Updated: 2014-04-14 16:32 EDT
CentOS-6.5-i386-minimal.iso
man
commandmail
commandvim
editorroot
aliasesntpd
yum
doesn’t workIf you want to play with an easy-install desktop version of Linux, don’t do it using the system you will install in this document. This document installs a server system, not a Desktop system. A Desktop system should be something graphical and desktop-friendly such as Ubuntu or Mint. You can’t use the CentOS system in this document as a Desktop system. This document is configuring a minimal, non-GUI, server version of Linux.
You can use any virtualization software you like to create and run this server-style CentOS virtual machine, e.g. VirtualBox, Parallels, etc., but faculty only fully support questions about VMware (and maybe VirtualBox). It’s what we know.
It isn’t the virtualization software that’s important; it’s the running CentOS virtual machine.
I don’t recommend running CentOS directly on your hardware; you lose all the snapshot and backup features available in a Virtual Machine. Don’t do it.
CentOS-6.5-i386-minimal.iso
IndexYou can start this ISO download process and wait for it to finish while you move on to the next step to Create an Empty Virtual Machine
In this section, you will download the CentOS-6.5-i386-minimal.iso
to your machine. It must be the CentOS-6.5-i386-minimal.iso
, no other version is acceptable for this server.
You can get the CentOS-6.5-i386-minimal.iso
image from one of the following places. We recommend that you choose the first one if you are on campus; it’s the fastest one.
This method only works on the Algonquin campus. Use a wired connection to download big files such as ISO images; don’t use wireless!
339738624
-byte ISO file: CentOS-6.5-i386-minimal.iso
CentOS-6.5-i386-minimal.iso-md5.txt
file containing the md5sum file checksum hash.This is much slower than the above CSTECH method. Use it only if you have to:
/i386/
mirrors./centos/6.5/isos/i386
find the ISO named CentOS-6.5-i386-minimal.iso
to download:339738624
-byte (324MB) ISO file: CentOS-6.5-i386-minimal.iso
md5sum.txt
file containing the md5sum file checksum hashes.To verify the downloaded ISO, you must get a copy of the checksum file from the same CentOS folder where you found the i386 (32-bit) ISO image.
Verify that you have the exact ISO file named CentOS-6.5-i386-minimal.iso
that is 339,738,624 bytes (324MB).
To verify the download, you will need some form of checksum program that runs on your local computer that can calculate md5 or sha hashes. Unix/Linux/OSX machines already have the md5sum
command available (sometimes called just md5
on OSX); you don’t need to download anything; read the man
page or just run md5sum
(or md5
) followed by the ISO image name and compare the number with the number saved in the checksum hash file.
For Windows users, one suggestion to use (thanks Richard!) is HashTab:
md5sum.txt
file).CentOS-6.5-i386-minimal.iso
Verify the checksum hash of the ISO file against the checksum hash recorded in any of the checksum files located in the same folder. (For example, open md5sum.txt
and locate the checksum for your ISO file and compare it with the checksum of the ISO file you downloaded.)
Sysadmin Tip for Windows users: You can install the free Cygwin package on your own Windows laptop to get BASH and all the Unix tools for Windows, including
md5sum
,find
, etc. MacOSX users already have most of the tools installed and available in any Terminal window.
These detailed instructions are for VMware Workstation Version 10. You may use any other virtualization software you like (e.g. VirtualBox), but you’re on your own if things go wrong.
In this section, you will first create an empty Linux 32bit CentOS-compatible Virtual Machine with no operating system installed. You can do this while you are waiting for your CentOS minimal CentOS-6.5-i386-minimal.iso
to download.
VMware Workstation will try to guide you into an “Easy” or automatic install; you must not do an Easy/automatic install.
Do not let VMware use “Easy Install”!
Start VMware on your machine. Any version of VMware since Version 8 should work. These instructions were prepared with Version 10.
Choose Create a New Virtual Machine or File | New Virtual Machine.
CST8207-14W-CentOS-6.5
(no spaces).
2
into the box)
Under the Ready to Create Virtual Machine screen, confirm these important settings:
Operating System: CentOS
Hard Disk: 2 GB, Monolithic
Memory: 1024 MB
Finish. You will see Virtual Machine Created.
Close the New Virtual Machine Wizard.
To confirm your settings: In VMware, select menu VM | Settings to open Virtual Machine Settings and look under the Hardware tab to confirm:
Memory: 1024 MB (or 1GB)
Processors: 1
Hard Disk: 2GB
In the same VM | Settings window (“Virtual Machine Settings”), go to the Options | General tab and confirm:
Guest Operating System: Linux
Version: CentOS
If you don’t see the above settings, delete this virtual machine and start over.
After you have downloaded and verified the checksum of the 32-bit ISO file CentOS-6.5-i386-minimal.iso
, you can next follow these instructions below to install this minimal 32-bit CentOS ISO image into your empty CentOS virtual machine that you just created above.
The installation software requires more memory than the running CentOS server. If you are installing or re-installing your system, set your VM Memory to 1024MB (1 GB) before you continue.
CentOS-6.5-i386-minimal.iso
ISO to your VMware virtual CD/DVD drive using the VM | Settings, Hardware | CD/DVD device page:
Disc Found
and asking you if you want to test the media.
On the CentOS 6 page, the mouse is working again. Use it or Space to select the Next button. You should see a “What language” page.
On the “What language” page use the default English selection. (You may be tempted to chose your own non-English language, but if you do so your Instructor will not be able to help you with any problems. Always use the default English language.) Select Next.
On the “Select the appropriate keyboard” page use the default “U.S. English” keyboard. Select Next.
On the “What type of devices” page use the default “Basic Storage Devices”. Select Next.
On the “Storage Device Warning” page select “Yes, discard any data”. (If you are re-installing your system, you will instead see here an “At least one existing installation” page that asks you to either overwrite or upgrade your existing installation. Choose appropriately.)
On the “The root account” page enter (twice) a root
account password that you can remember. Keep it simple – this is a low-security student course machine and not a high-security bank! Select Next.
On the “Which type of installation” page select “Create Custom Layout”. We are going to use a simple two-partition system instead of the default (and more complex) Logical Volume Manager layout. Select Next.
/
(the ROOT).ext4
.1500
into the “Size (MB)” box./
) partition of type ext4
size 1500 on sda1
. Delete this partition and start over if this is not true.swap
.sda2
size 547. Delete this partition and start over if this is not true.After confirming the above two partitions and sizes, on the “Please Select A Device” page click on “Next”.
On the “Format Warnings” page click “Format”. This completely wipes your Linux virtual disk, not your host machine’s disk.
On the “Writing storage configuration to disk” page click “Write changes to disk”.
On the “Install boot loader page” page leave the default setting checked (“Install boot loader on /dev/sda
”) and click “Next”. It should say “Installation starting”.
You should see a progress bar saying “Packages completed” as exactly 204 CentOS packages are installed into the system. (If the number is not exactly 204, you are using the wrong ISO image.) The 204-package installation should take about five minutes.
On the “Congratulations, your CentOS installation is complete” page select “Reboot”. Some Linux kernel shutdown messages will print, then the virtual machine will reboot.
The system should reboot into a black login screen with the banner CentOS release 6.5 (Final)
and a login prompt preceded by the hostname of the machine, similar to this:
CentOS release 6.5 (Final)
Kernel 2.6.32-431.el6.i686 on an i686
abcd0001 login:
The machine name in front of the login:
prompt should be your own Blackboard userid, not abcd0001
.
root
with the password that you remembered from the above installation.
r
.Run the following installation verification commands. Your CentOS installation must pass all of the following verification steps:
Run: hostname
and verify that it prints your eight-character Blackboard userid as the machine name.
In file /etc/sysconfig/network
verify that the NETWORKING
variable is set to yes
and the HOSTNAME
variable is set to your Blackboard userid.
Run: fdisk -clu
and verify that your Disk /dev/sda
is 2147 MB
and that the disk partitions /dev/sda1
and /dev/sda2
have 1,536,000
and 560,128
blocks (a block is 1024 bytes). It should look almost exactly like the following, except your machine name and Disk identifier
number will differ:
[root@abcd0001 ~]# fdisk -clu
Disk /dev/sda: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders, total 4194304 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 3074047 1536000 83 Linux
/dev/sda2 3074048 4194303 560128 82 Linux swap / Solaris
Run: rpm -q -a | wc
and verify that you have exactly 204
packages installed.
