Setup Linux : CentOS

Initial setup after installing CentOS7.

Update packages

sudo yum -y update

Create admin user

Create unrooted user and configure its password.
useradd XXXXX
passwd XXXXX

Add permission

Execute visudo command in order to add sudo permission to the admin user.
sudo visudo
Add below configuration.


Open HTTP and HTTPS port.
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
If necesarry, close port #XXX.
firewall-cmd --permanent --remove-port=XXX/tcp
Then, reload updated configuration.
firewall-cmd --reload

Add repository

Add epel repository.
sudo yum -y install epel-release

Setup SSH

Setup SSH configuration.
vim /etc/ssh/sshd_config
Add below configuration to the file in order to restrict secure shell login for root user and enable password login on port #22.
PermitRootLogin no
PasswordAuthentication yes
Port 20
It is secure to disable password authentication. In this case a secret key file is used for login authentication instead of password.
Then, restart ssh deamon.
sudo systemctl restart sshd

Setup docker

sudo yum -y install docker
Start docker daemon.
sudo systemctl start docker
sudo systemctl enable docker
Set execution privilege to user.
sudo groupadd docker
sudo gpasswd -a $USER docker
Get latest centos dokcer image.
docker pull centos:latest
Start docker container with docker run command with privilege and attach to the comtainer.
docker run --privileged -d --name 'conainer name' centos:latest /sbin/init
docker exec -it 'container name' /bin/bash
Save docker container as a image.
docker commit 'conainer id' 'repository name':'tag'

Construct web server (apache witn PHP7.2 + imagick and memcached)

Setup epel and remi repository.
yum -y install epel-release
yum install
Pre-package installation.
Note that epel repository has to be set up before package installation.
yum install gcc* make
Install apache.
yum install httpd
Install PHP7.2 from remi repository.
yum install --enablerepo=remi-php72 php php-devel php-pear php-mbstring php-gd
Install PHP package for mysql if needed.
yum install --enablerepo=remi-php72 php-pdo php-mysqlnd
Install Imagick for PHP.
Firstly, we need to look for imagemagick package that we want to install.
yum search imagemagick --show-duplicates --enablerepo=remi
Install imagemagick.
yum install ImageMagic7- ImageMagic7-devel- --enablerepo=remi
pecl install imagick
echo '' >> /etc/php.ini
Install memchached and tokyotyrant client.
yum -y install libmemcached libmemcached-devel
pecl install memcached
echo '' >> /etc/php.ini
Install SSL package.
yum -y install mod_ssl

Generate SSL certificate signed by let's encrypt

Install certbot.
yum -y install certbot python-certbot-apache
Generate cert file. Note that apache has to be installed and HTTP port must open.
certbot certonly --webroot -w 'web root path' -d 'my domain'
Register auto certificate update with cron.
crontab -u root -encryption
Enter following configuration to run certificate update shell one time in a month.
#mi hr day mo yr commad
00 04 01 * * /home/user/
In case of disabling certificate for domain.
certbot revoke --cert-path=/etc/letsencrypt/live/'domain'/cert.pem
certbot delete --cert-name 'domain'

Set up Mysql

Install certbot.
rpm -ivh
yum -y install mysql-community-server
check initial password for root after installation.
cat /var/log/mysqld.log | grep 'password'
Start secure installation using the passwod.
If you cannot find initial password from log file, you can reset root password.
echo '[mysqld]' >> /etc/my.cnf
echo 'skip-grant-tables' >> /etc/my.cnf
mysql -u root
>>use mysql;
>>update user set authentication_string=password('xxxxx') where user='root';
>>flush privileges;
You can set default encoding to UTF8.
echo '[mysqld]' >> /etc/my.cnf
echo 'character-set-server=utf8' >> /etc/my.cnf
echo '[mysql]' >> /etc/my.cnf
echo 'default-character-set=utf8' >> /etc/my.cnf
Create database user account and setup user's authority.
mysql -u root -p
>>create user 'dbuser' identified by 'password';
>>grant all on *.* to 'dbuser'@localhost identified by 'password';
>>flush privileges
>>select user, host from mysql.user;
>>show grants for 'dbuser';


Install memcached.
yum -y install memcached
I have technical job experience in enbedded software development and server side infrastructure/application engineering. I'm interested in programming and computer security.
To write down my technical knowledge in the place where I can access from anywhere. To share my program source code. To train my writing skill.
  • LinkedIn (preparing)

  • Twitter

  • Facebook (preparing)

  • GitHub

  • StackOverFlow (preparing)