Centos7

From Igor personal wiki
Jump to: navigation, search

Introduction to CentOS 7 

XFS is default (not journalled ) - change ASAP during install , other wise power problem - fschk
buil-in vmware tools
built-in iSCSI and FCoE support
Kernel 3.10

Documentation: How to Read the Freaking Manual 

wiki.centos.org
Look on release notes including upstream (RedHat) issues

CentOS Support Lifecycle 

Centos 5x --> EoL 03/312017
Centos 6x --> EoL 11/30/2020
Centos 7x --> EoL 06/30/2024

CentOS and Red Hat: Enterprise Partners 

Centos patches become available 72 hours after being released by RedHat
Ventor compatibility certification for RedHat OS does not cover CentOS

Installation: Which Type to Choose 

Centos7 only 64 bit

Installation: VMWare ESXi Considerations 

CentOS net install, URL to the source: http://mirror.centos.org/centos/7/os/x86_64/
built-in support vmxnet3; and network driver in CentOS7

Installation: Oracle VirtualBox Considerations 

use vmdk as a most general format
Desktop - 40 Gb of space
have I/O APIC enabled
Enable PAE/NX; VT-x/AMD-V; Nested paging
xfs for fast acces to many small files
centos GPLv2
Disable kdump - we don't need kernel dumper if you don't have a support from CentOS or need it for 3d party vendore

Systemd vs. Sysvinit 

old way of using: service sshd status still works
systemctl start sshd.service
systemctl status sshd.service show last 4 line of the service log
systemctl shows processes associated with services, since when service running ; cgroup
systemctl stop sshd.service
systemctl enable sshd.service
systemctl is-enabled sshd

Runlevel Management 

systemd change runlevel configuration
centos6 --> cat /etc/inittab
Centos7 - nothing in /etc/inittab
systemd services directory : ls -la /lib/systemd/system
to see service configuration details use cat sshd.service in the systemd directory
systemd uses targets instead of runlevels
List of the targets: ls -la /lib/sytemd/system/*target*
check default runlevel = default target = ls -la default.target
to change default runlevel you need to change links in systemd/system directory: ln -sf multiuser.target default.target
to get information about runlevel (target) use cat: cat graphical.target

Security Changes - System Defaults 

centos5 selinux - disabled/permissive; centos6 selinux - enabled; centos57 selinux - enforcing
selinux sestatus; disable selinux centos7: /etc/selinux/config; on fly: setenforce 0;
iptables: systemctl status iptables.service

Network Adapter: Standardized Naming 

new network device management because RedHat and it's hardware parners
if during install you don't enable network - you don't have network adapter auto ON after boot
new network device naming convention
eno - network on the motherboard; enp - pci adapter; virtual network device; pci + plice slot and port: enp0s3
naming convention: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/ch-Consistent_Network_Device_Naming.html
https://wiki.centos.org/FAQ/CentOS7
revert to previous name convention: add "net.ifnames=0" and "biosdevname=0" as kernel arguments to grub In '/etc/sysconfig/network-scripts/' Change your configured NIC config file to 'ifcfg-ethX' If you have  multiple interfaces and want to control naming of each device rather than letting the kernel do in its own way, /etc/udev/rules.d/60-net.rules seems necessary to override /usr/lib/udev/rules.d/60-net.rules.

Filesystem and Automounting: UUID Standard 

centos7 - use UUID to mount filesystem
fdisk -l
blkid /dev/sdb1 -- provide you uuid
la -la /dev/disk/by-uuid --> Get list of uuids

Remote Administration: VNC as a Systemd Service 

yum install tigervnc-server
vncpasswd - create vnc password
cd /lib/systemd/system
ls -al vnc*
cp vncserver@service /etc/systemd/vncserver@:1.service
vncserver@:1 .service --> port 5901 (1 is port)
in config add -geometry 1024x768, checge user name to you user and specify the pid file and user's home directory
to start vncserver: vncserver
to kill vncserver: vncserver -kill :1
run as service: systemctl daemon-reload --> to reload systemd config; systemctl start vncserver@:1.service
systemctl enable vncserver@:1.service

Introducing Gnome Shell (Gnome 3) 

gnome shell classic appearance
xterm -bg black -fg green &
truetype fonts support

Gnome Shell: Customization with Gnome Tweak Tool 

Gnome tweak tool: gnome-tweal-tool

Red Hat Stewardship and Upcoming Plans 

new CentOSes: CentOS Core SIG = classic centos+ CentOS Storage + CentOS Cloud + CentOS Virtualization
CentOS won;t be just free version RHEL . Buy buy stability :(
Retrieved from "http://wiki.it-security.ca/404.html"