CentOS is a community-driven free Linux Distribution which happens to be a very capable alternative to Red Hat Enterprise Linux. It is derived from Red Hat Enterprise Linux sources. After installing CentOS 7, you may go ahead and start using the OS, but there are many things we can do to the new core system to get the most out of it. Most of these are also applicable to Red Hat Enterprise Linux since CentOS shares most of its features with it.
So let us look at “ 10 Things to Do After Installing CentOS 7” that you may consider doing to get your server ready. This is not a comprehensive list but hopefully will be quite helpful in setting up your new server.
1. Configure the static ip on the server
The first thing we will do is to configure Static IP address, Route and DNS to the CentOS Server. We will be using ip command the replacement of ifconfig command.
Edit the interface file under /etc/sysconfig/network-scripts/ directory:
# vi /etc/sysconfig/network-scripts/ifcfg-eth016 IPADDR = “[Enter your static IP here]” GATEWAY = “[Enter your Default Gateway]” DNS1 = “[Your Domain Name System 1]” DNS2 = “[Your Domain Name System 2]” # systemctl stop NetworkManager --------->stop NetworkManager # systemctl disable NetworkManager --------->not needed on server # service network restart --------->restart network service
2. Update the kernel & Upgrade CentOS
We will then go ahead and update our already installed packages to the latest versions as well as install the latest security updates.
yum update kernel
yum update && yum upgrade
3. Set Hostname of Server
We will then set a Hostname for our server.
# echo $HOSTNAME --------->check current HOSTNAME # vi /etc/hostname ` --------->edit and replace old hostname with your own # echo $HOSTNAME --------->logout and login again
4. Install Command Line Web Browser
If you have no GUI installed, you will need a command-line based web browser to browse the internet via terminal. For this, we will either one of two tools ‘links‘ or ‘elinks’.
# yum install links Or # yum install elinks
5. Install wget & 7-zip
wget is a Linux command-line based tool that retrieves (downloads) content from web servers. It is an important tool you must have to retrieve web content or download any files using wget command. 7-zip is also a utility that allows us to compress and extract files of all known types. Install 7-zip with the following command. yum install wget
yum install p7zip
6. Install GCC & Java
GCC stands for GNU Compiler Collection is a compiler system developed by GNU Project that supports various programming languages. Java is a general-purpose class-based, object-oriented Programming language. Install GCC and Jaca with the following command.
yum install gcc yum install java
7. Install Rootkit Hunter
Rootkit Hunter is an application that scans rootkits and other potentially harmful exploits in Linux systems. Install Rootkit Hunter with the following command.
yum install rkhunter
8. Install Apache HTTP Server
No matter what purpose you will be using the server, in most cases you need an HTTP server to run websites, multimedia, client-side script, and many other things. Run the following commands to install and set up your Apache HTTP Server.
# yum install httpd # firewall-cmd --add-service=http # firewall-cmd --reload # systemctl restart httpd.service # systemctl start httpd.service # systemctl enable httpd.service
9. Install PHP
PHP is a very popular server-side scripting language for web-based services. It is also used as a general-purpose programming language. Run the following command to install PHP.
# yum install php # systemctl restart httpd.service
10. Enable iptables
There will be soon a separate article on how to setup iptables. Sorry! 🙂
Follow this guide to install & setup iptables firewall.
So in conclusion, these are a few things you can do to get your system running in top shape. We have tried to cover quite a few different areas and if you find that we’ve left out some other key things needed, you can share them in the comments below.
I have issues with some of these:
Why set a static IP? You should be getting an IP from DHCP or another source.
Why have the user install Java? There’s only a small chance they’ll be using Java, so you’re really just opening up holes in the system. Same with a web serverr…same with PHP. And at the end where you should tell the user how to setup a firewall to protect them, you leave that as an exercise for the reader, when it’s probably one of the few things that should actually be on that list.
Also noticably absent is SELinux.
My list would be to update ALL packages from RHSM, not just the kernel, install SELinux, and configure a firewall. Setting a hostname may as well be changing the background image.
Could also include AIDE and its configuration if you are going the security conscious route.