpanel-perl-530-DNS-Unbound )
libldif-2.4.so.2 from openldap (required by NonCentOS signed package(s):cpanel-php73 )
libmp.so.3 from gmp (required by NonCentOS signed package(s):cpanel-perl-530-Math-BigInt-GMP )
libstdc++-libc6.2-2.so.3 from libstdc++ (required by NonCentOS signed package(s):cpanel-splitlogs )
libverto-k5ev.so.0 from krb5-libs (required by NonCentOS signed package(s):cpanel-git ea-libcurl )
INPLACERISK: MEDIUM: We detected some .so libraries installed on the system were removed between CentOS 6 and CentOS 7. This may break the functionality of some of your 3rd party applications.
Result for In-place Upgrade Requirements for the /usr/ Directory
Result: pass
Rule ID: xccdf_preupg_rule_system_UsrPartition_usr
Time: 2020-08-22 10:08
This module determines if the /usr/ directory is located on a separate partition.
Result for CA certificate bundles modified
Result: pass
Rule ID: xccdf_preupg_rule_system_ca-certificates_checkbundles
Time: 2020-08-22 10:08
Later versions of CentOS include a shared store for certificate authorities. Additional trusted certificate authorities must be placed in the new location rather that modifying the distributed certificate authority bundles. The Preupgrade assistant cannot automatically identify how certificate bundles have been modified on this system.
Result for Developer Tool Set packages
Result: pass
Rule ID: xccdf_preupg_rule_system_dts_dts
Time: 2020-08-22 10:08
Content checks whether Red Hat Developer Tool Set packages are installed.
Result for Hyper-V
Result: pass
Rule ID: xccdf_preupg_rule_system_hyperv_check
Time: 2020-08-22 10:08
Check if this system runs on Hyper-V.
Result for Content for enabling and disabling services based on CentOS 6 system
Result: needs_action
Rule ID: xccdf_preupg_rule_system_initscripts_control_check
Time: 2020-08-22 10:08
The content checks what services are enabled or disabled on assessment system and if the services will be enabled or disabled on CentOS 7 system.
Remediation instructions
The content detects some services who are disabled by default on CentOS 7 system.
INPLACERISK: MEDIUM: The service cpanel is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service cpipv6 is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service csf is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service dovecot is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service exim is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service fastmail is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service filelimits is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service httpd is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: HIGH: The service ip6tables on CentOS 7 is disabled by default. Enable them via commands: systemctl enable ip6tables && systemctl start ip6tables.service .
INPLACERISK: MEDIUM: The service ipaliases is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service lfd is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service mailman is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service maldet is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: HIGH: The service messagebus on CentOS 7 is disabled by default. Enable them via commands: systemctl enable messagebus && systemctl start messagebus.service .
INPLACERISK: MEDIUM: The service modules_dep is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service mysqld is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: HIGH: The service named on CentOS 7 is disabled by default. Enable them via commands: systemctl enable named && systemctl start named.service .
INPLACERISK: HIGH: The service network on CentOS 7 is disabled by default. Enable them via commands: systemctl enable network && systemctl start network.service .
INPLACERISK: MEDIUM: The service nrpe is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: HIGH: The service nscd on CentOS 7 is disabled by default. Enable them via commands: systemctl enable nscd && systemctl start nscd.service .
INPLACERISK: MEDIUM: The service proftpd is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service ror is not handled by any package and will not be automatically enabled after in-place upgrade.
INPLACERISK: MEDIUM: The service htcacheclean is disabled and not installed by CentOS signed packages. It will be disabled after an in-place upgrade.
Result for Check for ethernet interface naming
Result: pass
Rule ID: xccdf_preupg_rule_system_initscripts_ifcfg_check
Time: 2020-08-22 10:08
The content checks if network interface names set through /etc/sysconfig/network-scripts/ifcfg-* files are compatible with device naming in CentOS 7.
Result for User modification in /etc/rc.local and /etc/rc.d/rc.local
Result: pass
Rule ID: xccdf_preupg_rule_system_initscripts_rc-local_rclocal
Time: 2020-08-22 10:08
The content checks whether user modifies files /etc/rc.local and /etc/rc.d/rc.local
Result for Plugable authentication modules (PAM)
Result: pass
Rule ID: xccdf_preupg_rule_system_pam_pam
Time: 2020-08-22 10:08
Content checks for no-longer supported pluggable authentication modules
Result for Foreign Perl modules
Result: needs_inspection
Rule ID: xccdf_preupg_rule_system_perl_check
Time: 2020-08-22 10:08
Find Perl modules which need to be checked for proper functionality with newer Perl version on the CentOS 7 system because they are not distributed by CentOS
Remediation instructions
Perl was updated from version 5.10 to version 5.16. Please read Perlsection in the CentOS 7 Developer Guide for more details.
