Differences

This shows you the differences between two versions of the page.

--- centos_8_migration_notes [2020/09/29 18:50] – created juckins
+++ centos_8_migration_notes [2020/10/14 19:24] – juckins
@@ Line 1: / Line 1: @@
-==== CentOS8 Migration Notes ====
+==== CentOS 8 Migration Notes ====
+<color #ed1c24>Below is copied from [[centos_7_migration_notes|CentOS 7 Migration Notes]] so modify as needed.</color>
+Other fixes:
+  * Disable WiFi LAN connection with ''# nmcli radio wifi off''
+  * [[https://unix.stackexchange.com/questions/152691/how-to-disable-beep-sound-in-linux-centos-7-command-line|Disable bell]]
+For migrating a system from a different OS, take note of this info first:
+  * Make a test user on CentOS7 and one on CentOS8
+    * Compare hidden files to see if anything changed between OSs
+    * This allows for easy migrating of data for users' $HOME directories
+  * ensure all scripts make their own log file directory
+    * $log_dir = "/var/tmp/check_disk_space";
+    * mkdir ("$log_dir", 0755);
+    * should crons write to /tmp and then have a daily script that checks cron logs for errors?
+----
+  * Get inventory of users
+  * ///
+  * Check that PHP is working correctly, localhost/index.php tries to open a file
+    * check httpd.conf
+  * ///
+  * Clear all history from Firefox before testing phpmyadmin
+    * Check httpd logs for any errors, such as mod security
+    * uninstall [[https://phoenixnap.com/kb/setup-configure-modsecurity-on-apache|mod_security]] if necessary
+  * [[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-8|Add https and http to firewall rules]]
+  * <color #ed1c24>MySQL / MariaDB Database and users</color>
+    * [[https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password|Reset mysql root password]]
+    * [[https://www.tecmint.com/install-lamp-on-centos-8/|Notes for installing LAMP]] on CentOS 8
+    * [[https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-centos-8]]
+    * [[https://www.tecmint.com/transfer-mysql-databases-from-old-to-new-server/|Migrate all databases with mysqldump]]
+      * Note that the restore of mysql does not use "--all-databases" option and is an error in link above
+    * [[https://www.linode.com/docs/databases/mysql/create-physical-backups-of-your-mariadb-or-mysql-databases/|Migrate with tar]]
+    * [[http://www.uptimemadeeasy.com/linux/mysql-migrate-users-server-server/|Migrate MySQL users to new machine]]
+      * Don't forget to add semicolons with this:  # sed -i ‘/[^;] *$/s/$/;/’ ./grantfile
+  * export MySQL databases with mysqldump
+    * [[https://www.digitalocean.com/community/tutorials/how-to-migrate-a-mysql-database-between-two-servers|Migrate MySQL database to new server]]
+    * [[http://dev.mysql.com/doc/refman/5.7/en/copying-databases.html|Move MySQL databases to new server]]
+  * list of installed perl modules
+    * grep all .pl script and look for the "use " calls
+  * Copy the following to accessible location for restore after upgrade
+    * users' $HOME
+    * crons should be in each user's $HOME/crontab
+    * various processing log files from /var/tmp/
+    * /etc/ssh/*key* or possibly the entire directory contents (this may prevent man-in-the-middle attack messages but testing needed)
+    * /etc/hosts
+    * /etc/httpd/conf/httpd.conf
+    * Samba users, passwords, shares (for security cameras)
+      * /etc/samba/smb.conf
+      * /var/lib/samba/private/passdb.tbd
+      * /var/lib/samba/private/secrets.tbd
+      * Make sure service is running and will start at boot.
+      * Check output with: testparm -v
+  * nxclient-3.5.0-7.x86_64.rpm
+  * nxnode-3.5.0-9.x86_64.rpm
+  * nxserver-3.5.0-11.x86_64.rpm
+  * <del>skype-4.3.0.37-fedora.i586.rpm</del>
+  * verify services that should be installed/running in chkconfig
+  * Note firewall rules
+    * [[https://serverfault.com/questions/655851/is-there-a-simple-way-to-export-import-firewalld-settings|Export Firewall Rules to new server]]
+Note these installed perl RPMs:
+''# rpm -qa --qf "%{NAME}\n" | grep -i perl | sort''
+<code>
+ImageMagick-perl
+perl
+perl-autodie
+perl-Array-Diff
+perl-Array-Unique
+perl-B-Lint
+perl-Business-ISBN
+perl-Business-ISBN-Data
+perl-Carp
+perl-CGI
+perl-Class-ISA
+perl-common-sense
+perl-Compress-Raw-Bzip2
+perl-Compress-Raw-Zlib
+perl-constant
+perl-CPAN
+perl-Data-Dumper
+perl-DBD-MySQL
+perl-DBI
+perl-devel
+perl-Digest
+perl-Digest-MD5
+perl-Digest-SHA
+perl-Encode
+perl-Encode-Locale
+perl-Env
+perl-Exporter
+perl-ExtUtils-Install
+perl-ExtUtils-MakeMaker
+perl-ExtUtils-Manifest
+perl-ExtUtils-ParseXS
+perl-FCGI
+perl-File-BaseDir
+perl-File-CheckTree
+perl-File-DesktopEntry
+perl-File-Listing
+perl-File-MimeInfo
+perl-File-Path
+perl-File-ReadBackwards
+perl-File-Slurp
+perl-File-Temp
+perl-Filter
+perl-Font-AFM
+perl-GD
+perl-Getopt-Long
+perl-HTML-Element-Extended
+perl-HTML-Format
+perl-HTML-Parser
+perl-HTML-TableExtract
+perl-HTML-Tagset
+perl-HTML-Tree
+perl-HTTP-Cookies
+perl-HTTP-Daemon
+perl-HTTP-Date
+perl-HTTP-Message
+perl-HTTP-Negotiate
+perl-HTTP-Tiny
+perl-IO-All
+perl-IO-Compress
+perl-IO-HTML
+perl-IO-Socket-IP
+perl-IO-Socket-SSL
+perl-IPC-System-Simple
+perl-JSON
+perl-JSON-XS
+perl-libs
+perl-libwww-perl
+perl-List-Compare
+perl-List-MoreUtils
+perl-Locale-Codes
+perl-Locale-Maketext
+perl-local-lib
+perl-LWP-MediaTypes
+perl-LWP-Protocol-https
+perl-macros
+perl-Module-Pluggable
+perl-Mozilla-CA
+perl-Net-Daemon
+perl-Net-HTTP
+perl-Net-LibIDN
+perl-Net-SSLeay
+perl-Newt
+perl-parent
+perl-Parse-Yapp
+perl-PathTools
+perl-PlRPC
+perl-Pod-Checker
+perl-Pod-Escapes
+perl-Pod-LaTeX
+perl-podlators
+perl-Pod-Parser
+perl-Pod-Perldoc
+perl-Pod-Plainer
+perl-Pod-Simple
+perl-Pod-Usage
+perl-Scalar-List-Utils
+perl-Socket
+perl-Storable
+perl-String-CRC32
+perl-Sys-Syslog
+perl-Test-Harness
+perl-Test-Simple
+perl-Text-ParseWords
+perl-Text-Soundex
+perl-Text-Unidecode
+perl-Thread-Queue
+perl-threads
+perl-threads-shared
+perl-TimeDate
+perl-Time-HiRes
+perl-Time-Local
+perl-Types-Serialiser
+perl-URI
+perl-WWW-RobotRules
+perl-XML-LibXML
+perl-XML-NamespaceSupport
+perl-XML-SAX
+perl-XML-SAX-Base
+</code>
+Must-Have functionality:
+  * Apache, MySQL, PHP, Perl
+  * [[https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7|fail2ban]]
+    * edit /etc/fail2ban/jail.local to ban for longer than default of 1 hour
+    * Check logs: # cat /var/log/fail2ban.log
+    * Ensure service is running:
+      * ''# systemctl enable fail2ban''
+      * ''# systemctl restart fail2ban''
+  * [[gmail_as_a_relay_on_linux|Set up Gmail Relay and test]]
+  * Disable SELinux
+  * VSFTP (for security cameras)
+    * [[http://www.liquidweb.com/kb/how-to-install-and-configure-vsftpd-on-centos-7/|Config instructions]]
+    * [[https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/|500 writeable root error]]
+    * As root: setsebool -P allow_ftpd_full_access on
+    * As root: systemctl restart vsftpd
+    * As root: systemctl enable vsftpd
+  * Samba
+    * [[samba_file_sharing|Samba File Sharing]]
+  * <del>Skype</del>
+  * Virtual Box
+  * Working crontabs for each user
