Linux -- Setup
This page targets the customazition of CentOS 6.5/7 systems.
Inhaltsverzeichnis
Installation
A simple way to set your screen resolution and color depth for most Live Linux distro's is via the use of the vga=parameter boot option. For example at boot you might type: Live vga=795. This would set your system to boot using the Live label with a screen resolution to 24bit 1280X1024. Here are some more examples of common vga boot values.
| Depth | 800x600 | 1024x786 | 1152x864 | 1280x1024 | 1600x1200 |
|---|---|---|---|---|---|
| 8 bit | vga=771 | vga=773 | vga=353 | vga=775 | vga=796 |
| 16 bit | vga=788 | vga=791 | vga=355 | vga=794 | vga=798 |
| 24 bit | vga=789 | vga=792 | vga=795 | vga=799 |
Environment
Without usable command line you'll be fucked. Replace your ~/.baschrc with the following.
# .bashrc PS1='\h\w\$ ' export EDITOR=vi export TERM=dtterm PATH=/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin # User specific aliases and functions alias vi='/usr/local/bin/vim -X' alias l='/bin/ls --group-directories-first -lah | more' alias cp='/bin/cp -r'
First get the minimum of packets to be able to compile simple stuff.
yum groupinstall -y "Development tools" "System administration tools"
Enable Proxy for yum
echo "proxy=http://proxy.bla.com:8080" >> /etc/yum.conf
Enable XDMCP
If you have installed the X Window System and would like to log in to your Red Hat Enterprise Linux system using a graphical login manager, enable the X Display Manager Control Protocol (XDMCP). This protocol allows users to remotely log in to a desktop environment from any X Window System compatible client (such as a network-connected workstation or X terminal). To enable remote login using XDMCP, edit the following line in the /etc/gdm/custom.conf file on the Red Hat Enterprise Linux system with a text editor such as vi or nano:
# GDM configuration storage [daemon] User=gdm Group=gdm [security] DisallowTCP=false AllowRemoteRoot=true [xdmcp] Enable=true DisplayPerHost=10 HonorIndirect=false MaxPending=4 MaxSessions=32 MaxWait=30 MaxWaitIndirect=30 Port=177 [greeter] IncludeAll=true [chooser] Multicast=false [debug] Enable=false
Additional Repos
CentOS 6.5 Extra Packages for Enterprise Linux (EPEL) und REMI
yum install epel-release wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm sudo rpm -Uvh remi-release-6*.rpm
CentOS 7 Extra Packages for Enterprise Linux (EPEL) und REMI
yum install epel-release wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm sudo rpm -Uvh remi-release-7*.rpm rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt rpm -i rpmforge-release-0.5.3-1.el6.rf.*.rpm
The Remi repository is disabled by default.
To use the Remi repository only when you know you need it, use the --enablerepo=remi option when installing a package. For example:
sudo yum --enablerepo=remi install php-tcpdf
If you want to permanently enable the Remi repository, you need to edit the yum configuration file for Remi.
Open the repository configuration file by using a text editor of your choice:
sudo nano /etc/yum.repos.d/remi.repo
Edit the [remi] portion of the file to set the enabled option to 1. This action enables the Remi repository by default.
name=Les RPM de remi pour Enterprise Linux $releasever - $basearch #baseurl=http://rpms.famillecollet.com/enterprise/$releasever/remi/$basearch/ mirrorlist=http://rpms.famillecollet.com/enterprise/$releasever/remi/mirror enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi failovermethod=priority
You can see if the repositories that you need are installed and enabled by running the following command:
yum repolist
Some repositories, like Remi, are disabled by default. To list disabled repositories, run the following command:
yum repolist disabled
Enable or Disable SELinux
From the command line, you can edit the /etc/sysconfig/selinux file. This file is a symlink to /etc/selinux/config. The configuration file is self-explanatory. Changing the value of SELINUX or SELINUXTYPE changes the state of SELinux and the name of the policy to be used the next time the system boots.
