CentOS-7 Basic
Check the CentOS version.
cat /etc/centos-release # CentOS Linux release 7.4.1708 (Core)
Create a new non-root user account with sudo access and switch to it.
useradd -c "John Doe" johndoe && passwd johndoe usermod -aG wheel johndoe su - johndoe
NOTE: Replace johndoe with your username.
Set up the timezone.
timedatectl list-timezones sudo timedatectl set-timezone 'Asia/Dhaka'
HOST Name
# hostnamectl set-hostname mail
# echo "192.168.0.14 mail.worldcm.net mail " >> /etc/hosts
# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
254.20.140.254 mail.worldcm.net mail
systemctl stop firewalld.service
systemctl disable firewalld.service
Enable CentOS CR (Continuous Release) Repository
# yum install centos-release-cr
# yum update
# yum-config-manager --enable cr
# yum repolist cr
yum -y install epel-release
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-lt
# yum install kernel kernel-tools kernel-tools-libs
yum -y install yum-updatesd yum-utils nmap netstat lsof net-tools quota* xfsprogs xfsdump xfsprogs-devel xfsprogs-qa-devel htop iptraf-ng iftop mutt vim* mlocate httpd* NetworkManager-tui gcc yum-priorities openssl cyrus* ntsysv finger curl lsof bash-completion git wget unzip bash-completion setuptools cronie grep NetworkManager webmin pfring java
# yum install xrdp --enablerepo=cr
yum -y install yum-updatesd yum-utils nmap netstat lsof net-tools quota* xfsprogs xfsdump xfsprogs-devel xfsprogs-qa-devel htop iptraf-ng iftop mutt vim* mlocate httpd* NetworkManager-tui gcc yum-priorities openssl cyrus* ntsysv finger curl git wget unzip bash-completion setuptools NetworkManager cronie pfring xinetd xrdp cento n2disk ndpi nprobe perl tigervnc-server webmin pfring java
-----------------------------------------Quota---------------------------------------------------
[root@mail ~]# mount | grep ' / '
/dev/mapper/centos-root on / type xfs (rw,relatime,attr2,inode64,noquota)
# cp /etc/default/grub /etc/default/grub.ORG
[root@mail ~]# vi /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet rootflags=uquota,pquota"
GRUB_DISABLE_RECOVERY="true"
[root@mail ~]# cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig
[root@mail ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
**The path on some OSs has been changed to E F I [ EFI BOOT ] **
# /boot/efi/EFI/centos/grub.cfg
[root@mail ~]# cp /boot/efi/EFI/centos/grub.cfg /boot/efi/EFI/centos/grub.cfg.ORG
[root@mail ~]# grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
# reboot
[root@mail ~]# mount | grep ' / '
/dev/mapper/centos-root on / type xfs (rw,relatime,attr2,inode64,usrquota,prjquota)
Then Go to webmin----->
1. Disk and Network --->/ (Root filesystem) or home ---> Enable user & groups quotas ---> save
2. Disk Quotas ---->/ (users) / (groups) ---> ok
-----------------------------x----------------------------------------------
#nmtui -------ADD IP
IP Set
# nmtui
# nmcli d
yum reinstall NetworkManager
# systemctl enable NetworkManager
# systemctl start NetworkManager
# systemctl restart network.service
Stop and Disable Firewalld on CentOS 7
[root@rhel-centos7-linux ~]# yum -y install iptables-services
systemctl disable firewalld
systemctl stop firewalld
[root@mail named]# systemctl disable firewalld.service
systemctl stop firewalld.service
systemctl status firewalld
--------------------------------------------------------------------------
systemctl enable iptables
systemctl start iptables
systemctl start ip6tables
[root@world]# systemctl disable iptables.service
# systemctl stop iptables.service
# systemctl stop ip6tables.service
# nmtui
--------------------------------------------------
[root@dlp ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # change to disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
# restart to apply new setting
[root@dlp ~]# reboot
HOST Name
hostnamectl set-hostname mail
echo "192.168.0.14 mail.worldcm.net mail " >> /etc/hosts
cat /etc/hosts
# vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=s1.worldcm.net
DOMAINNAME=worldcm.net
-------------------------------------------------
Service
[1] It's possible to make sure services' status like follows.
# display the list of services which are running
[root@dlp ~]# systemctl -t service
UNIT LOAD ACTIVE SUB DESCRIPTION auditd.service loaded active running Security Auditing Service avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus getty@tty1.service loaded active running Getty on tty1 ... ... ... systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-utmp.service loaded active exited Update UTMP about System Reboot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tuned.service loaded active running Dynamic System Tuning Daemon LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 39 loaded units listed. Pass --all to see loaded but inactive units, too. To show all installed unit files use 'systemctl list-unit-files'.
