CentOS 6.5 Minimal x86_64 Base Installation Guide - rharmonson/richtech GitHub Wiki
#CentOS 6.5 Minimal x86_64 Base Installation Guide
Updated article as of November 2017 at the URL below.
The purpose of this guide is provide the steps to build a standardized CentOS 6.5 Minimal x86_64 base operating system.
##Base CentOS Installation Task Overview
- Obtain media
- Installation
- Basic configuration
- Verify operation
- Time zone
- EPEL
- Virtual machine?
- Update
If you are new to Linux or new to CentOS minimal installations, I would advise reviewing all the information at the URL below. Otherwise, scroll down and select the download URL under section 2. We will be using x86_64 version, also, known as 64 bit. The 32 bit version should work as well.
Reference: http://wiki.centos.org/Manuals/ReleaseNotes/CentOSMinimalCD6.5
Boot from media and, generally, accept the defaults. You have an opportunity to provide time zone, a host name, configure network interfaces, provide DNS IPs, and domain search. If configured at this point, the installation script automatically configures the resulting installation using these settings. It is a time saver, however, I am going to assume these setting have not been set or changes will be needed.
You may skip to the section titled "Verify operation" if you completed all the settings using the installation GUI.
Network interface settings
Reference: http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-networkscripts-interfaces.html
The default interface settings will be as follows with the exception that your HWADDR and UUID will differ:
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:C5:0D:BD
TYPE=Ethernet
UUID=0250e398-8918-4e9d-afd7-7ae04258810f
ONBOOT=no
NM_CONTROLLED=yes
BOOTPROTO=dhcp
[root@localhost ~]# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
If you desire to use DHCP, update ifcfg-eth0 using ONBOOT value from no to yes, save, then restart network services.
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:C5:0D:BD
TYPE=Ethernet
UUID=0250e398-8918-4e9d-afd7-7ae04258810f
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
[root@localhost ~]# service network restart
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C5:0D:BD
inet addr:192.168.113.130 Bcast:192.168.113.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec5:dbd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:67 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7680 (7.5 KiB) TX bytes:8493 (8.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
If you are going to use a static IP address, then update ifcfg-eth0 options with values for your network. Note the NM-CONROLLED can be safely ignored or removed for on CentOS minimal installations, NM or Network Manager is not installed.
[root@localhost ~]# cd /etc/sysconfig/network-scripts
[root@localhost network-scripts]# vi ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:C5:0D:BD
TYPE=Ethernet
UUID=0250e398-8918-4e9d-afd7-7ae04258810f
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=none
IPADDR=192.168.113.150
NETMASK=255.255.255.0
[root@localhost network-scripts]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.113.150 is already in use for device eth0...
[ OK ]
[root@localhost network-scripts]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C5:0D:BD
inet addr:192.168.113.150 Bcast:192.168.113.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec5:dbd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:455 errors:0 dropped:0 overruns:0 frame:0
TX packets:293 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:45176 (44.1 KiB) TX bytes:42738 (41.7 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Reference: http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-sysconfig-network.html
Default settings after installation are as follows:
[root@localhost ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
[root@www ~]# hostname
localhost.localdomain
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.113.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
Update the "network" file with both the network and your host's fully qualified domain name (FQDN). This will result with a default layer 3 or routing gateway. Note a log off and on or reboot is needed to see 'hostname' updated.
[root@localhost ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=www.mydomain.com
GATEWAY=192.168.113.254
[root@localhost ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.113.150 is already in use for device eth0...
[ OK ]
[root@www ~]# hostname
www.mydomain.com
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.113.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 192.168.113.254 0.0.0.0 UG 0 0 0 eth0
###Hosts settings Note the current settings.
[root@www ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
To update the host name, update the hosts file as follows:
[root@www ~]# vi /etc/hosts
192.168.113.150 www www.mydomain.com
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@www ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.113.150 is already in use for device eth0...
[ OK ]
Configure DNS resolution settings. Current settings shown below are a result of using DHCP, initially. Your resolv.conf may differ.
[root@www ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search localdomain
nameserver 192.168.113.254
Update resolv.conf using vi and provide DNS IP addresses and domain suffix search order.
[root@www ~]# cat /etc/resolv.conf
search subdom.mydomain.com mydomain.com
nameserver 8.8.8.8
nameserver 8.8.4.4
Use ping to verify basic interface, routing, and name resolution operation.
[root@www ~]# ping www.google.com -c 5
PING www.google.com (74.125.239.48) 56(84) bytes of data.
