DHCP Server

Configure DHCP ( Dynamic Host Configuration Protocol ) Server. If you make your linux computer DHCP server, it’s neccesarry to disable DHCP function on router in LAN.

[1] Install and configure DHCP  
[root@dlp ~]#

yum -y install dhcp

[root@dlp ~]#

vi /etc/dhcp/dhcpd.conf
# create new

# specify domain name

option domain-name

“server.world”;
# specify DNS’s hostname or IP address

option domain-name-servers

dlp.server.world;
# default lease time

default-lease-time 600;

# max lease time

max-lease-time 7200;

# this DHCP server to be declared valid

authoritative;

# specify network address and subnet mask

subnet 10.0.0.0 netmask 255.255.255.0 {

# specify the range of lease IP address

range dynamic-bootp 10.0.0.200 10.0.0.254;

# specify broadcast address

option broadcast-address 10.0.0.255;

# specify default gateway

option routers 10.0.0.1;

}

[root@dlp ~]#

/etc/rc.d/init.d/dhcpd start

Starting dhcpd:

[  OK  ]

[root@dlp ~]#

chkconfig dhcpd on
[2] Configure on client.
Advertisements

Update System

[1] Update your system with ‘yum’ command. However, before doing it, Install ‘yum-plugin-fastestmirror’ that looks for fast server and download packages from there automatically when yum command is used.
[root@dlp ~]#

yum -y install yum-plugin-fastestmirror

Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package yum-plugin-fastestmirror.noarch 0:1.1.26-11.el6 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

===================================================================
Package

Arch
Version
Repository
Size

===================================================================
Installing:
  yum-plugin-fastestmirror

  noarch
1.1.26-11.el6
sl
16 k

Transaction Summary
===================================================================
Install

1 Package(s)

Upgrade

0 Package(s)

Total download size: 16 k
Installed size: 35 k
Downloading Packages:
yum-plugin-fastestmirror-1.1.26-11.el6.noarch.rpm

| 17 kB 00:00

Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
   Installing : yum-plugin-fastestmirror-1.1.26-11.el6.noarch

1/1

Installed:
   yum-plugin-fastestmirror.noarch 0:1.1.26-11.el6

Complete!
[root@dlp ~]# yum -y update

 
[2] The yum-autoupdate script is placed in /etc/cron.daily and it runs everyday by anacron. But it’s risks to update packages automatically without testing if you can not stop your server easily, then turn to false the auto-update setting like follows.

[root@dlp ~]# vi /etc/sysconfig/yum-autoupdate

@ line 7: change to false

ENABLED=”false”

Configure Services

[1] Stop services that are enabled by default but you don’t need them. List all services by a command below.
[root@dlp ~]#

chkconfig –list | less
[2] Stop a service. The example below means stop ‘netfs’ and disable auto-start at booting system.
[root@dlp ~]#

/etc/rc.d/init.d/netfs stop

[root@dlp ~]#

chkconfig netfs off
[3] Following list is services by default if you install Scientific Linux 6 as the same procedure with this site. (Minimal only). ‘*’ means Author sets auto-start.
auditd The audit package contains the user space utilities for storing and searching the audit records generate by the audit subsystem in the Linux 2.6 kernel *
cgconfig Start cgconfigparser  
cgred This is a daemon for automatically classifying processes into cgroups based on UID/GID  
crond The daemon to execute scheduled commands *
ip6tables It’s IPv6 packet filter administration  
iptables It’s administration tool for IPv4 packet filtering and NAT  
lvm2-monitor Monitor LVM2 with using dmeventd *
netconsole It sends printk message from kernel on UDP  
netfs NFS client  
network Network system *
postfix SMTP service daemon  
rdisc Detect routers in local subnets  
restorecond It’s the daemon that watches for file creation and then sets the default SELinux file context  
rsyslog It reads and/or clears kernel message ring buffer; set console_loglevel *
saslauthd saslauthd is a daemon process that handles plaintext authentication requests on behalf of the SASL library  
sshd OpenSSH SSH daemon *
udev-post Moves the generated persistent udev rules to /etc/udev/rules.d  

Manage Network

[1] Set static IP address to the server, DHCP is not recommended if you use as a server, Change it.
[root@dlp ~]#

vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
HWADDR=00:50:43:00:3B:AE

# change

ONBOOT=

yes

# add lines as follows

BOOTPROTO=none

# this server’s IP address

IPADDR=10.0.0.30

# subnet mask

NETMASK=255.255.255.0
TYPE=Ethernet

# default gateway

GATEWAY=10.0.0.1

# DNS server’s IP address

DNS1=10.0.0.10
IPV6INIT=no
USERCTL=no

[root@dlp ~]#

/etc/rc.d/init.d/network restart

Shutting down interface eth0:

[  OK  ]

Shutting down loopback interface:

[  OK  ]

Bringing up loopback interface:

[  OK  ]

Bringing up interface eth0:

[  OK  ]

[root@dlp ~]#

chkconfig network on

[root@dlp ~]#

eth0

Link encap:Ethernet HWaddr 00:0C:29:D8:7C:06

inet addr:10.0.0.30 Bcast:10.0.0.255 Mask:255.255.255.0

inet6 addr: fe80::20c:29ff:fed8:7c06/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:885 errors:0 dropped:0 overruns:0 frame:0

TX packets:743 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:83054 (81.1 KiB) TX bytes:113706 (111.0 KiB)

lo

Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[2] Disable IPv6 if you don’t need it.

