Faruque Ahmed : MCP, MCSA, MCSE, MCTS, MCIT, CCNA, OCA, OCP, GCP

CentOS-7 Basic

Check the CentOS version.

cat /etc/centos-release # CentOS Linux release 7.4.1708 (Core)

Create a new non-root user account with sudo access and switch to it.

useradd -c "John Doe" johndoe && passwd johndoe usermod -aG wheel johndoe su - johndoe

NOTE: Replace johndoe with your username.

Set up the timezone.

timedatectl list-timezones sudo timedatectl set-timezone 'Asia/Dhaka'

HOST Name

# hostnamectl set-hostname mail

# echo "192.168.0.14 mail.worldcm.net mail " >> /etc/hosts

# cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

254.20.140.254 mail.worldcm.net mail

systemctl stop firewalld.service

systemctl disable firewalld.service

Enable CentOS CR (Continuous Release) Repository

# yum install centos-release-cr

# yum update

# yum-config-manager --enable cr

# yum repolist cr

yum -y install epel-release

rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm

yum --enablerepo=elrepo-kernel install kernel-lt

# yum install kernel kernel-tools kernel-tools-libs

yum -y install yum-updatesd yum-utils nmap netstat lsof net-tools quota* xfsprogs xfsdump xfsprogs-devel xfsprogs-qa-devel htop iptraf-ng iftop mutt vim* mlocate httpd* NetworkManager-tui gcc yum-priorities openssl cyrus* ntsysv finger curl lsof bash-completion git wget unzip bash-completion setuptools cronie grep NetworkManager webmin pfring java

# yum install xrdp --enablerepo=cr

yum -y install yum-updatesd yum-utils nmap netstat lsof net-tools quota* xfsprogs xfsdump xfsprogs-devel xfsprogs-qa-devel htop iptraf-ng iftop mutt vim* mlocate httpd* NetworkManager-tui gcc yum-priorities openssl cyrus* ntsysv finger curl git wget unzip bash-completion setuptools NetworkManager cronie pfring xinetd xrdp cento n2disk ndpi nprobe perl tigervnc-server webmin pfring java

-----------------------------------------Quota---------------------------------------------------

[root@mail ~]# mount | grep ' / '

/dev/mapper/centos-root on / type xfs (rw,relatime,attr2,inode64,noquota)

# cp /etc/default/grub /etc/default/grub.ORG

[root@mail ~]# vi /etc/default/grub

GRUB_TIMEOUT=5

GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"

GRUB_DEFAULT=saved

GRUB_DISABLE_SUBMENU=true

GRUB_TERMINAL_OUTPUT="console"

GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet rootflags=uquota,pquota"

GRUB_DISABLE_RECOVERY="true"

[root@mail ~]# cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig

[root@mail ~]# grub2-mkconfig -o /boot/grub2/grub.cfg

**The path on some OSs has been changed to E F I [ EFI BOOT ] **

# /boot/efi/EFI/centos/grub.cfg

[root@mail ~]# cp /boot/efi/EFI/centos/grub.cfg /boot/efi/EFI/centos/grub.cfg.ORG

[root@mail ~]# grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg

# reboot

[root@mail ~]# mount | grep ' / '

/dev/mapper/centos-root on / type xfs (rw,relatime,attr2,inode64,usrquota,prjquota)

Then Go to webmin----->

1. Disk and Network --->/ (Root filesystem) or home ---> Enable user & groups quotas ---> save

2. Disk Quotas ---->/ (users) / (groups) ---> ok

-----------------------------x----------------------------------------------

#nmtui -------ADD IP

IP Set

# nmtui

# nmcli d

yum reinstall NetworkManager

# systemctl enable NetworkManager

# systemctl start NetworkManager

# systemctl restart network.service

Stop and Disable Firewalld on CentOS 7

[root@rhel-centos7-linux ~]# yum -y install iptables-services

systemctl disable firewalld

systemctl stop firewalld

[root@mail named]# systemctl disable firewalld.service

systemctl stop firewalld.service

systemctl status firewalld

--------------------------------------------------------------------------

systemctl enable iptables

systemctl start iptables

systemctl start ip6tables

[root@world]# systemctl disable iptables.service

# systemctl stop iptables.service

# systemctl stop ip6tables.service

# nmtui

--------------------------------------------------

[root@dlp ~]# vi /etc/selinux/config

# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # change to disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted

# restart to apply new setting

[root@dlp ~]# reboot

HOST Name

hostnamectl set-hostname mail

echo "192.168.0.14 mail.worldcm.net mail " >> /etc/hosts

cat /etc/hosts

# vi /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=yes

HOSTNAME=s1.worldcm.net

DOMAINNAME=worldcm.net

-------------------------------------------------

Service

[1] It's possible to make sure services' status like follows.

# display the list of services which are running

[root@dlp ~]# systemctl -t service

UNIT LOAD ACTIVE SUB DESCRIPTION auditd.service loaded active running Security Auditing Service avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus getty@tty1.service loaded active running Getty on tty1 ... ... ... systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-utmp.service loaded active exited Update UTMP about System Reboot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tuned.service loaded active running Dynamic System Tuning Daemon LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 39 loaded units listed. Pass --all to see loaded but inactive units, too. To show all installed unit files use 'systemctl list-unit-files'.

# the list of all services

[root@dlp ~]# systemctl list-unit-files -t service

UNIT FILE STATE auditd.service enabled autovt@.service disabled avahi-daemon.service enabled blk-availability.service disabled brandbot.service static ... ... ... systemd-user-sessions.service static systemd-vconsole-setup.service static teamd@.service static tuned.service enabled wpa_supplicant.service disabled 125 unit files listed.

[2]

Stop and turn OFF auto-start setting for a service if you don'd need it. (it's smartd as an example below)

[root@dlp ~]# systemctl stop postfix

[root@dlp ~]# systemctl disable postfix

rm '/etc/systemd/system/multi-user.target.wants/postfix.service'

[3]

There are some SysV services yet. Those are controled by chkconfig like follows.

[root@dlp ~]# chkconfig --list

Note: This output shows SysV services only and does not include native systemd services. SysV configuration data might be overridden by native systemd configuration. If you want to list systemd services use 'systemctl list-unit-files'. To see services enabled on particular target use 'systemctl list-dependencies [target]'. iprdump 0:off 1:off 2:on 3:on 4:on 5:on 6:off iprinit 0:off 1:off 2:on 3:on 4:on 5:on 6:off iprupdate 0:off 1:off 2:on 3:on 4:on 5:on 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off

# for exmaple, turn OFF auto-start setting for netconsole

[root@dlp ~]# chkconfig netconsole off

Add Repositories

[root@dlp ~]# yum -y install yum-plugin-priorities

set [priority=1] to official repository

[root@dlp ~]# sed -i -e "s/\]$/\]\npriority=1/g" /etc/yum.repos.d/CentOS-Base.repo

Add RPMforge Repository which provides many useful packages

[root@dlp ~]# yum -y install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

# set [priority=10]

[root@dlp ~]# sed -i -e "s/\]$/\]\npriority=10/g" /etc/yum.repos.d/rpmforge.repo

# for another way, change to [enabled=0] and use it only when needed

[root@dlp ~]# sed -i -e "s/enabled = 1/enabled = 0/g" /etc/yum.repos.d/rpmforge.repo

# if [enabled=0], input a command to use the repository

[root@dlp ~]# yum --enablerepo=rpmforge install [Package]

# systemctl enable NetworkManager

# systemctl start NetworkManager

Restart / Stop / Start Networking

/etc/init.d/network restart

systemctl status network.service

systemctl status network

systemctl restart network.service

systemctl restart network

systemctl start network.service

systemctl start network

systemctl stop network.service

systemctl stop network

-------------

CentOS / Redhat 7 Command..................................................................................................T.

