I’ve just installed CentOS 7 minimal and I’m not sure what to do next?. CentOS 7 is an enterprise-grade operating system based on RHEL 7. It was released in 2014 and will be supported through the end of 2024. After a fresh installation of CentOS 7 minimal server, the following are list of things that you may consider doing to get your server ready for any kind of setup. The list is not comprehensive but it’s enough for new Server.
1. Add standard user account
If you installed the OS as root user and didn’t add any standard user account, do it here.
sudo useradd user1
sudo passwd user1Give user a privilege to switch to root as administator.
sudo usermod -aG wheel user1
sudo vim /etc/pam.d/suUncomment line 6 to look like one shown below.
auth required pam_wheel.so use_uidTransfer root privilege to a user you added, here the username is “username”.
sudo visudoYou can then add to the end of the file the user added to use use all root privileges.
user1 ALL=(ALL) ALL2. Disable SELinux / Put it in Permissive mode
If you’re afraid of SELinux, you can either put it in enforcing or permissive mode.
To put SELinux in permissive mode, run the following commands:
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
cat /etc/selinux/config | grep SELINUX=Disable SELinux (Security-Enhanced Linux) if you don’t need it.
sudo sed -i 's/(^SELINUX=).*/SELINUX=disabled/' /etc/selinux/configIf you reboot your system and type
sudo reboot
sestatusYou should get the output saying SELinux have been disabled. See below
SELinux status: disabled
3. Disabling firewall if not needed ( NOT RECOMMENDED)
If you don’t need a firewall, disable it using commands below.
sudo systemctl stop firewalld
sudo systemctl disable firewalld rolekit4. Configure hostname for the server
To configure the Server hostname, run the commands below:
sudo hostnamectl set-hostname "yourhostname"
5. Configure system timezone
Configure timezone for the server with the command below. Replace Africa/Nairobi with your correct timezone.
timedatectl list-timezones
sudo timedatectl set-timezone Africa/NairobiConfirm with the command below:
timedatectl6. Configure interface networking
Configure Ethernet network connection to give it ip address and other network parameters.
First, you need to check the name of the Ethernet device before modifying its configurations. Use command below
nmcli deviceMy Ethernet adapter is eno1.
I will configure my eno1 with ip address 192.168.1.4, subnet mask 255.255.255.0, gateway 192.168.1.1, DNS server 192.168.1.1 .
The method of configuration will be set to manual.
sudo nmcli connection modify eno1 ipv4.addresses 192.168.1.4/24
sudo nmcli connection modify eno1 ipv4.gateway 192.168.1.1
sudo nmcli connection modify eno1 ipv4.dns 192.168.1.1
sudo nmcli connection modify eno1 ipv4.manual methodMake changes take effect by restarting the interface.
nmcli connection down eno1
nmcli connection up eno1Confirm that the changes have been committed:
ip addr show7. Disabling ipv6
If your network doesn’t use ipv6, you can disable it by opening grub configuration file and adding ipv6.disable=1 to GRUB_CMDLINE_LINUX on Line 6.
sudo vi /etc/default/grubYour results should look like one shown below.
GRUB_CMDLINE_LINUX=" ipv6.disable=1 rd.lvm.lv=fedora/root rd.lvm.lv=fedora/s wap rhgb quiet"
Update grub configuration
sudo grub2-mkconfig -o /boot/grub2/grub.cfg8. Updating your system
Now do system update and upgrade.
sudo yum -y update
9. Enable bash completion
Install bash-completion by running the following commands:
sudo yum install bash-completion 10. Enable essential repositories
Run the following commands to enable EPEL and rpmforge repositories.
sudo yum -y install yum-plugin-priorities
sudo yum -y install epel-release
sudo yum -y install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpmModify priorities.
sudo sed -i -e "s/]$/]npriority=6/g" /etc/yum.repos.d/rpmforge.repo
sudo sed -i -e "s/]$/]npriority=4/g" /etc/yum.repos.d/epel.repo
sud =o sed -i -e "s/]$/]npriority=1/g" /etc/yum.repos.d/CentOS-Base.repo 11. Install vim on CentOS 7
Install vim editor on CentOS 7
sudo yum -y install vim-enhanced a) Set global alias for vim by editing file /etc/profile.
sudo vim /etc/profileb) Add the line below to the end
alias vi='vim'c) Apply changes
source /etc/profiled) To configure vim for your user account only, save configurations to ~/.vimrc file but for all user account write to /etc/vimrc.
vi ~/.vimrc Then add the following lines
set nocompatible
set fileformats=unix,dos
set history=100
set ignorecase
set number
set showmatch
syntax on
highlight Comment ctermfg=LightCyan
set wrap
set incsearch
set hlsearch
set smartcase
12. Install KVM Virtualization stack
If you would like to do Virtualization with KVM, do thw following.
sudo yum -y install qemu-kvm libvirt virt-install bridge-utils
sudo yum -y install libguestfs-tools virt-top
sudo yum -y install spice-server spice-protocol 13. Install LAMP Stack (Apache, MariaD and PHP)
Install Apache, PHP , MariaDB and phpmyadmin.
yum -y install httpd
yum -y install php php-mbstring php-pear
systemctl restart httpd
yum -y install mariadb-server Set up MariaDB password.
sudo mysql_secure_installationSay yes to set root password,remove anonymous users,disallow root login remotely and remove test database.Then reload privilege tables.
Try logging in with your password.
mysql -u root -pInstall phpMyAdmin
sudo yum -y install phpMyAdmin php-mysql php-mcrypt14. Setting keymap and Locale
Set keymap and locale settings.
localectl set-locale LANG=en_US.UTF-8
localectl
Setting keyboard keymap
sudo localectl set-keymap us
15. Changing Run Levels
You can change runlevel by linking to /etc/systemd/system/default.target. You can change runlevels between graphical and multi-user using the following.
sudo systemctl set-default graphical.target
sudo rebootTo change to runlevel 3 type:
sudo systemctl set-default multi-user.target
sudo reboot