[root@dlp ~]#

eth0

Link encap:Ethernet HWaddr 00:0C:29:D8:7C:06

 

inet addr:10.0.0.30 Bcast:10.0.0.255 Mask:255.255.255.0

 

inet6 addr: fe80::20c:29ff:fed8:7c06/64 Scope:Link

 

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

 

RX packets:885 errors:0 dropped:0 overruns:0 frame:0

 

TX packets:743 errors:0 dropped:0 overruns:0 carrier:0

 

collisions:0 txqueuelen:1000

 

RX bytes:83054 (81.1 KiB) TX bytes:113706 (111.0 KiB)

lo

Link encap:Local Loopback

 

inet addr:127.0.0.1 Mask:255.0.0.0

 

inet6 addr: ::1/128 Scope:Host

 

UP LOOPBACK RUNNING MTU:16436 Metric:1

 

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

 

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

 

collisions:0 txqueuelen:0

 

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

[root@dlp ~]#

echo “install ipv6 /bin/true” > /etc/modprobe.d/disable-ipv6.conf

[root@dlp ~]#

# reboot

[root@dlp ~]#

eth0

Link encap:Ethernet HWaddr 00:0C:29:D8:7C:06

 

inet addr:10.0.0.30 Bcast:10.0.0.255 Mask:255.255.255.0

 

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

 

RX packets:885 errors:0 dropped:0 overruns:0 frame:0

 

TX packets:743 errors:0 dropped:0 overruns:0 carrier:0

 

collisions:0 txqueuelen:1000

 

RX bytes:83054 (81.1 KiB) TX bytes:113706 (111.0 KiB)

lo

Link encap:Local Loopback

 

inet addr:127.0.0.1 Mask:255.0.0.0

 

UP LOOPBACK RUNNING MTU:16436 Metric:1

 

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

 

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

 

collisions:0 txqueuelen:0

 

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Firewall & SeLinux

[1] If some firewalls are running in your LAN and iptables in the server is unnecessary, Stop it.
[root@dlp ~]#

/etc/rc.d/init.d/iptables stop

iptables: Flushing firewall rules:

[ OK ]

iptables: Setting chains to policy ACCEPT: filter

[ OK ]

iptables: Unloading iptables modules:

[ OK ]

[root@dlp ~]#

chkconfig iptables off

[root@dlp ~]#

chkconfig ip6tables off
SELinux
[2] Disable SELinux (Security-Enhanced Linux) if you don’t need it.

[root@dlp ~]#

vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#

enforcing – SELinux security policy is enforced.

#

permissive – SELinux prints warnings instead of enforcing.

#

disabled – SELinux is fully disabled.

SELINUX=

disabled
# change

# SELINUXTYPE= type of policy in use. Possible values are:
#

targeted – Only targeted network daemons are protected.

#

strict – Full SELinux protection.

SELINUXTYPE=targeted

Add Admin User

[1] Create an admin user.
[root@dlp ~]#

useradd fermi

[root@dlp ~]#

passwd fermi

Changing password for user fermi.
New UNIX password:

# set password

Retype new UNIX password:

# Confirm

passwd: all authentication tokens updated successfully.
[root@dlp ~]#

# logout
[2] Try to switch to a user that was added above.
dlp login:

fermi
# input user name

password:

# password

[fermi@dlp ~]$

su
# switch to root

Password:

# root password

[root@dlp ~]#

# just switched to root
[3] Make a user (it’s ‘fermi’ in this example) be only a user who can switch to root as an administration user.
[root@dlp ~]#

vi /etc/group
# line 11: add user name

wheel:x:10:root

,fermi

[root@dlp ~]#

vi /etc/pam.d/su

#%PAM-1.0
auth

sufficient
pam_rootok.so

# Uncomment the following line to implicitly trust users in the “wheel” group.
#auth

sufficient
pam_wheel.so trust use_uid

# Uncomment the following line to require a user to be in the “wheel” group.

# uncomment the following line

auth

required
pam_wheel.so use_uid

auth

include
system-auth

account

sufficient
pam_succeed_if.so uid = 0 use_uid quiet

account

include
system-auth

password

include
system-auth

session

include
system-auth

session

optional
pam_xauth.so
Forwarding email for root to administration user
[4] Configure that forwarding emails for root to administration user you set above.

[root@dlp ~]#

vi /etc/aliases

# Person who should get root’s mail

# last line: uncomment and change to a user

root:

fermi

[root@dlp ~]#

# Configuration change

Install Scientific Linux 6

[1] Insert Install media and restart Computer. After booting, following screen is shown, then Push Enter key.
 
[2] This is the section to check a media, Skip it if you don’t need it.
 
