Installing CentOS

Introduction

This page describes the installation of CentOS on the following systems:

• spaghetti: test RPM-based VM

To clarify before starting

<nothing>

Backing up first

<nothing>

Preparing media

1. Prepare CentOS-6.3-x86_64-minimal.iso as an ISO image

Installing minimal OS

1. Boot the media and accept all defaults except as noted below.
2. At the ‘Disk Found’ window, when prompted to perform a media check, select ‘Skip’
3. At the ‘System to Upgrade’ window, when prompted prompted to upgrade or reinstall, select ‘Reinstall System’
4. At the ‘Time Zone Selection’ window, set the correct timezone
5. At the ‘Partitioning Type’ window, when prompted to specify which space to use, select ‘Use entire drive’
6. At the ‘Writing storage configuration to disk’ window, select ‘Write changes to disk’

Urgent steps

1. Run:

   ifconfig eth0 <ip-addr> up
   route add -net default gw <gateway-ip-addr>
   echo "nameserver <nameserver-ip-addr>" > /etc/resolv.conf

2. Run the following:

   yum install system-config-network-tui
   system-config-network

   and set up the interface, routing and DNS as per the parameters just used.

3. Edit /etc/sysconfig/network-scripts/ifcfg-eth0 and be sure to set:

   ...
   ONBOOT=yes
   NM_MANAGED=no
   ...

4. Edit /etc/hosts, remove all content and add entries for localhost and the hostname itself.
5. Edit /etc/selinux/config and adjust the following settings:

   SELINUX=disabled

6. Reboot.
7. Run the following:

   yum install vim

   (The editors are useful for steps later in this section.)

8. Configure SSH as follows:
   1. Run:

      yum install openssh-server

   2. If you want to restore host keys then do so.
   3. Edit ~root/.ssh/authorized_keys and add the following entry:

      <trust-server's-public-ssh-key>

   4. Edit /etc/ssh/sshd_config and make the following settings:

      StrictModes yes
      IgnoreRhosts yes
      X11Forwarding yes
      RSAAuthentication no
      PubkeyAuthentication yes
      RhostsRSAAuthentication no
      HostbasedAuthentication no
      PermitEmptyPasswords no
      ChallengeResponseAuthentication no
      PasswordAuthentication no
      PermitRootLogin yes

   5. Run:

      service sshd restart

   6. Run:

      cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

9. Copy over the following files from a system where they are already set up as per local preferences:
   • .bashrc
   • .profile
   • .vimrc
   • .hushlogin

Accessing more software

1. Run:

   yum install redhat-lsb vim-common
   rpm -ihv https://repo.pasta.freemyip.com/redhat/7/x86_64/ade-1.11-2.noarch.rpm
   rpm -ihv https://repo.pasta.freemyip.com/redhat/7/x86_64/paa-2.0.10-2.noarch.rpm
   cd /usr/share/doc/paa/examples
   zcat autopaa.gz | AUTOPAA_MODE=client sh

2. Add access to EPEL by running:

   paa repo epel rpm accessed false
   paa editrepo epel

   and provide the following config:

   ##############################################################################
   #
   #  Internal variables (defined for convenience and referenced only from within
   #  this file)
   #
   ##############################################################################
   
   _RELEASES="4 5 6"
   _PORTS="i386 x86_64"
   _LAYOUT="<release>/<port>"
   
   ##############################################################################
   #
   #  Repository contents (defines what is in or may be inserted into this repo)
   #
   ##############################################################################
   
   #  The set of *all* releases and ports this repository will contain.
   for _RELEASE in $_RELEASES; do
       release $_RELEASE
       for _PORT in $_PORTS; do
           port $_RELEASE $_PORT
       done
       layout $_RELEASE $_LAYOUT
   done
   
   ##############################################################################
   #
   #  Compatibility (defines on which distros each release in this non-distro
   #  repo may be installed)
   #
   ##############################################################################
   
