Search

Chapter 10. Customizing the system in the installer

download PDF

During the customization phase of the installation, you must perform certain configuration tasks to enable the installation of Red Hat Enterprise Linux. These tasks include:

  • Configuring the storage and assign mount points.
  • Selecting a base environment with software to be installed.
  • Setting a password for the root user or create a local user.

Optionally, you can further customize the system, for example, by configuring system settings and connecting the host to a network.

10.1. Configuring the storage devices

You can install Red Hat Enterprise Linux on a large variety of storage devices. You can configure basic, locally accessible, storage devices in the Installation Destination window. Basic storage devices directly connected to the local system, such as disks and solid-state drives, are displayed in the Local Standard Disks section of the window. On 64-bit IBM Z, this section contains activated Direct Access Storage Devices (DASDs).

Warning

A known issue prevents DASDs configured as HyperPAV aliases from being automatically attached to the system after the installation is complete. These storage devices are available during the installation, but are not immediately accessible after you finish installing and reboot. To attach HyperPAV alias devices, add them manually to the /etc/dasd.conf configuration file of the system.

10.1.1. Configuring installation destination

You can use the Installation Destination window to configure the storage options, for example, the disks that you want to use as the installation target for your Red Hat Enterprise Linux installation. You must select at least one disk.

Prerequisites

  • The Installation Summary window is open.
  • Ensure to back up your data if you plan to use a disk that already contains data. For example, if you want to shrink an existing Microsoft Windows partition and install Red Hat Enterprise Linux as a second system, or if you are upgrading a previous release of Red Hat Enterprise Linux. Manipulating partitions always carries a risk. For example, if the process is interrupted or fails for any reason data on the disk can be lost.

Procedure

  1. From the Installation Summary window, click Installation Destination. Perform the following operations in the Installation Destination window opens:

    1. From the Local Standard Disks section, select the storage device that you require; a white check mark indicates your selection. Disks without a white check mark are not used during the installation process; they are ignored if you choose automatic partitioning, and they are not available in manual partitioning.

      The Local Standard Disks shows all locally available storage devices, for example, SATA, IDE and SCSI disks, USB flash and external disks. Any storage devices connected after the installation program has started are not detected. If you use a removable drive to install Red Hat Enterprise Linux, your system is unusable if you remove the device.

    2. Optional: Click the Refresh link in the lower right-hand side of the window if you want to configure additional local storage devices to connect new disks. The Rescan Disks dialog box opens.

      1. Click Rescan Disks and wait until the scanning process completes.

        All storage changes that you make during the installation are lost when you click Rescan Disks.

      2. Click OK to return to the Installation Destination window. All detected disks including any new ones are displayed under the Local Standard Disks section.
  2. Optional: Click Add a disk…​ to add a specialized storage device.

    The Storage Device Selection window opens and lists all storage devices that the installation program has access to.

  3. Optional: Under Storage Configuration, select the Automatic radio button for automatic partitioning.

    You can also configure custom partitioning. For more details, see Configuring manual partitioning.

  4. Optional: Select I would like to make additional space available to reclaim space from an existing partitioning layout. For example, if a disk you want to use already has a different operating system and you want to make this system’s partitions smaller to allow more room for Red Hat Enterprise Linux.
  5. Optional: Select Encrypt my data to encrypt all partitions except the ones needed to boot the system (such as /boot) using Linux Unified Key Setup (LUKS). Encrypting your disk to add an extra layer of security.

    1. Click Done. The Disk Encryption Passphrase dialog box opens.

      1. Type your passphrase in the Passphrase and Confirm fields.
      2. Click Save Passphrase to complete disk encryption.

        Warning

        If you lose the LUKS passphrase, any encrypted partitions and their data is completely inaccessible. There is no way to recover a lost passphrase. However, if you perform a Kickstart installation, you can save encryption passphrases and create backup encryption passphrases during the installation. For more information, see the Automatically installing RHEL document.

  6. Optional: Click the Full disk summary and bootloader link in the lower left-hand side of the window to select which storage device contains the boot loader. For more information, see Configuring boot loader.

    In most cases it is sufficient to leave the boot loader in the default location. Some configurations, for example, systems that require chain loading from another boot loader require the boot drive to be specified manually.

  7. Click Done.
  8. Optional: The Reclaim Disk Space dialog box appears if you selected automatic partitioning and the I would like to make additional space available option, or if there is not enough free space on the selected disks to install Red Hat Enterprise Linux. It lists all configured disk devices and all partitions on those devices. The dialog box displays information about the minimal disk space the system needs for an installation with the currently selected package set and how much space you have reclaimed. To start the reclaiming process:

    1. Review the displayed list of available storage devices. The Reclaimable Space column shows how much space can be reclaimed from each entry.
    2. Select a disk or partition to reclaim space.
    3. Use the Shrink button to use free space on a partition while preserving the existing data.
    4. Use the Delete button to delete that partition or all partitions on a selected disk including existing data.
    5. Use the Delete all button to delete all existing partitions on all disks including existing data and make this space available to install Red Hat Enterprise Linux.
    6. Click Reclaim space to apply the changes and return to graphical installations.

      No disk changes are made until you click Begin Installation on the Installation Summary window. The Reclaim Space dialog only marks partitions for resizing or deletion; no action is performed.

10.1.2. Special cases during installation destination configuration

Following are some special cases to consider when you are configuring installation destinations:

  • Some BIOS types do not support booting from a RAID card. In these instances, the /boot partition must be created on a partition outside of the RAID array, such as on a separate disk. It is necessary to use an internal disk for partition creation with problematic RAID cards. A /boot partition is also necessary for software RAID setups. If you choose to partition your system automatically, you should manually edit your /boot partition.
  • To configure the Red Hat Enterprise Linux boot loader to chain load from a different boot loader, you must specify the boot drive manually by clicking the Full disk summary and bootloader link from the Installation Destination window.
  • When you install Red Hat Enterprise Linux on a system with both multipath and non-multipath storage devices, the automatic partitioning layout in the installation program creates volume groups that contain a mix of multipath and non-multipath devices. This defeats the purpose of multipath storage. Select either multipath or non-multipath devices on the Installation Destination window. Alternatively, proceed to manual partitioning.

10.1.3. Configuring boot loader

Red Hat Enterprise Linux uses GRand Unified Bootloader version 2 (GRUB2) as the boot loader for AMD64 and Intel 64, IBM Power Systems, and ARM. For 64-bit IBM Z, the zipl boot loader is used.

The boot loader is the first program that runs when the system starts and is responsible for loading and transferring control to an operating system. GRUB2 can boot any compatible operating system (including Microsoft Windows) and can also use chain loading to transfer control to other boot loaders for unsupported operating systems.

Warning

Installing GRUB2 may overwrite your existing boot loader.

If an operating system is already installed, the Red Hat Enterprise Linux installation program attempts to automatically detect and configure the boot loader to start the other operating system. If the boot loader is not detected, you can manually configure any additional operating systems after you finish the installation.

If you are installing a Red Hat Enterprise Linux system with more than one disk, you might want to manually specify the disk where you want to install the boot loader.

Procedure

  1. From the Installation Destination window, click the Full disk summary and bootloader link. The Selected Disks dialog box opens.

    The boot loader is installed on the device of your choice, or on a UEFI system; the EFI system partition is created on the target device during guided partitioning.

  2. To change the boot device, select a device from the list and click Set as Boot Device. You can set only one device as the boot device.
  3. To disable a new boot loader installation, select the device currently marked for boot and click Do not install boot loader. This ensures GRUB2 is not installed on any device.
Warning

If you choose not to install a boot loader, you cannot boot the system directly and you must use another boot method, such as a standalone commercial boot loader application. Use this option only if you have another way to boot your system.

The boot loader may also require a special partition to be created, depending on if your system uses BIOS or UEFI firmware, or if the boot drive has a GUID Partition Table (GPT) or a Master Boot Record (MBR, also known as msdos) label. If you use automatic partitioning, the installation program creates the partition.

10.1.4. Storage device selection

The storage device selection window lists all storage devices that the installation program can access. Depending on your system and available hardware, some tabs might not be displayed. The devices are grouped under the following tabs:

Multipath Devices
Storage devices accessible through more than one path, such as through multiple SCSI controllers or Fiber Channel ports on the same system. The installation program only detects multipath storage devices with serial numbers that are 16 or 32 characters long.
Other SAN Devices
Devices available on a Storage Area Network (SAN).
Firmware RAID
Storage devices attached to a firmware RAID controller.
NVDIMM Devices
Under specific circumstances, Red Hat Enterprise Linux 8 can boot and run from (NVDIMM) devices in sector mode on the Intel 64 and AMD64 architectures.
System z Devices
Storage devices, or Logical Units (LUNs), attached through the zSeries Linux FCP (Fiber Channel Protocol) driver.

10.1.5. Filtering storage devices

In the storage device selection window you can filter storage devices either by their World Wide Identifier (WWID) or by the port, target, or logical unit number (LUN).

Prerequisite

  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click the Search by tab to search by port, target, LUN, or WWID.

    Searching by WWID or LUN requires additional values in the corresponding input text fields.

  4. Select the option that you require from the Search drop-down menu.
  5. Click Find to start the search. Each device is presented on a separate row with a corresponding check box.
  6. Select the check box to enable the device that you require during the installation process.

    Later in the installation process you can choose to install Red Hat Enterprise Linux on any of the selected devices, and you can choose to mount any of the other selected devices as part of the installed system automatically. Selected devices are not automatically erased by the installation process and selecting a device does not put the data stored on the device at risk.

    Note

    You can add devices to the system after installation by modifying the /etc/fstab file.

  7. Click Done to return to the Installation Destination window.

Any storage devices that you do not select are hidden from the installation program entirely. To chain load the boot loader from a different boot loader, select all the devices present.

10.1.6. Using advanced storage options

To use an advanced storage device, you can configure an iSCSI (SCSI over TCP/IP) target or FCoE (Fibre Channel over Ethernet) SAN (Storage Area Network).

To use iSCSI storage devices for the installation, the installation program must be able to discover them as iSCSI targets and be able to create an iSCSI session to access them. Each of these steps might require a user name and password for Challenge Handshake Authentication Protocol (CHAP) authentication. Additionally, you can configure an iSCSI target to authenticate the iSCSI initiator on the system to which the target is attached (reverse CHAP), both for discovery and for the session. Used together, CHAP and reverse CHAP are called mutual CHAP or two-way CHAP. Mutual CHAP provides the greatest level of security for iSCSI connections, particularly if the user name and password are different for CHAP authentication and reverse CHAP authentication.

Repeat the iSCSI discovery and iSCSI login steps to add all required iSCSI storage. You cannot change the name of the iSCSI initiator after you attempt discovery for the first time. To change the iSCSI initiator name, you must restart the installation.

10.1.6.1. Discovering and starting an iSCSI session

The Red Hat Enterprise Linux installer can discover and log in to iSCSI disks in two ways:

iSCSI Boot Firmware Table (iBFT)
When the installer starts, it checks if the BIOS or add-on boot ROMs of the system support iBFT. It is a BIOS extension for systems that can boot from iSCSI. If the BIOS supports iBFT, the installer reads the iSCSI target information for the configured boot disk from the BIOS and logs in to this target, making it available as an installation target. To automatically connect to an iSCSI target, activate a network device for accessing the target. To do so, use ip=ibft boot option. For more information, see Network boot options.
Discover and add iSCSI targets manually
You can discover and start an iSCSI session to identify available iSCSI targets (network storage devices) in the installer’s graphical user interface.

Prerequisites

  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…​. The storage devices selection window opens.
  3. Click Add iSCSI target…​. The Add iSCSI Storage Target window opens.

    Important

    You cannot place the /boot partition on iSCSI targets that you have manually added using this method - an iSCSI target containing a /boot partition must be configured for use with iBFT. However, in instances where the installed system is expected to boot from iSCSI with iBFT configuration provided by a method other than firmware iBFT, for example using iPXE, you can remove the /boot partition restriction using the inst.nonibftiscsiboot installer boot option.

  4. Enter the IP address of the iSCSI target in the Target IP Address field.
  5. Type a name in the iSCSI Initiator Name field for the iSCSI initiator in iSCSI qualified name (IQN) format. A valid IQN entry contains the following information:

    • The string iqn. (note the period).
    • A date code that specifies the year and month in which your organization’s Internet domain or subdomain name was registered, represented as four digits for the year, a dash, and two digits for the month, followed by a period. For example, represent September 2010 as 2010-09.
    • Your organization’s Internet domain or subdomain name, presented in reverse order with the top-level domain first. For example, represent the subdomain storage.example.com as com.example.storage.
    • A colon followed by a string that uniquely identifies this particular iSCSI initiator within your domain or subdomain. For example, :diskarrays-sn-a8675309.

      A complete IQN is as follows: iqn.2010-09.storage.example.com:diskarrays-sn-a8675309. The installation program prepopulates the iSCSI Initiator Name field with a name in this format to help you with the structure. For more information about IQNs, see 3.2.6. iSCSI Names in RFC 3720 - Internet Small Computer Systems Interface (iSCSI) available from tools.ietf.org and 1. iSCSI Names and Addresses in RFC 3721 - Internet Small Computer Systems Interface (iSCSI) Naming and Discovery available from tools.ietf.org.

  6. Select the Discovery Authentication Type drop-down menu to specify the type of authentication to use for iSCSI discovery. The following options are available:

    • No credentials
    • CHAP pair
    • CHAP pair and a reverse pair
  7. Do one of the following:

    1. If you selected CHAP pair as the authentication type, enter the user name and password for the iSCSI target in the CHAP Username and CHAP Password fields.
    2. If you selected CHAP pair and a reverse pair as the authentication type, enter the user name and password for the iSCSI target in the CHAP Username and CHAP Password field, and the user name and password for the iSCSI initiator in the Reverse CHAP Username and Reverse CHAP Password fields.
  8. Optional: Select the Bind targets to network interfaces check box.
  9. Click Start Discovery.

    The installation program attempts to discover an iSCSI target based on the information provided. If discovery succeeds, the Add iSCSI Storage Target window displays a list of all iSCSI nodes discovered on the target.

  10. Select the check boxes for the node that you want to use for installation.

    The Node login authentication type menu contains the same options as the Discovery Authentication Type menu. However, if you need credentials for discovery authentication, use the same credentials to log in to a discovered node.

  11. Click the additional Use the credentials from discovery drop-down menu. When you provide the proper credentials, the Log In button becomes available.
  12. Click Log In to initiate an iSCSI session.

While the installer uses iscsiadm to find and log into iSCSI targets, iscsiadm automatically stores any information about these targets in the iscsiadm iSCSI database. The installer then copies this database to the installed system and marks any iSCSI targets that are not used for root partition, so that the system automatically logs in to them when it starts. If the root partition is placed on an iSCSI target, initrd logs into this target and the installer does not include this target in start up scripts to avoid multiple attempts to log into the same target.

10.1.6.2. Configuring FCoE parameters

You can discover the FCoE (Fibre Channel over Ethernet) devices from the Installation Destination window by configuring the FCoE parameters accordingly.

Prerequisite

  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click Add FCoE SAN…​. A dialog box opens for you to configure network interfaces for discovering FCoE storage devices.
  4. Select a network interface that is connected to an FCoE switch in the NIC drop-down menu.
  5. Click Add FCoE disk(s) to scan the network for SAN devices.
  6. Select the required check boxes:

    • Use DCB:Data Center Bridging (DCB) is a set of enhancements to the Ethernet protocols designed to increase the efficiency of Ethernet connections in storage networks and clusters. Select the check box to enable or disable the installation program’s awareness of DCB. Enable this option only for network interfaces that require a host-based DCBX client. For configurations on interfaces that use a hardware DCBX client, disable the check box.
    • Use auto vlan:Auto VLAN is enabled by default and indicates whether VLAN discovery should be performed. If this check box is enabled, then the FIP (FCoE Initiation Protocol) VLAN discovery protocol runs on the Ethernet interface when the link configuration has been validated. If they are not already configured, network interfaces for any discovered FCoE VLANs are automatically created and FCoE instances are created on the VLAN interfaces.
  7. Discovered FCoE devices are displayed under the Other SAN Devices tab in the Installation Destination window.

10.1.6.3. Configuring DASD storage devices

You can discover and configure the DASD storage devices from the Installation Destination window.

Prerequisite

  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click Add DASD. The Add DASD Storage Target dialog box opens and prompts you to specify a device number, such as 0.0.0204, and attach additional DASDs that were not detected when the installation started.
  4. Type the device number of the DASD that you want to attach in the Device number field.
  5. Click Start Discovery.

    If a DASD with the specified device number is found and if it is not already attached, the dialog box closes and the newly-discovered drives appear in the list of drives. You can then select the check boxes for the required devices and click Done. The new DASDs are available for selection, marked as DASD device 0.0.xxxx in the Local Standard Disks section of the Installation Destination window.

If you entered an invalid device number, or if the DASD with the specified device number is already attached to the system, an error message appears in the dialog box, explaining the error and prompting you to try again with a different device number.

10.1.6.4. Configuring FCP devices

FCP devices enable 64-bit IBM Z to use SCSI devices rather than, or in addition to, Direct Access Storage Device (DASD) devices. FCP devices provide a switched fabric topology that enables 64-bit IBM Z systems to use SCSI LUNs as disk devices in addition to traditional DASD devices.

