1. Installation Guide
  2. Post-Installation Configuration

4 Post-Installation Configuration

This chapter describes system configuration changes that you might make after an installation.

Registering with the Unbreakable Linux Network

When you install Oracle Linux 7 on a system, you have the option of registering the system with the Unbreakable Linux Network (ULN). To register with ULN after installation, you can use the uln_register command. Or,from the desktop menu, you can select System Tools under the Applications menu, then select the ULN Registration option.

To obtain Oracle Linux updates from ULN, you must have an Oracle Linux support subscription. For more information, see https://linux.oracle.com.

During the ULN registration, your server is automatically registered with the latest channels for the base repository and the Unbreakable Enterprise Kernel Release 5.

ULN also provides channels for Oracle-specific software packages such as Oracle's ASMlib user space package and the Oracle Instant Client. To enable access to these packages, log in to ULN and subscribe your system to the Oracle Software for Oracle Linux 7 channel.

If you have an Oracle Linux Premier Support account, you can opt to use Oracle Ksplice, which enables you to keep your systems secure and highly available by automatically updating them with the latest kernel security errata and other critical updates. If you choose to use Ksplice, you can subscribe your systems to the Ksplice for Oracle Linux channel and install the Ksplice on them. After the registration is complete, you can use the yum command to install the Ksplice Uptrack package. The Ksplice Uptrack client downloads the access key from ULN and automatically configures itself so that your system can immediately begin to use Ksplice Uptrack. For more information about Ksplice, see Oracle® Linux: Ksplice User's Guide

Obtaining Errata and Updates from the Oracle Linux Yum Server

Oracle also provides all errata and updates for Oracle Linux through the Oracle Linux yum server, which includes updates to the base distribution, but does not include Oracle-specific software. You do not require an Oracle Linux support subscription to use this service. For more information on how to obtain updates from the Oracle Linux yum server, see https://yum.oracle.com.

By default, all new installations of Oracle Linux 7 are automatically configured to use the Oracle Linux yum server. If you subsequently register the system with ULN, any configuration for using the Oracle Linux yum server is automatically disabled.

The configuration files that control access to repositories hosted on the the Oracle Linux yum server are located in /etc/yum.repos.d/.

Oracle revised how repository configuration files for the Oracle Linux yum server are distributed and updated in January 2019. Older implementations may use a consolidated configuration file available in /etc/yum.repos.d/public-yum-ol7.repo. If your system is still configured in this way, consider updating and running the /usr/bin/ol_yum_configure.sh script to complete the transition to use the modular yum configuration files managed through yum itself.

Core repositories such as ol7_latest are enabled by default at installation. These repositories allow you to install base software required to run Oracle Linux 7. They also allow you to install the packages that provide the Oracle Linux yum server repository configurations that enable repositories where other software may be available. You can get a listing of the available repository configuration packages by running: 

sudo yum list *release-el7*

See Oracle® Linux 7: Managing Software for more information.

Obtaining Packages from the Oracle Linux Installation Media

After installation, following these steps to configure yum to use the full installation ISO image as a repository for installing packages:

  1. Mount the full installation ISO image on a suitable mount point, such as /mnt: 

    sudo mount -t iso9660 -o loop full_image.iso /mnt

  2. Create the file /etc/yum.repos.d/Media.repo that contains entries similar to the following: 

    [ol7_base_media]
name=Oracle Linux 7 Base Media
baseurl=file:///mnt
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

    Adjust the value of the baseurl and gpgkey parameters to match the mount point of the ISO image on your system.

  3. Use the yum repolist command to check the repository configuration.

Applying Updates

When you have set up the ULN channels, Oracle Linux yum server repositories, or installation media repositories that yum should use, you can update all of the installed packages as follows: 

sudo yum update

This command upgrades your system to the latest available update of Oracle Linux 7.

Use the following command to install or update a specific package: 

sudo yum update package

For example, to install or update the Z-shell package (zsh), you would enter: 

sudo yum update zsh

For more information, see the yum(8) man page.

Managing an Oracle Linux 7 System

The following are some common tasks for managing an Oracle Linux 7 system after an installation:

System Locale and Keyboard Layout

Use the localectl command to change the default system locale and keyboard layout, or you can edit the settings in the /etc/locale.conf file, and then reboot the system. For more information, see the localectl(1) and locale.conf(5) man pages.

System Date and Time

Use the timedatectl command to change the system date and time. For more information, see the timedatectl(1) man page.

System Services

Use the systemctl command to enable, start and stop system services. For more information, see the systemctl(1) man page.

System Firewall

To implement a simple, general-purpose firewall, you can use the Firewall Configuration GUI (firewall-config) or the firewall-cmd command to create basic packet filtering rules. To create a more complex firewall configuration, use the iptables and ip6tables utilities to configure the rules for IPv4 and IPv6.

The following table lists some ports that you might need to open in the firewall to allow access to various services.

Service TCP Ports UDP Ports

DNS (name service)

53

53

HTTP (web service)

80

 

HTTPS (secure web service)

443

 

IPP client (network printing)

 

631

IPP server (network printing)

631

631

Kerberos (authentication)

88, 464, 749

88, 464, 749

LDAP (directory service)

389

 

LDAPS (LDAP over SSL)

636

 

SMTP (email transport)

25

 

SSH (secure shell)

22

 

NFSv2 and NFSv3

111, 662, 892, 2049, 32803

111, 662, 892, 2049, 32803

NFSv4

2049

 

NIS (administrative databases)

111, 834

111, 834

OCFS2 (cluster file system)

7777

7777

Samba

139, 445

139, 445

Note:

The ports that are used by NFSv2 and NFSv3 are determined by settings in /etc/sysconfig/nfs for LOCKD_TCPPORT, LOCKD_UDPPORT, MOUNTD_PORT, and STATD_PORT.

For detailed information on configuring firewalls, see Oracle® Linux 7: Security Guide.

System State

Use the systemctl command to change the run state of the system. For more information, see the systemectl(1) man page.

To change the default system state and switch to the multi-user graphical environment (run level 5 in previous Oracle Linux releases): 

sudo systemctl set-default graphical.target
sudo systemctl isolate graphical.target

To change the default system state and switch to the multi-user command-line environment (run level 3 in previous Oracle Linux releases): 

sudo systemctl set-default multi-user.target
sudo systemctl isolate multi-user.target

To reboot an Oracle Linux 7 system: 

sudo systemctl reboot

To shut down and power off the system: 

sudo systemctl poweroff