[3] Click “Next” button to proceed.
 
[4] Select the language you’d like to use during the installation.
 
[5] Select the keyboard type you using.
 
[6] Select the type of storage. If you install Scientific Linux 6 to local HD, select ‘Basic Storage Devices’. If you install to HD that is connected in storage network area or mainframe, select the bottom.
 
[7] If your HD is new one and not formatted, following warning is shown, Click “Re-initialize all” if it’s OK.
 
[8] Set a Hostname of your computer.
 
[9] Set your timezone.
 
[10] Set root user’s password.
 
[11] Select installation type as follows. On this example, select “Use All Space” and check a box “Review and modify partitioning layout” to configure partitions manually.
 
[12] This is the section for changing partition layouts. This example shows to configure LVM partition layouts (Set /boot, /. swap, /home on here) . First, select “/” and Click “Edit” button.
 
[13] Reduce the volume size for “/” to make free areas.
 
[14] Click “Create” button, then following screen is shown, Select “LVM Logical Volume” and Click “Create”.
 
[15] Input mount point, logical volume’s name, size and so on.
 
[16] Click “Next” button if it’s OK all.
 
[17] Click ‘Format’ if it’s OK all.
 
[18] Click ‘Write Changes to Disk’ if it’s OK all.
 
[19] Click ‘Next’ button with keeping default. If you set some parameters for bootloader, Configure it.
 
[20] Select softwares to install. Select ‘Minimal’ and go next. It’s unnecessarry to install many packages at first. But if you are beginer on Linux system, check a box ‘Customize now’ and Install additional packages because it’s inconvenience if only ‘Minimal’ is installed.
 
[21] If you selected “Customize now” at previous section, following screen is shown. It’s better to check a box “Base” if you are beginer.
 
[22] Installation starts.
 
[23] Installation completed. Click “Reboot” button.
 
[24] After rebooting, login prompt is shown, Login with root user. Installing Scientific Linux 6 completed if you can login normally.
 

Download Scientific Linux ISO file

[1] Here is the configuration Examples for Scientific Linux that is compatible with Red Hat Enterprise Linux. Scientific Linux 6 is based on Red Hat Enterprise Linux 6. Please refer to Wikipedia about more details for Scientific Linux.

Download ISO file ( SL-64-x86_64-2013-03-18-Install-DVD.iso ) for installation from the following site.

http://ftp1.scientificlinux.org/linux/scientific/6.4/x86_64/iso/

It’s OK to download 64 bit version commonly. But if your computer is old and not supported 64 bit computing, download 32 bit version from below.

http://ftp1.scientificlinux.org/linux/scientific/6.4/i386/iso/

* The examples on this site uses 64 bit version.

[2] Burn ISO file to DVD with an application on your computer for burning and Make an Installation Disk. After finishing it, proceed to next step for installing Scientific Linux 6.
 

Download Centos

[1] Here is the configuration Examples for CentOS 5 that is compatible with Red Hat Enterprise Linux 5.
Download ISO file ( CentOS-5.9-x86_64-bin-DVD-xxx.iso ) for installation from the following site.
http://ftp.riken.jp/Linux/centos/5.9/isos/x86_64/
It’s OK to download 64 bit version commonly. But if your computer is old and not supported 64 bit computing, download 32 bit version from below.
http://ftp.riken.jp/Linux/centos/5.9/isos/i386/
* The examples on this site uses 64 bit version.
[2] Burn ISO file to DVD with an application on your computer and Make an Installation Disk. After finishing it, proceed to next step for installing CentOS 5.

Install Virt-top

Install Virt-top and enable to watch the status of Virtual machines on the console.
[1] Install Virt-top  
[root@dlp ~]# 

yum -y install virt-top
[2] Operations
# watch the status with the following command ( push “q” key to quit )

[root@dlp ~]# 

virt-top
# show CPU status to push “1” key

# show network status to push “2” key

# others

[root@dlp ~]# 

virt-top –help 

virt-top: unknown option `–help]’.
virt-top : a ‘top’-like utility for virtualization

SUMMARY
    virt-top [-options]

OPTIONS
  -1

Start by displaying pCPUs (default: tasks)

  -2

Start by displaying network interfaces

  -3

Start by displaying block devices

  -b

Batch mode

  -c uri

Connect to URI (default: Xen)

  –connect uri

Connect to URI (default: Xen)

  –csv file

Log statistics to CSV file

  –no-csv-cpu

Disable CPU stats in CSV

  –no-csv-block

Disable block device stats in CSV

  –no-csv-net

Disable net stats in CSV

  -d delay

Delay time interval (seconds)

  –debug file

Send debug messages to file

  –end-time time

Exit at given time

  –hist-cpu secs

Historical CPU delay

  –init-file file

Set name of init file

  –no-init-file

Do not read init file

  -n iterations

Number of iterations to run

  -o sort

Set sort order (cpu|mem|time|id|name)

  -s

Secure (“kiosk”) mode

  –script

Run from a script (no user interface)

  -help

Display this list of options

  –help

Display this list of options