Following Perl module files located in system Perl paths are either not
handled by any package or not signed by CentOS:
/usr/lib64/perl5/version.pm
/usr/lib64/perl5/JSON/XS.pm
/usr/lib64/perl5/JSON/XS/Boolean.pm
/usr/lib64/perl5/version/vxs.pm
/usr/lib64/perl5/version/vpp.pm
/usr/lib64/perl5/version/regex.pm
/usr/share/perl5/ExtUtils/Typemaps.pm
/usr/share/perl5/ExtUtils/ParseXS/Eval.pm
/usr/share/perl5/ExtUtils/ParseXS/Constants.pm
/usr/share/perl5/ExtUtils/ParseXS/CountLines.pm
/usr/share/perl5/ExtUtils/ParseXS/Utilities.pm
/usr/share/perl5/ExtUtils/Typemaps/InputMap.pm
/usr/share/perl5/ExtUtils/Typemaps/Cmd.pm
/usr/share/perl5/ExtUtils/Typemaps/OutputMap.pm
/usr/share/perl5/ExtUtils/Typemaps/Type.pm
/usr/share/perl5/ExtUtils/MakeMaker/Locale.pm
/usr/share/perl5/ExtUtils/MakeMaker/version.pm
/usr/share/perl5/ExtUtils/MakeMaker/version/vpp.pm
/usr/share/perl5/ExtUtils/MakeMaker/version/regex.pm
/usr/share/perl5/TAP/Harness/Env.pm
/usr/share/perl5/TAP/Parser/SourceHandler/File.pm
/usr/share/perl5/TAP/Parser/SourceHandler/Perl.pm
/usr/share/perl5/TAP/Parser/SourceHandler/Handle.pm
/usr/share/perl5/TAP/Parser/SourceHandler/Executable.pm
/usr/share/perl5/TAP/Parser/SourceHandler/RawTAP.pm
/usr/share/perl5/TAP/Parser/SourceHandler.pm
/usr/share/perl5/Test2.pm
/usr/share/perl5/JSON/PP/Compat5006.pm
/usr/share/perl5/JSON/PP/Boolean.pm
/usr/share/perl5/JSON/PP.pm
/usr/share/perl5/inc/latest.pm
/usr/share/perl5/inc/latest/private.pm
/usr/share/perl5/vendor_perl/Parse/RecDescent.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/MessageSet.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/Thread.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure/Parse.pm
/usr/share/perl5/vendor_perl/IO/Tee.pm
/usr/share/perl5/vendor_perl/common/sense.pm
/usr/share/perl5/vendor_perl/Data/Uniqid.pm
/usr/share/perl5/vendor_perl/Authen/NTLM.pm
/usr/share/perl5/vendor_perl/Authen/NTLM/MD4.pm
/usr/share/perl5/vendor_perl/Authen/NTLM/DES.pm
/usr/share/perl5/CPAN/Admin.pm
/usr/share/perl5/CPAN/Exception/yaml_process_error.pm
/usr/share/perl5/CPAN/Config.pm
/usr/share/perl5/CPAN/Plugin/Specfile.pm
/usr/share/perl5/CPAN/Mirrors.pm
/usr/share/perl5/CPAN/Plugin.pm
/usr/share/perl5/CPAN/HTTP/Client.pm
/usr/share/perl5/CPAN/HTTP/Credentials.pm
/usr/share/perl5/App/Cpan.pm
/usr/share/perl5/ok.pm
/usr/share/perl5/Test/Tester/Capture.pm
/usr/share/perl5/Test/Tester/Delegate.pm
/usr/share/perl5/Test/Tester/CaptureRunner.pm
/usr/share/perl5/Test/Tester.pm
/usr/share/perl5/Test/use/ok.pm
/usr/share/perl5/Test/Builder/IO/Scalar.pm
/usr/share/perl5/Test/Builder/TodoDiag.pm
/usr/share/perl5/Test/Builder/Formatter.pm
/usr/share/perl5/Test2/Event.pm
/usr/share/perl5/Test2/Hub/Subtest.pm
/usr/share/perl5/Test2/Hub/Interceptor.pm
/usr/share/perl5/Test2/Hub/Interceptor/Terminator.pm
/usr/share/perl5/Test2/Tools/Tiny.pm
/usr/share/perl5/Test2/IPC.pm
/usr/share/perl5/Test2/Util.pm
/usr/share/perl5/Test2/IPC/Driver/Files.pm
/usr/share/perl5/Test2/IPC/Driver.pm
/usr/share/perl5/Test2/Util/Trace.pm
/usr/share/perl5/Test2/Util/HashBase.pm
/usr/share/perl5/Test2/Util/ExternalMeta.pm
/usr/share/perl5/Test2/API.pm
/usr/share/perl5/Test2/Formatter.pm
/usr/share/perl5/Test2/Hub.pm
/usr/share/perl5/Test2/Event/Subtest.pm
/usr/share/perl5/Test2/Event/Skip.pm
/usr/share/perl5/Test2/Event/Ok.pm
/usr/share/perl5/Test2/Event/Plan.pm
/usr/share/perl5/Test2/Event/Exception.pm
/usr/share/perl5/Test2/Event/Generic.pm
/usr/share/perl5/Test2/Event/TAP/Version.pm
/usr/share/perl5/Test2/Event/Waiting.pm
/usr/share/perl5/Test2/Event/Info.pm
/usr/share/perl5/Test2/Event/Bail.pm
/usr/share/perl5/Test2/Event/Diag.pm
/usr/share/perl5/Test2/Event/Note.pm
/usr/share/perl5/Test2/Event/Encoding.pm
/usr/share/perl5/Test2/Formatter/TAP.pm
/usr/share/perl5/Test2/API/Instance.pm
/usr/share/perl5/Test2/API/Breakage.pm
/usr/share/perl5/Test2/API/Stack.pm
/usr/share/perl5/Test2/API/Context.pm
/usr/share/perl5/vendor_perl/Parse/RecDescent.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/MessageSet.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/Thread.pm
/usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure/Parse.pm
/usr/share/perl5/vendor_perl/IO/Tee.pm
/usr/share/perl5/vendor_perl/common/sense.pm
/usr/share/perl5/vendor_perl/Data/Uniqid.pm
/usr/share/perl5/vendor_perl/Authen/NTLM.pm
/usr/share/perl5/vendor_perl/Authen/NTLM/MD4.pm
/usr/share/perl5/vendor_perl/Authen/NTLM/DES.pm
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/version.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/JSON/XS.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/JSON/XS/Boolean.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/version/vxs.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/version/vpp.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/version/regex.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/Typemaps.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/ParseXS/Eval.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/ParseXS/Constants.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/ParseXS/CountLines.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/ParseXS/Utilities.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/Typemaps/InputMap.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/Typemaps/Cmd.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/Typemaps/OutputMap.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/Typemaps/Type.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/MakeMaker/Locale.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/MakeMaker/version.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/MakeMaker/version/vpp.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ExtUtils/MakeMaker/version/regex.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Harness/Env.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Parser/SourceHandler/File.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Parser/SourceHandler/Perl.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Parser/SourceHandler/Handle.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Parser/SourceHandler/Executable.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Parser/SourceHandler/RawTAP.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/TAP/Parser/SourceHandler.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/JSON/PP/Compat5006.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/JSON/PP/Boolean.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/JSON/PP.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/inc/latest.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/inc/latest/private.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Parse/RecDescent.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/MessageSet.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/Thread.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure/Parse.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/IO/Tee.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/common/sense.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Data/Uniqid.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Authen/NTLM.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Authen/NTLM/MD4.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Authen/NTLM/DES.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/Admin.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/Exception/yaml_process_error.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/Config.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/Plugin/Specfile.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/Mirrors.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/Plugin.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/HTTP/Client.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/CPAN/HTTP/Credentials.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/App/Cpan.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/ok.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Tester/Capture.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Tester/Delegate.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Tester/CaptureRunner.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Tester.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/use/ok.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Builder/IO/Scalar.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Builder/TodoDiag.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test/Builder/Formatter.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Hub/Subtest.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Hub/Interceptor.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Hub/Interceptor/Terminator.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Tools/Tiny.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/IPC.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Util.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/IPC/Driver/Files.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/IPC/Driver.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Util/Trace.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Util/HashBase.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Util/ExternalMeta.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/API.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Formatter.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Hub.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Subtest.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Skip.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Ok.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Plan.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Exception.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Generic.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/TAP/Version.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Waiting.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Info.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Bail.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Diag.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Note.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Event/Encoding.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/Formatter/TAP.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/API/Instance.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/API/Breakage.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/API/Stack.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/Test2/API/Context.pm is not handled by any package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Parse/RecDescent.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/MessageSet.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/Thread.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Mail/IMAPClient/BodyStructure/Parse.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/IO/Tee.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/common/sense.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Data/Uniqid.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Authen/NTLM.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Authen/NTLM/MD4.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/share/perl5/vendor_perl/Authen/NTLM/DES.pm was not installed by any CentOS-signed package.