Prerequisites

  • The Installation Summary window is open.
  • For an FCP-only installation, you have removed the DASD= option from the CMS configuration file or the rd.dasd= option from the parameter file to indicate that no DASD is present.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click Add ZFCP LUN. The Add zFCP Storage Target dialog box opens allowing you to add a FCP (Fibre Channel Protocol) storage device.

    64-bit IBM Z requires that you enter any FCP device manually so that the installation program can activate FCP LUNs. You can enter FCP devices either in the graphical installation, or as a unique parameter entry in the parameter or CMS configuration file. The values that you enter must be unique to each site that you configure.

  4. Type the 4 digit hexadecimal device number in the Device number field.
  5. When installing RHEL-8.6 or older releases or if the zFCP device is not configured in NPIV mode, or when auto LUN scanning is disabled by the zfcp.allow_lun_scan=0 kernel module parameter, provide the following values:

    1. Type the 16 digit hexadecimal World Wide Port Number (WWPN) in the WWPN field.
    2. Type the 16 digit hexadecimal FCP LUN identifier in the LUN field.
  6. Click Start Discovery to connect to the FCP device.

The newly-added devices are displayed in the System z Devices tab of the Installation Destination window.

Use only lower-case letters in hex values. If you enter an incorrect value and click Start Discovery, the installation program displays a warning. You can edit the configuration information and retry the discovery attempt. For more information about these values, consult the hardware documentation and check with your system administrator.

10.1.7. Installing to an NVDIMM device

Non-Volatile Dual In-line Memory Module (NVDIMM) devices combine the performance of RAM with disk-like data persistence when no power is supplied. Under specific circumstances, Red Hat Enterprise Linux 8 can boot and run from NVDIMM devices.

10.1.7.1. Criteria for using an NVDIMM device as an installation target

You can install Red Hat Enterprise Linux 8 to Non-Volatile Dual In-line Memory Module (NVDIMM) devices in sector mode on the Intel 64 and AMD64 architectures, supported by the nd_pmem driver.

Conditions for using an NVDIMM device as storage

To use an NVDIMM device as storage, the following conditions must be satisfied:

  • The architecture of the system is Intel 64 or AMD64.
  • The NVDIMM device is configured to sector mode. The installation program can reconfigure NVDIMM devices to this mode.
  • The NVDIMM device must be supported by the nd_pmem driver.

Conditions for booting from an NVDIMM Device

Booting from an NVDIMM device is possible under the following conditions:

  • All conditions for using the NVDIMM device as storage are satisfied.
  • The system uses UEFI.
  • The NVDIMM device must be supported by firmware available on the system, or by an UEFI driver. The UEFI driver may be loaded from an option ROM of the device itself.
  • The NVDIMM device must be made available under a namespace.

Utilize the high performance of NVDIMM devices during booting, place the /boot and /boot/efi directories on the device. The Execute-in-place (XIP) feature of NVDIMM devices is not supported during booting and the kernel is loaded into conventional memory.

10.1.7.2. Configuring an NVDIMM device using the graphical installation mode

A Non-Volatile Dual In-line Memory Module (NVDIMM) device must be properly configured for use by Red Hat Enterprise Linux 8 using the graphical installation.

Warning

Reconfiguration of a NVDIMM device process destroys any data stored on the device.

Prerequisites

  • A NVDIMM device is present on the system and satisfies all the other conditions for usage as an installation target.
  • The installation has booted and the Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…​. The storage devices selection window opens.
  3. Click the NVDIMM Devices tab.
  4. To reconfigure a device, select it from the list.

    If a device is not listed, it is not in sector mode.

  5. Click Reconfigure NVDIMM…​. A reconfiguration dialog opens.
  6. Enter the sector size that you require and click Start Reconfiguration.

    The supported sector sizes are 512 and 4096 bytes.

  7. When reconfiguration completes click OK.
  8. Select the device check box.
  9. Click Done to return to the Installation Destination window.

    The NVDIMM device that you reconfigured is displayed in the Specialized & Network Disks section.

  10. Click Done to return to the Installation Summary window.

The NVDIMM device is now available for you to select as an installation target. Additionally, if the device meets the requirements for booting, you can set the device as a boot device.

10.2. Configuring the root user and creating local accounts

10.2.1. Configuring a root password

You must configure a root password to finish the installation process and to log in to the administrator (also known as superuser or root) account that is used for system administration tasks. These tasks include installing and updating software packages and changing system-wide configuration such as network and firewall settings, storage options, and adding or modifying users, groups and file permissions.

To gain root privileges to the installed systems, you can either use a root account or create a user account with administrative privileges (member of the wheel group). The root account is always created during the installation. Switch to the administrator account only when you need to perform a task that requires administrator access.

Warning

The root account has complete control over the system. If unauthorized personnel gain access to the account, they can access or delete users' personal files.

Procedure

  1. From the Installation Summary window, select User Settings > Root Password. The Root Password window opens.
  2. Type your password in the Root Password field.

    The requirements for creating a strong root password are:

    • Must be at least eight characters long
    • May contain numbers, letters (upper and lower case) and symbols
    • Is case-sensitive
  3. Type the same password in the Confirm field.
  4. Click Done to confirm your root password and return to the Installation Summary window.

    If you proceeded with a weak password, you must click Done twice.

10.2.2. Creating a user account

Create a user account to finish the installation. If you do not create a user account, you must log in to the system as root directly, which is not recommended.

Procedure

  1. On the Installation Summary window, select User Settings > User Creation. The Create User window opens.
  2. Type the user account name in to the Full name field, for example: John Smith.
  3. Type the username in to the User name field, for example: jsmith.

    The User name is used to log in from a command line; if you install a graphical environment, then your graphical login manager uses the Full name.

  4. Select the Make this user administrator check box if the user requires administrative rights (the installation program adds the user to the wheel group ).

    An administrator user can use the sudo command to perform tasks that are only available to root using the user password, instead of the root password. This may be more convenient, but it can also cause a security risk.

  5. Select the Require a password to use this account check box.

    If you give administrator privileges to a user, ensure the account is password protected. Never give a user administrator privileges without assigning a password to the account.

  6. Type a password into the Password field.
  7. Type the same password into the Confirm password field.
  8. Click Done to apply the changes and return to the Installation Summary window.

10.2.3. Editing advanced user settings

This procedure describes how to edit the default settings for the user account in the Advanced User Configuration dialog box.

Procedure

  1. On the Create User window, click Advanced.
  2. Edit the details in the Home directory field, if required. The field is populated by default with /home/username .
  3. In the User and Groups IDs section you can:

    1. Select the Specify a user ID manually check box and use + or - to enter the required value.

      The default value is 1000. User IDs (UIDs) 0-999 are reserved by the system so they cannot be assigned to a user.

    2. Select the Specify a group ID manually check box and use + or - to enter the required value.

      The default group name is the same as the user name, and the default Group ID (GID) is 1000. GIDs 0-999 are reserved by the system so they can not be assigned to a user group.

  4. Specify additional groups as a comma-separated list in the Group Membership field. Groups that do not already exist are created; you can specify custom GIDs for additional groups in parentheses. If you do not specify a custom GID for a new group, the new group receives a GID automatically.

    The user account created always has one default group membership (the user’s default group with an ID set in the Specify a group ID manually field).

  5. Click Save Changes to apply the updates and return to the Create User window.

10.3. Configuring manual partitioning

You can use manual partitioning to configure your disk partitions and mount points and define the file system that Red Hat Enterprise Linux is installed on. Before installation, you should consider whether you want to use partitioned or unpartitioned disk devices. For more information about the advantages and disadvantages to using partitioning on LUNs, either directly or with LVM, see the article at https://access.redhat.com/solutions/163853.

You have different partitioning and storage options available, including Standard Partitions, LVM, and LVM thin provisioning. These options provide various benefits and configurations for managing your system’s storage effectively.

Standard partition
A standard partition contains a file system or swap space. Standard partitions are most commonly used for /boot and the BIOS Boot and EFI System partitions. You can use the LVM logical volumes in most other uses.
LVM
Choosing LVM (or Logical Volume Management) as the device type creates an LVM logical volume. LVM improves performance when using physical disks, and it allows for advanced setups such as using multiple physical disks for one mount point, and setting up software RAID for increased performance, reliability, or both.
LVM thin provisioning
Using thin provisioning, you can manage a storage pool of free space, known as a thin pool, which can be allocated to an arbitrary number of devices when needed by applications. You can dynamically expand the pool when needed for cost-effective allocation of storage space.

An installation of Red Hat Enterprise Linux requires a minimum of one partition but use at least the following partitions or volumes: /, /home, /boot, and swap. You can also create additional partitions and volumes as you require.

To prevent data loss it is recommended that you back up your data before proceeding. If you are upgrading or creating a dual-boot system, you should back up any data you want to keep on your storage devices.

10.3.2. Supported hardware storage

It is important to understand how storage technologies are configured and how support for them may have changed between major versions of Red Hat Enterprise Linux.