Run: df -h
and verify that your /dev/sda1
virtual disk partition mounted on /
(the ROOT) has a Size of 1.5G
(ignore the other sizes – they may differ slightly):
[root@abcd0001 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 1.5G 598M 804M 43% /
tmpfs 504M 0 504M 0% /dev/shm
Run: swapon -s
and verify that partition /dev/sda2
is listed as an active swap partition:
[root@abcd0001 ~]# swapon -s
Filename Type Size Used Priority
/dev/sda2 partition 560120 0 -1
You may need to delete this virtual machine and re-install if any of the above numbers or verification steps are wrong. Redo your installation or consult with your instructor if any of the above verification commands don’t give the expected output.
Networking is not enabled on this server yet. It is a good idea to configure your system a bit before enabling networking, so we will enable networking later, after doing some configuration.
Make sure your CentOS virtual machine passes the all above verify steps before saving it!
shutdown -h now
shutdown
or halt
.1024MB
down to 256MB
. Say OK.
CentOS-6.5-i386-minimal.iso
256MB
2GB
abcd0001
(should be your Blackboard userid)A snapshot of a running (not fully shut down) system is quick to resume if you ever need to go back to it, but a running snapshot has some potentially serious problems:
Snapshots take more space if you take them when the machine is running, since the snapshot has to save all the system memory. Snapshots are smaller if you take them of a system that is powered off.
Often you need to restore a snapshot and also make some VM | Settings changes. If you snapshot a running system, then you have to shut it down every time you restore it when you want to make VM | Settings changes. Better to create the snapshot of the powered-off system.
A snapshot of a running system can only safely be resumed (restarted) on the system that created it, or a system running a similar CPU type. You cannot safely back-up the running snapshot files onto a different CPU type and resume it there.
A snapshot of a running system may be useless if you try to restart it on a different computer, such as might happen if your laptop computer fails and you need to borrow another.
When possible, make your important snapshots of virtual machines that are actually powered off.
This configuration section assumes you are starting your configuration from the Fresh Minimal Installation snapshot from the previous section.
Before you begin, you need to understand some terms. (These few points are not action items; they are for your information.) Make note of these things:
When it says “back up a file” below, it means copy the file, preserving time and owner information, into the same directory with a .bak
suffix on the file name, for example:
$ cp -p /foo/bar /foo/bar.bak
$ cp -p /some/path/name/file /some/path/name/file.bak
You may find this shell alias useful: alias cp='cp -p -i'
but remember that aliases are not saved when the shell exits. Remember to edit the original file, not the back-up file.
vi
(not vim
) text editor, because that’s the only editor there is. Every Unix/Linux system has vi
installed. (Servers, including this one, don’t by default install the dumb nano
editor.)
vi
editor commands to open a file, edit it, and save it do the editing work below.vi
, not vim
on CentOS. We will install a full version of vim
shortly.When it says “comment out” something below, it means insert a comment character (usually #
) at the very start of the line, e.g. change hiddenmenu
to #hiddenmenu
or change alias rm='rm -i'
to #alias rm='rm -i'
. The comment character turns the whole line into a comment – something that the program reading the file will ignore.
Make the configuration changes below to your Fresh Minimal Installation machine. Remember to preserve modification times on all files copied! If you have network connection problems below see Network Diagnostics.
Boot (power on) your Fresh Minimal Installation snapshot from the previous section.
Log in as the root
user on the black text console, as you did before.
Review the above points A., B., and C. so that you know what “back up”, “edit”, and “comment out” mean.
Create your alias for cp
to preserve modify times so that you don’t forget.
Networking is not yet enabled on boot. Enable it, so that you can connect to your CentOS system using a proper SSH connection instead of using the limited VMware system console:
/etc/sysconfig/network-scripts/ifcfg-eth0
then edit the original file and change the ONBOOT
variable setting from ONBOOT=no
to ONBOOT=yes
. (Always edit the original file, not the back-up file!) Save the file and exit the editor.