# the list of all services
[root@dlp ~]# systemctl list-unit-files -t service
UNIT FILE STATE auditd.service enabled autovt@.service disabled avahi-daemon.service enabled blk-availability.service disabled brandbot.service static ... ... ... systemd-user-sessions.service static systemd-vconsole-setup.service static teamd@.service static tuned.service enabled wpa_supplicant.service disabled 125 unit files listed.
[2]
Stop and turn OFF auto-start setting for a service if you don'd need it. (it's smartd as an example below)
[3]
There are some SysV services yet. Those are controled by chkconfig like follows.
[root@dlp ~]# chkconfig --list
Note: This output shows SysV services only and does not include native systemd services. SysV configuration data might be overridden by native systemd configuration. If you want to list systemd services use 'systemctl list-unit-files'. To see services enabled on particular target use 'systemctl list-dependencies [target]'. iprdump 0:off 1:off 2:on 3:on 4:on 5:on 6:off iprinit 0:off 1:off 2:on 3:on 4:on 5:on 6:off iprupdate 0:off 1:off 2:on 3:on 4:on 5:on 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# for exmaple, turn OFF auto-start setting for netconsole
[root@dlp ~]# chkconfig netconsole off
Add Repositories
[root@dlp ~]# yum -y install yum-plugin-priorities
set [priority=1] to official repository
[root@dlp ~]# sed -i -e "s/\]$/\]\npriority=1/g" /etc/yum.repos.d/CentOS-Base.repo
Add RPMforge Repository which provides many useful packages
[root@dlp ~]# yum -y install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
# set [priority=10]
[root@dlp ~]# sed -i -e "s/\]$/\]\npriority=10/g" /etc/yum.repos.d/rpmforge.repo
# for another way, change to [enabled=0] and use it only when needed
[root@dlp ~]# sed -i -e "s/enabled = 1/enabled = 0/g" /etc/yum.repos.d/rpmforge.repo
# if [enabled=0], input a command to use the repository
[root@dlp ~]# yum --enablerepo=rpmforge install [Package]
# systemctl enable NetworkManager
# systemctl start NetworkManager
Restart / Stop / Start Networking
/etc/init.d/network restart
systemctl status network.service
OR
systemctl status network
systemctl restart network.service
OR
systemctl restart network
systemctl start network.service
OR
systemctl start network
systemctl stop network.service
OR
systemctl stop network
-------------
CentOS / Redhat 7 Command..................................................................................................T.
vmtools install
# yum -y install open-vm-tools
# systemctl start vmtoolsd.service
# systemctl enable vmtoolsd.service
# ip addr show
Configuring Multiple Addresses Using ip Commands
~]# ip address add 192.168.2.223/24 dev eth1
~]# ip address add 192.168.4.223/24 dev eth1
~]# ip addr
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:fb:77:9e brd ff:ff:ff:ff:ff:ff
inet 192.168.2.223/24 scope global eth1
inet 192.168.4.223/24 scope global eth1
#ip route add 192.0.2.0/24 via 10.0.0.1
Static route configuration can be stored per-interface in a /etc/sysconfig/network-scripts/route-interface file. For example, static routes for the eth0 interface would be stored in the /etc/sysconfig/network-scripts/route-eth0 file. The route-interface file has two formats: ip command arguments and network/netmask directives. These are described below.
#systemctl restart network.service
#systemctl start network
#systemctl stop network.service
#sudo systemctl stop network
[root@nagios-server /]# firewall-cmd –permanent –zone=public –add-service=http
[root@nagios-server /]# firewall-cmd –permanent –zone=public –add-service=https
[root@nagios-server /]# firewall-cmd –reload
Setup network on centos 7
# yum install NetworkManager-tui
let’s start, Type “nmcli d” command in your terminal for quick identification of Ethernet cards installed in your machine.
Here we have 2 interfaces named “enp0s17” and “enp0s18” . it might be different in your case ( Eg: em1 or p4p1 ).