Hardware RAID

Any RAID functions provided by the mainboard of your computer, or attached controller cards, need to be configured before you begin the installation process. Each active RAID array appears as one drive within Red Hat Enterprise Linux.

Software RAID

On systems with more than one disk, you can use the Red Hat Enterprise Linux installation program to operate several of the drives as a Linux software RAID array. With a software RAID array, RAID functions are controlled by the operating system rather than the dedicated hardware.

Note

When a pre-existing RAID array’s member devices are all unpartitioned disks/drives, the installation program treats the array as a disk and there is no method to remove the array.

USB Disks

You can connect and configure external USB storage after installation. Most devices are recognized by the kernel, but some devices may not be recognized. If it is not a requirement to configure these disks during installation, disconnect them to avoid potential problems.

NVDIMM devices

To use a Non-Volatile Dual In-line Memory Module (NVDIMM) device as storage, the following conditions must be satisfied:

  • Version of Red Hat Enterprise Linux is 7.6 or later.
  • The architecture of the system is Intel 64 or AMD64.
  • The device is configured to sector mode. Anaconda can reconfigure NVDIMM devices to this mode.
  • The device must be supported by the nd_pmem driver.

Booting from an NVDIMM device is possible under the following additional conditions:

  • The system uses UEFI.
  • The device must be supported by firmware available on the system, or by a UEFI driver. The UEFI driver may be loaded from an option ROM of the device itself.
  • The device must be made available under a namespace.

To take advantage of the high performance of NVDIMM devices during booting, place the /boot and /boot/efi directories on the device.

Note

The Execute-in-place (XIP) feature of NVDIMM devices is not supported during booting and the kernel is loaded into conventional memory.

Considerations for Intel BIOS RAID Sets

Red Hat Enterprise Linux uses mdraid for installing on Intel BIOS RAID sets. These sets are automatically detected during the boot process and their device node paths can change across several booting processes. Replace device node paths (such as /dev/sda) with file system labels or device UUIDs. You can find the file system labels and device UUIDs using the blkid command.

10.3.3. Starting manual partitioning

You can partition the disks based on your requirements by using manual partitioning.

Prerequisites

  • The Installation Summary screen is open.
  • All disks are available to the installation program.

Procedure

  1. Select disks for installation:

    1. Click Installation Destination to open the Installation Destination window.
    2. Select the disks that you require for installation by clicking the corresponding icon. A selected disk has a check-mark displayed on it.
    3. Under Storage Configuration, select the Custom radio-button.
    4. Optional: To enable storage encryption with LUKS, select the Encrypt my data check box.
    5. Click Done.
  2. If you selected to encrypt the storage, a dialog box for entering a disk encryption passphrase opens. Type in the LUKS passphrase:

    1. Enter the passphrase in the two text fields. To switch keyboard layout, use the keyboard icon.

      Warning

      In the dialog box for entering the passphrase, you cannot change the keyboard layout. Select the English keyboard layout to enter the passphrase in the installation program.

    2. Click Save Passphrase. The Manual Partitioning window opens.
  3. Detected mount points are listed in the left-hand pane. The mount points are organized by detected operating system installations. As a result, some file systems may be displayed multiple times if a partition is shared among several installations.

    1. Select the mount points in the left pane; the options that can be customized are displayed in the right pane.
    2. Optional: If your system contains existing file systems, ensure that enough space is available for the installation. To remove any partitions, select them in the list and click the - button. The dialog has a check box that you can use to remove all other partitions used by the system to which the deleted partition belongs.
    3. Optional: If there are no existing partitions and you want to create a set of partitions as a starting point, select your preferred partitioning scheme from the left pane (default for Red Hat Enterprise Linux is LVM) and click the Click here to create them automatically link.

      Note

      A /boot partition, a / (root) volume, and a swap volume proportionate to the size of the available storage are created and listed in the left pane. These are the file systems for a typical installation, but you can add additional file systems and mount points.

    4. Click Done to confirm any changes and return to the Installation Summary window.

10.3.4. Supported file systems

When configuring manual partitioning, you can optimize performance, ensure compatibility, and effectively manage disk space by utilizing the various file systems and partition types available in Red Hat Enterprise Linux.

xfs
XFS is a highly scalable, high-performance file system that supports file systems up to 16 exabytes (approximately 16 million terabytes), files up to 8 exabytes (approximately 8 million terabytes), and directory structures containing tens of millions of entries. XFS also supports metadata journaling, which facilitates quicker crash recovery. The maximum supported size of a single XFS file system is 500 TB. XFS is the default file system on Red Hat Enterprise Linux. The XFS filesystem cannot be shrunk to get free space.
ext4
The ext4 file system is based on the ext3 file system and features a number of improvements. These include support for larger file systems and larger files, faster and more efficient allocation of disk space, no limit on the number of subdirectories within a directory, faster file system checking, and more robust journaling. The maximum supported size of a single ext4 file system is 50 TB.
ext3
The ext3 file system is based on the ext2 file system and has one main advantage - journaling. Using a journaling file system reduces the time spent recovering a file system after it terminates unexpectedly, as there is no need to check the file system for metadata consistency by running the fsck utility every time.
ext2
An ext2 file system supports standard Unix file types, including regular files, directories, or symbolic links. It provides the ability to assign long file names, up to 255 characters.
swap
Swap partitions are used to support virtual memory. In other words, data is written to a swap partition when there is not enough RAM to store the data your system is processing.
vfat

The VFAT file system is a Linux file system that is compatible with Microsoft Windows long file names on the FAT file system.

Note

Support for VFAT file system is not available for Linux system partitions. For example, /, /var, /usr and so on.

BIOS Boot
A very small partition required for booting from a device with a GUID partition table (GPT) on BIOS systems and UEFI systems in BIOS compatibility mode.
EFI System Partition
A small partition required for booting a device with a GUID partition table (GPT) on a UEFI system.
PReP
This small boot partition is located on the first partition of the disk. The PReP boot partition contains the GRUB2 boot loader, which allows other IBM Power Systems servers to boot Red Hat Enterprise Linux.

10.3.5. Adding a mount point file system

You can add multiple mount point file systems. You can use any of the file systems and partition types available, such as XFS, ext4, ext3, ext2, swap, VFAT, and specific partitions like BIOS Boot, EFI System Partition, and PReP to effectively configure your system’s storage.

Prerequisites

  • You have planned your partitions.
  • Ensure you haven’t specified mount points at paths with symbolic links, such as /var/mail, /usr/tmp, /lib, /sbin, /lib64, and /bin. The payload, including RPM packages, depends on creating symbolic links to specific directories.

Procedure

  1. Click + to create a new mount point file system. The Add a New Mount Point dialog opens.
  2. Select one of the preset paths from the Mount Point drop-down menu or type your own; for example, select / for the root partition or /boot for the boot partition.
  3. Enter the size of the file system in to the Desired Capacity field; for example, 2GiB.

    If you do not specify a value in Desired Capacity, or if you specify a size bigger than available space, then all remaining free space is used.

  4. Click Add mount point to create the partition and return to the Manual Partitioning window.

10.3.6. Configuring storage for a mount point file system

You can set the partitioning scheme for each mount point that was created manually. The available options are Standard Partition, LVM, and LVM Thin Provisioning. Btfrs support has been removed in Red Hat Enterprise Linux 8.

Note

The /boot partition is always located on a standard partition, regardless of the value selected.

Procedure

  1. To change the devices that a single non-LVM mount point should be located on, select the required mount point from the left-hand pane.
  2. Under the Device(s) heading, click Modify…​. The Configure Mount Point dialog opens.
  3. Select one or more devices and click Select to confirm your selection and return to the Manual Partitioning window.
  4. Click Update Settings to apply the changes.
  5. In the lower left-hand side of the Manual Partitioning window, click the storage device selected link to open the Selected Disks dialog and review disk information.
  6. Optional: Click the Rescan button (circular arrow button) to refresh all local disks and partitions; this is only required after performing advanced partition configuration outside the installation program. Clicking the Rescan Disks button resets all configuration changes made in the installation program.

10.3.7. Customizing a mount point file system

You can customize a partition or volume if you want to set specific settings. If /usr or /var is partitioned separately from the rest of the root volume, the boot process becomes much more complex as these directories contain critical components. In some situations, such as when these directories are placed on an iSCSI drive or an FCoE location, the system is unable to boot, or hangs with a Device is busy error when powering off or rebooting.

This limitation only applies to /usr or /var, not to directories below them. For example, a separate partition for /var/www works successfully.