64 bytes from nuq04s19-in-f16.1e100.net (74.125.239.48): icmp_seq=1 ttl=128 time=9.83 ms
64 bytes from nuq04s19-in-f16.1e100.net (74.125.239.48): icmp_seq=2 ttl=128 time=9.05 ms
64 bytes from nuq04s19-in-f16.1e100.net (74.125.239.48): icmp_seq=3 ttl=128 time=13.4 ms
64 bytes from nuq04s19-in-f16.1e100.net (74.125.239.48): icmp_seq=4 ttl=128 time=8.40 ms
64 bytes from nuq04s19-in-f16.1e100.net (74.125.239.48): icmp_seq=5 ttl=128 time=8.25 ms
--- www.google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4070ms
rtt min/avg/max/mdev = 8.256/9.808/13.490/1.924 ms
###Time zone
After installation, the default time zone is America/New_York. Changing the time can be done several ways. My preference is to first identify the time zone by listing /usr/share/zoneinfo. For example, /usr/share/zoneinfo/America/Los_Angeles, then update /etc/sysconfig/clock.
[root@www ~]# cat /etc/sysconfig/clock
ZONE="America/New_York"
[root@localhost ~]# ls /usr/share/zoneinfo/America/
Adak Coral_Harbour Hermosillo Moncton Santarem
Anchorage Cordoba Indiana Monterrey Santiago
Anguilla Costa_Rica Indianapolis Montevideo Santo_Domingo
Antigua Creston Inuvik Montreal Sao_Paulo
Araguaina Cuiaba Iqaluit Montserrat Scoresbysund
Argentina Curacao Jamaica Nassau Shiprock
Aruba Danmarkshavn Jujuy New_York Sitka
Asuncion Dawson Juneau Nipigon St_Barthelemy
Atikokan Dawson_Creek Kentucky Nome St_Johns
Atka Denver Knox_IN Noronha St_Kitts
Bahia Detroit Kralendijk North_Dakota St_Lucia
Bahia_Banderas Dominica La_Paz Ojinaga St_Thomas
Barbados Edmonton Lima Panama St_Vincent
Belem Eirunepe Los_Angeles Pangnirtung Swift_Current
Belize El_Salvador Louisville Paramaribo Tegucigalpa
Blanc-Sablon Ensenada Lower_Princes Phoenix Thule
Boa_Vista Fortaleza Maceio Port-au-Prince Thunder_Bay
Bogota Fort_Wayne Managua Porto_Acre Tijuana
Boise Glace_Bay Manaus Port_of_Spain Toronto
Buenos_Aires Godthab Marigot Porto_Velho Tortola
Cambridge_Bay Goose_Bay Martinique Puerto_Rico Vancouver
Campo_Grande Grand_Turk Matamoros Rainy_River Virgin
Cancun Grenada Mazatlan Rankin_Inlet Whitehorse
Caracas Guadeloupe Mendoza Recife Winnipeg
Catamarca Guatemala Menominee Regina Yakutat
Cayenne Guayaquil Merida Resolute Yellowknife
Cayman Guyana Metlakatla Rio_Branco
Chicago Halifax Mexico_City Rosario
Chihuahua Havana Miquelon Santa_Isabel
[root@www ~]#
Once you have identified your time zone, i.e. Los_Angeles, update the clock file.
[root@www ~]# vi /etc/sysconfig/clock
ZONE="America/New_York"
###EPEL EPEL repository installation steps are as follows:
- Install the repository's key, so the package can be verified and trusted.
- Installl the repository package for your distribution.
- Configure, if desired, the repository configuration files found
/etc/yum.repos.d.
For CentOS 6.5 64 bit
# rpm --import http://ftp.riken.jp/Linux/fedora/epel/RPM-GPG-KEY-EPEL-6
# rpm -ivh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Once installed, you can use the default settings; EPEL base is enabled.
###Virtual Machine? If using CentOS as a virtual machine, it is advisable to install virtual machine drivers. Not a requirement, but you will, otherwise, lose functionality with most virtual technology solutions. I am using VMware's solution and use open-vm-tools versus VMware Tools, but it is my personal preference.
For installation of open-vm-tools, complete the installation of the EPEL repository, then execute the following:
[root@www ~]# yum install open-vm-tools
Results with the following:
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
open-vm-tools x86_64 9.4.0-8.el6 epel 401 k
Installing for dependencies:
dbus x86_64 1:1.2.24-7.el6_3 base 207 k
libdnet x86_64 1.12-6.el6 epel 28 k
libicu x86_64 4.2.1-9.1.el6_2 base 4.9 M
Transaction Summary
================================================================================
Install 4 Package(s)
Total download size: 5.5 M
Installed size: 20 M
Is this ok [y/N]:
###Update Update CentOS using base and EPEL repositories, then reboot.
