Top CentOS 7 Post Installation Tips and Tricks

Posted on 45 views

I’ve just installed CentOS 7 minimal and I’m not sure what to do next?. CentOS 7 is an enterprise-grade operating system based on RHEL 7. It was released in 2014 and will be supported through the end of 2024. After a fresh installation of CentOS 7 minimal server, the following are list of things that you may consider doing to get your server ready for any kind of setup. The list is not  comprehensive but it’s enough for new Server.

1. Add standard user account

If you installed the OS as root user and didn’t add any standard user account, do it here.

sudo useradd user1
sudo passwd user1

Give user a privilege to switch to root as administator.

sudo usermod -aG wheel user1
sudo vim  /etc/pam.d/su

Uncomment line 6 to look like one shown below.

auth   required        pam_wheel.so use_uid

Transfer root privilege to a user you added, here the username is “username”.

sudo visudo

You can then add to the end of the file  the user added to use use all root privileges.

user1  ALL=(ALL)       ALL

2. Disable SELinux / Put it in Permissive mode

If you’re afraid of SELinux, you can either put it in enforcing or permissive mode.

To put SELinux in permissive mode, run the following commands:

sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
cat /etc/selinux/config | grep SELINUX=

Disable SELinux (Security-Enhanced Linux) if you don’t need it.

sudo sed -i 's/(^SELINUX=).*/SELINUX=disabled/' /etc/selinux/config

If you reboot your system and type

sudo reboot
sestatus

You should get the output saying SELinux have been disabled. See below

SELinux status:                 disabled

selinux

3. Disabling firewall if not needed ( NOT RECOMMENDED)

If you don’t need a firewall, disable it using commands below.

sudo systemctl stop firewalld 
sudo systemctl disable firewalld rolekit

4. Configure hostname for the server

To configure the Server hostname, run the commands below:

sudo hostnamectl set-hostname "yourhostname"

5. Configure system timezone

Configure timezone for the server with the command below. Replace Africa/Nairobi with your correct timezone.

timedatectl list-timezones 
sudo timedatectl set-timezone Africa/Nairobi

Confirm with the command below:

timedatectl

6. Configure interface networking

Configure Ethernet network connection to give it ip address and other network parameters.

First, you need to check the name of the Ethernet device before modifying its configurations. Use command below

nmcli device

My Ethernet adapter is eno1.

I will configure my eno1 with ip address 192.168.1.4, subnet mask 255.255.255.0, gateway 192.168.1.1, DNS server 192.168.1.1 .

The method of configuration will be set to manual.

sudo nmcli connection modify eno1 ipv4.addresses 192.168.1.4/24
sudo nmcli connection modify eno1 ipv4.gateway 192.168.1.1
sudo nmcli connection modify eno1 ipv4.dns 192.168.1.1
sudo nmcli connection modify eno1 ipv4.manual method

Make changes take effect by restarting the interface.

nmcli connection down eno1
nmcli connection up eno1

Confirm that the changes have been committed:

 ip addr show

7. Disabling ipv6

If your network doesn’t use ipv6, you can disable it by opening grub configuration file and adding  ipv6.disable=1 to GRUB_CMDLINE_LINUX on Line 6.

sudo vi  /etc/default/grub

Your results should look like one shown below.

GRUB_CMDLINE_LINUX=" ipv6.disable=1 rd.lvm.lv=fedora/root rd.lvm.lv=fedora/s    wap rhgb quiet"

ipv6

Update grub configuration

sudo grub2-mkconfig -o /boot/grub2/grub.cfg

8. Updating your system

Now do system update and upgrade.

sudo yum -y update

Centos-update

9. Enable bash completion

Install bash-completion by running the following commands:

sudo yum install bash-completion 

10. Enable essential repositories

Run the following commands to enable EPEL and rpmforge repositories.

sudo yum -y install yum-plugin-priorities
sudo yum -y install epel-release
sudo yum -y install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

Modify priorities.

sudo sed -i -e "s/]$/]npriority=6/g" /etc/yum.repos.d/rpmforge.repo 
sudo sed -i -e "s/]$/]npriority=4/g" /etc/yum.repos.d/epel.repo 
sud =o sed -i -e "s/]$/]npriority=1/g" /etc/yum.repos.d/CentOS-Base.repo 

11. Install vim on CentOS 7

Install vim editor on CentOS 7

sudo yum -y install vim-enhanced 

a) Set global alias for vim by editing file /etc/profile.

sudo vim  /etc/profile

b) Add the line below to the end

alias vi='vim'

c) Apply changes

source /etc/profile

d) To configure vim for your user account only, save configurations to ~/.vimrc file but for all user account write to /etc/vimrc.

vi ~/.vimrc 

Then add the following lines

set nocompatible
set fileformats=unix,dos
set history=100
set ignorecase
set number
set showmatch
syntax on
highlight Comment ctermfg=LightCyan
set wrap
set incsearch
set hlsearch
set smartcase

vim

12. Install KVM Virtualization stack

If you would like to do Virtualization with KVM, do thw following.

sudo yum -y install qemu-kvm libvirt virt-install bridge-utils
sudo yum -y install libguestfs-tools virt-top
sudo yum -y install spice-server spice-protocol 

13. Install LAMP Stack (Apache, MariaD and PHP)

Install Apache, PHP , MariaDB and phpmyadmin.

yum -y install httpd
yum -y install php php-mbstring php-pear
systemctl  restart httpd
yum -y install mariadb-server 

Set up MariaDB password.

sudo mysql_secure_installation

Say yes to set root password,remove anonymous users,disallow root login remotely and remove test database.Then reload privilege tables.

Try logging in with your password.

mysql -u root -p

Install phpMyAdmin

sudo yum -y install phpMyAdmin php-mysql php-mcrypt

14. Setting keymap and Locale

Set keymap and locale settings.

 localectl set-locale LANG=en_US.UTF-8
 localectl

locale-ctl

Setting keyboard keymap

sudo localectl set-keymap us

keymap

15. Changing Run Levels

You can change runlevel by linking to /etc/systemd/system/default.target. You can change runlevels between graphical and multi-user using the following.

sudo systemctl set-default graphical.target
sudo reboot

To change to runlevel 3 type:

sudo systemctl set-default multi-user.target 
sudo reboot

 

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.