Procedure

  1. From the left pane, select the mount point.

    Figure 10.1. Customizing Partitions

    Customizing partitions.
  2. From the right-hand pane, you can customize the following options:

    1. Enter the file system mount point into the Mount Point field. For example, if a file system is the root file system, enter /; enter /boot for the /boot file system, and so on. For a swap file system, do not set the mount point as setting the file system type to swap is sufficient.
    2. Enter the size of the file system in the Desired Capacity field. You can use common size units such as KiB or GiB. The default is MiB if you do not set any other unit.
    3. Select the device type that you require from the drop-down Device Type menu: Standard Partition, LVM, or LVM Thin Provisioning.

      Note

      RAID is available only if two or more disks are selected for partitioning. If you choose RAID, you can also set the RAID Level. Similarly, if you select LVM, you can specify the Volume Group.

    4. Select the Encrypt check box to encrypt the partition or volume. You must set a password later in the installation program. The LUKS Version drop-down menu is displayed.
    5. Select the LUKS version that you require from the drop-down menu.
    6. Select the appropriate file system type for this partition or volume from the File system drop-down menu.

      Note

      Support for VFAT file system is not available for Linux system partitions. For example, /, /var, /usr, and so on.

    7. Select the Reformat check box to format an existing partition, or clear the Reformat check box to retain your data. The newly-created partitions and volumes must be reformatted, and the check box cannot be cleared.
    8. Type a label for the partition in the Label field. Use labels to easily recognize and address individual partitions.
    9. Type a name in the Name field. The standard partitions are named automatically when they are created and you cannot edit the names of standard partitions. For example, you cannot edit the /boot name sda1.
  3. Click Update Settings to apply your changes and if required, select another partition to customize. Changes are not applied until you click Begin Installation from the Installation Summary window.
  4. Optional: Click Reset All to discard your partition changes.
  5. Click Done when you have created and customized all file systems and mount points. If you choose to encrypt a file system, you are prompted to create a passphrase.

    A Summary of Changes dialog box opens, displaying a summary of all storage actions for the installation program.

  6. Click Accept Changes to apply the changes and return to the Installation Summary window.

10.3.8. Preserving the /home directory

In a Red Hat Enterprise Linux 8 graphical installation, you can preserve the /home directory that was used on your RHEL 7 system. Preserving /home is only possible if the /home directory is located on a separate /home partition on your RHEL 7 system.

Preserving the /home directory that includes various configuration settings, makes it possible that the GNOME Shell environment on the new Red Hat Enterprise Linux 8 system is set in the same way as it was on your RHEL 7 system. Note that this applies only for users on Red Hat Enterprise Linux 8 with the same user name and ID as on the previous RHEL 7 system.

Prerequisites

  • You have RHEL 7 installed on your computer.
  • The /home directory is located on a separate /home partition on your RHEL 7 system.
  • The Red Hat Enterprise Linux 8 Installation Summary window is open.

Procedure

  1. Click Installation Destination to open the Installation Destination window.
  2. Under Storage Configuration, select the Custom radio button. Click Done.
  3. Click Done, the Manual Partitioning window opens.
  4. Choose the /home partition, fill in /home under Mount Point: and clear the Reformat check box.

    Figure 10.2. Ensuring that /home is not formatted

    preserving home partition
  5. Optional: You can also customize various aspects of the /home partition required for your Red Hat Enterprise Linux 8 system as described in Customizing a mount point file system. However, to preserve /home from your RHEL 7 system, it is necessary to clear the Reformat check box.
  6. After you customized all partitions according to your requirements, click Done. The Summary of changes dialog box opens.
  7. Verify that the Summary of changes dialog box does not show any change for /home. This means that the /home partition is preserved.
  8. Click Accept Changes to apply the changes, and return to the Installation Summary window.

10.3.9. Creating a software RAID during the installation

Redundant Arrays of Independent Disks (RAID) devices are constructed from multiple storage devices that are arranged to provide increased performance and, in some configurations, greater fault tolerance. A RAID device is created in one step and disks are added or removed as necessary. You can configure one RAID partition for each physical disk in your system, so that the number of disks available to the installation program determines the levels of RAID device available. For example, if your system has two disks, you cannot create a RAID 10 device, as it requires a minimum of three separate disks. To optimize your system’s storage performance and reliability, RHEL supports software RAID 0, RAID 1, RAID 4, RAID 5, RAID 6, and RAID 10 types with LVM and LVM Thin Provisioning to set up storage on the installed system.

Note

On 64-bit IBM Z, the storage subsystem uses RAID transparently. You do not have to configure software RAID manually.

Prerequisites

  • You have selected two or more disks for installation before RAID configuration options are visible. Depending on the RAID type you want to create, at least two disks are required.
  • You have created a mount point. By configuring a mount point, you can configure the RAID device.
  • You have selected the Custom radio button on the Installation Destination window.

Procedure

  1. From the left pane of the Manual Partitioning window, select the required partition.
  2. Under the Device(s) section, click Modify. The Configure Mount Point dialog box opens.
  3. Select the disks that you want to include in the RAID device and click Select.
  4. Click the Device Type drop-down menu and select RAID.
  5. Click the File System drop-down menu and select your preferred file system type.
  6. Click the RAID Level drop-down menu and select your preferred level of RAID.
  7. Click Update Settings to save your changes.
  8. Click Done to apply the settings to return to the Installation Summary window.

10.3.10. Creating an LVM logical volume

Logical Volume Management (LVM) presents a simple logical view of underlying physical storage space, such as disks or LUNs. Partitions on physical storage are represented as physical volumes that you can group together into volume groups. You can divide each volume group into multiple logical volumes, each of which is analogous to a standard disk partition. Therefore, LVM logical volumes function as partitions that can span multiple physical disks.

Important
  • LVM configuration is available only in the graphical installation program. During text-mode installation, LVM configuration is not available.
  • To create an LVM configuration, press Ctrl+Alt+F2 to use a shell prompt in a different virtual console. You can run vgcreate and lvm commands in this shell. To return to the text-mode installation, press Ctrl+Alt+F1.

Procedure

  1. From the Manual Partitioning window, create a new mount point by using any of the following options:

    • Use the Click here to create them automatically option or click the + button.
    • Select Mount Point from the drop-down list or enter manually.
    • Enter the size of the file system in to the Desired Capacity field; for example, 70 GiB for /, 1 GiB for /boot.

      Note: Skip this step to use the existing mount point.

  2. Select the mount point.
  3. Select LVM in the drop-down menu. The Volume Group drop-down menu is displayed with the newly-created volume group name.

    Note

    You cannot specify the size of the volume group’s physical extents in the configuration dialog. The size is always set to the default value of 4 MiB. If you want to create a volume group with different physical extents, you must create it manually by switching to an interactive shell and using the vgcreate command, or use a Kickstart file with the volgroup --pesize=size command. For more information about Kickstart, see the Automatically installing RHEL.

  4. Click Done to return to the Installation Summary window.

10.3.11. Configuring an LVM logical volume

You can configure a newly-created LVM logical volume based on your requirements.

Warning

Placing the /boot partition on an LVM volume is not supported.

Procedure

  1. From the Manual Partitioning window, create a mount point by using any of the following options:

    • Use the Click here to create them automatically option or click the + button.
    • Select Mount Point from the drop-down list or enter manually.
    • Enter the size of the file system in to the Desired Capacity field; for example, 70 GiB for /, 1 GiB for /boot.

      Note: Skip this step to use the existing mount point.

  2. Select the mount point.
  3. Click the Device Type drop-down menu and select LVM. The Volume Group drop-down menu is displayed with the newly-created volume group name.
  4. Click Modify to configure the newly-created volume group. The Configure Volume Group dialog box opens.

    Note

    You cannot specify the size of the volume group’s physical extents in the configuration dialog. The size is always set to the default value of 4 MiB. If you want to create a volume group with different physical extents, you must create it manually by switching to an interactive shell and using the vgcreate command, or use a Kickstart file with the volgroup --pesize=size command. For more information, see the Automatically installing RHEL document.

  5. Optional: From the RAID Level drop-down menu, select the RAID level that you require.

    The available RAID levels are the same as with actual RAID devices.

  6. Select the Encrypt check box to mark the volume group for encryption.
  7. From the Size policy drop-down menu, select any of the following size policies for the volume group:

    The available policy options are:

    Automatic
    The size of the volume group is set automatically so that it is large enough to contain the configured logical volumes. This is optimal if you do not need free space within the volume group.
    As large as possible
    The volume group is created with maximum size, regardless of the size of the configured logical volumes it contains. This is optimal if you plan to keep most of your data on LVM and later need to increase the size of some existing logical volumes, or if you need to create additional logical volumes within this group.
    Fixed
    You can set an exact size of the volume group. Any configured logical volumes must then fit within this fixed size. This is useful if you know exactly how large you need the volume group to be.
  8. Click Save to apply the settings and return to the Manual Partitioning window.
  9. Click Update Settings to save your changes.
  10. Click Done to return to the Installation Summary window.

