Centos: Difference between revisions

From 太極
Jump to navigation Jump to search
Line 12: Line 12:


= Installation screenshots =
= Installation screenshots =
* [https://www.linuxtechi.com/centos-8-installation-guide-screenshots/ CentOS 8 Installation Guide with Screenshots]
* [https://www.tecmint.com/red-hat-enterprise-linux-7-3-installation-guide/ Installation of Red Hat Enterprise Linux (RHEL) 7.3 Guide]. UEFI + GPT, Legacy BIOS +  MBR.
* [https://www.tecmint.com/red-hat-enterprise-linux-7-3-installation-guide/ Installation of Red Hat Enterprise Linux (RHEL) 7.3 Guide]. UEFI + GPT, Legacy BIOS +  MBR.
* [https://www.howtoforge.com/tutorial/centos-7-minimal-server/ How to Install a CentOS 7.3 Minimal Server] For a static IP address, I need to enter IP, subnet, gateway and DNS servers.
* [https://www.howtoforge.com/tutorial/centos-7-minimal-server/ How to Install a CentOS 7.3 Minimal Server] For a static IP address, I need to enter IP, subnet, gateway and DNS servers.

Revision as of 20:06, 10 October 2019

RHEL/CentOS

Download urls

DVD, everything, minimal

  • Minimal: 800MB, no GUI
  • DVD: 4.2GB
  • Everything: 8.1GB

Installation screenshots

30 Things to Do After Minimal RHEL/CentOS 7 Installation

http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/

Change hostname

  • Change the ^HOSTNAME line in /etc/sysconfig/network
  • Change the hostname in /etc/hosts
  • Run /bin/hostname new_hostname for the hostname change to take effect immediately.
  • Run /sbin/service syslog restart for syslog to log using the new hostname.

Note that using the command line 'hostname' to change the machine's hostname works only for the current session.

Check CentOS version

$ cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)

switch to root

su   # Press 'Enter'. It will ask for root's password.

sudoer

Some distributions do not come with sudo command.

As root type:

visudo

and add a line

MyUserName ALL = ALL

sudo: wheel group

When I install the OS (Red hat 7.4) I have a chance to create a new user with administrator right. This user will be added to the wheel group.

See also How To Create a Sudo User on CentOS

openssh-server

Add an existing user to have sudo privilege

sudo adduser USERNAME sudo

See help.ubuntu.com.

What is my IP address

ifconfig eth0

What services get started at boot time

chkconfig --list

Is xxx service running

xxx status

What services are currently running

ps -e

and

lsof -i

will show you services that are listening to TCP or UDP endpoints.

Choosing a web hosting service for your website

Install Apache

# Step 1: Install Apache
sudo yum -y update
sudo yum -y install httpd

# Step 2: Allow Apache Through the Firewall
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --reload
netstat -ant | grep :80

# Step 3: Configure Apache to Start on Boot
sudo systemctl start httpd
sudo systemctl enable httpd
sudo systemctl status httpd

Open ports in a firewall

On CentOS/RHEL 7.

# Open port 80
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --reload 
# Check the updated rules with:
firewall-cmd --list-all

On CentOS/RHEL 6

# Open port 80
sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
sudo service iptables save

To check

$ netstat -tulpn | grep 8787
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:8787            0.0.0.0:*               LISTEN      -                   
$ netstat -tulpn | grep 80
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp6       0      0 :::80                   :::*                    LISTEN      -

What network ports are open: lsof or netstat

lsof stands for List Open Files.

sudo yum install -y lsof
sudo lsof -i :22   # check port 22
sudo lsof -i :3838 # check port 3838
sudo lsof -i  | grep -i "listen"
              # for example *.ssh (LISTEN) is shown on the last column
# or
netstat -aut  # List only UDP or TCP connections
              # for example 0.0.0.0:ssh
              # It can show the foreign address.
# or
netstat -ant # Disable reverse dns lookup for faster output
             # for example 0.0.0.0:22 is shown on the 4th column
             # for shiny application, netstat -ant can grep 3838, but netstat -aut can't.

# or
netstat -plntu # can't show the true foreign address but it shows PID/Program name

You can use lsof command for a list of things (15 Linux lsof Command Examples)

  • List processes which opened a specific file
  • List opened files under a directory
  • List opened files based on process names starting with
  • List processes using a mount point
  • List files opened by a specific user
  • List all open files by a specific process
  • Kill all process that belongs to a particular user
  • List all network connections
  • List processes which are listening on a particular port
  • List all TCP or UDP connections
  • List all Network File System ( NFS ) files

and the netstat command: 10 basic examples of linux netstat command

# https://cyruslab.net/2014/07/11/installing-netstat-on-centos-7-minimal-installation/
sudo yum install net-tools

ESTABLISHED connection from netstat output

Assuming you are using the default ssh port

$ sudo netstat -aut | grep ssh
Proto Recv-Q Send-Q   Local Address       Foreign Address State
tcp       15      0  MyServerIP:ssh  58.218.198.170:14976 ESTABLISHED
tcp        0     68  MyServerIP:ssh 122.226.181.167:14976 ESTABLISHED
tcp        0     68  MyServerIP:ssh 122.226.181.167:56700 TIME_WAIT
tcp        0     68  MyServerIP:ssh   182.106.129.1:48887 SYNC_RECV
tcp        0    172  MyServerIP:ssh      ExpectedIP:50344 ESTABLISHED

If you are using a non-default port for sshd, sometimes 'sudo netstat -aut' doesn't detect that port?? Use sudo netstat -plunt | grep sshd instead.

