CentOS setup - page 2

In page 1 of the CentOS setup, we completed the ssh configuration along with a basic iptables install.

Let's move on and install some personal configuration files to make our life easier. Once done, we can update the install and create a solid base for the 'meat' of the server.


OS check and Free

First thing is to confirm what OS we're using. We know we should be using CentOS but let's see:

cat /etc/redhat-release

You should get an output similar to this:

CentOS release 5 (Final)

Good. Memory usage should be very low at this point but let's check using 'free -m' (the -m suffix displays the result in MB's which I find easier to read):

free -m

It's nice to know what is going on so let's look at that output:

.                  total       used       free     shared    buffers     cached
Mem:           254        55          199          0           2               21
-/+ buffers/cache:      30          223
Swap:            511        0           511

The line to take notice of is the second one as the first line includes cached memory - in this demo slice I have 254MB memory in total with 30MB actually used, 223MB free and no swap used. Nice.

.bash_profile

Let's make the terminal a bit more attractive and a bit more informative by adding a few lines to our .bash_profile file.

nano ~/.bash_profile

Add the next few lines at the end of the existing text. The following line will make the terminal display the server name in colour and display the working directory (the directory we are in) in a different colour:

export PS1='\[\033[0;35m\]\h\[\033[0;33m\] \w\[\033[00m\]: '

Now we can add aliases to the file. Aliases are short cuts to commands or sequences of commands. I've included a few below but you can have as many or as few as you want.

alias free="free -m"
alias update="sudo yum update"
alias install="sudo yum install"
alias upgrade="sudo yum upgrade"
alias remove="sudo yum remove"

The examples above are pretty simple. Instead of typing 'free -m' every time I want to look at the memory usage, I just type 'free. Typing 'sudo yum install' can get tedious, so I just type 'install'.

I still need to provide my password for the sudo command to work, but it is more productive/quicker/easier to have short cuts.

To activate the changes enter this command:

source .bash_profile

You should now see the slice name in purple and the working directory in brown.

To change the colours to your choosing, adjust the 0;35m and the 0;33m values in the 'export PS1' line of your .bash_profile.

For example:

export PS1='\[\033[0;32m\]\h\[\033[0;36m\] \w\[\033[00m\]: '

would give you a green and blue output.

Yum repositories

The CentOS Slice comes with a basic set of repositories that are defined in /etc/yum.repos.d.

Have a look at the enabled repositories:

sudo nano /etc/yum.repos.d/CentOS-Base.repo

As you scroll through the file, you will see each repository has a set of definitions including which mirror to use and what gpg key to use (and actually whether to check the package signature at all).

You can, of course, add more repositories whenever you want to but I would just give a word of caution: Some of the available repositories are not officially supported and may not receive any security updates should a flaw be discovered.

Keep in mind it is a server we are building and not a desktop.

Update

Now we can update the package list that yum uses.

The command will also offer to install any updated packages. As with all installs have a careful look at the list and, once happy, press 'y' to continue:

sudo yum update

NOTE: If you have used the .bash_profile aliases shown above you just need to enter 'update' as the alias will use the entire command. I've put the whole thing here so you know what is happening.

That's really the basics done for the Slice.

Once any updates have been installed, we can move on to installing some essential packages.

Development Tools

CentOS has some handy meta-packages that include a set of pre-defined programs needed for a single purpose.

So instead of installing a dozen different package names, you can install just one meta-package. One such package is called 'Development Tools'. Issue the command:

sudo yum groupinstall 'Development Tools'

Notice the programs that are to be installed include gcc, make, patch and so on. All these are needed for many other programs to install properly. A neat system indeed.

Enter 'Y' and install them.

Now we have the necessary packages should we want to build an application from source.

We'll go on and install a very useful package that I recommend called 'screen'.

screen

This is a great application that allows 'virtual' terminals to be opened in one console. Switching between them is done with the press of a key.