10.3.12. Advice on partitions

There is no best way to partition every system; the optimal setup depends on how you plan to use the system being installed. However, the following tips may help you find the optimal layout for your needs:

  • Create partitions that have specific requirements first, for example, if a particular partition must be on a specific disk.
  • Consider encrypting any partitions and volumes which might contain sensitive data. Encryption prevents unauthorized people from accessing the data on the partitions, even if they have access to the physical storage device. In most cases, you should at least encrypt the /home partition, which contains user data.
  • In some cases, creating separate mount points for directories other than /, /boot and /home may be useful; for example, on a server running a MySQL database, having a separate mount point for /var/lib/mysql allows you to preserve the database during a re-installation without having to restore it from backup afterward. However, having unnecessary separate mount points will make storage administration more difficult.
  • Some special restrictions apply to certain directories with regards on which partitioning layouts can they be placed. Notably, the /boot directory must always be on a physical partition (not on an LVM volume).
  • If you are new to Linux, consider reviewing the Linux Filesystem Hierarchy Standard for information about various system directories and their contents.
  • Each kernel requires approximately: 60MiB (initrd 34MiB, 11MiB vmlinuz, and 5MiB System.map)
  • For rescue mode: 100MiB (initrd 76MiB, 11MiB vmlinuz, and 5MiB System map)
  • When kdump is enabled in system it will take approximately another 40MiB (another initrd with 33MiB)

    The default partition size of 1 GiB for /boot should suffice for most common use cases. However, increase the size of this partition if you are planning on retaining multiple kernel releases or errata kernels.

  • The /var directory holds content for a number of applications, including the Apache web server, and is used by the YUM package manager to temporarily store downloaded package updates. Make sure that the partition or volume containing /var has at least 5 GiB.
  • The /usr directory holds the majority of software on a typical Red Hat Enterprise Linux installation. The partition or volume containing this directory should therefore be at least 5 GiB for minimal installations, and at least 10 GiB for installations with a graphical environment.
  • If /usr or /var is partitioned separately from the rest of the root volume, the boot process becomes much more complex because these directories contain boot-critical components. In some situations, such as when these directories are placed on an iSCSI drive or an FCoE location, the system may either be unable to boot, or it may hang with a Device is busy error when powering off or rebooting.

    This limitation only applies to /usr or /var, not to directories under them. For example, a separate partition for /var/www works without issues.

    Important

    Some security policies require the separation of /usr and /var, even though it makes administration more complex.

  • Consider leaving a portion of the space in an LVM volume group unallocated. This unallocated space gives you flexibility if your space requirements change but you do not wish to remove data from other volumes. You can also select the LVM Thin Provisioning device type for the partition to have the unused space handled automatically by the volume.
  • The size of an XFS file system cannot be reduced - if you need to make a partition or volume with this file system smaller, you must back up your data, destroy the file system, and create a new, smaller one in its place. Therefore, if you plan to alter your partitioning layout later, you should use the ext4 file system instead.
  • Use Logical Volume Management (LVM) if you anticipate expanding your storage by adding more disks or expanding virtual machine disks after the installation. With LVM, you can create physical volumes on the new drives, and then assign them to any volume group and logical volume as you see fit - for example, you can easily expand your system’s /home (or any other directory residing on a logical volume).
  • Creating a BIOS Boot partition or an EFI System Partition may be necessary, depending on your system’s firmware, boot drive size, and boot drive disk label. Note that you cannot create a BIOS Boot or EFI System Partition in graphical installation if your system does not require one - in that case, they are hidden from the menu.
  • If you need to make any changes to your storage configuration after the installation, Red Hat Enterprise Linux repositories offer several different tools which can help you do this. If you prefer a command-line tool, try system-storage-manager.

10.4. Selecting the base environment and additional software

Use the Software Selection window to select the software packages that you require. The packages are organized by Base Environment and Additional Software.

  • Base Environment contains predefined packages. You can select only one base environment, for example, Server with GUI (default), Server, Minimal Install, Workstation, Custom operating system, Virtualization Host. The availability is dependent on the installation ISO image that is used as the installation source.
  • Additional Software for Selected Environment contains additional software packages for the base environment. You can select multiple software packages.

Use a predefined environment and additional software to customize your system. However, in a standard installation, you cannot select individual packages to install. To view the packages contained in a specific environment, see the repository/repodata/*-comps-repository.architecture.xml file on your installation source media (DVD, CD, USB). The XML file contains details of the packages installed as part of a base environment. Available environments are marked by the <environment> tag, and additional software packages are marked by the <group> tag.

If you are unsure about which packages to install, select the Minimal Install base environment. Minimal install installs a basic version of Red Hat Enterprise Linux with only a minimal amount of additional software. After the system finishes installing and you log in for the first time, you can use the YUM package manager to install additional software. For more information about YUM package manager, see the Configuring basic system settings document.

Note
  • Use the yum group list command from any RHEL 8 system to view the list of packages being installed on the system as a part of software selection. For more information, see Configuring basic system settings.
  • If you need to control which packages are installed, you can use a Kickstart file and define the packages in the %packages section.

Prerequisites

  • You have configured the installation source.
  • The installation program has downloaded package metadata.
  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Software Selection. The Software Selection window opens.
  2. From the Base Environment pane, select a base environment. You can select only one base environment, for example, Server with GUI (default), Server, Minimal Install, Workstation, Custom Operating System, Virtualization Host. By default, the Server with GUI base environment is selected.

    Figure 10.3. Red Hat Enterprise Linux Software Selection

    Base Environment
  3. From the Additional Software for Selected Environment pane, select one or more options.
  4. Click Done to apply the settings and return to graphical installations.

10.5. Optional: Configuring the network and host name

Use the Network and Host name window to configure network interfaces. Options that you select here are available both during the installation for tasks such as downloading packages from a remote location, and on the installed system.

Follow the steps in this procedure to configure your network and host name.

Procedure

  1. From the Installation Summary window, click Network and Host Name.
  2. From the list in the left-hand pane, select an interface. The details are displayed in the right-hand pane.
  3. Toggle the ON/OFF switch to enable or disable the selected interface.

    You cannot add or remove interfaces manually.

  4. Click + to add a virtual network interface, which can be either: Team, Bond, Bridge, or VLAN.
  5. Click - to remove a virtual interface.
  6. Click Configure to change settings such as IP addresses, DNS servers, or routing configuration for an existing interface (both virtual and physical).
  7. Type a host name for your system in the Host Name field.

    The host name can either be a fully qualified domain name (FQDN) in the format hostname.domainname, or a short host name without the domain. Many networks have a Dynamic Host Configuration Protocol (DHCP) service that automatically supplies connected systems with a domain name. To allow the DHCP service to assign the domain name to this system, specify only the short host name.

    Host names can only contain alphanumeric characters and - or .. Host name should be equal to or less than 64 characters. Host names cannot start or end with - and .. To be compliant with DNS, each part of a FQDN should be equal to or less than 63 characters and the FQDN total length, including dots, should not exceed 255 characters.

    The value localhost means that no specific static host name for the target system is configured, and the actual host name of the installed system is configured during the processing of the network configuration, for example, by NetworkManager using DHCP or DNS.

    When using static IP and host name configuration, it depends on the planned system use case whether to use a short name or FQDN. Red Hat Identity Management configures FQDN during provisioning but some 3rd party software products may require short name. In either case, to ensure availability of both forms in all situations, add an entry for the host in /etc/hosts in the format IP FQDN short-alias.

  8. Click Apply to apply the host name to the installer environment.
  9. Alternatively, in the Network and Hostname window, you can choose the Wireless option. Click Select network in the right-hand pane to select your wifi connection, enter the password if required, and click Done.

Additional resources

10.5.1. Adding a virtual network interface

You can add a virtual network interface.

Procedure

  1. From the Network & Host name window, click the + button to add a virtual network interface. The Add a device dialog opens.
  2. Select one of the four available types of virtual interfaces:

    • Bond: NIC (Network Interface Controller) Bonding, a method to bind multiple physical network interfaces together into a single bonded channel.
    • Bridge: Represents NIC Bridging, a method to connect multiple separate networks into one aggregate network.
    • Team: NIC Teaming, a new implementation to aggregate links, designed to provide a small kernel driver to implement the fast handling of packet flows, and various applications to do everything else in user space.
    • Vlan (Virtual LAN): A method to create multiple distinct broadcast domains which are mutually isolated.
  3. Select the interface type and click Add. An editing interface dialog box opens, allowing you to edit any available settings for your chosen interface type.

    For more information, see Editing network interface.

  4. Click Save to confirm the virtual interface settings and return to the Network & Host name window.
  5. Optional: To change the settings of a virtual interface, select the interface and click Configure.

10.5.2. Editing network interface configuration

You can edit the configuration of a typical wired connection used during installation. Configuration of other types of networks is broadly similar, although the specific configuration parameters might be different.

