Should the following EPEL repos be disabled for CentOS 8.2 for the latest version of Virtualmin, Webmin and Usermin?
epel-modular.repo
epel-playground.repo
epel-testing-modular.repo
epel-testing.repo
epel.repo
Thanks for the heads up.
Should the following EPEL repos be disabled for CentOS 8.2 for the latest version of Virtualmin, Webmin and Usermin?
epel-modular.repo
epel-playground.repo
epel-testing-modular.repo
epel-testing.repo
epel.repo
Thanks for the heads up.
We enable epel.repo during installation. Others may be safe(ish) to enable after installation of Virtualmin (but maybe notâŠtesting and playground are experimentalâŠI donât know what modular is, but probably also experimental since itâs not documented anywhere obvious). I donât actually have epel-modular on my test systemsâŠnot sure where it came from for you.
We recommend proceeding with extreme caution when installing packages from third party sources, or from exprimental/beta EPEL/SCL sources. If you really know what youâre doing you can probably do whatever you wantâŠbut, be aware that if you modify the packages of things Virtualmin manages, youâll probably need to make some configuration changes (SCL, for example, installs into /opt so paths donât match what Webmin thinks they are for services like e.g. MySQL/Mariadb or PHP).
epel-modular.repo is the safest of the bunch and is very useful. Tread lightly with the others.
My understanding is that âmodularâ is a yum/dnf system for avoiding clashes while staying slightly ahead of official repos. CentOS, Remi and other repos store modular packages but epel-modular is how Fedora separates theirs from everything else. Not all packages are modular but when they are there tends to be both safe and risky choices.
Recently I tampered with Nginx so Iâll use that as an example. By default CentOS 8.2 will install Nginx 1.14 unless its nginx module is reset and a newer version is enabled. Hereâs a modular package in action that installs from CentOS AppStream:
dnf module reset nginx
dnf module enable nginx:1.16
dnf install nginx
The riskier option is to use dnf module enable nginx:1.18
to step up to the newest version possible from epel-testing-modular.
Another example is PHP 7.2 as the default for CentOS 8.0 and 8.1. When 8.2 was released recently PHP 7.3 became available from AppStream. But for 7.3 to replace 7.2 you first need to switch modules.
Sometimes modular packages overlap. The newest package from CentOS tends to be the oldest package from EPEL, Nginx 1.16 for example. In that case AppStream has priority.
Typing dnf module list [package-name]
will give you a summary of what youâve got and whatâs available from enabled repos.
Ok Iâll leave EPEL off unless I need to upgrade something specific. Iâll make an LVM snapshot before I update anything from EPEL just in case it breaks. Thx for the heads up.
Thanks for the explanation @ramin, though it isnât entirely right. epel.repo
doesnât include anything that would conflict with OS-provided packages, so it is âsafestâ if thatâs our metric.
Modular sounds like it takes the place of SCL, except maybe it doesnât have specially built packages that have different names and different install paths. SCL packages can be installed alongside system packages, but may conflict if you try to use both simultaneously without awareness and care. Sounds like modular just gives you new packages in the regular place? Thatâs valuable, especially given how old packages in CentOS can be, but I wouldnât call it âsaferâ.
Yeah, I knew I might be sticking my neck out but like you said, with modular packaging there isnât much to go on documentation-wise (makes me wonder if the maintainers know how to explain it). One thing Iâm certain about, third-party repos and modular install options make CentOS a lot more interesting. Thanks for the extra learning module. Every little bit helps.
Yeah, I think weâre all guessing. The docs are nearly non-existent.
So, I think Iâm inclined to give it a few weeks or months before I start taking EPEL Modular seriouslyâŠit at least needs a clear explanation of what it is on the EPEL website and some docs about how long packages will be maintained, etc. We have a lot of users who âset it and forget itâ and if modular requires a manual upgrade every few months to keep a maintained set of packages (i.e. from 1.8 to 1.9 or whatever of a given package), thatâs just not going to be something a lot of people can or will do.
I think itâs well understood that safety comes first in your line of work, especially while juggling different distros. For those of us who start fires with repo madness â we just have to train ourselves to be fire fighters too. But half the time Iâm on the side of caution. For instance, Iâd like to upgrade Redis 5 to 6 to get rid of plain text authentication once and for all. Do I wait on CentOS or get it from Remi now? Iâm on the fence about it because itâs not coming from remi-safe.
This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.