Skip to content

Centos 7

Service Control

In the following examples we will use httpd as a service

Check Service Status

systemctl status httpd

Start Service

systemctl start httpd

Stop Service

systemctl stop httpd

Enabling A Service On Boot

 systemctl enable httpd

Check If The Service Starts On Boot

systemctl status httpd

for enabled service should be printed:

httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)

for disabled service should be printed:

httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled)

Check Which Services Failed To Start On Boot

systemctl --failed

exmaple:

$ systemctl --failed
UNIT            LOAD   ACTIVE SUB    DESCRIPTION
kdump.service   loaded failed failed Crash recovery kernel arming
php-fpm.service loaded failed failed The PHP FastCGI Process Manager

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

Installing Network Tools

yum install net-tools -y

Stop and Disable Firewall on Centos 7

systemctl stop firewalld
systemctl disable firewalld

Change Default Port for SSH with SElinux Enabled

you will need semanage, find what package contains it:

yum whatprovides /usr/sbin/semanage

Usually it's policycoreutils-python

yum install policycoreutils-python

Add new allowed port for SSH for SElinux

semanage port -a -t ftp_port_t -p tcp <YOUR PORT>

Disable SELinux on CentOS 7

change SELINUX=enforcing to SELINUX=disabled

sudo nano /etc/selinux/config

reboot.

Check status

sestatus

Enabling Automatic Updates In Centos 7 & rhel 7

Install yum-cron

The package that allows us to do automatic updates via yum is yum-cron, to do this just open a terminal as root and run the command:

yum -y install yum-cron

This will install the yum-cron package, now it’s time to configure it, the default configuration file it’s /etc/yum/yum-cron.conf.

Configure yum-cron for auto-update

As you can see the default it’s to upgrade all your packages, the same you’d obtain with the command yum upgrade, but there are also other options and now you can decide to just do security upgrade or even just the most critical security, this add a lot of flexibility and options.

#  What kind of update to use:
# default                            = yum upgrade
# security                           = yum --security upgrade
# security-severity:Critical         = yum --sec-severity=Critical upgrade
# minimal                            = yum --bugfix upgrade-minimal
# minimal-security                   = yum --security upgrade-minimal
# minimal-security-severity:Critical =  --sec-severity=Critical upgrade-minimal
update_cmd = default

# Whether a message should be emitted when updates are available,
# were downloaded, or applied.
update_messages = yes

# Whether updates should be downloaded when they are available.
download_updates = yes

# Whether updates should be applied when they are available.  Note
# that download_updates must also be yes for the update to be applied.
apply_updates = no

# Maximum amount of time to randomly sleep, in minutes.  The program
# will sleep for a random amount of time between 0 and random_sleep
# minutes before running.  This is useful for e.g. staggering the
# times that multiple systems will access update servers.  If
# random_sleep is 0 or negative, the program will run immediately.
# 6*60 = 360
random_sleep = 360

Yum-Cron Service: Start/Stop/Status/Enable on Boot

Follow Service Control for more details. Use service yum-cron.service
For example:

systemctl enable yum-cron.service

Fix Locals Error In Bash

Error :"bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory"

add these lines to /etc/environment (create it, if it doesn't exist):

LANG=en_US.UTF-8
LC_ALL=en_US.UTF-8

Disable IPv6

Append below lines in /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

To make the settings affective, execute :

sysctl -p

Fix NFS mount on Boot - Centos 7

Append text to the end of /usr/lib/systemd/system/nfs-idmap.service

[Install]
WantedBy=multi-user.target

Append text to the end of /usr/lib/systemd/system/nfs-lock.service

[Install]
WantedBy=nfs.target

Enable related services

systemctl enable nfs-idmapd.service
systemctl enable rpc-statd.service
systemctl enable rpcbind.socket

Reboot the server

Set TimeZone

timedatectl set-timezone Asia/Jerusalem

Remove Old Kernels

If your /boot partition is getting filled, you may wish to automatically remove old kernels. I find the best way to do this is to install the yum utilities package and then use a command to delete all but 2 kernels (just in case there is a problem with the latest one).

sudo yum install yum-utils -y
sudo package-cleanup --oldkernels --count=2

Comments