vmtools install

# yum -y install open-vm-tools

# systemctl start vmtoolsd.service

# systemctl enable vmtoolsd.service

# ip addr show

Configuring Multiple Addresses Using ip Commands

~]# ip address add 192.168.2.223/24 dev eth1

~]# ip address add 192.168.4.223/24 dev eth1

~]# ip addr

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 52:54:00:fb:77:9e brd ff:ff:ff:ff:ff:ff

inet 192.168.2.223/24 scope global eth1

inet 192.168.4.223/24 scope global eth1

#ip route add 192.0.2.0/24 via 10.0.0.1

Static route configuration can be stored per-interface in a /etc/sysconfig/network-scripts/route-interface file. For example, static routes for the eth0 interface would be stored in the /etc/sysconfig/network-scripts/route-eth0 file. The route-interface file has two formats: ip command arguments and network/netmask directives. These are described below.

#systemctl restart network.service

#systemctl start network

#systemctl stop network.service

#sudo systemctl stop network

[root@nagios-server /]# firewall-cmd –permanent –zone=public –add-service=http

[root@nagios-server /]# firewall-cmd –permanent –zone=public –add-service=https

[root@nagios-server /]# firewall-cmd –reload

Setup network on centos 7

# yum install NetworkManager-tui

let’s start, Type “nmcli d” command in your terminal for quick identification of Ethernet cards installed in your machine.

Here we have 2 interfaces named “enp0s17” and “enp0s18” . it might be different in your case ( Eg: em1 or p4p1 ).

# ip addr show

[root@mail network-scripts]# vi ifcfg-em1

nmtui-edit em1 [ Public IP]

----------Manual DHCP---------------

TYPE=Ethernet

PROXY_METHOD=none

BROWSER_ONLY=no

BOOTPROTO=dhcp

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

NAME=eth0

DEVICE=eth0

ONBOOT=yes

-------------------

IPV6INIT=yes

IPV6_PEERROUTES=yes

UUID=5432ae7b-2e3c-4f91-872a-ac9075eec38d

IPV6_ADDR_GEN_MODE=stable-privacy

BOOTPROTO=none

NAME=em1

MACADDR=""

TYPE=Ethernet

IPV6_FAILURE_FATAL=no

DEVICE=em1

IPV6_AUTOCONF=yes

MTU=""

IPV6_DEFROUTE=yes

DEFROUTE=yes

IPADDR=175.29.184.59

NETMASK=255.255.255.248

NETWORK=175.29.184.56

BROADCAST=175.29.184.63

GATEWAY=175.29.184.57

DNS1=103.20.140.18

DNS3=8.8.8.8

DNS2=202.22.200.44

IPV4_FAILURE_FATAL=no

ONBOOT=yes

IPV6_PEERDNS=yes

ZONE=public

---------------------------

TYPE=Ethernet

PROXY_METHOD=none

BROWSER_ONLY=no

BOOTPROTO=none

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=no

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=enp4s0

UUID=009aef90-1b4d-4a65-9b6a-4b5726721479

DEVICE=enp4s0

ONBOOT=yes

IPADDR=203.82.196.110

PREFIX=29

GATEWAY=203.82.196.105

----------------------XXXXXXX---------------------------

[root@mail network-scripts]# vi ifcfg-em2 [Local IP]

nmtui-edit em2

IPV6INIT=no

IPV6_PEERROUTES=yes

UUID=3590a947-6e08-4168-942d-1cd458917bb8

BOOTPROTO=none

NAME=em2

MACADDR=""

TYPE=Ethernet

IPV6_FAILURE_FATAL=no

DEVICE=em2

IPV6_AUTOCONF=yes

MTU=""

IPV6_DEFROUTE=yes

DEFROUTE=yes

IPADDR=192.168.9.254

NETMASK=255.255.255.0

NETWORK=192.168.9.0

BROADCAST=192.168.9.255

IPV4_FAILURE_FATAL=no

ONBOOT=yes

ZONE=public

IPV6_PEERDNS=yes

-----------------------

TYPE=Ethernet

PROXY_METHOD=none

BROWSER_ONLY=no

BOOTPROTO=none

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=no

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=enp5s0

UUID=88d6c0ca-9617-4009-8a28-3038863a91a3

DEVICE=enp5s0

ONBOOT=yes

ZONE=public

IPADDR=192.168.81.123

PREFIX=23

--------------------------------

GUI Mode

Recommended for beginners

Step 1 » Type this command “nmtui” to open Network manager and press enter after choosing ” Edit a connection” ( Use TAB for choosing options ) .

Step 2 » Now you can see all network interfaces, choose one and click “Edit“.

» DHCP configuration

Step 3 » For DHCP,

1. Choose “Automatic” in IPv4 CONFIGURATION.

2. Choose Automatic Connect check box.

3. Press OK and quit Network manager.

Now Restart network service by typing below command.

systemctl restart network Now your server will get IP Address from DHCP .

» Static configuration

Step 4 » For manual IP address,

1. Choose “Manual” in IPv4 CONFIGURATION.

2. Add IP Address with Subnet , Gateway and DNS server ( Refer below image ).

3. Choose Automatic Connect check box.

4. Press OK and quit Network manager.

Now Restart network service by typing below command.

systemctl restart network That’s it, Interface will have static IP.

Command Mode

Step 1 » Network interface config files are located in /etc/sysconfig/network-scripts/ directory. Open ifcfg-enp0s17 file ( For interface enp0s17 ) and you can see the content like below.

[root@krizna ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s17

TYPE=Ethernet

BOOTPROTO=none

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

NAME=enp0s17

UUID=7f1aff2d-b154-4436-9497-e3a4dedddcef

ONBOOT=no

HWADDR=00:0C:29:A1:B5:D6

PEERDNS=yes

PEERROUTES=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

» DHCP configuration

Step 2 » For DHCP

Find the below lines in config File.

BOOTPROTO=none

ONBOOT=no and replace with

BOOTPROTO=dhcp

ONBOOT=yes Now Restart network service by typing below command.

systemctl restart network Now your server will get IP Address from DHCP

» Static configuration

Step 3 » For Static IP.

Find the below lines in config File.

BOOTPROTO=none

ONBOOT=no and replace with

BOOTPROTO=static

ONBOOT=yes And add the below lines at the end of the file.

IPADDR=172.27.0.32

NETMASK=255.255.255.0

GATEWAY=172.27.0.1

DNS1=172.27.0.5 File will look like below after changes.

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

NAME=enp0s17

UUID=f0c5b37d-299a-43cb-b74b-618bb252d129

ONBOOT=yes

HWADDR=00:0C:29:A1:B5:CC

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPADDR=192.168.1.10

NETMASK=255.255.255.0

GATEWAY=192.168.1.1

DNS1=192.168.1.5

Now Restart network service by typing below command.

systemctl restart network Now Interface will have static IP.

Additionally you can use /etc/sysconfig/network file for hostname and DNS .

HOSTNAME=server.krizna.com

DNS1=192.168.1.5

DNS2=8.8.8.8

SEARCH=krizna.com

restart sshd.service

[root@centos7 ~]# service sshd restart

Redirecting to /bin/systemctl restart sshd.service

Stop service:

systemctl stop httpd

systemctl start httpd

Restart service (stops/starts):

systemctl restart httpd

Reload service (reloads config file):

systemctl reload httpd

List status of service:

systemctl status httpd

chkconfig service on:

systemctl enable httpd

chkconfig service off:

systemctl disable httpd

chkconfig service (is it set up to start?)

systemctl is-enabled httpd

chkconfig –list (shows what is and isn’t enabled)

systemctl list-unit-files --type=service

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-------------XXXXXXXXXXXXX

[root@localhost ~]# hostname

localhost.localdomain

1. nmtui tool:

NetworkManaget tool is used to set the static host name in /etc/hostname file.

nmtui -Select Set HostName

Set the host name.

nmtui – Change HostName 2

estart the hostnamed to force the hostnamectl to notice the change in static host name.

# vi /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

[root@localhost ~]# systemctl restart systemd-hostnamed

[root@server ~]# hostnamectl status

Set the hostname.

[root@server ~]# hostnamectl set-hostname mail.worldcm.net

-------------------------------

http://www.server-world.info/en/

https://sites.google.com/site/ghidit/home

Page updated

Google Sites

Report abuse