ONBOOT=yes
diff
command to compare the back-up file with the new file and make sure only one line has changed.root
prompt run: service network restart
eth0
:Bringing up interface eth0:
andDetermining IP information for eth0... done. [OK]
eth0
:
ifconfig eth0 | fgrep 'inet addr'
and see one line of output containing your system IP address (your inet addr
). Write down this local IP address; you will need it shortly.ip route | fgrep 'default'
and see one line of output containing your default gateway IP address.ping -c 1
X.X.X.X
where X.X.X.X
is your default gateway IP address and look for 0% packet loss
. (This may not work if you are using Bridged networking on-campus at Algonquin College because the ITS department blocks ping
.)Sample output for the above commands is given below – your hostname and CentOS IP addresses (write it down) will differ:
[root@abcd0001 ~]# fgrep 'ONBOOT' /etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
[root@abcd0001 ~]# service network restart
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done. [ OK ]
[root@abcd0001 ~]# ifconfig eth0 | fgrep 'inet addr'
inet addr:192.168.9.141 Bcast:192.168.9.255 Mask:255.255.255.0
[root@abcd0001 ~]# ip route | fgrep 'default'
default via 192.168.9.254 dev eth0
[root@abcd0001 ~]# ping -c 1 192.168.9.254
PING 192.168.9.254 (192.168.9.254) 56(84) bytes of data.
64 bytes from 192.168.9.254: icmp_seq=1 ttl=64 time=1.78 ms
--- 192.168.9.254 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 1.780/1.780/1.780/0.000 ms
Make sure the ping
shows 0% packet loss
(unless you are at Algonquin College, using Bridged networking, and ping
is being blocked by ITS, sorry).
Did you write down your CentOS IP address (not your default gateway address)? You are about to use it.
You may find it easier to use and configure your CentOS system using an SSH terminal connection that you can resize and in which you can use copy/paste instead of the fixed-size VMware CentOS console that you cannot resize or use copy/paste.
Sometimes the networking set-up on your host operating system does not permit you to connect to the network addresses of your virtual machines. If that is true, the following won’t work and you’ll have to consult the manual for your host operating system on how to enable network access to virtual machines.
inet addr
for eth0
.)
ssh
on Macintosh or Linux.root
with your root
password. Make sure you are using your CentOS address.root
to the CLS! The CLS will lock out your IP address! Log in to your CentOS machine using your CentOS IP address!Once you are logged in to your own CentOS machine, type who
and see that root
is logged in once on a VMware system console (tty1
) and once remotely via an SSH pseudo-terminal (pts/0
).
[root@abcd0001 ~]# who
root tty1 2014-03-09 23:26
root pts/0 2014-03-09 01:22 (192.168.244.1)
[root@abcd0001 ~]# tty
/dev/pts/0
I recommend using the SSH connection for all sysadmin work (including the rest of this document). Do not use the crappy VMware console. Note that, unlike using the system console, SSH network connections do not survive across a VM Suspend and Restore. All SSH sessions active when you suspend your VM will be disconnected. Save and exit your editors that are running over SSH before you suspend.
man
commandIndexThis system has manual pages, but no man
command to view them:
[root@abcd0001 ~]# which man
/usr/bin/which: no man in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
[root@abcd0001 ~]# whereis man
man: /usr/share/man
Use the yum
install command to fetch information about the man
package, and then we will install it:
root
run: yum info man
yum
will download some package lists before it answers the info
query.yum
cannot connect to the Internet, see Network Diagnostics.yum
seems to hang for a long time, see Appendix I.yum
shows Name : man
under Available Packages
.
man
under Installed Packages
, you have already installed it.yum install man
and when it asks Is this ok [y/N]:
answer with y
(yes) and Enter.
yum
will also ask you to import a GPG CentOS 6 Official Signing Key. Answer with y
(yes).Make sure which man
and whereis man
and man man
now work:
[root@abcd0001 ~]# which man
/usr/bin/man
[root@abcd0001 ~]# whereis man
man: /usr/bin/man /etc/man.config /usr/share/man /usr/share/man/man1/man.1.gz
[root@abcd0001 ~]# man man
...etc...
mail
commandIndexServers often need to email status messages to humans. We need to use the yum
install command to fetch and install an email client program package named mailx
:
root
run: yum info mailx
yum
will download some package lists before it answers the info
query.yum
cannot connect to the Internet, see Network Diagnostics.yum
seems to hang for a long time, see Appendix I.yum
shows Name : mailx
under Available Packages
.
mailx
under Installed Packages
, you have already installed it.yum install mailx
and when it asks Is this ok [y/N]:
answer with y
(yes) and Enter.
