Post-install configuration for Centos 8.0.1905 x86_64 minimal installation

Submitted by peter on Fri, 27/09/2019 - 12:23

Work in progress

The instructions below relate to a minimum install of CentOS 8.0.1905 x86_64 from a DVD1 ISO.

Before installing, modify the kernel command line to include "biosdevname=0 net.ifnames=0" so that the network interface(s) don't get renamed.

  1. Perform minimal installation of Centos 8.0.1905 x86_64 from DVD1 ISO,
  2. Remove installation media and reboot,
  3. Wait for background system processes to complete, i.e., for the system to become idle,
  4. If required, set "ONBOOT" to "yes" in /etc/sysconfig/network-scripts/ifcfg-eth0 (or whatever the interface is named),
  5. Edit /etc/default/grub to change GRUB_DEFAULT to 0 (zero), remove "rhgb" and "quiet", add "selinux=0" and "ipv6.disable=1" (and maybe "consoleblank=0"), then run grub2-mkconfig -o /boot/grub2/grub.cfg or grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg on EFI hosts
  6. Reboot,
  7. Connect via SSH from here on,
  8. Remove packages: rpm -e biosdevname tuned selinux-policy selinux-policy-targeted rpm-plugin-selinux audit firewalld irqbalance `rpm -qa iwl*` AND THEN rm -fr /etc/tuned*
  9. Check: Remove packages: rpm -e biosdevname tuned chrony selinux-policy selinux-policy-targeted rpm-plugin-selinux audit NetworkManager NetworkManager-tui NetworkManager-team kexec-tools timedatex polkit polkit-pkla-compat firewalld irqbalance `rpm -qa iwl*` AND THEN rm -fr /etc/tuned /etc/chrony*
  10. yum -y install net-tools bind-utils (net-tools gets ifconfig, netstat, etc.)
  11. Disable IPv6 in /etc/ntp.conf and configure local NTP servers, then use systemctl to enable ntpd and ntpdate services
  12. May need to massage /etc/sysconfig/network-scripts/ifcfg-eth0
  13. yum -y update
  14. Disable IPv6 and set relay_host to smtp.cse.unsw.edu.au in /etc/postfix/main.cf and restart postfix.service. Fix root alias in /etc/aliases and run newaliases. See also Configuring outgoing email for sendmail and postfix,
  15. Reboot,
  16. Install cron job to poll for updates: 45 2 * * * yum check-update; yum list > yum.list.txt,
  17. Install additional packages: yum -y install rsync man-pages lsof strace tcpdump telnet wget bzip2
  18. Create directory /root/.ssh, copy in authorized_keys, and edit /etc/ssh/sshd_config and set to "no" to UseDNS, PasswordAuthentication and GSSAPIAuthentication. Restart sshd and check configuration using ssh -v ...,
  19. rm /root/anaconda-ks.cfg
  20. cd /var/log; rm -fr anaconda audit tuned firewalld

To configure networking for more than DHCP:

  • /etc/resolve.conf
  • /etc/sysconfig/network
  • /etc/sysconfig/network-scripts/ifcfg-eth0

Tags: