On Fri, 17 Mar 2017, Keith Lofstrom wrote:
> The transition from RHEL6 to RHEL7 (the upstream version that CentOS
> and Scientific Linux are copied from) is especially jarring, much
> more fraught than RHEL5 to RHEL6 was. I am going through the
> process now because my mind is aging. I must upgrade eventually,
> when RHEL6 reaches end-of-life perhaps 6 years from now.
I'll note that RHEL/CentOS/SL 7 is now three years old. It does
represent a break with older versions, but it's been around for an
entire hardware-warranty cycle already.
> The init change is more painful if you wrote your own init scripts
> (I haven't).
systemd-style service definitions are fairly easy to write. Just poke
around /lib/systemd/system/*.service for some models. It's so much
easier to model dependencies with systemd.
> A more painful change for me is the change of firewall control to a
> GUI. I am setting the new SL7 machines up with the older iptables
> instead, because 90% of my work is through xterm.
firewall-cmd is a very capable CLI interface to firewalld. I haven't
needed to use the GUI at all on CentOS/RHEL 7 hosts.
To list active services allowed through the firewall:
firewall-cmd --list-services
To print a list of the ports/protocols involved:
for S in $(firewall-cmd --list-services); do
printf "%-15s %9s\n" \
"$S" \
$(firewall-cmd --service=$S --permanent --get-ports)
done
The firewall-cmd man page is very thorough.
--
Paul Heinlein <> [email protected] <> http://www.madboa.com/
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