Result for Python 2.7.5
Result: needs_inspection
Rule ID: xccdf_preupg_rule_system_python_check
Time: 2020-08-22 10:08
This module provides you with a list of packages that need to be rebuilt for version 2.7.5 of the Python programming language that is shipped with CentOS 7.
Remediation instructions
This solution text contains a list of packages that need to be rebuilt for Python 2.7.5, which is shipped with CentOS 7.CentOS 7 contains Python version 2.7.5. For information about the differences from older versions and for further details, see https://access.redhat.com/site/articles/676453.
The files and directories listed below are not owned by any RPM package or are owned by an RPM package that is not signed by CentOS. These packages need to be rebuilt and reinstalled in order to work with Python 2.7.5. You can find more details at https://access.redhat.com/site/articles/676453.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/dns is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/pyzor-1.0.0-py2.6.egg is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib64/python2.6/site-packages/dns is not owned by any RPM package.
Result for SCL collections
Result: needs_action
Rule ID: xccdf_preupg_rule_system_scl-collection_scl
Time: 2020-08-22 10:08
Content checks whether RHSCL are installed
Remediation instructions
For upgrade from CentOS 6 to CentOS 7 perform following steps:1) Uninstall all Red Hat Software Collections packages
2) Upgrade system
3) Update Red Hat Software Collections repo
4) Install your collections again
INFO scl-utils: List of installed collections:
INFO scl-utils: ea-php54
INFO scl-utils: ea-php55
INFO scl-utils: ea-php56
INPLACERISK: HIGH: Check found a installed collections.
Result for YUM
Result: informational
Rule ID: xccdf_preupg_rule_system_yum_yum
Time: 2020-08-22 10:08
Content checks YUM configuration file
Remediation instructions
After the upgrade it will be impossible to undo/redo/rollback to pre-upgrade yum transactions. Please run 'yum history new' after the upgrade to start a new history file.The way yum groups work has changed in CentOS 7. By default yum treats groups as objects now. Please refer to the documentation for more information.
Result for Check for usage of dangerous range of UID/GIDs
Result: needs_inspection
Rule ID: xccdf_preupg_rule_usrmgmt_DangerousRanges_dangerousranges
Time: 2020-08-22 10:08
In CentOS 6, limit for system accounts was 500, in CentOS 7 it was raised to 1000. Therefore some user accounts might be in this range. In addition, usage of unreserved ids between 0 and 200 is prohibited. This content checks for these two violations of standards which may bring issues during migration.
Remediation instructions
On CentOS 6, system account ids were bellow 500.This changes on CentOS 7, range reserved for
system account is now 0-999. This may cause troubles for the
migration. In addition, range 0-199 is prohibited to use without
static id reservation in setup package. Id's in this range might
be reserved and used later by some package, thus using them may cause
malfunction of such package.
Following problems were found on your system:
User "cpanelhorde" uses id 500 - this is in the range of system accounts.
User "wamdev" uses id 502 - this is in the range of system accounts.
User "weare" uses id 503 - this is in the range of system accounts.
User "inmobiliaria" uses id 504 - this is in the range of system accounts.
User "calpe" uses id 505 - this is in the range of system accounts.
User "audreys" uses id 506 - this is in the range of system accounts.
User "grupoesmeralda" uses id 507 - this is in the range of system accounts.
User "diamante" uses id 508 - this is in the range of system accounts.
User "inbounder" uses id 513 - this is in the range of system accounts.
User "charmeadventure" uses id 514 - this is in the range of system accounts.
User "seanest" uses id 518 - this is in the range of system accounts.
User "viverosiris" uses id 520 - this is in the range of system accounts.
User "cookbookhotel" uses id 521 - this is in the range of system accounts.
User "komfort" uses id 522 - this is in the range of system accounts.
User "beatrestaurant" uses id 523 - this is in the range of system accounts.
User "calpeconsult" uses id 524 - this is in the range of system accounts.