   #  Each release in this repository is compatible with which distros?
   for _RELEASE in $_RELEASES; do
       for _SIMILAR_DISTRO in rhel scientificlinux centos; do
           compat $_RELEASE rpm $_SIMILAR_DISTRO ${_RELEASE%.*}
           for _MINOR_RELEASE in 1 2 3 4 5 6; do
               compat $_RELEASE rpm $_SIMILAR_DISTRO ${_RELEASE%.*}.$_MINOR_RELEASE
           done
       done
   done
   compat 6 rpm fedora \*
   compat 6 rpm sles   \*
   
   ##############################################################################
   #
   #  Misc settings
   #
   ##############################################################################
   
   #  URL for the paacrt archive
   url "http://ftp.tu-chemnitz.de/pub/linux/fedora-epel/"

   and then run:

   paa access epel

Drivers and updates

Network configuration

Mail

It is possible to simplify this procedure for non-mobile satellite systems, but in order to standardise the procedure it is extended slightly to make it all encompassing.

1. Install the following packages:
   • mutt
   • postfix
   • heirloom-mailx

   and accept all defaults (the config file will be overwritten in a minute)

2. Determine the name of the system itself for mail purposes and the mail relay to which the system (not its users) should send mail and assign them to variables as follows:
   • spaghetti:

     MAILNAME=spaghetti.pasta.net
     MAILRELAY=mail.pasta.freemyip.com   #  since laptop used at home and outside
     MAILCLIENT=$(uname -n)
     DNAME=pasta.net
     ROOTRCPT=$(echo alexishuxley-at-gmail.com | sed 's/-at-/@/')
     AUTHREQ=false

3. Run:

   echo "$MAILNAME" > /etc/mailname

4. Create /etc/postfix/main.cf containing:

   myorigin = /etc/mailname
   append_dot_mydomain = no
   smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
   smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
   smtpd_use_tls=yes
   smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
   smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
   myhostname = MAILCLIENT
   alias_maps = hash:/etc/aliases
   alias_database = hash:/etc/aliases
   mydestination = MAILCLIENT, MAILCLIENT.DNAME, localhost.localdomain, localhost
   relayhost = MAILRELAY
   smtp_sasl_auth_enable = yes
   smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
   smtp_sasl_security_options =
   mynetworks = 127.0.0.0/8
   mailbox_size_limit = 0
   recipient_delimiter = +
   inet_interfaces = loopback-only
   inet_protocols = ipv4

5. Run:

   #  Replace placeholders
   perl -pi -e "s/MAILCLIENT/$MAILCLIENT/g; s/DNAME/$DNAME/g; s/MAILRELAY/$MAILRELAY/g" /etc/postfix/main.cf

6. If $AUTHREQ is ‘true’ then:
   1. On the mail server set the same environment variables as defined earlier on the mail client.
   2. On the mail server create an account for the mail client:

      adduser --no-create-home --shell /bin/false --disabled-password --gecos '' $MAILCLIENT
      echo -e "$RELAYPASSWD\n$RELAYPASSWD" | passwd $MAILCLIENT

   3. On the mail client run:

      echo "$MAILRELAY $MAILCLIENT:$RELAYPASSWD" >> /etc/postfix/sasl_passwd
      postmap hash:/etc/postfix/sasl_passwd

7. Add a suitable alias for root by running:

   #  Remove existing alias
   perl -0777 -pi -e 's/^root.*?\n//' /etc/aliases
   #  Add new alias
   echo "root: $ROOTRCPT" >> /etc/aliases
   newaliases
   service postfix restart

8. Test.

Boot screens

1. Run:

   perl -pi -e 's/(splashimage|hiddenmenu)/#$1/; s / rhgb quiet//' /boot/grub/grub.conf
   perl -pi -e 's/(mingetty)/$1 --noclear/' /etc/init/tty.conf