The advantages are that you can be working on more than one shell at a time, say one installing software and another monitoring network activity - all without having more than one physical shell open. If the SSH connection is cut for some reason or you have to leave the room then close the terminal and the work will still carry on in the background.

I recommend getting used to using screen. This screen tutorial gives an excellent introduction.

sudo yum install screen

To start a screen session simply enter the command:

screen

Not much appears to have changed, but you can open another virtual terminal with a:

Ctl-A and then press 'c'

Enter a simple command such as:

ls -al

then nip back to the other virtual terminal with:

Ctl-A and then press 'p'

You can have several processes running at the same time using this technique.

One thing to note, is that the bash aliases we setup previously in this article, will not work in Screen.

done

Quite a lot happening here but now we have a more secured Slice with updated packages ready for the meat of the server to be installed.

PickledOnion.

Article Comments:

Chris Gerling commented Sat Feb 23 16:35:21 UTC 2008:

This tutorial is very very good, I learned some things I did not know, and I've been a *nix guy for quite awhile.

Thanks!

Brad Wright commented Sun Jun 08 10:22:36 UTC 2008:

Objectively (not to start any holy wars), is there any reason to choose CentOS over Debian for a secure server environment?

PickledOnion commented Sun Jun 08 10:49:52 UTC 2008:

Hi Brad,

The simple answer is no.

In the real terms there is no difference between the distros as far as performance or security is concerned.

The main reasons for choosing a particular distro come down to the how it manages packages and init scripts (yum, etc) and what package versions are available.

Remember that package versions rarely change in a particular release (security updates are released of course, but actual package changes, say Apache 2.0 to Apache 2.2 are very rare).

As such, choose the distro you are most familiar with and has the packages and support you need.

PickledOnion

Tim commented Wed Sep 17 00:25:54 UTC 2008:

I had the update option above fail several times as it couldn't find the Repository at the path listed in the Source list. If that happens go in to the CentOS-Base repo and there is another url that is commented out under the main URL. Uncomment it and run the update command again and it should work.

Justin commented Thu Oct 02 08:05:12 UTC 2008:

Two things that would be nice to add to the article. How to set the hostname, and how to adjust the timezone.

[Set The Hostname] //Modify this file, and put your desired hostname where HOSTNAME=. $sudo nano /etc/sysconfig/network $sudo hostname puthostnamehere

[Set The Timezone - In This Case Pacific] $sudo ln -sf /usr/share/zoneinfo/US/Pacific /etc/localtime

Joseph Kerns commented Wed Jan 21 14:14:04 UTC 2009:

Thanks for all the tutorials, they are absolutely phenomonal!

Carlos Zapata commented Tue Apr 07 19:31:35 UTC 2009:

I kept getting an error when running the "sudo yum groupinstall 'Development Tools'" command. I found a post here. I ran "sudo yum clean metadata" as the post states, and was able to run the development tools command without a problem.

Steven commented Sat Apr 25 07:59:13 UTC 2009:

Hi,

I'm pretty much a linux newbe coming from shared hosting and just following the CentOS (5.3) articles.. but when running any yum command I'm getting:

'myuser' is not in the sudoers file.

(where 'mysuser' is my username ofcourse)

Any pointers?

thanks

Gswain commented Wed May 20 19:40:37 UTC 2009:

Steven,

you most likely did not add your user to the wheel group like in page 1.

usermod -a -G wheel myuser

Marcus commented Tue Nov 17 12:58:37 UTC 2009:

Had to say, these are some amazing tutorials. Well done and thanks!

cc commented Thu Feb 18 14:29:39 UTC 2010:

Very helpful in my move from Ubuntu to Centos. I have noticed that the bare-bones path in Centos are sorely lacking. What is the process to update the path in .bash_profile? What directories should be added?

snipe commented Wed Mar 03 04:16:06 UTC 2010:

cc - you can use: PATH=$PATH:$HOME/bin:/usr/sbin:/sbin

Want to comment?


(not made public)

(optional)

(use plain text or Markdown syntax)