Note

On 64-bit IBM Z, you cannot add a new connection as the network subchannels need to be grouped and set online beforehand, and this is currently done only in the booting phase.

Procedure

  • To configure a network connection manually, select the interface from the Network and Host name window and click Configure.

    An editing dialog specific to the selected interface opens. The options present depend on the connection type - the available options are slightly different depending on whether the connection type is a physical interface (wired or wireless network interface controller) or a virtual interface (Bond, Bridge, Team, or Vlan) that was previously configured in Adding a virtual interface.

10.5.3. Enabling or Disabling the Interface Connection

You can enable or disable specific interface connections.

Procedure

  1. Click the General tab.
  2. Select the Connect automatically with priority check box to enable connection by default. Keep the default priority setting at 0.
  3. Optional: Enable or disable all users on the system from connecting to this network by using the All users may connect to this network option. If you disable this option, only root will be able to connect to this network.

    Important

    When enabled on a wired connection, the system automatically connects during startup or reboot. On a wireless connection, the interface attempts to connect to any known wireless networks in range. For further information about NetworkManager, including the nm-connection-editor tool, see the Configuring and managing networking document.

  4. Click Save to apply the changes and return to the Network and Host name window.

    It is not possible to only allow a specific user other than root to use this interface, as no other users are created at this point during the installation. If you need a connection for a different user, you must configure it after the installation.

10.5.4. Setting up Static IPv4 or IPv6 Settings

By default, both IPv4 and IPv6 are set to automatic configuration depending on current network settings. This means that addresses such as the local IP address, DNS address, and other settings are detected automatically when the interface connects to a network. In many cases, this is sufficient, but you can also provide static configuration in the IPv4 Settings and IPv6 Settings tabs. Complete the following steps to configure IPv4 or IPv6 settings:

Procedure

  1. To set static network configuration, navigate to one of the IPv Settings tabs and from the Method drop-down menu, select a method other than Automatic, for example, Manual. The Addresses pane is enabled.
  2. Optional: In the IPv6 Settings tab, you can also set the method to Ignore to disable IPv6 on this interface.
  3. Click Add and enter your address settings.
  4. Type the IP addresses in the Additional DNS servers field; it accepts one or more IP addresses of DNS servers, for example, 10.0.0.1,10.0.0.8.
  5. Select the Require IPvX addressing for this connection to complete check box.

    Selecting this option in the IPv4 Settings or IPv6 Settings tabs allow this connection only if IPv4 or IPv6 was successful. If this option remains disabled for both IPv4 and IPv6, the interface is able to connect if configuration succeeds on either IP protocol.

  6. Click Save to apply the changes and return to the Network & Host name window.

10.5.5. Configuring Routes

You can control the access of specific connections by configuring routes.

Procedure

  1. In the IPv4 Settings and IPv6 Settings tabs, click Routes to configure routing settings for a specific IP protocol on an interface. An editing routes dialog specific to the interface opens.
  2. Click Add to add a route.
  3. Select the Ignore automatically obtained routes check box to configure at least one static route and to disable all routes not specifically configured.
  4. Select the Use this connection only for resources on its network check box to prevent the connection from becoming the default route.

    This option can be selected even if you did not configure any static routes. This route is used only to access certain resources, such as intranet pages that require a local or VPN connection. Another (default) route is used for publicly available resources. Unlike the additional routes configured, this setting is transferred to the installed system. This option is useful only when you configure more than one interface.

  5. Click OK to save your settings and return to the editing routes dialog that is specific to the interface.
  6. Click Save to apply the settings and return to the Network and Host Name window.

10.6. Optional: Configuring localization options

You can configure your keyboard, language support, and time and date settings.

Important

If you use a layout that cannot accept Latin characters, such as Russian, add the English (United States) layout and configure a keyboard combination to switch between the two layouts. If you select a layout that does not have Latin characters, you might be unable to enter a valid root password and user credentials later in the installation process. This might prevent you from completing the installation.

Procedure

  1. Configure keyboard settings:

    1. From the Installation Summary window, click Keyboard.

      The default layout depends on the option selected in Installing RHEL using Anaconda.

    2. Click + to open the Add a Keyboard Layout window and change to a different layout.
    3. Select a layout by browsing the list or use the Search field.
    4. Select the required layout and click Add. The new layout appears under the default layout.
    5. Click Options to optionally configure a keyboard switch that you can use to cycle between available layouts. The Layout Switching Options window opens.
    6. To configure key combinations for switching, select one or more key combinations and click OK to confirm your selection.
    7. Optional: When you select a layout, click the Keyboard button to open a new dialog box displaying a visual representation of the selected layout.
    8. Click Done to apply the settings and return to graphical installations
  2. Configure language settings:

    1. From the Installation Summary window, click Language Support. The Language Support window opens. The left pane lists the available language groups. If at least one language from a group is configured, a check mark is displayed and the supported language is highlighted.
    2. From the left pane, click a group to select additional languages, and from the right pane, select regional options. Repeat this process for languages that you require.
    3. Click Done to apply the settings and return to graphical installations.
  3. Configure time and date settings:

    1. From the Installation Summary window, click Time & Date. The Time & Date window opens.

      The list of cities and regions come from the Time Zone Database (tzdata) public domain that is maintained by the Internet Assigned Numbers Authority (IANA). Red Hat can not add cities or regions to this database. You can find more information at the IANA official website.

    2. From the Region drop-down menu, select a region. Select Etc as your region to configure a time zone relative to Greenwich Mean Time (GMT) without setting your location to a specific region.
    3. From the City drop-down menu, select the city, or the city closest to your location in the same time zone.
    4. Toggle the Network Time switch to enable or disable network time synchronization using the Network Time Protocol (NTP).

      Enabling the Network Time switch keeps your system time correct as long as the system can access the internet. By default, one NTP pool is configured.

    5. Optional: Use the gear wheel button next to the Network Time switch to add a new NTP, or disable or remove the default options.
    6. Click Done to apply the settings and return to graphical installations.

Disabling the network time synchronization activates controls at the bottom of the page to set time and date manually.

10.7. Optional: Configuring language and location settings

The installation program uses the language that you selected during installation.

Prerequisites

Procedure

  1. From the left-hand pane of the Welcome to Red Hat Enterprise Linux window, select a language. Alternatively, type your preferred language into the Search field.

    Note

    A language is pre-selected by default. If network access is configured, that is, if you booted from a network server instead of local media, the pre-selected language is determined by the automatic location detection feature of the GeoIP module. If you used the inst.lang= option on the boot command line or in your PXE server configuration, then the language that you define with the boot option is selected.

  2. From the right-hand pane of the Welcome to Red Hat Enterprise Linux window, select a location specific to your region.
  3. Click Continue to proceed to the graphical installations window.
  4. If you are installing a pre-release version of Red Hat Enterprise Linux, a warning message is displayed about the pre-release status of the installation media.

    1. To continue with the installation, click I want to proceed, or
    2. To quit the installation and reboot the system, click I want to exit.

Additional resources

10.8. Optional: Subscribing the system and activating Red Hat Insights

Red Hat Insights is a Software-as-a-Service (SaaS) offering that provides continuous, in-depth analysis of registered Red Hat-based systems to proactively identify threats to security, performance and stability across physical, virtual and cloud environments, and container deployments. By registering your RHEL system in Red Hat Insights, you gain access to predictive analytics, security alerts, and performance optimization tools, enabling you to maintain a secure, efficient, and stable IT environment.

You can register to Red Hat by using either your Red Hat account or your activation key details. You can connect your system to Red hat Insights by using the Connect to Red Hat option.

Procedure

  1. From the Installation Summary screen, under Software, click Connect to Red Hat.
  2. Select Account or Activation Key.

    1. If you select Account, enter your Red Hat Customer Portal username and password details.
    2. If you select Activation Key, enter your organization ID and activation key.

      You can enter more than one activation key, separated by a comma, as long as the activation keys are registered to your subscription.

  3. Select the Set System Purpose check box.

    • If the account has Simple content access mode enabled, setting the system purpose values is still important for accurate reporting of consumption in the subscription services.
    • If your account is in the entitlement mode, system purpose enables the entitlement server to determine and automatically attach the most appropriate subscription to satisfy the intended use of the Red Hat Enterprise Linux 8 system.
  4. Select the required Role, SLA, and Usage from the corresponding drop-down lists.
  5. The Connect to Red Hat Insights check box is enabled by default. Clear the check box if you do not want to connect to Red Hat Insights.
  6. Optional: Expand Options.

    1. Select the Use HTTP proxy check box if your network environment only allows external Internet access or access to content servers through an HTTP proxy. Clear the Use HTTP proxy check box if an HTTP proxy is not used.
    2. If you are running Satellite Server or performing internal testing, select the Custom Server URL and Custom base URL check boxes and enter the required details.