$ sudo netstat -plunt | grep sshd --col
tcp        0      0 0.0.0.0:XX              0.0.0.0:*               LISTEN      23480/sshd      
tcp6       0      0 :::XX                   :::*                    LISTEN      23480/ssh
$ sudo netstat -aut | grep ":XX" --col

Strange IP connected to ssh? An ESTABLISHED connection does not indicate anything about the state of things with regard to the ssh protocol; it refers to the state of the connection with regard to the TCP protocol.

Check /var/log/auth.log for successful/failed connections

$ sudo grep "Accepted password" /var/log/auth.log --col
$ sudo grep "XXX.XXX.XXX.XXX" /var/log/auth.log --col

What's the difference between port status “LISTENING”, “TIME_WAIT”, “ CLOSE_WAIT” and “ESTABLISHED”?

What firewall rules do I in place

iptables -L

See this article: 20 Iptables Examples For New SysAdmins from cyberciti.biz.

Routing table

How to read the routing table?

Ubuntu wireless adapter:

brb@brb-P45T-A:~$ netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0 wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 wlan0

Ubuntu virtual machine:

brb@vm-1404:~$ netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG        0 0          0 eth0
10.0.2.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
brb@vm-1404:~$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 08:00:27:ee:7d:45  
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:feee:7d45/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:831 errors:0 dropped:0 overruns:0 frame:0
          TX packets:558 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:578902 (578.9 KB)  TX bytes:55508 (55.5 KB)

brb@vm-1404:~$ ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 08:00:27:cb:96:6c  
          inet addr:192.168.1.244  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fecb:966c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:84 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:8287 (8.2 KB)  TX bytes:8966 (8.9 KB)

A default gateway is set as follows:

route add default gw IP_ADDRESS INTERFACE_NAME

route add default gw 192.168.0.1 wlan0

What packages do I have installed

rpm -qa | less
# or
rpm -qa | grep xxx

Install/uninstall new packages

rpm -Uvh foo-1.0-1.i386.rpm

# To install the package anyway and the same version you are trying to install is already installed
# -i: install
# -U: upgrade
# -h: print 50 hask marks as the package archive is unpacked
rpm -ivh --replacepkgs foo-1.0-1.i386.rpm

To uninstall a package

rpm -e foo  # not the name of the original package file foo-1.0-1.i386.rpm

What version of package xxx do I have installed

rpm -qi xxx

Find out path where is package installed

https://www.cyberciti.biz/faq/yum-determining-finding-path-that-yum-package-installed-to/

rpm -q {packageNameHere}

List of available (uninstalled) packages

yum list available

List All Configured Repositories

yum -v repolist
yum -v repolist | less
yum repolist

To list only enabled repositores

yum repolist enabled

To list only disabled repositories

yum repolist disabled

To list available packages under a repo called ksplice-uptrack, enter:

yum --disablerepo="*" --enablerepo="ksplice-uptrack" list available

yum

Searching Packages

yum search vim gvim emacs

List packages

yum list all  # list all available & installed
yum list installed
yum list available

yum grouplist
yum repolist  # Not reposlist

Display package information

yum info package_name…

yumdb or rpm command : View Package Information On RHEL & CentOS Systems

yumdb info package_name…

rpm -qi nano

See How To View Detailed Information About A Package In Linux.

Listing Files Contained in a Package

repoquery --list package_name

install/remove

yum install -y packagename1 packagename2
yum remove packagename1 packagename2

yum groupremove group

yum equivalent of apt-get update

yum check-update

sendmail

su                             # type your root password to switch the account
yum install m4 telnet mailx
yum install sendmail sendmail-cf
nano /etc/mail/sendmail.mc
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
service sendmail restart
netstat -an | grep :25 | grep tcp
ps -ef | grep -v grep | grep -i sendmail
nano /etc/mail/local-host-names
service sendmail restart
chkconfig sendmail on
useradd testuser1
useradd testuser2   
passwd testuser2 
mail -s "Test mail from testuser1" testuser2
tail /var/log/maillog
su testuser2 # run 'mail' command to see if the mail has been received.