yum
will also ask you to import a GPG CentOS 6 Official Signing Key. Answer with y
(yes).After installation, make sure that mail -V
(upper case!) prints a version number (the number may differ, depending on which version of CentOS is installed):
[root@abcd0001 ~]# mail -V
12.4 7/29/08
The mailx
package installs some symbolic links so that the command mail
actually runs the mailx
program:
[root@abcd0001 ~]# ls -l /bin/mail*
lrwxrwxrwx. 1 root root 22 Mar 9 22:16 /bin/mail -> /etc/alternatives/mail
-rwxr-xr-x. 1 root root 369440 Aug 1 2013 /bin/mailx
[root@abcd0001 ~]# ls -l /etc/alternatives/mail
lrwxrwxrwx. 1 root root 10 Mar 9 22:16 /etc/alternatives/mail -> /bin/mailx
Also man mail
gives you the same man
page as man mailx
(again using more symlinks):
[root@abcd0001 ~]# whereis mail mailx
mailx: /bin/mail /etc/mail.rc /usr/share/man/man1/mail.1.gz
mailx: /bin/mailx /usr/share/man/man1/mailx.1.gz
[root@abcd0001 ~]# ls -l /usr/share/man/man1/mail.1.gz
lrwxrwxrwx. 1 root root 31 Mar 9 22:16 /usr/share/man/man1/mail.1.gz -> /etc/alternatives/mail-mail-man
[root@abcd0001 ~]# ls -l /etc/alternatives/mail-mail-man
lrwxrwxrwx. 1 root root 30 Mar 9 22:16 /etc/alternatives/mail-mail-man -> /usr/share/man/man1/mailx.1.gz
vim
editorIndexYour CentOS Minimal Installation comes with a minimal (they call it Small
) version of the vim
text editor named vi
that is missing many features and help files:
[root@abcd0001 ~]# vi --version | fgrep 'version'
Small version without GUI. Features included (+) or not (-):
[root@abcd0001 ~]# vimtutor
-bash: vimtutor: command not found
We want the full version, with help files and tutorials. As root
, download and install the full (they call it Huge
) version of vim
as follows:
root
run: yum info vim-enhanced
yum
will download some package lists before it answers the info
query.yum
cannot connect to the Internet, see Network Diagnostics.yum
seems to hang for a long time, see Appendix I.yum
shows Name : vim-enhanced
under Available Packages
.
vim-enhanced
under Installed Packages
, you have already installed it.yum install vim-enhanced
and when it asks Is this ok [y/N]:
answer with y
(yes) and Enter.
yum
will also ask you to import a GPG CentOS 6 Official Signing Key. Answer with y
(yes).After successful download and installation, start the newly-installed full version of VIM by typing vim
(not vi
) and note that this is the Huge version:
[root@abcd0001 ~]# vim --version | fgrep 'version'
Huge version without GUI. Features included (+) or not (-):
[root@abcd0001 ~]# which vimtutor
/usr/bin/vimtutor
vi
and vim
are different in CentOS!
alias vi=vim
Small
) vi
program found?Huge
) enhanced vim
program found?root
aliasesIndexCentOS has provided the root
account with some personal shell aliases that change the behaviour of some important commands and this is a bad idea. Type alias
and you will see some aliases similar to these:
[root@abcd0001 ~]# alias
alias cp='cp -i'
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde'
The aliases for ls
and which
are harmless, but the options added in the aliases for cp
, mv
, and rm
change the behaviour of these commands significantly. (What do those options do? RTFM for each command.)
On real servers, the root
account is often shared among several sysadmin, and so you must not define your own personal aliases in the root
account. Commands must work exactly as expected, not the way aliases might change them to work. We will remove these dangerous aliases from our root
account:
/root/.bashrc
(preserve the modify time) then edit the original file:
rm
.cp
.mv
.unalias -a
to make sure that no misleading aliases are defined for the root
account.
unalias
line at the bottom (end) of the .bashrc
, after all the existing lines in the file.diff
command to compare the back-up file with the new file and make sure only a few lines have changed.Keep your own personal aliases in your own account and source
them when you need them as root
. Do NOT put your personal aliases into the root
account itself. (Review Optional Sysadmin Shell Aliases.)
Log out of your VM and then log back in. Type alias
and make sure all the dangerous aliases are gone.
Shell command line history for root
is important to a sysadmin. It’s one way of knowing what commands were typed as root
.