+  * [[python_notes|Install Python 3]]
+Contents of /etc/yum.repos.d (CentOS 7):
+  * adobe-linux-x86_64.repo
+  * CentOS-Base.repo
+  * CentOS-CR.repo
+  * CentOS-Debuginfo.repo
+  * CentOS-fasttrack.repo
+  * CentOS-Media.repo
+  * CentOS-Sources.repo
+  * CentOS-Vault.repo
+  * epel.repo
+  * epel-testing.repo
+  * google-chrome.repo
+  * nux-dextop.repo
+----
+For a continuation of GNOME2 in CentOS7, use "MATE"
+  * Best option is to do a "minimal install" and follow [[http://www.45drives.com/wiki/index.php/Installing_MATE_on_CentOS_7|Installing MATE on CentOS 7]]
+Other info on MATE:
+  * https://www.centos.org/forums/search.php?keywords=gnome \\
+  * https://www.centos.org/forums/viewtopic.php?f=48&t=47271&p=202339&hilit=gnome#p202339 \\
+  * http://wiki.centos.org/FAQ/CentOS7 \\
+  * https://www.centos.org/forums/
+  * https://www.centos.org/forums/viewtopic.php?f=48&t=47670
+  * http://blog.boeiend.be/?p=125
+Customize MATE Desktop displays
+  * Adjust System > Preferences > Look and Feel > Appearance
+  * Under Fonts tab, set all to size 8
+  * Click Details, set resolution to 96 dpi, Smoothing Grayscale, Hinting Slight, Subpixel order RGB
+  * Firefox has large bullets for password masking.  Theme setting?
+  * [[http://juckins.net/dokuwiki/lib/exe/fetch.php?media=centos7_desktop.png|Configure Desktop]]
+  * Set up gnome-terminal preferences
+    * General: Font Monospace 9, No terminal bell
+    * Colors: Use colors from system theme
+    * Scrolling: unlimited
+    * Edit > Keyboard Shortcuts > Reset and Clear > F2
+  * Disable Vim auto-indent following [[vim_tips|Vi and Vim Tips]]
+  * <del>Adjust System > Preferences > Personal > Startup Applications</del>
+    * <del>Disable the SELinux Troubleshooter</del>
+    * <del>Add PackageKit Update Applet</del>
+      * <del>description: PackageKit Update Applet</del>
+      * <del>command: gpk-update-viewer</del>
+Change setting on screensaver
+  * System > Preferences > Look and Feel > Screensaver
+System Monitor (needs mate-system-monitor and mate-applets RPMs):
+  * Right-click top panel > Add to Panel
+  * In the "Find an item to add to the panel:" search box, enter "System Monitor" and click Add
+  * Moving display of current CPU usage should appear
+__Fresh VirtualBox Installation Notes 8 Nov 2015 (previous install 30 Sept 2014)__
+  * Preferable to use local .iso file to conserve bandwidth for multiple installs
+  * Used http://mirrors.sonic.net/centos/7.7.1908/os/x86_64/ for package repository
+  * On initial config screen, ensure the network connection is activated
+  * You can also disable SELinux
+  * <del>Manually set mount points for /boot, /, swap</del>
+  * * <del>Make sure /boot is 1024MB large</del>
+  * Let system create mount points automatically
+    * After they are suggested, change from LVM to Standard Mount
+    * May want to increase the boot and "efi" boot partitions from 500MB to 750MB and 200MB to 500MB
+  * Used default "xfs" filesystem
+  * For software packages, if you only choose something like Web Server you will not get graphical login
+  * Choose a general desktop option, too
+  * Boot into machine
+  * Note the IP address
+Use nmtui-hostname to [[http://www.itzgeek.com/how-tos/linux/centos-how-tos/change-hostname-in-centos-7-rhel-7.html|change the system hostname]]
+<code>
+# nmcli general hostname
+# nmcli general hostname new_server_name
+# systemctl restart systemd-hostnamed
+</code>
+dnf -y update, reboot, verify latest kernel is loaded by GRUB
+Only keep 1 old kernel
+Ensure gcc, make, kernel-devel are installed.
