Red Hat Enterprise Linux 9 Essentials E-Book

Red Hat Enterprise Linux 9 Essentials

Red Hat Enterprise Linux 9 Essentials

ISBN-13: 978-1-951442-65-1

© 2023 Neil Smyth / Payload Media, Inc. All Rights Reserved.

This book is provided for personal use only. Unauthorized use, reproduction and/or distribution strictly prohibited. All rights reserved.

The content of this book is provided for informational purposes only. Neither the publisher nor the author offers any warranties or representation, express or implied, with regard to the accuracy of information contained in this book, nor do they accept any liability for any loss or damage arising from any errors or omissions.

This book contains trademarked terms that are used solely for editorial purposes and to the benefit of the respective trademark owner. The terms used within this book are not intended as infringement of any trademarks.

Rev: 1.0

Table of Contents

1. Introduction 1

1.1 Superuser Conventions 1

1.2 Opening a Terminal Window 2

1.3 Editing Files 3

1.4 Feedback 4

1.5 Errata 5

2. A Brief History of Red Hat Linux 7

2.1 What exactly is Linux? 7

2.2 UNIX Origins 7

2.3 Who Created Linux? 7

2.4 The Early Days of Red Hat 8

2.5 Red Hat Support 8

2.6 Open Source 9

2.7 The Fedora Project 9

2.8 CentOS Stream - The Free Alternative 9

2.9 Summary 9

3. Installing RHEL 9 on a Clean Disk Drive 11

3.1 Obtaining the RHEL 9 Installation Media 11

3.2 Writing the ISO Installation Image to a USB Drive 12

3.2.1 Linux 12

3.2.2 macOS 13

3.2.3 Windows/macOS 14

3.3 Installing Red Hat Enterprise Linux 9 15

3.4 Partitioning a Disk for RHEL 9 20

3.5 Disk Encryption 22

3.6 User Settings 23

3.7 Registering the System 23

3.8 The Physical Installation 24

3.9 Final Configuration Steps 24

3.10 Installing Updates 25

3.11 Displaying Boot Messages 26

3.12 Summary 26

4. Dual Booting RHEL 9 with Windows 29

4.1 Partition Resizing 29

4.2 Changing the Default Boot Option 31

4.3 Accessing the Windows Partition from RHEL 9 32

4.4 Summary 33

5. Allocating Windows Disk Partitions to RHEL 9 35

5.1 Unmounting the Windows Partition 35

5.2 Deleting the Windows Partitions from the Disk 35

5.3 Formatting the Unallocated Disk Partition 38

5.4 Mounting the New Partition 38

5.5 Summary 39

6. A Guided Tour of the GNOME 40 Desktop 41

6.1 Installing the GNOME Desktop 41

6.2 An Overview of the GNOME 40 Desktop 41

6.3 Activity Overview 42

6.4 Managing Windows 44

6.5 Using Workspaces 45

6.6 Calendar and Notifications 46

6.7 GNOME Desktop Settings 47

6.8 Beyond Basic Customization 48

6.9 Summary 48

7. An Overview of the Cockpit Web Interface 49

7.1 An Overview of Cockpit 49

7.2 Installing and Enabling Cockpit 50

7.3 Accessing Cockpit 50

7.4 Overview 51

7.5 Logs 52

7.6 Storage 53

7.7 Networking 54

7.8 Accounts 54

7.9 Services 54

7.10 Applications 55

7.11 Virtual Machines 55

7.12 Software Updates 56

7.13 Terminal 56

7.14 Connecting to Multiple Servers 57

7.15 Enabling Stored Metrics 58

7.16 Summary 59

8. Using the Bash Shell on RHEL 9 61

8.1 What is a Shell? 61

8.2 Gaining Access to the Shell 61

8.3 Entering Commands at the Prompt 62

8.4 Getting Information about a Command 62

8.5 Bash Command-line Editing 62

8.6 Working with the Shell History 63

8.7 Filename Shorthand 64

8.8 Filename and Path Completion 64

8.9 Input and Output Redirection 64

8.10 Working with Pipes in the Bash Shell 65

8.11 Configuring Aliases 65

8.12 Environment Variables 66

8.13 Writing Shell Scripts 67

8.14 Summary 68

9. Managing RHEL 9 Users and Groups 69

9.1 User Management from the Command-line 69

9.2 User Management with Cockpit 71

9.3 User Management using the Settings App 73

9.4 Summary 75

10. Understanding RHEL 9 Software Installation and Management 77

10.1 Repositories 77

10.2 The BaseOS Repository 78

10.3 The AppStream Repository 79

10.4 Summary 82

11. Managing RHEL 9 systemd Units 83

11.1 Understanding RHEL 9 systemd Targets 83

11.2 Understanding RHEL 9 systemd Services 83

11.3 RHEL 9 systemd Target Descriptions 83

11.4 Identifying and Configuring the Default Target 85

11.5 Understanding systemd Units and Unit Types 86

11.6 Dynamically Changing the Current Target 87

11.7 Enabling, Disabling, and Masking systemd Units 87

11.8 Working with systemd Units in Cockpit 89

11.9 Summary 90

12. RHEL 9 Network Management 91

12.1 An Introduction to NetworkManager 91

12.2 Installing and Enabling NetworkManager 92

12.3 Basic nmcli Commands 92

12.4 Working with Connection Profiles 96

12.5 Interactive Editing 98

12.6 Configuring NetworkManager Permissions 99

12.7 Summary 100

13. RHEL 9 Firewall Basics 101

13.1 Understanding Ports and Services 101

13.2 Securing Ports and Services 101

13.3 RHEL 9 Services and iptables Rules 102

13.4 Well-Known Ports and Services 103

13.5 Summary 106

14. RHEL 9 Firewall Configuration with firewalld 107

14.1 An Introduction to firewalld 107

14.1.1 Zones 107

14.1.2 Interfaces 109

14.1.3 Services 109

14.1.4 Ports 109

14.2 Checking firewalld Status 109

14.3 Configuring Firewall Rules with firewall-cmd 110

14.3.1 Identifying and Changing the Default Zone 110

14.3.2 Displaying Zone Information 110

14.3.3 Adding and Removing Zone Services 111

14.3.4 Working with Port-based Rules 112

14.3.5 Creating a New Zone 112

14.3.6 Changing Zone/Interface Assignments 112

14.3.7 Masquerading 112

14.3.8 Adding ICMP Rules 113

14.3.9 Implementing Port Forwarding 113

14.4 Managing firewalld from the Cockpit Interface 114

14.5 Managing firewalld using firewall-config 115

14.6 Summary 116

15. Configuring SSH Key-based Authentication on RHEL 9 117

15.1 An Overview of Secure Shell (SSH) 117

15.2 SSH Key-based Authentication 117

15.3 Setting Up Key-based Authentication 118

15.4 Installing and Starting the SSH Service 118

15.5 SSH Key-based Authentication from Linux and macOS Clients 118

15.6 Managing Multiple Keys 120

15.7 SSH Key-based Authentication from Windows Clients 121

15.8 SSH Key-based Authentication using PuTTY 123

15.9 Generating a Private Key with PuTTYgen 124

15.10 Summary 125

16. RHEL 9 Remote Desktop Access with VNC 127

16.1 Secure and Insecure Remote Desktop Access 127

16.2 Installing the GNOME Desktop Environment 127

16.3 Installing VNC on RHEL 9 129

16.4 Configuring the VNC Server 129

16.5 Connecting to a VNC Server 131

16.6 Establishing a Secure Remote Desktop Session 131

16.7 Establishing a Secure Tunnel on Windows using PuTTY 133

16.8 Shutting Down a Desktop Session 134

16.9 Troubleshooting a VNC Connection 134

16.10 Summary 135

17. Displaying RHEL 9 Applications Remotely (X11 Forwarding) 137

17.1 Requirements for Remotely Displaying RHEL 9 Applications 137

17.2 Displaying a RHEL 9 Application Remotely 138

17.3 Trusted X11 Forwarding 138

17.4 Compressed X11 Forwarding 138

17.5 Displaying Remote RHEL 9 Apps on Windows 138

17.6 Summary 141

18. Using NFS on RHEL 9 to Share Files with Remote Systems 143

18.1 Ensuring NFS Services are running on RHEL 9 143

18.2 Configuring the RHEL 9 Firewall to Allow NFS Traffic 144

18.3 Specifying the Folders to be Shared 144

18.4 Accessing Shared Folders 145

18.5 Mounting an NFS Filesystem on System Startup 145

18.6 Unmounting an NFS Mount Point 145

18.7 Accessing NFS Filesystems in Cockpit 146

18.8 Summary 147

19. Sharing Files between RHEL 9 and Windows Systems with Samba 149

19.1 Accessing Windows Resources from the GNOME Desktop 149

19.2 Samba and Samba Client 150

19.3 Installing Samba on RHEL 9 150

19.4 Configuring the RHEL 9 Firewall to Enable Samba 150

19.5 Configuring the smb.conf File 151

19.5.1 Configuring the [global] Section 151

19.5.2 Configuring a Shared Resource 151

19.5.3 Removing Unnecessary Shares 152

19.6 Configuring SELinux for Samba 152

19.7 Creating a Samba User 154

19.8 Testing the smb.conf File 154

19.9 Starting the Samba and NetBIOS Name Services 155

19.10 Accessing Samba Shares 156

19.11 Accessing Windows Shares from RHEL 9 158

19.12 Summary 159

20. An Overview of Virtualization Techniques 161

20.1 Guest Operating System Virtualization 161

20.2 Hypervisor Virtualization 162

20.2.1 Paravirtualization 163

20.2.2 Full Virtualization 164

20.2.3 Hardware Virtualization 164

20.3 Virtual Machine Networking 165

20.4 Summary 165

21. Installing KVM Virtualization on RHEL 9 167

21.1 An Overview of KVM 167

21.2 KVM Hardware Requirements 167

21.3 Preparing RHEL 9 for KVM Virtualization 168

21.4 Verifying the KVM Installation 168

21.5 Summary 170

22. Creating KVM Virtual Machines on RHEL 9 using Cockpit 171

22.1 Installing the Cockpit Virtual Machines Module 171

22.2 Creating a Virtual Machine in Cockpit 171

22.3 Starting the Installation 174

22.4 Working with Storage Volumes and Storage Pools 176

22.5 Summary 178

23. Creating KVM Virtual Machines on RHEL 9 using virt-manager 179

23.1 Starting the Virtual Machine Manager 179

23.2 Configuring the KVM Virtual System 180

23.3 Starting the KVM Virtual Machine 184

23.4 Summary 185

24. Creating KVM Virtual Machines with virt-install and virsh 187

24.1 Running virt-install to build a KVM Guest System 187

24.2 An Example RHEL 9 virt-install Command 187

24.3 Starting and Stopping a Virtual Machine from the Command-Line 188

24.4 Creating a Virtual Machine from a Configuration File 189

24.5 Summary 189

25. Creating a RHEL 9 KVM Networked Bridge Interface 191

25.1 Getting the Current Network Manager Settings 191

25.2 Creating a Network Manager Bridge from the Command-Line 193

25.3 Declaring the KVM Bridged Network 194

25.4 Using a Bridge Network in a Virtual Machine 195

25.5 Creating a Bridge Network using nm-connection-editor 197

25.6 Summary 200