User "surfbeach" uses id 525 - this is in the range of system accounts.
User "projectar" uses id 526 - this is in the range of system accounts.
User "arhotels" uses id 527 - this is in the range of system accounts.
User "campingsol" uses id 531 - this is in the range of system accounts.
User "soldecalpe" uses id 532 - this is in the range of system accounts.
User "galetamar" uses id 534 - this is in the range of system accounts.
User "imperialpark" uses id 535 - this is in the range of system accounts.
User "rocaesmeralda" uses id 536 - this is in the range of system accounts.
User "educatur" uses id 501 - this is in the range of system accounts.
User "csainz" uses id 515 - this is in the range of system accounts.
User "corecoworking" uses id 538 - this is in the range of system accounts.
User "mayacaprice" uses id 539 - this is in the range of system accounts.
User "verano" uses id 541 - this is in the range of system accounts.
group "cpanelhorde" uses id 500 - this is in the range of system accounts.
group "mailtrap" uses id 501 - this is in the range of system accounts.
group "cpanel" uses id 502 - this is in the range of system accounts.
group "cpanelphpmyadmin" uses id 503 - this is in the range of system accounts.
group "cpanelphppgadmin" uses id 504 - this is in the range of system accounts.
group "cpanelroundcube" uses id 505 - this is in the range of system accounts.
group "mailman" uses id 506 - this is in the range of system accounts.
group "compiler" uses id 507 - this is in the range of system accounts.
group "cpanellogin" uses id 509 - this is in the range of system accounts.
group "cpaneleximfilter" uses id 510 - this is in the range of system accounts.
group "cpaneleximscanner" uses id 511 - this is in the range of system accounts.
group "wamdev" uses id 513 - this is in the range of system accounts.
group "weare" uses id 514 - this is in the range of system accounts.
group "inmobiliaria" uses id 515 - this is in the range of system accounts.
group "calpe" uses id 516 - this is in the range of system accounts.
group "proftpd" uses id 517 - this is in the range of system accounts.
group "audreys" uses id 518 - this is in the range of system accounts.
group "grupoesmeralda" uses id 519 - this is in the range of system accounts.
group "cpanelrrdtool" uses id 520 - this is in the range of system accounts.
group "diamante" uses id 521 - this is in the range of system accounts.
group "inbounder" uses id 526 - this is in the range of system accounts.
group "cpanelconnecttrack" uses id 527 - this is in the range of system accounts.
group "charmeadventure" uses id 528 - this is in the range of system accounts.
group "seanest" uses id 532 - this is in the range of system accounts.
group "viverosiris" uses id 534 - this is in the range of system accounts.
group "cookbookhotel" uses id 535 - this is in the range of system accounts.
group "komfort" uses id 536 - this is in the range of system accounts.
group "beatrestaurant" uses id 537 - this is in the range of system accounts.
group "calpeconsult" uses id 538 - this is in the range of system accounts.
group "surfbeach" uses id 539 - this is in the range of system accounts.
group "projectar" uses id 540 - this is in the range of system accounts.
group "arhotels" uses id 541 - this is in the range of system accounts.
group "campingsol" uses id 545 - this is in the range of system accounts.
group "soldecalpe" uses id 546 - this is in the range of system accounts.
group "cpaneldemo" uses id 547 - this is in the range of system accounts.
group "cpanelsuspended" uses id 548 - this is in the range of system accounts.
group "galetamar" uses id 550 - this is in the range of system accounts.
group "imperialpark" uses id 551 - this is in the range of system accounts.
group "rocaesmeralda" uses id 552 - this is in the range of system accounts.
group "educatur" uses id 508 - this is in the range of system accounts.
group "csainz" uses id 512 - this is in the range of system accounts.
group "corecoworking" uses id 553 - this is in the range of system accounts.
group "mayacaprice" uses id 554 - this is in the range of system accounts.
group "verano" uses id 556 - this is in the range of system accounts.
These accounts should be migrated into the "safe" zone above 1000!
As an alternative, you can change the default ranges in /etc/login.defs to
the old CentOS 6 values if you require this by your system setup settings.
Result for Incorrect usage of reserved UID/GIDs
Result: pass
Rule ID: xccdf_preupg_rule_usrmgmt_ReservedIDs_reservedids
Time: 2020-08-22 10:08
Reserved user and group IDs by setup package changed between the CentOS 6 and CentOS 7. This may in some cases cause the unfunctionality of your system after the migration. This check should mitigate the risks.