# ip addr show
[root@mail network-scripts]# vi ifcfg-em1
nmtui-edit em1 [ Public IP]
----------Manual DHCP---------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
-------------------
IPV6INIT=yes
IPV6_PEERROUTES=yes
UUID=5432ae7b-2e3c-4f91-872a-ac9075eec38d
IPV6_ADDR_GEN_MODE=stable-privacy
BOOTPROTO=none
NAME=em1
MACADDR=""
TYPE=Ethernet
IPV6_FAILURE_FATAL=no
DEVICE=em1
IPV6_AUTOCONF=yes
MTU=""
IPV6_DEFROUTE=yes
DEFROUTE=yes
IPADDR=175.29.184.59
NETMASK=255.255.255.248
NETWORK=175.29.184.56
BROADCAST=175.29.184.63
GATEWAY=175.29.184.57
DNS1=103.20.140.18
DNS3=8.8.8.8
DNS2=202.22.200.44
IPV4_FAILURE_FATAL=no
ONBOOT=yes
IPV6_PEERDNS=yes
ZONE=public
---------------------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp4s0
UUID=009aef90-1b4d-4a65-9b6a-4b5726721479
DEVICE=enp4s0
ONBOOT=yes
IPADDR=203.82.196.110
PREFIX=29
GATEWAY=203.82.196.105
----------------------XXXXXXX---------------------------
[root@mail network-scripts]# vi ifcfg-em2 [Local IP]
nmtui-edit em2
IPV6INIT=no
IPV6_PEERROUTES=yes
UUID=3590a947-6e08-4168-942d-1cd458917bb8
BOOTPROTO=none
NAME=em2
MACADDR=""
TYPE=Ethernet
IPV6_FAILURE_FATAL=no
DEVICE=em2
IPV6_AUTOCONF=yes
MTU=""
IPV6_DEFROUTE=yes
DEFROUTE=yes
IPADDR=192.168.9.254
NETMASK=255.255.255.0
NETWORK=192.168.9.0
BROADCAST=192.168.9.255
IPV4_FAILURE_FATAL=no
ONBOOT=yes
ZONE=public
IPV6_PEERDNS=yes
-----------------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp5s0
UUID=88d6c0ca-9617-4009-8a28-3038863a91a3
DEVICE=enp5s0
ONBOOT=yes
ZONE=public
IPADDR=192.168.81.123
PREFIX=23
--------------------------------
GUI Mode
Recommended for beginners
Step 1 » Type this command “nmtui” to open Network manager and press enter after choosing ” Edit a connection” ( Use TAB for choosing options ) .
Step 2 » Now you can see all network interfaces, choose one and click “Edit“.
» DHCP configuration
Step 3 » For DHCP,
1. Choose “Automatic” in IPv4 CONFIGURATION.
2. Choose Automatic Connect check box.
3. Press OK and quit Network manager.
Now Restart network service by typing below command.
systemctl restart network Now your server will get IP Address from DHCP .
» Static configuration
Step 4 » For manual IP address,
1. Choose “Manual” in IPv4 CONFIGURATION.
2. Add IP Address with Subnet , Gateway and DNS server ( Refer below image ).
3. Choose Automatic Connect check box.
4. Press OK and quit Network manager.
Now Restart network service by typing below command.
systemctl restart network That’s it, Interface will have static IP.
Command Mode
Step 1 » Network interface config files are located in /etc/sysconfig/network-scripts/ directory. Open ifcfg-enp0s17 file ( For interface enp0s17 ) and you can see the content like below.
[root@krizna ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s17
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s17
UUID=7f1aff2d-b154-4436-9497-e3a4dedddcef
ONBOOT=no
HWADDR=00:0C:29:A1:B5:D6
PEERDNS=yes
PEERROUTES=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
» DHCP configuration
Step 2 » For DHCP
Find the below lines in config File.
BOOTPROTO=none
ONBOOT=no and replace with
BOOTPROTO=dhcp
ONBOOT=yes Now Restart network service by typing below command.
systemctl restart network Now your server will get IP Address from DHCP
» Static configuration
Step 3 » For Static IP.
Find the below lines in config File.
BOOTPROTO=none
ONBOOT=no and replace with
BOOTPROTO=static
ONBOOT=yes And add the below lines at the end of the file.
IPADDR=172.27.0.32
NETMASK=255.255.255.0
GATEWAY=172.27.0.1
DNS1=172.27.0.5 File will look like below after changes.
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s17
UUID=f0c5b37d-299a-43cb-b74b-618bb252d129
ONBOOT=yes
HWADDR=00:0C:29:A1:B5:CC
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPADDR=192.168.1.10
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=192.168.1.5
Now Restart network service by typing below command.
systemctl restart network Now Interface will have static IP.
Additionally you can use /etc/sysconfig/network file for hostname and DNS .
HOSTNAME=server.krizna.com
DNS1=192.168.1.5
DNS2=8.8.8.8
SEARCH=krizna.com
restart sshd.service
[root@centos7 ~]# service sshd restart
Redirecting to /bin/systemctl restart sshd.service
Stop service:
systemctl stop httpd
systemctl start httpd
Restart service (stops/starts):
systemctl restart httpd
Reload service (reloads config file):
systemctl reload httpd
List status of service:
systemctl status httpd
chkconfig service on:
systemctl enable httpd
chkconfig service off:
systemctl disable httpd
chkconfig service (is it set up to start?)
systemctl is-enabled httpd
chkconfig –list (shows what is and isn’t enabled)
systemctl list-unit-files --type=service
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-------------XXXXXXXXXXXXX
[root@localhost ~]# hostname
localhost.localdomain
1. nmtui tool:
NetworkManaget tool is used to set the static host name in /etc/hostname file.
nmtui -Select Set HostName
Set the host name.
nmtui – Change HostName 2
r
estart the hostnamed to force the hostnamectl to notice the change in static host name.
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@localhost ~]# systemctl restart systemd-hostnamed
[root@server ~]# hostnamectl status
Set the hostname.
[root@server ~]# hostnamectl set-hostname mail.worldcm.net
-------------------------------
http://www.server-world.info/en/