26. Managing KVM using the virsh Command-Line Tool 201

26.1 The virsh Shell and Command-Line 201

26.2 Listing Guest System Status 202

26.3 Starting a Guest System 203

26.4 Shutting Down a Guest System 203

26.5 Suspending and Resuming a Guest System 203

26.6 Saving and Restoring Guest Systems 203

26.7 Rebooting a Guest System 204

26.8 Configuring the Memory Assigned to a Guest OS 204

26.9 Summary 204

27. An Introduction to Linux Containers 205

27.1 Linux Containers and Kernel Sharing 205

27.2 Container Uses and Advantages 206

27.3 RHEL 9 Container Tools 207

27.4 Container Catalogs, Repositories, and Registries 207

27.5 Container Networking 208

27.6 Summary 208

28. Working with Containers on RHEL 9 209

28.1 Installing the Container Tools 209

28.2 Logging in to the Red Hat Container Registry 209

28.3 Pulling a Container Image 209

28.4 Running the Image in a Container 211

28.5 Managing a Container 213

28.6 Saving a Container to an Image 213

28.7 Removing an Image from Local Storage 214

28.8 Removing Containers 214

28.9 Building a Container with Buildah 214

28.10 Building a Container from Scratch 214

28.11 Container Bridge Networking 215

28.12 Managing Containers in Cockpit 218

28.13 Summary 221

29. Setting Up a RHEL 9 Web Server 223

29.1 Requirements for Configuring a RHEL 9 Web Server 223

29.2 Installing the Apache Web Server Packages 223

29.3 Configuring the Firewall 224

29.4 Port Forwarding 224

29.5 Starting the Apache Web Server 224

29.6 Testing the Web Server 224

29.7 Configuring the Apache Web Server for Your Domain 225

29.8 The Basics of a Secure Website 226

29.9 Configuring Apache for HTTPS 227

29.10 Obtaining an SSL Certificate 227

29.11 Summary 229

30. Configuring a RHEL 9 Postfix Email Server 231

30.1 The Structure of the Email System 231

30.1.1 Mail User Agent 231

30.1.2 Mail Transfer Agent 231

30.1.3 Mail Delivery Agent 231

30.1.4 SMTP 232

30.1.5 SMTP Relay 232

30.2 Configuring a RHEL 9 Email Server 232

30.3 Postfix Pre-Installation Steps 232

30.4 Firewall/Router Configuration 233

30.5 Installing Postfix on RHEL 9 233

30.6 Configuring Postfix 233

30.7 Configuring DNS MX Records 235

30.8 Starting Postfix on a RHEL 9 System 235

30.9 Testing Postfix 235

30.10 Sending Mail via an SMTP Relay Server 236

30.11 Summary 237

31. Adding a New Disk Drive to a RHEL 9 System 239

31.1 Mounted File Systems or Logical Volumes 239

31.2 Finding the New Hard Drive 239

31.3 Creating Linux Partitions 240

31.4 Creating a File System on a RHEL 9 Disk Partition 241

31.5 An Overview of Journaled File Systems 242

31.6 Mounting a File System 242

31.7 Configuring RHEL 9 to Mount a File System Automatically 243

31.8 Adding a Disk Using Cockpit 243

31.9 Summary 245

32. Adding a New Disk to a RHEL 9 Volume Group and Logical Volume 247

32.1 An Overview of Logical Volume Management (LVM) 247

32.1.1 Volume Group (VG) 247

32.1.2 Physical Volume (PV) 247

32.1.3 Logical Volume (LV) 248

32.1.4 Physical Extent (PE) 248

32.1.5 Logical Extent (LE) 248

32.2 Getting Information about Logical Volumes 248

32.3 Adding Additional Space to a Volume Group from the Command-Line 251

32.4 Adding Additional Space to a Volume Group Using Cockpit 253

32.5 Summary 255

33. Adding and Managing RHEL 9 Swap Space 257

33.1 What is Swap Space? 257

33.2 Recommended Swap Space for RHEL 9 257

33.3 Identifying Current Swap Space Usage 257

33.4 Adding a Swap File to a RHEL 9 System 258

33.5 Adding Swap as a Partition 259

33.6 Adding Space to a RHEL 9 LVM Swap Volume 259

33.7 Adding Swap Space to the Volume Group 260

33.8 Summary 262

34. RHEL 9 System and Process Monitoring 263

34.1 Managing Processes 263

34.2 Real-time System Monitoring with top 267

34.3 Command-Line Disk and Swap Space Monitoring 268

34.4 Summary 269

Index 271

1. Introduction

Arguably one of the most highly regarded and widely used enterprise level operating systems available today is the Red Hat Enterprise Linux (typically shortened to RHEL and pronounced rell) distribution. Not only is it considered to be among the most stable and reliable operating systems, it is also backed by the considerable resources and technical skills of Red Hat, Inc. Red Hat Enterprise Linux 9 Essentials is designed to provide detailed information on the installation, use and administration of the Red Hat Enterprise Linux 9 distribution. For beginners, the book covers topics such as operating system installation, the basics of the GNOME desktop environment, configuring email and web servers and installing packages and system updates using App Streams. Additional installation topics such as dual booting with Microsoft Windows are also covered, together with all important security topics such as configuring a firewall and user and group administration.

For the experienced user, topics such as remote desktop access, the Cockpit web interface, logical volume management (LVM), disk partitioning, swap management, KVM virtualization, Secure Shell (SSH), Linux Containers and file sharing using both Samba and NFS are covered in detail to provide a thorough overview of this enterprise class operating system.

1.1 Superuser Conventions

RHEL 9, in common with Linux in general, has two types of user account, one being a standard user account with restricted access to many of the administrative files and features of the operating system, and the other a superuser (root) account with elevated privileges. Typically, a user can gain root access either by logging in as the root user, or using the su - command and entering the root password. In the following example, a user is gaining root access via the su - command:

[neil@demo-server ~]$ su -

Password:

[root@demo-server ~]#

Note that the command prompt for a regular user ends with a $ sign while the root user has a # character. When working with the command-line, this is a useful indication as to whether or not you are currently issuing commands as the root user.

If the su - command fails, the root account on the system has most likely been disabled for security reasons. In this case, the sudo command can be used instead as outlined below.

Using sudo, a single command requiring root privileges may be executed by a non-root user. Consider the following attempt to update the operating system with the latest patches and packages:

[neil@demo-server ~]$ dnf update

Not root, Subscription Management repositories not updated

Error: This command has to be run under the root user.

Optionally, user accounts may be configured so that they have access to root level privileges. Instead of using the su - command to first gain root access, user accounts with administration privileges are able to run otherwise restricted commands using sudo:

[neil@demo-server]$ sudo dnf update

We trust you have received the usual lecture from the local System

Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.

    #2) Think before you type.

    #3) With great power comes great responsibility.

[sudo] password for neil:

Updating Subscription Management repositories.

.

.

To perform multiple commands without repeatedly using the sudo command, a command prompt with persistent super-user privileges may be accessed as follows:

[neil@demo-server]$ sudo su -

[neil@demo-server]#

The reason for raising this issue so early in the book is that many of the command-line examples outlined in this book will require root privileges. Rather than repetitively preface every command-line example with directions to run the command as root, the command prompt at the start of the line will be used to indicate whether or not the command needs to be performed as root. If the command can be run as a regular user, the command will be prefixed with a $ command prompt as follows:

$ date

If, on the other hand, the command requires root privileges, the command will be preceded by a # command prompt:

# dnf install openssh

1.2 Opening a Terminal Window

If you are using the GNOME desktop and need to access a command prompt you will need to open a Terminal window. To do this, either press the keyboard Windows key or click on the Activities button in the top left-hand corner of the screen, then select the Terminal from the dash as shown in Figure 1-1:

Figure 1-1

1.3 Editing Files

Configuring a Linux system typically involves editing files. For those new to Linux it can be unclear which editor to use. If you are running a terminal session and do not already have a preferred editor we recommend using the nano editor. To launch nano in a terminal window simply enter the following command:

# nano <file>

Where <file> is replaced by the path to the file you wish to edit. For example:

# nano /etc/passwd

Once loaded, nano will appear as illustrated in Figure 1-2:

Figure 1-2

To create a new file simply run nano as follows:

# nano

When you have finished editing the file, type Ctrl-S to save the file followed by Ctrl-X to exit. To open an existing file, use the Ctrl-R keyboard shortcut.

If you prefer to use a graphical editor within the GNOME desktop environment gedit is a useful starting point for basic editing tasks. To launch gedit from the desktop press Alt-F2 to display the Enter a Command window as shown in Figure 1-3:

Figure 1-3

Enter gedit into the text field and press the Enter key. After a short delay, gedit will load ready to open, create and edit files:

Figure 1-4

Alternatively, launch gedit from a terminal window either with or without the path to the file to open:

# gedit

# gedit /etc/passwd

1.4 Feedback

We want you to be satisfied with your purchase of this book. If you find any errors in the book, or have any comments, questions or concerns please contact us at [email protected].

