Post-install configuration for Centos 7.4.1788 x86_64 minimal installation

The instructions below relate to the installation of CentOS 7.4.1708 x86 from a Minimal ISO.

Before installing, modify the kernel command line to include "biosdevname=0 net.ifnames=0" so that the network interface(s) don't get renamed.

  1. Perform minimal installation of Centos 7.4.1708 x86_64 from Minimal ISO,
  2. Remove installation media and reboot,
  3. Wait for background system processes to complete, i.e., for the system to become idle,
  4. If required, set "ONBOOT" to "yes" in /etc/sysconfig/network-scripts/ifcfg-eth0 (or whatever the interface is named),
  5. Edit /etc/default/grub to change GRUB_DEFAULT to 0 (zero), remove "rhgb" and "quiet", add "selinux=0" and "ipv6.disable=1" (and maybe "consoleblank=0"), then run grub2-mkconfig -o /boot/grub2/grub.cfg or grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg on EFI hosts
  6. Reboot,
  7. Connect via SSH from here on,
  8. Remove packages: rpm -e biosdevname tuned chrony selinux-policy selinux-policy-targeted audit NetworkManager NetworkManager-tui NetworkManager-libnm NetworkManager-wifi wpa_supplicant kexec-tools polkit polkit-pkla-compat firewalld irqbalance wpa_supplicant NetworkManager-team `rpm -qa iwl*` AND THEN rm -fr /etc/tuned /etc/chrony*
  9. yum -y install net-tools bind-utils ntp deltarpm (net-tools gets ifconfig, netstat, etc.)
  10. Disable IPv6 in /etc/ntp.conf and configure local NTP servers, then use systemctl to enable ntpd and ntpdate services
  11. May need to massage /etc/sysconfig/network-scripts/ifcfg-eth0
  12. yum -y update
  13. Disable IPv6 and set relay_host to in /etc/postfix/ and restart postfix.service. Fix root alias in /etc/aliases and run newaliases. See also Configuring outgoing email for sendmail and postfix,
  14. Reboot,
  15. Install cron job to poll for updates: 45 2 * * * yum check-update; yum list > yum.list.txt,
  16. Install additional packages: yum -y install rsync man-pages lsof strace tcpdump telnet wget bzip2
  17. Create directory /root/.ssh, copy in authorized_keys, and edit /etc/ssh/sshd_config and set to "no" to UseDNS, PasswordAuthentication and GSSAPIAuthentication. Restart sshd and check configuration using ssh -v ...,
  18. rm /root/anaconda-ks.cfg
  19. cd /var/log; rm -fr wpa_supplicant.log anaconda audit ppp tuned firewalld

To configure networking for more than DHCP:

  • /etc/resolve.conf
  • /etc/sysconfig/network
  • /etc/sysconfig/network-scripts/ifcfg-eth0