Applications

1. Run:

   yum install `sed -e 's/#.*//' -e 's/,//g' <<-EOF
   
   #  Utils
   w3m, gpm, a2ps, apg, nmap, lshw, sqlite,
   rdiff-backup, subversion, less,
   rsync, screen, subversion, bc, telnet,
   time, jwhois, kpartx, usbutils, pciutils, wget,
   strace, traceroute, mdadm
   
   #  p7zip-full is needed for unetboot
   p7zip-plugins p7zip
   
   EOF`

2. Install ganglia-monitor by running:

   yum install ganglia-gmond

User accounts

Applications in user accounts

Miscellaneous

1. Complete the section of Configuring monitoring services using Icinga regarding installing client software.
2. Create /usr/local/opt.
3. Install ntp by running:

   yum install ntpd
   chkconfig ntpd on
   service ntpd start

4. To support PAA development:
   1. Install the following packages:
      • rng-tools

      and edit /etc/sysconfig/rngd to contain:

      EXTRAOPTIONS="-r /dev/urandom"

   2. Install the following packages from EPEL:
      • dpkg
      • dpkg-devel

Other storage

Backups

Outstanding issues

1. package config screwed up:

   spaghetti# AUTOPAA_MODE=client ./autopaa
   paa: WARNING: moving contents of /etc/yum.repos.d to /tmp/paa.1617.-etc-yum.repos.d (you should review them!) ...
   paa: INFO: centos: defining repository ...
   paa: INFO: debian-lenny-i386: defining repository ...
   paa: INFO: debian-squeeze: defining repository ...
   paa: INFO: debian-wheezy: defining repository ...
   paa: INFO: epel: defining repository ...
   paa: INFO: localprivate-deb: defining repository ...
   paa: INFO: localprivate-rpm: defining repository ...
   paa: INFO: localpublic-deb: defining repository ...
   paa: INFO: localpublic-rpm: defining repository ...
   paa: INFO: multimedia-lenny-i386: defining repository ...
   paa: INFO: multimedia-squeeze: defining repository ...
   paa: INFO: multimedia-wheezy: defining repository ...
   paa: INFO: scientificlinux: defining repository ...
   paa: INFO: virtualbox: defining repository ...
   paa: INFO: debian-security: defining repository ...
   paa: INFO: centos: changes detected; recompiling configuration ...
   paa: INFO: debian-lenny-i386: changes detected; recompiling configuration ...
   paa: INFO: debian-squeeze: changes detected; recompiling configuration ...
   paa: INFO: debian-wheezy: changes detected; recompiling configuration ...
   cat: epel.conf: No such file or directory
   paa: INFO: epel: changes detected; recompiling configuration ...
   paa: ERROR: epel: url: missing directive
   paa: INFO: localprivate-deb: changes detected; recompiling configuration ...
   paa: INFO: localprivate-rpm: changes detected; recompiling configuration ...
   paa: INFO: localpublic-deb: changes detected; recompiling configuration ...
   paa: INFO: localpublic-rpm: changes detected; recompiling configuration ...
   paa: INFO: multimedia-lenny-i386: changes detected; recompiling configuration ...
   paa: INFO: multimedia-squeeze: changes detected; recompiling configuration ...
   paa: INFO: multimedia-wheezy: changes detected; recompiling configuration ...
   paa: INFO: scientificlinux: changes detected; recompiling configuration ...
   paa: INFO: virtualbox: changes detected; recompiling configuration ...
   paa: INFO: debian-security: changes detected; recompiling configuration ...
   paa: INFO: spaghetti: registering host ...
   paa: INFO: centos: accessing ...
   paa: INFO: localprivate-rpm: accessing ...
   paa: INFO: localpublic-rpm: accessing ...
   spaghetti#

2. mail got lost
3. want automounter and NIS for user accounts
4. does Ganglia need configuring?
5. need Rocon
6. Nagios

See also

• Computing
• How to disable SELinux/