Oracle Linux/Installing

From r00tedvw.com wiki
Revision as of 03:00, 5 February 2017 by R00t (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Installing

Contents

Downloading

Direct Download links are available:
https://wikis.oracle.com/display/oraclelinux/Downloading+Oracle+Linux
I downloaded from the US source:
http://mirrors.wimmekes.net/pub/iso/

Installation

In VMWare, you'll probably need to add the keyboard value in the VM config due to duplicate keystrokes. Check out the CentOS advise, same applies

Network Config

If you installed the basic package, most likely the NIC is not configured for DHCP. try:

User ~ $ system-config-network

Once DHCP is configured, the next step is to restart the NIC.

User ~ $ ifdown eth0
User ~ $ ifup eth0
 
Determining IP information for eth0... done.
User ~ $ifconfig eth0

Make sure your hostname is defined in /etc/sysconfig/network

HOSTNAME=server.fqdn.com

Also for the network config, put your FQDN in the hosts file @ /etc/hosts

127.0.0.1   server.fqdn.com
::1   server.fqdn.com
OR
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
ip.address	fqdn.hostname

connect on boot

By default the network interface comes turned off on boot.

~$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0c:29:4f:09:c8
TYPE=Ethernet
UUID=5eed1f7e-74da-4841-b03b-3d4cc0812ade
ONBOOT=no
NM_CONTROLLED=yes
BOOTPROTO=dhcp
USERCTL=no
PEERDNS=yes
IPV6INIT=no

Change it so it automatically starts and connects on boot

ONBOOT=yes

Oracle linux 7

~$ sudo nmtui

Within this you can configure the IPv4/IPv6, set them to automatic and to connect on startup.
You can also set the hostname.

Setup yum Repo

https://blogs.oracle.com/wim/entry/setting_up_oracle_linux_6

# cd /etc/yum.repos.d
# wget http://public-yum.oracle.com/public-yum-ol6.repo
# yum repolist
# yum update

Sudoers Config

Personally I prefer to use a group for sudoer management. Specify a unique UID so that it will be the same on all servers (manually dictate).
However, the wheel group is essentially the same thing and is setup by default.

# groupadd -g <unique UID> sudo
ie. #sudo groupadd -g 500 sudo

Now we can add the group to the sudoers file

# visudo
Add the following under the entry for root

## Allows members of the 'sudo' group to run all commands anywhere
%sudo     ALL=(ALL)          ALL

Add new user(s) and make them a part of the new sudo group

# useradd -G sudo -u <unique UID> user_a
ie. # sudo useradd -G sudo -u 1000 user_a

Change the password of the user

# passwd <username>

SSH Config

With Oracle Linux 6.8, openssh should be installed by default, but if it isnt:

#yum install openssl openssh-server

iptables

Oracle Linux comes preloaded with some default rules which i've had issues with when attempting to remote ssh. my opinion is to flush them and load up more specific defaults.

flush

# iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Now save this change:

# sudo service iptables save

Load new rules

Here are some basic rules to allow basic outbound traffic and 22 inbound from internal connections.

# sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# sudo iptables -A INPUT -i lo -j ACCEPT
# sudo iptables -A INPUT -s 10.0.0.0/8 -p tcp --dport 22 -j ACCEPT -m comment --comment "SSH - Internal"
# sudo iptables -A INPUT -s 10.0.0.0/8 -p icmp --icmp-type echo-request -j ACCEPT -m comment --comment "ICMP ECHO - Internal"
# sudo iptables -P FORWARD DROP
# sudo iptables -P INPUT DROP 

Now save this change:

# sudo service iptables save
Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Ubuntu
Ubuntu 22
Mac OSX
Oracle Linux
AWS
Windows
OpenVPN
Grafana
InfluxDB2
TrueNas
OwnCloud
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
Plex Media Server
MetaSploit
Zoneminder
ShinobiCE
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
2020 Election
Volkswagen
Covid
NCDMV
Toolbox