Skip to content

Instantly share code, notes, and snippets.

@myst3k

myst3k/setup oracle linux 7 for oracle wsc or oracle occas cli install.md

Last active July 30, 2019 15:37
Show Gist options
  • Save myst3k/26a263cdf84476438ffaf3f742ee51e8 to your computer and use it in GitHub Desktop.
Save myst3k/26a263cdf84476438ffaf3f742ee51e8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
setup oracle linux 7 for oracle wsc or oracle occas cli install.md

(Optional) Install deltarpm if you are more concerned with slow nework than cpu usage

yum -y install deltarpm

Disable SElinux

setenforce 0 && sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config

Disable Firewalld

systemctl disable --now firewalld

(Optional) Remove un-necessary packages

yum -y remove wpa_supplicant iprutils iwl*firmware libertas* ivtv* alsa-* btrfs-progs* aic94xx-firmware kexec-tools NetworkManager* microcode_ctl plymouth

(Optional) Remove dhcp if you are not using it

yum -y remove dhclient dhcp-*

(Optional) Enable networking if you have removed NetworkManager previously

systemctl enable --now network

Update Packages

yum -y upgrade

Install tools and rngd service

yum -y install open-vm-tools net-tools bind-utils yum-utils wireshark man rng-tools unzip chrony tree

Install specific packages for OCCAS/WSC remote X session install

yum -y install libXrender-devel libXtst-devel xauth

(Optional) Enable addons, and optional latest repos

yum-config-manager --enable ol7_addons ol7_optional_latest

(Optional) Add in epel repository

yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

(Optional) Install htop, screen, tmux, byobu, mosh and rpmconf

yum -y install htop screen tmux byobu rpmconf reptyr

(Optional) Ripgrep

yum-config-manager --add-repo=https://copr.fedorainfracloud.org/coprs/carlwgeorge/ripgrep/repo/epel-7/carlwgeorge-ripgrep-epel-7.repo
yum -y install ripgrep

(Optional) Enable chrony for ntp timesync (edit /etc/chrony.conf for your servers, remove rtcsync if on vm)

systemctl enable chronyd

(Optional) Configure and enable rngd for urandom if on vm and need faster rng entropy

sed -i "s/rngd -f/rngd -f -r \/dev\/urandom/" /usr/lib/systemd/system/rngd.service
systemctl enable rngd

(Optional) Enable X11 forwarding

sed -i "s/#X11UseLocalhost yes/X11UseLocalhost no/" /etc/ssh/sshd_config

(Optional) Disable IPv6 if you want

cat <<EOT >> /etc/sysctl.conf
## Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
EOT

(Optional) Add a new admin user to login with

useradd -m -G wheel -d /home/oracle -s /bin/bash oracle
passwd oracle
(then type in password)

(Optional) Disable Root Login to system and for SSH, and Disable DNS Lookups on ssh

sed -i "s/#PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config
sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
systemctl restart sshd
usermod -p '!' root

Disable consistent device naming (Optional - after reboot, internames names will be different, make sure to update /etc/sysconfig/network-scripts/ifcfg-* to proper new names)

grubby --args="net.ifnames=0 biosdevname=0" --update-kernel=ALL
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment