Initial Setup of a Linux CentOS5 / RHEL5 System

From CVL Wiki

Revision as of 15:53, 20 March 2009 by Jkh (Talk | contribs)

Jump to: navigation, search

Running Linux straight out of the box is a bit of a raw experience. I make a number of tweaks after the initial install. I'm going to document those tweaks here.

Contents

Never login as root!

During the install, there will be a place to create an account. Create an account there. Login with the account you created during the install.

Get sudo working for your account.

Once you are logged in, start a "Terminal". Type su, type the root password. This will be the first and last time you type "su". Now, edit /etc/sudoers. Find the line

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

and add you account:

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
jkh     ALL=(ALL) NOPASSWD:     ALL

I add the "NOPASSWD:" option, this allows you to run sudo with out typing your password. Many people would argue that this is a security problem. Just make sure that your password is strong.

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
jkh     ALL=(ALL) NOPASSWD:     ALL

Since the /etc/sudoers is not "write-able" by anyone, to save the file you must use ":w!" followed by ":q". Now exit "su" with "Ctrl-D".

Get things up-to-date

Apply all updates since the CD/DVD was burned.

sudo yum -y update

Add yum repositories

There are three yum repositories I add: epel (Extra Packages for Enterprise Linux), Dag Wieers' excellent rpmforge, and for Adobe's flash and pdf. Its a bit tricky to do this properly, the yum repos will step on each-others' feet. Largely I follow this.

  1. First install yum-priorities as suggested.
    sudo yum install yum-priorities
    • Edit /etc/yum/pluginconf.d/priorities.conf and verify that it is on.
    • Edit /etc/yum.repos.d/CentOS-Base.repo, add priority=1 for each section.
  2. Install epel. See this. Note that their instructions are not the best...
    sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/$(uname -i)/epel-release-5-2.noarch.rpm
    The 5-2 release number may not be correct as the releases march along with time.
    • Edit /etc/yum.repos.d/epel.repo, add priority=3 to each section
  3. Install rpmforge. See this.
    sudo rpm -Uhv http://apt.sw.be/redhat/el5/en/$(uname -i)/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.$(uname -i).rpm
    • Edit /etc/yum.repos.d/rpmforge.repo, add priority=4 to each section.
  4. Install Adobe's repo. See this, pick "YUM for Linux".
    (As of this writing the 64 versions of Adobe's stuff was in beta. Later we might incorporate this.)
    • Something like
      sudo rpm -Uvh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm
      Note: this is a 32 bit version only (i386). Eventually we will get 64 bit everything for the browser, but for now we are going to do a 32 browser on a 64 bit system. See below (How to make everything work in firefox).
    • Edit /etc/yum.repos.d/adobe-linux-i386.repo, add priority=5 to the one section.
  5. And one last update all to be sure.
    sudo yum -y update

Add bash-completion

Bash-completion make the "tab-completion" intelligent. Before installing bash-completion, the tab key will only complete file names, after it will complete intelligently lots of commands.
sudo yum -y install bash-completion
After install, try it out. Type:
yum <TAB><TAB>
You will see a list of sub-commands for yum, not file names! Use the tab key everywhere, you will be supprised what it will complete!

Add system commands the the path (/sbin, /usr/sbin, etc.) for everyone

By default the directories which have commands the are mostly used only by sys-admin types are not in the path. But, just so you don't have type type /sbin/ifconfig to see what your network is, I add /sbin to everyone's path.

Edit /etc/profile and look for this

# Path manipulation
if [ "$EUID" = "0" ]; then
       pathmunge /sbin
       pathmunge /usr/sbin
       pathmunge /usr/local/sbin
fi

Make it look like this:

# Path manipulation
# if [ "$EUID" = "0" ]; then
       pathmunge /sbin
       pathmunge /usr/sbin
       pathmunge /usr/local/sbin
# fi

Make the beeping stop!

Every time vi / bash / etc. sends a beep it annoys me greatly. Stopping the beep is very obscure.

Edit /etc/inputrc and make this

#set bell-style none

look like this (i.e. uncomment the line):

set bell-style none

Making updates automatic

By default, the system will tell you about updates, but not actually do them. To fix this, edit /etc/yum/yum-updatesd.conf and change this

# how to send notifications (valid: dbus, email, syslog)
emit_via = dbus
# should we listen via dbus to give out update information/check for
# new updates 
dbus_listener = yes

# automatically install updates
do_update = no
# automatically download updates
do_download = no
# automatically download deps of updates
do_download_deps = no

to this:

# how to send notifications (valid: dbus, email, syslog)
emit_via = syslog
# should we listen via dbus to give out update information/check for
# new updates 
dbus_listener = no

# automatically install updates
do_update = yes
# automatically download updates
do_download = yes
# automatically download deps of updates
do_download_deps = yes

Tweak ssh, make it quiet, and turn on X

Ssh is great, but I like to not have to type "ssh -X <machine>" every time. Also, answering "yes" every time I connect to a new machine gets old.
Edit /etc/ssh/ssh_config and after the line that is Hosts * (NOT commented out), add the following:

Host *
  ForwardAgent yes
  ForwardX11 yes
  StrictHostKeyChecking no

Also, should you use ssh a lot (like me) and want it to be completely quiet, create an empty file in your home directory called .hushlogin on each machine you ssh to (not just this machine, but the machine where you are going).

touch ~/.hushlogin

Very important: Send root's email to someone who cares!

By default, the root account will receive email from various daemons detailing the general health of the system. This email should not be just ignored. Send it to someone who cares (you?).

Edit ~root/.forward, put your email address there.

[jkh@localhost ~]$ sudo su -
[root@localhost ~]# echo 'your.email@address.here' > .forward

Sound and Video

Get gstream stuff to work (rhythmbox), video (mplayer) and xmms installed and working.

  1. Install

Making firefox work

What we would like is to have a web browser that has flash, pdf, and Java working. If you are running a 64 bit install, the easiest way of doing this is to remove the 64

  1. Only on 64 bit installs, remove 64 bit version of firefox.
    sudo yum -y remove firefox.x86_64
  2. Install 32 bit version of firefox
    (Probably unnecessary on 32 bit machine but won't hurt.)
    sudo yum -y install firefox.i386
  3. Install flash
    What we would like to do is this (Don't do this):
    sudo yum -y install flash-plugin
    But that installs version 10 of the flash player. As of this writing (March 19, 2009) that version does not work. I recommend this:
    sudo rpm -Uvh http://computing.ece.vt.edu/Java/flash-plugin-9.0.48.0-1.el5.rf.i386.rpm
    And now you need to exclude flash-plugin from yum's updates. So, edit /etc/yum.conf and add this line:
    exclude=flash-plugin
  4. Install Adobe PDF Reader
    sudo yum -y install AdobeReader_enu
  5. Install Java
    I don't follow most of the directions you might find on the net. This is much simpler. Eventually we will not have to do this, Sun has finally freed Java.
    sudo rpm -Uvh http://computing.ece.vt.edu/Java/jdk-6u4-linux-i586.rpm
    And now, make it work:
    sudo rpm -Uvh http://computing.ece.vt.edu/Java/java-1.6.0-sun-compat-1.6.0.04-1jpp.i586.rpm

Now test them:

  1. A good flash test.
  2. A good Java test.
  3. A good PDF test.
Views
Personal tools
Support