1.5 Errata

While we make every effort to ensure the accuracy of the content of this book, it is inevitable that a book covering a subject area of this size and complexity may include some errors and oversights. Any known issues with the book will be outlined, together with solutions, at the following URL:

https://www.ebookfrenzy.com/errata/rhel9.html

In the event that you find an error not listed in the errata, please let us know by emailing our support team at [email protected].

2. A Brief History of Red Hat Linux

Red Hat Enterprise Linux is one of a number of variants (also referred to as distributions) of the Linux operating system and is the product of a U.S. company named Red Hat, Inc., based in Raleigh, North Carolina. The company was founded in the mid-1990s through the merger of two companies owned at the time by Marc Ewing and Bob Young. The origins of Linux, however, go back even further. This chapter will outline the history of both the Linux operating system and Red Hat, Inc.

2.1 What exactly is Linux?

Linux is an operating system in much the same way that Windows is an operating system (and there any similarities between Linux and Windows end). The term operating system is used to describe the software that acts as a layer between the hardware in a computer and the applications that we all run on a daily basis. When programmers write applications, they interface with the operating system to perform such tasks as writing files to the hard disk drive and displaying information on the screen. Without an operating system, every programmer would have to write code to directly access the hardware of the system. In addition, the programmer would have to be able to support every single piece of hardware ever created to be sure the application would work on every possible hardware configuration. Because the operating system handles all of this hardware complexity, application development becomes a much easier task. Linux is just one of a number of different operating systems available today.

2.2 UNIX Origins

To understand the history of Linux, we first have to go back to AT&T Bell Laboratories in the late 1960s. During this time AT&T had discontinued involvement in developing a new operating system named Multics. However, two AT&T engineers, Ken Thompson and Dennis Ritchie, decided to take what they had learned from the Multics project and create a new operating system named UNIX which quickly gained popularity and wide adoption both with corporations and academic institutions.

A variety of proprietary UNIX implementations eventually came to market, including those created by IBM (AIX), Hewlett-Packard (HP-UX), and Sun Microsystems (SunOS and Solaris). In addition, a UNIX-like operating system named MINIX was created by Andrew S. Tanenbaum and designed for educational use with source code access provided to universities.

2.3 Who Created Linux?

The origins of Linux can be traced back to the work and philosophies of two people. At the heart of the Linux operating system is something called the kernel. This is the core set of features necessary for the operating system to function. The kernel manages the system’s resources and handles communication between the hardware and the applications. The Linux kernel was developed by Linus Torvalds, who, taking a dislike to MS-DOS and impatient for the availability of MINIX for the new Intel 80386 microprocessor, decided to write his own UNIX-like kernel. When he had finished the first version of the kernel, he released it under an open-source license that enabled anyone to download the source code and freely use and modify it without having to pay Linus any money.

Around the same time, Richard Stallman at the Free Software Foundation, a strong advocate of free and open-source software, was working on an open-source operating system of his own. Rather than focusing initially on the kernel, however, Stallman began by developing open-source versions of all the UNIX tools, utilities and compilers necessary to use and maintain an operating system. By the time he had finished developing this infrastructure, the obvious solution was to combine his work with the kernel Linus had written to create a complete operating system. This combination became known as GNU/Linux. Purists insist that Linux always be referred to as GNU/Linux (in fact, at one time, Richard Stallman refused to give press interviews to any publication which failed to refer to Linux as GNU/Linux). This is not unreasonable given that the GNU tools developed by the Free Software Foundation make up a significant and vital part of GNU/Linux. Unfortunately, most people and publications simply refer to Linux as Linux and this will probably always continue to be the case.

2.4 The Early Days of Red Hat

In 1993 Bob Young created a company named ACC Corporation which, according to Young, he ran from his “wife’s sewing closet”. The name ACC was intended to represent a catalog business but was also an abbreviation of a small business his wife ran called “Antiques and Collectibles of Connecticut”. Among the items sold through the ACC catalog business were Linux CDs and related open-source software.

Around the same time, Marc Ewing had created his own Linux distribution company which he named Red Hat Linux (after his propensity to wear a red baseball cap while at Carnegie Mellon University).

In 1995, ACC acquired Red Hat, adopted the name Red Hat, Inc. and experienced rapid and significant growth. Bob Young stepped down as CEO shortly after the company went public in August of 1999 and has since pursued a number of business and philanthropic efforts including a print-on-demand book publishing company named Lulu and ownership of two Canadian professional sports teams. In 2018, IBM acquired Red Hat, Inc. in a deal valued at $34 billion.

2.5 Red Hat Support

Early releases of Red Hat Linux were shipped to customers on floppy disks and CDs (this, of course, predated the widespread availability of broadband internet connections). When users encountered problems with the software they were only able to contact Red Hat by email. In fact, Bob Young often jokes that this was effective in limiting support requests since, by the time a customer realized they needed help, their computer was usually inoperative and therefore unavailable to be used to send an email message seeking assistance from Red Hat’s support team. In later years Red Hat provided better levels of support tied to paid subscriptions and now provides a variety of support levels ranging from “self help” (no support) up to premium support.