nano /etc/mail/local-host-names # create a line, says, xyz.com
nano /etc/mail/sendmail.cf      # After the line of "Smart" relay host (may be null), edit as the following
                                # DSmailfwd.nih.gov
nano /etc/postfix/main.cf #  change inet_protocols from all to ipv4.
nano /etc/sysconfig/sendmail    # make sure DAEMON=yes
nano /etc/mail/relay-domains    # this is a new file with 1 line 128.231.90.107
service sendmail restart
mail -s "Test mail from testuser1" [email protected]
tail /var/log/maillog           # Should not see any ERR.
netstat -nutlap | grep 25

Use command line to check battery status

How To Check Laptop Battery Status In Terminal In Linux

$ sudo apt install acpi
$ acpi
Battery 0: Discharging, 81%, 01:07:49 remaining
$ acpi -i
Battery 0: Discharging, 79%, 01:34:45 remaining
Battery 0: design capacity 3513 mAh, last full capacity 2400 mAh = 68%

Use TLP to Extend Linux Laptop Battery Life

Power Manager for GNOME

The configuration defaults for GNOME power manager have not installed correctly. Cannot login

This error will results in a log-in problem except root account. The symptom is 50GB in root (/) is used up.

The problem was caused by a bug in yum where /var/cache/yum/x86_64/6Workstation takes about 42GB space. The 'yum' does not remove old generated .sqlite files.

See https://bugzilla.redhat.com/show_bug.cgi?id=632391

I use 'du -k' command to find out which directory took space. I use 'rm' command to delete the contents.

Even I delete the content, the directory still grows up daily.

Upgrade Python from 2.6.x to 2.7.x

This instruction tells how to install Python 2.7 from source.

yum -y update
yum groupinstall -y 'development tools'
yum install -y zlib-devel bzip2-devel openssl-devel xz-libs wget
wget http://www.python.org/ftp/python/2.7.8/Python-2.7.8.tar.xz
xz -d Python-2.7.8.tar.xz
tar -xvf Python-2.7.8.tar

# Enter the directory:
cd Python-2.7.8

# Run the configure:
./configure --prefix=/usr/local

# compile and install it:
make
make altinstall

# Checking Python version:
[root@nicetry ~]# python2.7 -V
Python 2.7.8

wget --no-check-certificate https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz

# Extract the files:
tar -xvf setuptools-1.4.2.tar.gz
cd setuptools-1.4.2

# Install setuptools using the Python 2.7.8:
python2.7 setup.py install
curl https://raw.githubusercontent.com/pypa/pip/master/contrib/get-pip.py | python2.7 -
pip2.7 install virtualenv

Install gcc and development tools

sudo yum install gcc gcc-c++
# OR
sudo yum group install "Development Tools"

Install Meld

Have not found a solution yet. We need to install it from source. However, the source depends on

  • Python 2.7 (see above for the instruction)
  • GTK+ 3.6
  • GLib 2.34
  • PyGObject 3.8
  • GtkSourceView 3.6

(Update) A binary version of meld is already available in the git. See this post.

$ cd ~/Downloads/
$ git clone https://git.gnome.org/browse/meld
$ cd meld
$ sudo ln -s /home/$USER/Downloads/meld/bin/meld /usr/bin/meld

Install the EPEL repository

https://support.rackspace.com/how-to/install-epel-and-additional-repositories-on-centos-and-red-hat/

sudo yum install epel-release

If that command doesn’t work,

  • CentOS and Red Hat Enterprise Linux 6.x
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
sudo rpm -Uvh epel-release-6*.rpm
  • CentOS and Red Hat Enterprise Linux 7.x
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo rpm -Uvh epel-release-latest-7*.rpm
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

Adding, Enabling, and Disabling a Yum Repository

VirtualBox guest addition

(Works on CentOS 7 & VB 5.0.40) https://wiki.centos.org/HowTos/Virtualization/VirtualBox/CentOSguest

yum install dkms
yum groupinstall "Development Tools"

After running VBoxLinuxAdditions.run & reboot, GA does not work. However, after I run VBoxLinuxAdditions.run & reboot again, GA works.

(CentOS 6) Check out this post.

su
# click VirtualBox -> Devices -> Install guest addition
mkdir /media/VirtualBoxGuestAdditions
mount -r /dev/cdrom /media/VirtualBoxGuestAdditions
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
yum install gcc kernel-devel kernel-headers dkms make bzip2 perl
KERN_DIR=/usr/src/kernels/`uname -r`
export KERN_DIR
cd /media/VirtualBoxGuestAdditions
./VBoxLinuxAdditions.run

(Update for 64-bit CentOS 6.5 + VirtualBox 4.3.18) The installation still failed and it showed a missing package which can be installed with

yum install kernel-devel-2.6.32-431.el6.x86_64

Then I re-run ./VBoxLinuxAdditions.run to finish the installation of guest addition. Reboot and GA works.

Rockstor Linux

Build and manage your own Linux & BTRFS powered advanced NAS and Cloud storage with ease

  1. Personal Cloud Server
  2. SMB Cloud Server
  3. Traditional NAS server

Apache Subversion server

How to Setup Apache Subversion with HTTPS Letsencrypt on CentOS 7