Although the shell is saving its history upon exit, the history from different shells is not being saved, so history can be lost if you run more than one shell (e.g. multiple windows or multiple logins). Also, history is not being saved until a shell exits, which means you can also lose history if a shell is killed prematurely. We will fix this:
/root/.bashrc
then edit the original file again:
Insert this line at the top (beginning) of the file:
[ -z "${PS1-}" ] && return
Add these lines at the bottom (end) of the file:
# check the window size after each command and update LINES and COLUMNS
# append history to history file instead of overwriting it
shopt -s checkwinsize
shopt -s histappend
# keep a lot of shell history
# keep time stamps on each entry
# update history file after every command (not just on exit)
export HISTSIZE=9000
export HISTFILESIZE=99000
export HISTTIMEFORMAT=
PROMPT_COMMAND='history -a'
Use the diff
command to compare the back-up file with the new file and make sure only the intended lines have changed.
Run source ~/.bashrc
to source the new file to set up the history in the current shell. Make sure you see no output and no errors!
After sourcing the file, print the changed history variables to confirm:
[root@abcd0001 ~]# source ~/.bashrc
[root@abcd0001 ~]# printenv | fgrep 'HIST'
HISTSIZE=9000
HISTFILESIZE=99000
HISTTIMEFORMAT=
[root@abcd0001 ~]# echo "$PROMPT_COMMAND"
history -a
Check that the verification commands you just typed into the shell, above, are appearing at the bottom (end) of the root
BASH history file .bash_history
. (What command shows you the last few lines of a text file?)
The file /etc/hosts
usually contains a local copy of the name of the current machine, paired with the loopback IP address. CentOS is missing this, which means you can’t ping
your own host name:
[root@abcd0001 ~]# echo "$HOSTNAME"
abcd0001
[root@abcd0001 ~]# ping "$HOSTNAME"
ping: unknown host abcd0001
Back up the file /etc/hosts
then edit the original file and add your machine’s host name by adding the line 127.0.0.2 abcd0001
where abcd0001
is replaced by your machine’s host name (which must be the same name as your Blackboard userid):
[root@abcd0001 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
127.0.0.2 abcd0001
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Use the diff
command to compare the back-up file with the new file and make sure only the intended lines have changed.
Confirm that you can now ping
your own machine name with zero packet loss:
[root@abcd0001 ~]# echo "$HOSTNAME"
abcd0001
[root@abcd0001 ~]# ping -c 1 "$HOSTNAME"
PING abcd0001 (127.0.0.2) 56(84) bytes of data.
64 bytes from abcd0001 (127.0.0.2): icmp_seq=1 ttl=64 time=0.072 ms
--- abcd0001 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.072/0.072/0.072/0.000 ms
The name abcd0001
above must be your machine’s name, not abcd0001
. Your machine name must be the same name as your Blackboard userid.
ntpd
IndexThe system time is not being synchronized with the Internet. We need to use the yum
install command to fetch and install the Network Time Protocol (NTP) package named ntp
with its time daemon named ntpd
:
root
run: yum info ntp
ntp
; the NTP daemon is named ntpd
.yum
will download some package lists before it answers the info
query.yum
cannot connect to the Internet, see Network Diagnostics.yum
seems to hang for a long time, see Appendix I.yum
shows Name : ntp
under Available Packages
.
ntp
under Installed Packages
, you have already installed it.yum install ntp
and when it asks Is this ok [y/N]:
answer with y
(yes) and Enter.
yum
will also ask you to import a GPG CentOS 6 Official Signing Key. Answer with y
(yes)./etc/ntp.conf
then edit the original file to add the line tinker panic 0
on its own line just above the driftfile
line.
diff
command to compare the back-up file with the new file and make sure only the one line changed.ntpd
program that it can always change the clock value, no matter how far off it is. Normally the ntpd
daemon refuses to change a clock value that is more than 1,000 seconds wrong.Run: chkconfig --list ntpd
(and note the spelling of the service name ntpd
). You will see one line indicating that the ntpd
time daemon is turned off in every Run Level.
Run: chkconfig ntpd on
(again note the spelling of ntpd
).
Run: chkconfig --list ntpd
(again note the spelling of ntpd
). You will see one line indicating that the ntpd
time daemon is now turned on in Run Levels 2 through 5:
[root@abcd0001 ~]# chkconfig --list ntpd
ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Run: service ntpd start
and you should see one line saying Starting ntpd: [OK]
. (If you already started ntpd
, you won’t see the [OK]
.)
Run: tail /var/log/messages
or fgrep 'ntpd' /var/log/messages
and confirm that there are several log entries for ntpd
saying Listen normally
. If you see errors, fix them and run service ntpd restart
to restart ntpd
.
