Setup Note: Red Hat Enterprise Linux - takumaw/Configs GitHub Wiki

Red Hat Enterprise Linux Setup Note

Initial Setup

Installer Selection

  • Language & Keyboard
    • Japanese
  • Software Selection
    • Server with GUI
    • Development Tools
    • Perfoemance Tools
    • Debugging Tools
    • Virtualization Host (Optional)
  • Partitioning
    • /boot/efi: 1GiB
    • /boot: 2 GiB
    • swap: 8-16 GiB
    • /var/crash: 8-16 GiB
    • rl (w/ LUKS)
      • rl-root: /: 200 GiB
      • rl-log: /var/log: 50 GiB
      • rl-libvirt: /var/ib/libvirt: 200 GiB -
sudo dnf group install -y "Server with GUI"
sudo dnf group install -y "Development"
sudo dnf group install -y "Performance"
sudo dnf group install -y "Debugging"
sudo dnf group install -y "Virtualization Host"

Optional: Install SSH Keys

mkdir -p ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
vim ~/.ssh/authorized_keys

Optional: Enable Proxy

sudo vim /etc/environment
sudo vim /etc/yum.conf

Optional: Install Root CA Certificates

Place certs under /etc/pki/ca-trust/source/anchors/.

Then,

sudo update-ca-trust extract

Enable Subscription

sudo hostnamectl set-hostname HOSTNAME
sudo subscription-manager register
sudo subscription-manager attach

Prepare Essential Utils

sudo dnf install -y vim tmux zsh
sudo dnf install -y yum-utils

Enable Automatic Update

sudo dnf install -y dnf-automatic
sudo vim /etc/dnf/automatic.conf
sudo systemctl enable --now dnf-automatic.timer

Enable Time Syncing

sudo dnf install -y chrony
sudo vim /etc/chrony.conf
# => modify ntp server(s)
sudo systemctl enable chronyd.service
sudo systemctl restart chronyd.service
sudo chronyc -a makestep

Or,

sudo systemctl disable --now chronyd.service

Optional: Disable FirewallD

sudo systemctl disable --now firewalld.service

Optional: Disable SELinux

sudo grubby --update-kernel=ALL --args="selinux=0"
sudo vim /etc/selinux/config

Optional: Disable Graphical Boot

sudo grubby --update-kernel=ALL --remove-args="quiet rhgb"

Optional: Disable Graphical Environment

sudo systemctl set-default multi-user.target
sudo systemctl isolate multi-user.target

Optional: Enable Serial Console

for tty in /dev/ttyS*; do echo $tty > $tty; done
sudo grubby --update-kernel=ALL --args="console=ttyS*,115200 console=tty0"

Optional: Enable HugePage

sudo mkdir -p /etc/tuned/virtual-host-custom
sudo vim /etc/tuned/virtual-host-custom/tuned.conf
[main]
include=virtual-host

[bootloader]
cmdline="default_hugepagesz=1G hugepagesz=1G hugepages=..."

then,

sudo tuned-adm profile virtual-host-custom

Enable SysRq key

sudo sysctl -w kernel.sysrq=1 | sudo tee /etc/sysctl.d/98-sysrq.conf

Enable kdump

sudo kdumpctl estimate
sudo mkfs.xfs ...
sudo xfs_admin -u ...
sudo vim /etc/fstab
sudo vim /etc/kdump.conf
xfs UUID=
path /

sudo systemctl enable --now kdump.service
sudo systemctl restart kdump.service
echo c > /proc/sysrq-trigger

Optional: Create Bridge

sudo nmcli connection add type bridge con-name br0 ifname br0
sudo nmcli con modify br0 ipv6.method disabled
sudo nmcli con modify br0 ipv4.method disabled
IF_SLAVE_NAME=...
sudo nmcli con del ${IF_SLAVE_NAME}
sudo nmcli connection add type ethernet slave-type bridge con-name ${IF_SLAVE_NAME} ifname ${IF_SLAVE_NAME} master br0
sudo nmcli con up br0
<network>
  <name>br0</name>
  <forward mode='bridge'/>
  <bridge name='br0'/>
</network>
sudo virsh net-define br0.xml
sudo virsh net-autostart br0
sudo virsh net-start br0.xml

Optional: Define Pool

<pool type='logical'>
  <name>rl</name>
  <source>
    <name>rl</name>
    <format type='lvm2'/>
  </source>
  <target>
    <path>/dev/rl</path>
  </target>
</pool>
sudo virsh pool-define rl.xml
sudo virsh pool-autostart rl
sudo virsh pool-start rl
<pool type='dir'>
  <name>default</name>
  <source>
  </source>
  <target>
    <path>/var/lib/libvirt/images</path>
    <permissions>
      <mode>0711</mode>
      <owner>0</owner>
      <group>0</group>
      <label>system_u:object_r:virt_image_t:s0</label>
    </permissions>
  </target>
</pool>
sudo virsh pool-define default.xml
sudo virsh pool-autostart default
sudo virsh pool-start default

Optional: Install Network Filesystems

sudo dnf install -y cifs-utils nfs-utils

Optional: Enable Cockpit Web Console

sudo dnf install -y cockpit
sudo systemctl enable --now cockpit.socket
sudo vim /etc/cockpit/disallowed-users
sudo dnf install -y cockpit-pcp

Optional: Disable resource stat

sudo systemctl disable --now pmlogger_daily.timer
sudo systemctl disable --now pmlogger_daily_report.timer
sudo systemctl disable --now pmlogger_daily_report-poll.timer
sudo systemctl disable --now pmcd.service pmie.service pmlogger.service
sudo systemctl disable --now sysstat.service
cd /var/log/pcp/pmlogger
# delete hostname's folder

sudo rm -rf /var/log/sa/*

Optional: Enable TPM-based unlocking

sudo dnf install clevis-luks
sudo clevis luks bind -d /dev/... tpm2 '{"hash":"sha256","key":"rsa"}'
sudo dnf install clevis-dracut
sudo clevis luks list -d /dev/...
sudo dracut -fv --regenerate-all

Optional: Modify LVM

sudo swapoff --all
sudo lvresize --fs ignore -L {SIZE} /dev/mapper/{VG}-swap
sudo mkswap /dev/mapper/*-swap
sudo swapon --all
sudo lvextend -l +100%FREE {VG}/root
sudo xfs_growfs /

Optional: Update Folder Names

LANG=C xdg-user-dirs-gtk-update

Refresh dnf packages

sudo dnf update -y; sudo dnf autoremove -y

Console Applications

See: Ubuntu Setup Note.

⚠️ **GitHub.com Fallback** ⚠️