Setting up Oracle Linux server

Leave a Comment / Linux / By

Setting classic kernel instead of Unbreakable kernel by Oracle

Presuming that Default kernel is first one = 0

# grub2-set-default 0
# grub2-mkconfig -o /etc/grub2.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-229.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-229.el7.x86_64.img
Found linux image: /boot/vmlinuz-3.8.13-55.1.6.el7uek.x86_64
Found initrd image: /boot/initramfs-3.8.13-55.1.6.el7uek.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-26ad0b77c2de4840ba8402282bdd9d17
Found initrd image: /boot/initramfs-0-rescue-26ad0b77c2de4840ba8402282bdd9d17.img
done

Reboot server

Setting up hostname and network

Set hostname. Do not use FQDN name.

# vi /etc/hostname

#cat /etc/hostname
yourhostname

 

Check interface status and info

# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:b0:7c:83 brd ff:ff:ff:ff:ff:ff

 

change interface configuration if needed

#vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

Minimum configuration values: BOOTPROTO and ONBOOTTYPE=Ethernet

BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s3
UUID=68c537ce-f5c6-431f-aef7-4c33d58eb7a6
DEVICE=enp0s3
ONBOOT=yes

Restart network service

# service network restartCheck IP protocol status

# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:b0:7c:83 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.20/24 brd 192.168.1.255 scope global dynamic enp0s3
valid_lft 42378sec preferred_lft 42378sec
inet6 fe80::a00:27ff:feb0:7c83/64 scope link
valid_lft forever preferred_lft forever

 

Check dns setting.

Keep resolv.conf unchanged if you use DHCP protocol.

#cat /etc/resolv.conf
# Generated by NetworkManager
search yourdomain.com
nameserver your.ip.add.ress
nameserver your.ip.add.ress2

Keep hosts file unchanged if you use DHCP.

#cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

 

Perform ping test from another system

# ping anotherhost
PING anotherhost.yourdomain.com (192.168.1.30) 56(84) bytes of data.
64 bytes from anotherhost.yourdomain.com (192.168.1.30): icmp_req=1 ttl=64 time=3.96 ms
64 bytes from anotherhost.yourdomain.com (192.168.1.30): icmp_req=1 ttl=64 time=3.96 ms
^C
--- anotherhost.yourdomain.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.426/1.635/3.960/1.644 ms

 

More info: RedHat 11.1. Network Configuration Files

 

 

Disable SELinux

1. Check SELinux status :

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

2. Open selinux configuration file :

#vi /etc/sysconfig/selinux

3. Change “SELINUX=enforcing” to “SELINUX=disabled” and save the configuration file :

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

4. Reboot the server to take effect :

# reboot

5. After reboot, you can verify the status of SELinux. Issue “sestatus” command to verify that SELinux permanently disabled:

# sestatus
SELinux status:                 disabled

 

 

Setting Proxy for whole system

Example for non password proxy. No_proxy is not mandatory

 

vi /etc/environment

http_proxy="http://proxysrv:8080/"
https_proxy="https://proxysrv:8080/"
ftp_proxy="ftp://proxysrv:8080/"
no_proxy=".mylan.local,.domain1.com,host1,host2"

Reboot server

 

Without restart but once restarted EXPORT will be cleared.

export http_proxy="http://proxysrv:8080/"
export https_proxy="https://proxysrv:8080/"
export ftp_proxy="ftp://proxysrv:8080/"
export no_proxy=".mylan.local,.domain1.com,host1,host2"

Setting  Time

Set correct time zone ans set time

#timedatectl  set-timezone "Europe/Prague"

#date --set="01:57:00"

 

Install,  configure NTP and let it do its thingie

#yum install ntp

#vi /etc/ntp.conf

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server ntp1.yourdomain.com
server ntp2.yourdomain.com
server ntp3.yourdomain.com
server ntp4.yourdomain.com

#service ntpd restart

#chkconfig ntpdate on

 

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.