Choose between Disabled, Enforcing or Permissive
[root@host2a ~]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=permissive # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted # SETLOCALDEFS= Check local definition changes SETLOCALDEFS=0
PHP
Install PHP and needed set of tools with the following command
yum install -y php.x86_64 php-bcmath.x86_64 php-cli.x86_64 php-common.x86_64 php-gd.x86_64 php-imap.x86_64 php-intl.x86_64 php-mbstring.x86_64 php-mcrypt.x86_64 php-mysql.x86_64 php-pdo.x86_64 php-pear.noarch php-process.x86_64 php-snmp.x86_64 php-xcache.x86_64 php-xml.x86_64 php-xmlrpc.x86_64
Perl
Install Perl and needed set of tools with the following command.
yum install -y perl.x86_64 perl-CGI.x86_64 perl-Compress-Raw-Zlib.x86_64 perl-Compress-Zlib.x86_64 perl-DBD-MySQL.x86_64 perl-DBI.x86_64 perl-Error.noarch perl-ExtUtils-MakeMaker.x86_64 perl-ExtUtils-ParseXS.x86_64 perl-Git.noarch perl-HTML-Parser.x86_64 perl-HTML-Tagset.noarch perl-IO-Compress-Base.x86_64 perl-IO-Compress-Zlib.x86_64 perl-Module-Pluggable.x86_64 perl-Pod-Escapes.x86_64 perl-Pod-Simple.x86_64 perl-Test-Harness.x86_64 perl-Test-Simple.x86_64 perl-Time-HiRes.x86_64 perl-URI.noarch perl-WWW-Curl.x86_64 perl-XML-Parser.x86_64 perl-devel.x86_64 perl-libs.x86_64 perl-libwww-perl.noarch perl-rrdtool.x86_64 perl-version.x86_64
Symantec Backup Exec Agent
You got to backup your linux servers to tape. The windows-centric environment you live in uses symantec backupexec (BUE) and it works really well for windows servers. You got a spiffy Fedora 14 box with some CORAID storage attached to it and you need to make it backup to BUE. The linux install package fails, symantec support only recognize RHEL and SUSE as worthy linux distributions (although they used to also recognize Ubuntu), what do you do?
Fear not, I got the solution for you below as that just happened to me recently. Just to be clear, I am talking about the infamous ELF error you see like the code snippet that follows:
./installralus: ../perl/Linux/bin/perl: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
This error happens because the perl installer that ships with BUE is linked against 32-bit libstdc++. This is actually not the only problem you will face, as further down the installation, the RALUS64 package will require libstdc++.so.5. We might as well address this now with the following command:
yum install -y compat-libstdc++-33 glibc.i686
Dovecot
Download latest version from www.dovecot.org
Install the following set of tools.
yum install -y pam.x86_64 pam-devel.x86_64 pam_abl.x86_64 pam_afs_session.x86_64 pam_fprint.x86_64 pam_krb5.x86_64 pam_ldap.x86_64 pam_mapi.x86_64 pam_mysql.x86_64 pam_oath.x86_64 pam_passwdqc.x86_64 pam_pkcs11.x86_64 pam_radius.x86_64 pam_script.x86_64 pam_shield.x86_64 pam_ssh.x86_64 pam_ssh_agent_auth.x86_64 pam_url.x86_64 pam_yubico.x86_64 paml.x86_64 paml-data.x86_64 pamtester.x86_64 zlib zlib-devel bzip2 bzip2-libs bzip2-devel lzma lzma-devel lzma-libs lz4 lz4-devel
Use the following configure options.
./configure --prefix=/usr/local --with-nss --with-pam --with-shadow --with-zlib --with-bzlib --with-lzma --with-lz4 --with-ssl=openssl --with-mysql
Drive Mapping
This is a simple shell script to mount CIFS shares.
#!/bin/sh sudo mount -t cifs //eufil201.domain.com/group /EDC/group -o user=username,password=affe,uid=1000,gid=1000 sudo mount -t cifs //eufil216.de.domain.com/software$ /EDC/software -o user=username,password=affe,uid=1000,gid=1000 sudo mount -t cifs //eufil214.de.domain.com/shared /EDC/shared -o user=username,password=affe,uid=1000,gid=1000 sudo mount -t cifs //eufil003.de.domain.com/wschroeer$ /EDC/wschroeer -o user=username,password=affe,uid=1000,gid=1000
Disable Firewall
Firewalld is a complete firewall solution that has been made available by default on all CentOS 7 servers, including Liquid Web Core Managed CentOS 7, and Liquid Web Self Managed CentOS 7. On occasion, perhaps for testing, disabling or stopping firewalld may be necessary. Follow the instructions below to disable firewalld and stop firewalld.
To disable firewalld, run the following command as root:
systemctl disable firewalld
To stop firewalld, run the following command as root:
systemctl stop firewalld
And finally, to check the status of firewalld, run the following command as root:
systemctl status firewalld
