yum -y install binutils bind-utils compat-db.x86_64 compat-libstdc* compat-libstdc++-33.i686 compat-libstdc++-33.x86_64 elfutils-libelf elfutils-libelf-devel elfutils-libs.i686 elfutils-libs.x86_64 elfutils.x86_64 firefox ftp gcc gcc-c++ glibc-common glibc-devel glibc-headers glibc* gtk2-engines.x86_64 gtk2.i686 gtk2.x86_64 kernel-devel kernel-headers ksh ksh.x86_64 libaio libaio-devel libaioi libcanberra-gtk2.x86_64 libcyanberra-gtk2.i686 libgcc.i686 libgcc.x86_64 libgcc* libstdci libstdc++.i686 libstdc++.x86_64 libXft.i686 libXft.x86_64 libXmu.i686 libXmu.x86_64 libXp libXp.i686 libXp.x86_64 libXpi libXtst.i686 libXtst.x86_64 make mc mlocate net-tools ntp nfs-utils nfs-utils-lib PackageKit-gtk3-module PackageKit-gtk3-module.i686 pam-devel pam-develi pam.i686 pam.x86_64 rpm-build.x86_64 samba samba-client samba-common sg3_utils telnet unixODBC unixODBC-devel unixODBCi vim wget xauth xorg-x11-apps xorg-x11-xauth xterm

ssh

.Xauthority

vi /etc/ssh/sshd_config

#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
X11UseLocalhost no
#PermitTTY yes

service sshd restart

Security

systemctl stop firewalld
systemctl disable firewalld

vi /etc/sysconfig/selinux
SELINUX=disabled

vi /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

systemctl start rpcbind
systemctl enable rpcbind

vi /etc/security/limits.conf

*    soft    nofile 65536
*    hard    nofile 65536

ntp

ntpdate pool.ntp.org
chkconfig ntpd on
service ntpd start

nfs

systemctl enable nfs-server

// for sharing folders

vi /etc/exports

/Users/bhr/Music/iTunes/iTunes\ Media -network 10.0.29.0 -mask 255.255.255.0
/Users/bhr/Software -network 10.0.29.0 -mask 255.255.255.0

// to show exported folders

showmount -e

// to stop start nfs

service nfs status

// to mount external folders

mount -t nfs 192.168.0.150:/Volumes/macos/Users/bhr/software /mnt/ nfs defaults 0 0 /mnt

// to automatically mount external folders

vi /etc/fstab
192.168.0.150:/Volumes/macos/Users/bhr/software /mnt/ nfs defaults 0 0

smb

vi /etc/idmapd.conf
Domain = sites

vi /etc/samba/smb.conf

[global]
    workgroup = WORKGROUP
    server string = CNX5 Samba Server %v
    netbios name = CNX5
    security = user
    map to guest = bad user
    dns proxy = no

[IBM]
path = /opt/IBM
valid users = root
browsable =yes
writable = yes
guest ok = no

smbpasswd -a root

systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service

testparm

ihs

groupadd ihsadm
useradd -g ihsadm -s/bin/bash -d /home/ihsadmin -m ihsadmin
Passwd ihsadmin
./htpasswd ../conf/admin.passwd ihsadmin

letsencrypt

  1. create local keystore
  2. in DNS create TXT entry: _acme-challenge.was.hensler.net with value provided in 4
  3. nslookup -q=TXT _acme-challenge.was.hensler.net
  4. sudo certbot certonly –manual –preferred-challenges dns –email bhensler@gmail.com –domains was.hensler.net
  5. with certificate request: sudo certbot certonly –manual –preferred-challenges dns –email bhensler@gmail.com –domains was.hensler.net –csr was.hensler.net.req

LC_CTYPE

vim /etc/environment

LANG=en_US.utf-8
LC_ALL=en_US.utf-8

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.