Now that we've secured access to our CentOS 5.3 slice we can update it and get it ready for the rest of the server install.
In part 1 of the CentOS 5.3 setup, we completed the ssh configuration along with a basic iptables setup.
Now let's run some checks and install some personal configuration files to make life easier. Once done, we can update the install and create a solid base for the 'meat' of the server.
First thing is to confirm what OS we're using. We know we should be using CentOS but let's see:
You should get an output similar to this:
CentOS release 5.3 (Final)
Memory usage should be very low at this point but let's check using 'free -m' (the -m suffix displays the result in MB's which I find easier to read):
It's nice to know what is going on so let's look at that output:
. total used free shared buffers cached Mem: 254 55 199 0 2 21 -/+ buffers/cache: 30 223 Swap: 511 0 511
The line to take notice of is the second one as the first line includes cached memory - in this demo slice I have 254MB memory in total with 30MB actually used, 223MB free and no swap used. Nice.
Normally the "ls" command doesn't list files that start with a period. Those are usually configuration files or directories, and ls hides them so they don't clutter up your directory view. To see all of what's there, run:
ls -a ~
The "-a" option is what tells ls to list all files, not just the non-configuration files.
You'll see several files, but let's focus on ".bashrc" right now. This is ultimately where your user environment (the "shell") will look for its settings. Go ahead and open it for editing:
Inside you'll see a lot of shell script commands — don't worry if you don't understand it all. Anything we add at the end of the file will override what came before. If you want to, say, change your prompt, you don't necessarily need to figure out what all the "if" statements in there by default are for, and which line you need to edit. You can just add your own setting at the end.
With that in mind, let's look at how to change your prompt. At its simplest, the prompt's format is set with the "PS1" environment variable. It consists of some numbers that determine color and some codes that act as stand-ins for variables like the current working directory and your hostname. To set your prompt to just your hostname and working directory, both in different colors, you could add this line to the end of the .bashrc file:
PS1='\[\033[0;35m\]\h\[\033[0;33m\] \w\[\033[00m\]: '
The chunks like "0;35m" and "0;33m" are what control the colors - those are pink and brown, for example. Other colors you can substitute include "0;32m" for green and "0;36m" for blue — it's just a matter of changing those numbers.
Other important parts of that jumbled collection of characters are "\h" and "\w", which represent the hostname and working directory, respectively. If you wanted to include your username in the prompt you could add the "\u" code along with an "@" symbol, and it would look like this:
PS1='\[\033[0;35m\]\u@\h\[\033[0;33m\] \w\[\033[00m\]: '
Before we see what that will look like, however, let's also look at another useful feature of your shell, aliases.
The "alias" keyword lets you set a shortcut for another command. Some examples to get you started, which can be added to the end of your .bashrc file:
alias free="free -m" alias update="sudo yum update" alias install="sudo yum install" alias upgrade="sudo yum upgrade" alias remove="sudo yum remove"
They're pretty simple examples, and are just meant to save you a little typing. Notice that you can essentially replace a command with an alias, like we did by setting the alias "free" to be a shortcut for "free -m". With that alias set, when you type "free" on the command line, behind the scenes the shell actually runs "free -m", so you don't have to type the extra characters to get the memory usage numbers in megabytes.
Similarly, those other aliases are shorthand for some yum commands to update or install packages. Since "sudo" is run behind the scenes you'll still have to type your password, but at least before that you won't have to type as much to run an update or install a package.
To activate the changes you've made to the .bashrc file, either log out and log back in or enter this command:
If you set a value for "PS1" above, you'll see your prompt change. Feel free to go back and change the colors or format of the prompt, or add your own aliases.
You can check the current locale setting for your slice by running:
If the code doesn't match what it should be for the localization you would like to use for your slice (or if it uses a generic locale like 'POSIX'), run something like the following commands:
sudo /usr/bin/localedef -i en_US -f UTF-8 en_US.UTF-8 export LC_ALL=en_US.UTF-8 export LANG=en_US.UTF-8
'Something like' because you may want to use a locale other than US English. If so, substitute the language code for 'en' and the region code for 'US' above. The locale code 'cy_GB' would designate Welsh for the language and Great Britain for the region, for example. A complete list of language and region codes can be found here.
Note that if you need another character set (we recommend UTF-8), you can change that as well.
Now that you've made those changes, type 'locale' again to make sure those are the language and region settings you want. If everything looks good, you need to make one more change to ensure that those locale settings will be automatically applied for all users. Run:
sudo nano /etc/sysconfig/i18n
Note that 'i18n' is shorthand for 'internationalization' (since there are 18 letters between the 'i' and the 'n'). Just so you know why that configuration file has such an odd name.
Change the LANG entry in that file, and add a line for LC_ALL, like you did with the 'export' commands above (but without the export). So when you're done, the two lines for your locale might look like:
You might want to test to be sure the locale settings are properly set up by logging out and logging back in, then running 'locale' to check the output.
A CentOS Slice comes with a basic set of repositories.
Have a look at the enabled repositories by running:
sudo yum repolist enabled
Each repository listed should include a brief description and the number of packages available from that source.
If you'd like to have a look at the configuration files that point to each repository, they're stored in this directory:
If you look through one of the files there, you will see each repository has a set of definitions including which mirror to use and what gpg key to use (and actually whether to check the package signature at all).
You can, of course, add more repositories whenever you want to but I would just give a word of caution: Some of the available repositories are not officially supported and may not receive any security updates should a flaw be discovered.
Keep in mind it is a server we are building and security and stability are paramount.
Now we can update the package list that yum uses.
The following command will also offer to install any updated packages. As with all installs have a careful look at the list and, once happy, press 'y' to continue:
sudo yum update
NOTE: If you have used the .bashrc aliases shown above you just need to enter 'update' as the alias will use the entire command. I've put the whole thing here so you know what is happening.
That's really the basics done for the Slice.
Once any updates have been installed, we can move on to installing some essential packages.
CentOS has some handy meta-packages that include sets of pre-defined programs required for a single purpose.
So instead of installing a dozen different package names, you can install just one meta-package. One such package is called 'Development Tools'. Issue the command:
sudo yum groupinstall 'Development Tools'
Notice the programs that are to be installed include gcc, make, patch and so on. All these are needed for many other programs to install properly. A neat system indeed.
Enter 'y' and install them.
Now we have the necessary packages should we want to build an application from source.
The console is now informative and less drab, locales have been configured and basic compile tools have been installed. Quite a lot happening here but now we have a more secured Slice with updated packages ready for the meat of the server to be put in place.
- -- Jered