2.6 Open Source

Red Hat Enterprise Linux 9 is the current commercial offering from Red Hat and is primarily targeted at corporate, mission critical installations. It is also the cornerstone of an expanding ecosystem of products and services offered by Red Hat. RHEL is an open-source product in that you can download the source code free of charge and build the software yourself if you wish to do so (a task not to be undertaken lightly). If, however, you wish to download a pre-built, ready to install binary version of the software (either with or without support), you have to pay for it.

2.7 The Fedora Project

Red Hat also sponsors the Fedora Project, the goal of which is to provide access to a free Linux operating system (in both source and binary distributions) in the form of Fedora Linux. Fedora Linux also serves as a proving ground for many of the new features that are eventually adopted into the Red Hat Enterprise Linux operating system family and the CentOS derivative.

2.8 CentOS Stream - The Free Alternative

For users unable to afford a Red Hat Enterprise Linux subscription, another option is the CentOS Stream operating system. The CentOS project, initially a community-driven effort but now owned by Red Hat, takes the Red Hat Enterprise Linux source code, removes the Red Hat branding and subscription requirements, compiles it, and provides the distribution for download. Like Fedora, CentOS Stream field tests new operating system features before they are included in a future RHEL release. As such, it may lack stability but provides access to cutting-edge features.

2.9 Summary

The origins of the Linux operating system can be traced back to the work of Linus Torvalds and Richard Stallman in the form of the Linux kernel combined with the tools and compilers built by the GNU project.

Over the years, the open-source nature of Linux has resulted in the release of a wide range of different Linux distributions. One such distribution is Red Hat Enterprise Linux, created by Red Hat, Inc., a company founded by Bob Young and Mark Ewing. Red Hat specializes in providing enterprise level Linux software solutions combined with extensive technical support services.

3. Installing RHEL 9 on a Clean Disk Drive

There are now two ways in which a RHEL 9 system can be deployed. One method is to either purchase new hardware or re-purpose an existing computer system on which to install and run the operating system. Another option is to create a cloud-based operating system instance using services such as Amazon AWS, Google Cloud, or Microsoft Azure (to name but a few). Since cloud-based instances are typically created by selecting a pre-configured, ready-to-run operating system image already optimized for the cloud platform and using that as the basis for the RHEL system, there is no need to perform a manual operating system installation in this situation.

If, on the other hand, you plan to install RHEL 9 on your own hardware, the first step on the path to learning about Red Hat Enterprise Linux 9 involves installing the operating system.

RHEL can be installed either in a clean disk environment (where an entire disk is cleared of any existing partitions and dedicated entirely to RHEL) or in a dual boot environment where RHEL co-exists with another operating system on the disk (typically a member of the Microsoft Windows family of operating systems).

This chapter will cover the clean disk approach to installation from local or remote installation media. Dual boot installation with a Windows 11 system will be covered in “Dual Booting RHEL 9 with Windows”.

3.1 Obtaining the RHEL 9 Installation Media

Although RHEL is an open-source operating system, and as such, the source code is freely accessible, the binary installation images are only available as part of a paid Red Hat Enterprise Linux subscription. In addition to access to the installation images for RHEL, subscription levels are available that provide technical support for the operating system. If you already have a paid subscription, log into your Red Hat account to download the operating system. If you want to try RHEL before purchasing, Red Hat provides a 30-day trial. To register for a trial, visit the Red Hat website at the following address:

https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/try-it

Red Hat Developer program members are also provided access to RHEL 9. Details on joining this program can be found on the Red Hat Developers website at https://developers.redhat.com.

RHEL 9 is available for Intel 64-bit (x86_64) and ARM64 (AArch64) CPU architecture families. The installation media can be downloaded as a DVD or boot ISO image for each architecture. The DVD ISO image is self-contained, including all of the packages necessary to install a RHEL system, and is named using the following convention:

rhel-baseos-<version>-<architecture>-dvd.iso

For example, the RHEL 9.1 DVD image for 64-bit Intel systems is named as follows:

rhel-baseos-9.1-x86_64-dvd.iso

On the other hand, the boot ISO image only contains the files necessary to begin the installation and requires access to the full installation media located on a remote server. The boot image can also perform rescue operations on an existing RHEL system. The boot ISO is named using the following convention:

rhel-baseos-<version>-<architecture>-boot.iso

The RHEL 9.1 boot image for AArch64, for example, is named as follows:

rhel-baseos-9.1-x86_64-boot.iso

Having downloaded an image, either burn it to disk, or use the steps in the next section to write the media to a USB drive, configure your virtualization environment to treat it as a DVD drive or use the steps outlined later in this chapter to access the installation image over a network connection.

3.2 Writing the ISO Installation Image to a USB Drive

These days it is more likely that an operating system installation will be performed from a USB drive than from a DVD. Having downloaded the ISO installation image for RHEL 9, the steps to write that image to a USB drive will differ depending on whether the drive is attached to a Linux, macOS, or Windows system. The steps outlined in the remainder of this section assume that the USB drive is new or has been reformatted to remove any existing data or partitions:

3.2.1 Linux

The first step in writing an ISO image to a USB drive on Linux is identifying the device name. Before inserting the USB drive, identify the storage devices already detected on the system by listing the devices in /dev as follows:

# ls /dev/sd*

/dev/sda /dev/sda1 /dev/sda2

Attach the USB drive to the Linux system and run the dmesg command to get a list of recent system messages, one of which will be a report that the USB drive was detected and will be similar to the following:

[ 406.241717] sd 6:0:0:0: [sdb] Attached SCSI removable disk

This output tells us that we should expect the device name to include “sdb” which we can confirm by listing device names in /dev again:

# ls /dev/sd*

/dev/sda /dev/sda1 /dev/sda2 /dev/sdb

This output shows that the USB drive has been assigned to /dev/sdb. The next step before writing the ISO image to the device is to run the findmnt command to make sure it has not been auto-mounted:

# findmnt /dev/sdb

TARGET SOURCE FSTYPE OPTIONS

/run/media/neil/d6bf9574-7e31-4f54-88b1 /dev/sdb ext3 rw,nosuid,no

If the findmnt command indicates that the USB drive has been mounted, unmount it before continuing:

# umount /run/media/neil/d6bf9574-7e31-4f54-88b1

Once the filesystem has been unmounted, use the dd command as follows to write the ISO image to the drive:

# dd if=/path/to/iso/<image name>.iso of=/dev/sdb bs=512k

The writing process can take some time (as long as 10 - 15 minutes) depending on the image size and speed of the system on which it is running. Once the image has been written, output similar to the following will appear, and the USB drive will be ready to be used to install RHEL 9:

5956+0 records in

5956+0 records out

3122659328 bytes (3.1 GB, 2.9 GiB) copied, 426.234 s, 7.3 MB/s

3.2.2 macOS

The first step in writing an ISO image to a USB drive attached to a macOS system is to identify the device using the diskutil tool. Before attaching the USB device, open a Terminal window and run the following command:

$ diskutil list

/dev/disk0 (internal, physical):

   #: TYPE NAME SIZE IDENTIFIER

   0: GUID_partition_scheme *1.0 TB disk0

   1: EFI EFI 209.7 MB disk0s1

   2: Apple_APFS Container disk2 1000.0 GB disk0s2

/dev/disk1 (internal):

   #: TYPE NAME SIZE IDENTIFIER

   0: GUID_partition_scheme 28.0 GB disk1

   1: EFI EFI 314.6 MB disk1s1

   2: Apple_APFS Container disk2 27.7 GB disk1s2

/dev/disk2 (synthesized):

   #: TYPE NAME SIZE IDENTIFIER

   0: APFS Container Scheme - +1.0 TB disk2

                                 Physical Stores disk1s2, disk0s2

   1: APFS Volume Macintosh HD 473.6 GB disk2s1

   2: APFS Volume Preboot 42.1 MB disk2s2

   3: APFS Volume Recovery 517.0 MB disk2s3

   4: APFS Volume VM 1.1 GB disk2s4

Having established a baseline of detected devices, insert the USB drive into a port on the macOS system and rerun the command. The same results should appear with one additional entry for the USB drive resembling the following:

/dev/disk3 (external, physical):

   #: TYPE NAME SIZE IDENTIFIER

   0: *16.0 GB disk3

In the above example, the USB drive has been assigned to /dev/disk3. Before proceeding, unmount the disk as follows:

$ diskutil unmountDisk /dev/disk3

Unmount of all volumes on disk3 was successful

Finally, use the dd command to write the ISO image to the device, taking care to reference the raw disk device (/dev/rdisk3) and entering your user password when prompted:

$ sudo dd if=/path/to/iso/image.iso of=/dev/rdisk3 bs=1m

Once the image has been written, the USB drive is ready.

3.2.3 Windows/macOS

Several free tools are available for Windows and macOS that will write an ISO image to a USB drive, but one written specifically for writing Linux ISO images is the Fedora Media Writer tool which can be downloaded from the following URL:

https://getfedora.org/en/workstation/download/

Once installed, insert the destination USB drive, launch the writer tool, and choose the Select .iso file option as highlighted in Figure 3-1:

Figure 3-1

Click Next to proceed to the Write Options screen and select the USB Drive before clicking on the Select... button:

Figure 3-2

In the resulting file selection dialog, navigate to and select the RHEL 9 installation ISO image and click the Open button. Finally, click the Write button to start writing the image to the USB drive:

Figure 3-3

Once the image has been written to the device, the device is ready to perform the installation.

3.3 Installing Red Hat Enterprise Linux 9

Insert the RHEL 9 installation media into the appropriate drive and power on the system. If the system tries to boot from the hard disk drive, you will need to enter the BIOS set up for your computer and change the boot order so that it boots from the installation media drive first. Once the system has booted, you will be presented with the following screen:

Figure 3-4

Use the arrow keys to navigate between the options and make a selection with the <Enter> key. For example, if the Troubleshooting option is selected, the screen shown in Figure 3-5 will appear, including options to boot from the current operating system on the local drive (if one is installed), test the system memory, or rescue an installed RHEL 9 system. An option is also available to perform the installation in basic graphics mode for systems without a graphical console:

Figure 3-5

If you install the ARM64 image, the options to boot from the local drive and run a memory test may not be available on the troubleshooting screen.