+Install Virtual Box Guest Additions
+  * Took 10 minutes to install
+Reboot
+Add 2nd hard drive to /etc/fstab [[adding_a_second_hard_drive|following these notes]]
+Prepare to run the local dnf installer script
+  * Also installs [[https://wiki.centos.org/AdditionalResources/Repositories|EPEL repository]]
+  * Best to run the script by establishing SSH connection to box from a different machine.
+  * Pipe output to log file and tail the log file
+  * [[yum_installer_bash_script_centos8|dnf installer bash script (CentOS 8)]]
+[[install_configure_cpan|CPAN packages]] to install:
+  * <color #ed1c24>NOTE</color>: Do not update .bashrc for library locations or else they will go into the wrong path
+    * [[http://stackoverflow.com/questions/33636231/installed-cpan-modules-in-problematic-location|Wrong location of perl libraries]]
+  * Array::Utils
+    * //Note, this module is not needed. Was used in ASMAD compare_stops.pl and compare_origin.pl//
+    * Start up cpan as root (initial time)
+    * Run through the manual configuration process, accept the defaults
+    * Start up cpan as root
+    * > install CPAN (this updates the CPAN packages)
+    * cpan Array::Utils
+  * Time::Elapsed (cpan)
+    * //Note, this module is not needed. Was used in syncing to CDN.//
+    * As root, had to:
+    * cd /root/.cpan/build/Time-Elapsed-0.31-N9mZvj/lib/Time
+    * cp -rp * /usr/share/perl5/Time
+    * Another option is to install modules locally
+    * Yet another option is to use modules that are in a repository
+[[http://www.if-not-true-then-false.com/2010/install-adobe-flash-player-10-on-fedora-centos-red-hat-rhel/|Ensure Adobe Flash plugin is installed]]
+[[http://www.cyberciti.biz/faq/howto-install-linux-apache-mariadb-php-lamp-stack-on-centos7-rhel7/|Ensure Apache is installed and running]]
+  * check /etc/httpd.conf as well as permissions on html/ directory
+  * [[http://serverfault.com/questions/357108/what-permissions-should-my-website-files-folders-have-on-a-linux-webserver|Tips for users and permissions #1]]
+  * [[http://howtolamp.com/lamp/httpd/2.4/customizing/|Tips for users and permissions #2]]
+[[centos_php7.2_upgrade|Upgrade PHP to version 7.2]]
+Migrate /etc/php.ini from old server and relax settings due to test env:
+<code>
+;max_execution_time = 30
+max_execution_time = 3600
+;max_input_time = 60
+max_input_time = 3600
+;memory_limit = 128M
+memory_limit = 1024M
+;display_errors = Off
+display_errors = On
+;post_max_size = 8M
+post_max_size = 250M
+;upload_max_filesize = 2M
+upload_max_filesize = 250M
+;date.timezone =
+date.timezone = "America/New_York"
+;session.gc_maxlifetime = 1440
+session.gc_maxlifetime = 7200
+</code>
+<code>
+# systemctl restart httpd.service
+</code>
+[[http://www.cyberciti.biz/faq/howto-install-linux-apache-mariadb-php-lamp-stack-on-centos7-rhel7/|Install and Secure MySQL (mariadb)]]
+Database work:
+  * Backup /etc/my.cnf
+    * Add this line under [mysqld]
+      * default-storage-engine=MyISAM
+  * Add other database users with phpMyAdmin GUI
+    * set username
+    * set password
+    * select "Grant all privileges on wildcard name (username\_%)."