      Important
      • The Custom Server URL field does not require the HTTP protocol, for example nameofhost.com. However, the Custom base URL field requires the HTTP protocol.
      • To change the Custom base URL after registration, you must unregister, provide the new details, and then re-register.
  7. Click Register to register the system. When the system is successfully registered and subscriptions are attached, the Connect to Red Hat window displays the attached subscription details.

    Depending on the amount of subscriptions, the registration and attachment process might take up to a minute to complete.

  8. Click Done to return to the Installation Summary window.

    A Registered message is displayed under Connect to Red Hat.

Additional resources

10.9. Optional: Using network-based repositories for the installation

You can configure an installation source from either auto-detected installation media, Red Hat CDN, or the network. When the Installation Summary window first opens, the installation program attempts to configure an installation source based on the type of media that was used to boot the system. The full Red Hat Enterprise Linux Server DVD configures the source as local media.

Prerequisites

  • You have downloaded the full installation DVD ISO or minimal installation Boot ISO image from the Product Downloads page.
  • You have created bootable installation media.
  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Source. The Installation Source window opens.

    1. Review the Auto-detected installation media section to verify the details. This option is selected by default if you started the installation program from media containing an installation source, for example, a DVD.
    2. Click Verify to check the media integrity.
    3. Review the Additional repositories section and note that the AppStream check box is selected by default.

      The BaseOS and AppStream repositories are installed as part of the full installation image. Do not disable the AppStream repository check box if you want a full Red Hat Enterprise Linux 8 installation.

  2. Optional: Select the Red Hat CDN option to register your system, attach RHEL subscriptions, and install RHEL from the Red Hat Content Delivery Network (CDN).
  3. Optional: Select the On the network option to download and install packages from a network location instead of local media. This option is available only when a network connection is active. See Configuring network and host name options for information about how to configure network connections in the GUI.

    Note

    If you do not want to download and install additional repositories from a network location, proceed to Configuring software selection.

    1. Select the On the network drop-down menu to specify the protocol for downloading packages. This setting depends on the server that you want to use.
    2. Type the server address (without the protocol) into the address field. If you choose NFS, a second input field opens where you can specify custom NFS mount options. This field accepts options listed in the nfs(5) man page on your system.
    3. When selecting an NFS installation source, specify the address with a colon (:) character separating the host name from the path. For example, server.example.com:/path/to/directory.

      The following steps are optional and are only required if you use a proxy for network access.

    4. Click Proxy setup…​ to configure a proxy for an HTTP or HTTPS source.
    5. Select the Enable HTTP proxy check box and type the URL into the Proxy Host field.
    6. Select the Use Authentication check box if the proxy server requires authentication.
    7. Type in your user name and password.
    8. Click OK to finish the configuration and exit the Proxy Setup…​ dialog box.

      Note

      If your HTTP or HTTPS URL refers to a repository mirror, select the required option from the URL type drop-down list. All environments and additional software packages are available for selection when you finish configuring the sources.

  4. Click + to add a repository.
  5. Click - to delete a repository.
  6. Click the arrow icon to revert the current entries to the setting when you opened the Installation Source window.
  7. To activate or deactivate a repository, click the check box in the Enabled column for each entry in the list.

    You can name and configure your additional repository in the same way as the primary repository on the network.

  8. Click Done to apply the settings and return to the Installation Summary window.

10.10. Optional: Configuring Kdump kernel crash-dumping mechanism

Kdump is a kernel crash-dumping mechanism. In the event of a system crash, Kdump captures the contents of the system memory at the moment of failure. This captured memory can be analyzed to find the cause of the crash. If Kdump is enabled, it must have a small portion of the system’s memory (RAM) reserved to itself. This reserved memory is not accessible to the main kernel.

Procedure

  1. From the Installation Summary window, click Kdump. The Kdump window opens.
  2. Select the Enable kdump check box.
  3. Select either the Automatic or Manual memory reservation setting.
  4. If you select Manual, enter the amount of memory (in megabytes) that you want to reserve in the Memory to be reserved field using the + and - buttons. The Usable System Memory readout below the reservation input field shows how much memory is accessible to your main system after reserving the amount of RAM that you select.
  5. Click Done to apply the settings and return to graphical installations.

The amount of memory that you reserve is determined by your system architecture (AMD64 and Intel 64 have different requirements than IBM Power) as well as the total amount of system memory. In most cases, automatic reservation is satisfactory.

Additional settings, such as the location where kernel crash dumps will be saved, can only be configured after the installation using either the system-config-kdump graphical interface, or manually in the /etc/kdump.conf configuration file.

10.11. Optional: Selecting a security profile

You can apply security policy during your Red Hat Enterprise Linux 8 installation and configure it to use on your system before the first boot.

10.11.1. About security policy

The Red Hat Enterprise Linux includes OpenSCAP suite to enable automated configuration of the system in alignment with a particular security policy. The policy is implemented using the Security Content Automation Protocol (SCAP) standard. The packages are available in the AppStream repository. However, by default, the installation and post-installation process does not enforce any policies and therefore does not involve any checks unless specifically configured.

Applying a security policy is not a mandatory feature of the installation program. If you apply a security policy to the system, it is installed using restrictions defined in the profile that you selected. The openscap-scanner and scap-security-guide packages are added to your package selection, providing a preinstalled tool for compliance and vulnerability scanning.

When you select a security policy, the Anaconda GUI installer requires the configuration to adhere to the policy’s requirements. There might be conflicting package selections, as well as separate partitions defined. Only after all the requirements are met, you can start the installation.

At the end of the installation process, the selected OPenSCAP security policy automatically hardens the system and scans it to verify compliance, saving the scan results to the /root/openscap_data directory on the installed system.

By default, the installer uses the content of the scap-security-guide package bundled in the installation image. You can also load external content from an HTTP, HTTPS, or FTP server.

10.11.2. Configuring a security profile

You can configure a secutiry policy from the Installation Summary window.

Prerequisite

  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Security Profile. The Security Profile window opens.
  2. To enable security policies on the system, toggle the Apply security policy switch to ON.
  3. Select one of the profiles listed in the top pane.
  4. Click Select profile.

    Profile changes that you must apply before installation appear in the bottom pane.

  5. Click Change content to use a custom profile.

    A separate window opens allowing you to enter a URL for valid security content.

    1. Click Fetch to retrieve the URL.

      You can load custom profiles from an HTTP, HTTPS, or FTP server. Use the full address of the content including the protocol, such as http://. A network connection must be active before you can load a custom profile. The installation program detects the content type automatically.

    2. Click Use SCAP Security Guide to return to the Security Profile window.
  6. Click Done to apply the settings and return to the Installation Summary window.

10.11.3. Profiles not compatible with Server with GUI

Certain security profiles provided as part of the SCAP Security Guide are not compatible with the extended package set included in the Server with GUI base environment. Therefore, do not select Server with GUI when installing systems compliant with one of the following profiles:

Table 10.2. Profiles not compatible with Server with GUI
Profile nameProfile IDJustificationNotes

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

Packages xorg-x11-server-Xorg, xorg-x11-server-common, xorg-x11-server-utils, and xorg-x11-server-Xwayland are part of the Server with GUI package set, but the policy requires their removal.

 

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

Packages xorg-x11-server-Xorg, xorg-x11-server-common, xorg-x11-server-utils, and xorg-x11-server-Xwayland are part of the Server with GUI package set, but the policy requires their removal.

 

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

The nfs-utils package is part of the Server with GUI package set, but the policy requires its removal.

 

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

The nfs-utils package is part of the Server with GUI package set, but the policy requires its removal.

 

DISA STIG for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

Packages xorg-x11-server-Xorg, xorg-x11-server-common, xorg-x11-server-utils, and xorg-x11-server-Xwayland are part of the Server with GUI package set, but the policy requires their removal.

To install a RHEL system as a Server with GUI aligned with DISA STIG in RHEL version 8.4 and later, you can use the DISA STIG with GUI profile.

10.11.4. Deploying baseline-compliant RHEL systems using Kickstart

You can deploy RHEL systems that are aligned with a specific baseline. This example uses Protection Profile for General Purpose Operating System (OSPP).

Prerequisites

  • The scap-security-guide package is installed on your RHEL 8 system.

Procedure

  1. Open the /usr/share/scap-security-guide/kickstart/ssg-rhel8-ospp-ks.cfg Kickstart file in an editor of your choice.
  2. Update the partitioning scheme to fit your configuration requirements. For OSPP compliance, the separate partitions for /boot, /home, /var, /tmp, /var/log, /var/tmp, and /var/log/audit must be preserved, and you can only change the size of the partitions.
  3. Start a Kickstart installation as described in Performing an automated installation using Kickstart.
Important

Passwords in Kickstart files are not checked for OSPP requirements.

Verification

  • To check the current status of the system after installation is complete, reboot the system and start a new scan:

    # oscap xccdf eval --profile ospp --report eval_postinstall_report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.