# yum update
Results with:
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
kernel x86_64 2.6.32-431.17.1.el6 updates 28 M
Updating:
audit x86_64 2.2-4.el6_5 updates 225 k
audit-libs x86_64 2.2-4.el6_5 updates 60 k
ca-certificates noarch 2013.1.95-65.1.el6_5 updates 1.1 M
centos-release x86_64 6-5.el6.centos.11.2 updates 20 k
coreutils x86_64 8.4-31.el6_5.1 updates 3.0 M
coreutils-libs x86_64 8.4-31.el6_5.1 updates 50 k
curl x86_64 7.19.7-37.el6_5.3 updates 194 k
device-mapper-multipath x86_64 0.4.9-72.el6_5.2 updates 117 k
device-mapper-multipath-libs x86_64 0.4.9-72.el6_5.2 updates 181 k
device-mapper-persistent-data x86_64 0.2.8-4.el6_5 updates 1.1 M
dracut noarch 004-336.el6_5.2 updates 122 k
dracut-kernel noarch 004-336.el6_5.2 updates 24 k
ethtool x86_64 2:3.5-1.4.el6_5 updates 101 k
glib2 x86_64 2.26.1-7.el6_5 updates 1.6 M
glibc x86_64 2.12-1.132.el6_5.2 updates 3.8 M
glibc-common x86_64 2.12-1.132.el6_5.2 updates 14 M
grep x86_64 2.6.3-4.el6_5.1 updates 229 k
initscripts x86_64 9.03.40-2.el6.centos.1 updates 940 k
iproute x86_64 2.6.32-32.el6_5 updates 365 k
kernel-firmware noarch 2.6.32-431.17.1.el6 updates 13 M
kpartx x86_64 0.4.9-72.el6_5.2 updates 58 k
krb5-libs x86_64 1.10.3-15.el6_5.1 updates 761 k
libblkid x86_64 2.17.2-12.14.el6_5 updates 115 k
libcurl x86_64 7.19.7-37.el6_5.3 updates 166 k
libuuid x86_64 2.17.2-12.14.el6_5 updates 68 k
libxml2 x86_64 2.7.6-14.el6_5.1 updates 800 k
mdadm x86_64 3.2.6-7.el6_5.2 updates 337 k
mysql-libs x86_64 5.1.73-3.el6_5 updates 1.2 M
nspr x86_64 4.10.2-1.el6_5 updates 113 k
nss x86_64 3.15.3-6.el6_5 updates 822 k
nss-softokn x86_64 3.14.3-10.el6_5 updates 265 k
nss-softokn-freebl x86_64 3.14.3-10.el6_5 updates 157 k
nss-sysinit x86_64 3.15.3-6.el6_5 updates 40 k
nss-tools x86_64 3.15.3-6.el6_5 updates 358 k
nss-util x86_64 3.15.3-1.el6_5 updates 64 k
openldap x86_64 2.4.23-34.el6_5.1 updates 265 k
openssl x86_64 1.0.1e-16.el6_5.7 updates 1.5 M
p11-kit x86_64 0.18.5-2.el6_5.2 updates 94 k
p11-kit-trust x86_64 0.18.5-2.el6_5.2 updates 71 k
postfix x86_64 2:2.6.6-6.el6_5 updates 2.0 M
psmisc x86_64 22.6-19.el6_5 updates 81 k
python x86_64 2.6.6-52.el6 updates 74 k
python-libs x86_64 2.6.6-52.el6 updates 5.3 M
selinux-policy noarch 3.7.19-231.el6_5.3 updates 825 k
selinux-policy-targeted noarch 3.7.19-231.el6_5.3 updates 2.8 M
tzdata noarch 2014b-3.24.el6 updates 452 k
upstart x86_64 0.6.5-13.el6_5.3 updates 177 k
util-linux-ng x86_64 2.17.2-12.14.el6_5 updates 1.5 M
yum noarch 3.2.29-43.el6.centos updates 996 k
yum-plugin-fastestmirror noarch 1.1.30-17.el6_5 updates 28 k
Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 50 Package(s)
Total download size: 90 M
Is this ok [y/N]:
Restart to utilize the new packages and drivers.
# reboot
##Done Done!? Maybe. Essentially, you are ready to install your application prerequisites and application. I, typically, install a small number of packages for ease of administration. See the section below titled "Packages" for my list of damn useful packages.
##Other considerations
###Packages The objective was to install a small, efficient, and, relatively, maintenance free CentOS base operating system using the distribution. However, there are few packages I install on most if not all my hosts.
Network & Firewall TUIs Once connected, these packages are my priority for installation. They are time savers!
# yum install system-config-network-tui system-config-firewall-tui
###SUDO To improve security, you may want to disable root access via SSH. If so, see my howto on the basics of configuring and using sudo. It intent is to get you up and running with sudo, remove root ssh access, and nothing more. Google is your friend for more subtle uses of visudo.
https://github.com/rharmonson/richtech/wiki/sudo-on-CentOS-6.5
###SELinux Quit frequently, SELinux is a pain and the tendency is for admins to disable it and forget to revisit. See my brief howto below. It may provide an alternative to disabling SELinux.
https://github.com/rharmonson/richtech/wiki/SELinux-&-Building-Security-Modules