+  * Dump all databases from source server to sql file then import on target server
+    * mysqldump -u USER -p'PASS' DATABASE > /tmp/DATABASE.sql
+    * Ensure database on target server exists; create if necessary
+      * Tables migrated should be MyISAM
+      * Default database engine is InnoDB as<color #ed1c24>Red Highlighted Text</color> of MySQL 5.5
+      * [[https://dev.mysql.com/doc/refman/5.6/en/innodb-default-se.html|Perform some tests and queries]]
+        * The exact number of rows of InnoDB tables cannot be shown
+        * Need to monitor /var</fc>/lib/mysql for growing logs
+        * <color #ed1c24>CHECK</color>: [[http://stackoverflow.com/questions/3927690/howto-clean-a-mysql-innodb-storage-engine/4056261#4056261|Manage and Cleanup InnoDB Infrastructure]]
+        * [[http://dba.stackexchange.com/questions/8982/what-is-the-best-way-to-reduce-the-size-of-ibdata-in-mysql|Similar Post 1]]
+        * [[http://pc-freak.net/blog/fix-mysql-ibdata-file-size-ibdata1-file-growing-large-preventing-ibdata1-eating-disk-space/|Similar Post 2]]
+        * [[https://dev.mysql.com/doc/refman/5.6/en/innodb-data-log-reconfiguration.html|dev.mysql info]]
+      * Alternatively, set MyISAM to default database engine
+      * systemctl start mariadb.service
+      * systemctl enable mariadb.service
+    * mysql DATABASE -h localhost -u USER -p'PASS' < /tmp/DATABASE.sql
+  * Note CentOS7 comes with PHP 5.4 and latest version of phpMyAdmin that will work is 4.4.x
+    * [[centos_php5.6_upgrade|Install PHP 5.6 on CentOS 7]]
+  * Run through phpmyadmin install steps listed in [[installing_phpmyadmin_tips]]
+    * [[https://www.phpmyadmin.net/|Download and Install phpMyAdmin]]
+    * With PHP 5.6, the latest version of phpMyAdmin (4.6.4) is fully supported
+  * Copy config from previous machine
+Setup ddclient:
+  * https://sourceforge.net/p/ddclient/wiki/Home/
+  * dnf -y install ddclient
+  * Use /etc/ddclient/* for configs from previous machine
+Setup duckdns:
+  * crontab is <code>~/duckdns/duck.sh >/dev/null 2>&1</code>
+Setup ydns:
+  * crontab is <code>~/ydns/updater.sh -V -u <snip> -p <snip> -H juckins.ydns.eu >>~/ydns/updater.log 2>&1</code>
+Firewall notes:
+  * Using firewall-config to close rules from previous machine
+rsync /var/www/html/
+  * test pages for proper display
+  * check soft link to phpmy is correct and current
+Restore and test crons
+  * check that each cron job runs and the specified log directory exists
+Backup /etc/selinux/config and change from enforcing to permissive
+Restore /etc/hosts from previous machine as needed
+Disable virbro0 network connection if needed: http://www.cyberciti.biz/faq/linux-kvm-disable-virbr0-nat-interface/
+<code>
+# virsh net-destroy default
+# virsh net-undefine default
+# service libvirtd restart
+# ifconfig
+</code>
+Then, edit the network connections and make sure the "Ethernet" tab for the active connection, such as enp0s3, has the "Device" set to that interface.  Reboot to test.