Select the option on the main screen to install Red Hat Enterprise Linux and, after a short delay, the first screen of the graphical installer will appear:

Figure 3-6

Select your preferred language on the first screen before clicking Continue to proceed to the main installation screen as shown in Figure 3-7:

Figure 3-7

Begin by selecting the Network & Host Name option, enable a network device on your system, and enter a hostname before clicking the Apply button:

Figure 3-8

If your network connection requires additional settings, click on the Configure... button to access the advanced network settings screen illustrated in Figure 3-9:

Figure 3-9

Once the hostname has been defined, and a network connection enabled, click Done to return to the main screen.

If you wish to change the keyboard, language, or time and date settings, select the corresponding option from the Localization column of the main screen. On the Time & Date screen, make a selection corresponding to your geographical location. The choice is also provided to use Network Time which automatically synchronizes the system with external Network Time Protocol servers.

Changes to the Installation Source settings should not be necessary since the installation is performed from local media. To complete the installation from media located on a remote server, select Installation Source, enable the On the network option, and then specify the location of the installation media and the type of URL being used. The installation media can, for example, be an ISO image installed either on a remote web server or on a system on the local network using NFS (the topic of NFS file sharing is covered in detail in the chapter entitled “Using NFS on RHEL 9 to Share Files with Remote Systems”), or the URL of a remote repository (repositories are essentially online collections of the software, packages, and applications that make up the operating system from which installations onto the local system can be performed).

By default, the installer will perform a Server with GUI installation of RHEL 9. This will consist of the minimum packages necessary to run the operating system and the graphical desktop environment. To select a different installation configuration, choose the Software Selection option to display the screen shown below:

Figure 3-10

Use the left-hand panel to select a basic configuration and the right-hand panel to add any additional packages you know you will need after the system starts up. If the desktop environment is not required and you are unsure which packages to install on the system, use the Minimal install option and install additional packages as needed once the system has booted. This avoids installing any packages that may never be required.

The Security Policy option allows additional security packages to be installed on the system that allow security restrictions that comply with the Security Content Automation Protocol (SCAP) standards to be imposed on the system. While selecting a profile from the list installs the necessary packages, the policy restrictions are not enforced until they are enabled on the running system. Unless you work for a government entity or company that mandates this level of security, selecting a policy on this screen is optional.

The Kdump feature, when enabled, writes out the state of the operating system kernel in the event of a system crash. This dump file can help identify the cause of a crash but takes up system memory when enabled. Unless memory is limited on your system, this can be left in the enabled state.

Having configured the basic settings, the next step is to decide how the hard disk drive will be partitioned to accommodate the operating system.

3.4 Partitioning a Disk for RHEL 9

When the Installation Destination option is selected, the installer will present a screen similar to the one illustrated in Figure 3-11 below:

Figure 3-11

By default, the installer is configured to automatically install the operating system using the available space on the currently selected disk drive and to configure standard partition sizes. If the disk previously contained another operating system, these existing partitions will not be deleted, potentially leaving unused space on the drive after RHEL 9 has been installed. To remove any existing partitions so that they can be reclaimed and used by RHEL 9, enable the I would like to make additional space available option and click on the Done button to display the dialog shown in Figure 3-12:

Figure 3-12

To reclaim space, select a partition that is no longer needed and mark it for removal by clicking the Delete button. Once all the partitions to be removed have been selected, click on the Reclaim Space button to perform the deletion. The reclaimed space will now be used automatically by the RHEL 9 installer.

To manually configure the layout of the disk in terms of how the available space will be allocated, change the Storage Allocation setting from Automatic to Custom and click Done to display the Manual Partitioning screen (Figure 3-13):

Figure 3-13

The manual partitioning screen allows configuring the disk using Logical Volume Management (LVM) or standard partitioning. LVM is the recommended option because it provides flexibility in terms of managing partition sizes once the system is up and running (LVM is covered in detail in the chapter entitled “Adding a New Disk to a RHEL 9 Volume Group and Logical Volume”).

Once a partitioning scheme has been selected, the last step is to decide on the sizes of the partitions and the corresponding filesystem mount points. In general, the default configuration provided by the Click here to create them automatically option will meet most system needs. However, to manually create partitions and allocate mount points, click the + button to declare and assign each partition manually.

Another option is to select automatic partition creation and then use the resulting screen to change the partition configuration as needed manually. Figure 3-14, for example, shows the partition configuration defined by selecting the automatic creation option and allows the settings for each partition to be modified before any changes are made to the disk:

Figure 3-14

Once the disk has been configured, click on Done, review the summary of the changes to be made to the disk (Figure 3-15), followed by the Accept Changes button:

Figure 3-15

3.5 Disk Encryption

RHEL 9 also allows the disk’s contents to be protected by encryption. This will require a passphrase to be entered each time the system boots. To enable encryption, select the Encrypt my data option on the main Installation Destination screen and, after clicking the Done button, enter the passphrase in the dialog shown in Figure 3-16:

Figure 3-16

3.6