If all goes well, ntpd
starting up will have reset your system clock to the correct time. (Run the date
command and see.) The log file might say something like clock_step +14398.864481s
indicating a time change of (for example) 14398 seconds. If nothing happened, try waiting 5–10 minutes and see if the time updates. You can perform the other edits below while you wait for this to happen. Continue reading:
Installing NTP doesn’t always work to keep your system time updated, and sometimes NTP can’t synchronize your clock inside some versions of VMware or under some host operating systems. Sometimes, installing the VMware Tools package can mitigate this problem; more on that later.
Even with ntpd
running, the system may take 5-10 minutes to re-synchronize its time after a VM Pause, Suspend, or reboot. (Earlier versions of CentOS were faster at time synchronization.) Servers in the real world are not paused, suspended, or rebooted as often as at school.
Installing VMware Tools will often help with getting the time right after a VM pause or suspend. VMware Tools will be installed in a separate document, later.
The system time zone file is not correct for our time zone.
Run: tzselect
and answer the questions to find the full name of the Eastern Time – Ontario time zone. (Hint: It is two words separated by a slash, and has the name Toronto
in it.) Ignore the advice about your .profile
file – you are the sysadmin of this machine and you are setting the system time zone, not an individual user’s time zone.
Back up the file /etc/sysconfig/clock
then edit the original file to change the ZONE
variable to ZONE="XXX/YYY"
where XXX/YYY
is the name of the time zone printed by tzselect
(including the double quotes). The word Toronto
is in this name.
Run the tzdata-update
command. This will copy the correct time zone information file from under directory /usr/share/zoneinfo/
to /etc/localtime
.
Run a checksum (any kind) on the file /etc/localtime
and on the file under directory /usr/share/zoneinfo/
corresponding to the Toronto
time zone and verify that both files have the same checksum. (Hint: You will need to search for the correct Toronto
file under that directory. What command finds file names by basename? What command can calculate a checksum?)
Security Enabled Linux is turned on, which can cause many problems for novice Linux users. On a real server, we would leave it enabled. You will learn SELinux configuration in later Linux courses.
/etc/sysconfig/selinux
then edit the original file and change the SELINUX
variable setting from SELINUX=enforcing
to SELINUX=disabled
.
diff
command to compare the back-up file with the new file and make sure only the one line changed.The system boot messages are being hidden by a pretty but unhelpful CentOS graphics screen. The screen covers up many useful system messages at boot time. As a sysadmin, you want to see all the boot messages.
Take a snapshot of your VM now, in case you make a mistake in the following edit. If you damage lines in this GRUB configuration file, your machine may not boot at all. You’ll have to restore from the snapshot and reconfigure.
/boot/grub/grub.conf
then edit the original file:
timeout
from 5
to 30
.hiddenmenu
line to make the GRUB menu visible on boot. (Insert a single #
comment character in front of hiddenmenu
so that it looks like #hiddenmenu
and will be ignored.)rhgb quiet
from the far right end of the very long kernel
line to get rid of the silly CentOS animated graphics screen. (Make sure you don’t accidentally break this line into pieces. Keep it one long line.)The resulting file should be two words smaller than the back-up file:
[root@abcd0001 ~]# wc -lw /boot/grub/grub.conf*
17 81 /boot/grub/grub.conf
17 83 /boot/grub/grub.conf.bak
Use the diff
command to compare the back-up file with the new file and make sure only the intended lines have changed.
You will know if your edits are accurate at the next reboot, coming up in the next section. If the reboot fails, restore back to your snapshot and try the edit again.
Having made all the above configuration changes, your CentOS configuration must pass all of the following verification steps after you reboot it:
shutdown -r now
or simply reboot
GNU GRUB
menu should now be visible (not hidden) – see the image below.After the boot, when the machine is up and running, log in on the console again (or, better, use an ssh
or PuTTY
connection to the IP address) and log in as the user root
so you can run some verification commands:
Run alias
and make sure the root
account has no dangerous aliases.
Check that the commands you just typed, above, are appearing at the bottom (end) of the root
BASH history file .bash_history
and that the history environment variables set in the root
.bashrc
are all set in the current shell.
Run: free
and verify that you have a total
Memory of about 256MB (e.g. approximately 248836KB
). (If you have more than about 256MB, you forgot to change the Memory settings for this VM. Shut it down safely and fix the Memory and reboot.)
Run the selinuxenabled
command followed by echo "$?"
to display the command exit status variable contents. The status must be 1
(indicating failure – SELinux should not be enabled). If you see zero, you forgot to disable SELINUX
above. Try again.
[root@abcd0001 ~]# selinuxenabled ; echo $?
1
In file /etc/sysconfig/clock
verify that the ZONE
variable is set to a local Ontario city time zone (not New York).
pgrep -l ntpd
and verify that the output is one line (a process number and the word ntpd
).
Look at the first ten lines of /etc/ntp.conf
and verify that you find the tinker panic 0
line you added.
Search for the word ONBOOT
in file /etc/sysconfig/network-scripts/ifcfg-eth0
and verify that its value is set to yes
.
ifconfig eth0
and verify that its inet addr:
has an IP address listed.
Run: ip route
and verify that you have a default via
route listed for dev eth0
.
Examine file /etc/resolv.conf
and verify that there is at least onenameserver
line in the file.
Confirm that you can ping
your own machine name with zero packet loss and that your host name resolves to the IP loopback address 127.0.0.2
:
[root@abcd0001 ~]# ping -c 1 "$HOSTNAME"
PING abcd0001 (127.0.0.2) 56(84) bytes of data.
64 bytes from abcd0001 (127.0.0.2): icmp_seq=1 ttl=64 time=0.072 ms
--- abcd0001 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.072/0.072/0.072/0.000 ms
Make sure the man
command works.
Make sure the mail
command is installed.
Make sure the full Huge
version of VIM is installed.
rpm -q -a | wc
and verify that you have exactly 220
packages installed.
Consult with your instructor if any of the above verification steps fail. Sometimes you can recover a missed configuration step without starting over from scratch.
Make sure your CentOS virtual machine passes the all above verification steps before saving it!
To avoid all the resume problems mentioned earlier, you may want to shut down your machine before taking a snapshot.
You can delete any intermediate snapshots that you don’t need, leaving only the Fresh Minimal Installation and the Configured Installation.
Now, Install VMware Tools
This ends the initial Installation and Configuration of a minimal server-style CentOS system. The next sections explain some important things to know about your new virtual server.
You can either Suspend or Shut Down (power off) your VM as follows:
This is the fastest way to save your machine state. Most times you will want to suspend your Virtual Machine so that you can resume it quickly where you left off:
When you resume your Virtual Machine, you may need to refresh the network settings for your new network location by running (as root
): service network restart
If you need to reconfigure most parts of the VMware Virtual Machine that is running your Linux server, you need to shut down Linux before VMware will let you change the settings. Here’s how:
root
(or login in as a user and then become root
, if you have disabled root
logins)root
run: shutdown -h now
or simply halt
(if available)
Most Linux machines running in multi-user mode (not single-user) allow you to have multiple system consoles active by typing ALT+F2
(hold down ALT
and simultaneously push Function Key 2
) to switch to the second console, ALT+F3
to the next one, etc. The default, first, console is of course ALT+F1
. This only works on console terminals, not on remote login sessions.
Multiple consoles allow you to multi-task and have multiple “windows” on the system console without all the overhead of a graphical user interface.
When you log out of a server console, make sure you check all the alternate consoles and log them out, too! Don’t leave an open
root
login session active when you walk away from the machine console!
You can’t do ALT+F2
inside a PuTTY or SSH session, but there are programs such as screen
and tmux
that let you do that type of multiple console interface and much, much more.
yum
doesn’t workIndexThis Appendix is only necessary if you find that the yum
installer hangs or does not work. If yum
hangs or fails, do these steps until it works:
^C
(Ctrl-C
) will not interrupt the hung yum
command, use ^Z
to STOP
the yum
command and then kill %yum
to kill it. (If that doesn’t kill it, use kill -9 %yum
)
yum
session is to switch to a second console (e.g. ALT-F2
), log in as root
, find the process ID of the hung yum
process, use kill
to send that process ID a SIGTERM
or SIGKILL
termination signal, then switch back to the first console again.root
type: service network restart
and try yum
again.
ping
hosts, but Algonquin College blocks most ICMP traffic so it may not work as a diagnostic tool.yum
still hangs on the wired network, kill yum
again (see above) and then try:
service network restart
and try yum
again.When yum
finally works, you may need to accept a security key: say yes