+Download sample .png, .gif, .jpg images and test /usr/bin/display for any errors
+  * [[http://juckins.net/dokuwiki/lib/exe/fetch.php?media=sample.gif|GIF image]]
+  * [[http://juckins.net/dokuwiki/lib/exe/fetch.php?media=sample.jpg|JPG image]]
+  * [[http://juckins.net/dokuwiki/lib/exe/fetch.php?media=sample.png|PNG image]]
+[[http://www.tecmint.com/install-google-chrome-on-redhat-centos-fedora-linux/|Install Google Chrome]]
+[[http://www.if-not-true-then-false.com/2010/install-google-chrome-with-yum-on-fedora-red-hat-rhel/|Install Google Chrome (Alt)]]
+Fix Google Chrome fonts:
+[[http://www.binarytides.com/gorgeous-looking-fonts-ubuntu-linux/]]
+<code>
+# dnf install google*fonts
+</code>
+  * open Chrome, go to Settings > Advanced and set fonts as follows:
+    * Standard font: Noto Serif
+    * Serif font: Noto Serif
+    * Sans-serif font: Noto Sans
+    * Fixed-width font: Roboto Mono
+[[http://www.if-not-true-then-false.com/2014/install-oracle-java-8-on-fedora-centos-rhel/|Install Oracle Java]] (note, this is not the default CentOS, it will not auto-update)
+Adobe Reader - use evince instead
+Install NX/NoMachine v3
+  * Install 3 RPMs noted above
+  * Edit /etc/ssh/sshd_config and comment out line "AuthorizedKeysFile	.ssh/authorized_keys" because NX uses authorized_keys2
+  * /bin/systemctl restart  sshd.service
+  * To start up MATE, edit /usr/NX/etc/node.cfg to be:
+  * CommandStartGnome "/etc/X11/xinit/Xsession mate-session" (note "xinit" was added to path)
+  * To fix keyboard mapping, open terminal and run this command:
+    * setxkbmap -model evdev -layout us > /tmp/setxkbmap.log 2>&1
+    * [[http://askubuntu.com/questions/123867/keyboard-map-is-incorrect-when-using-an-nx-client|Keyboard Mapping is incorrect with NX Client]]
+    * You can make a little bash script and have it run as a startup application
+  * Notes gleaned from https://www.nomachine.com/AR07K00676 and http://askubuntu.com/questions/84852/how-does-one-install-nx-server-or-freenx-on-11-10
+NX/NoMachine Troubleshooting:
+  * Had v3 RPMs installed; removed and installed v4 to test. Failed. Removed v4 RPMs.
+  * Upon reinstalling the 3 v3 RPMs, could not authenticate to target server.
+  * Removed nxclient, nxnode, nxserver v3 RPMs again.
+  * rm -rf /usr/NX completely
+  * Reinstalled the 3 v3 RPMs.  Authentication fixed
+  * Start/stop server with the following:
+    * /usr/NX/bin/nxserver --status
+    * /usr/NX/bin/nxserver --stop
+    * /usr/NX/bin/nxserver --start
+NX for work VPN
+  * Removed nxclient-3.5.0-7.x86_64.rpm, nxnode-3.5.0-9.x86_64.rpm, nxserver-3.5.0-11.x86_64.rpm
+  * Used http://www.rpmfind.net/linux/rpm2html/search.php?query=opennx to find opennx
+  * Installed opennx-0.16-724.el6.centos.1.x86_64.rpm
+  * Tried connecting to remote machine as shadow session and it also failed; ensured the remote machine had a normal session established first using the same user
+VPN connections
+  * <del>NetworkManager-openconnect not available in channels</del> (in epel)
+  * <del>Retrieved from rpm.pbone.net ftp://ftp.pbone.net/mirror/li.nux.ro/download/nux/dextop/el7Server/x86_64/NetworkManager-openconnect-0.9.8.4-2.el7.nux.x86_64.rpm</del>
+<del>Percona toolkit: percona-toolkit-2.2.11-1.noarch.rpm</del>
+Restore Thunderbird profile
+Restore Firefox profile
+Restore VirtualBox and all machines
+Test ASMAD for processing end-to-end
+<del>Install Skype rpm (skype-4.3.0.37-fedora.i586.rpm) following these steps:
+</del>
+<code>
+dnf install alsa-plugins-pulseaudio.i686 qt.i686 1:qt-x11.i686 libXScrnSaver.i686 libXv.i686
+rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
+dnf localinstall http://download.skype.com/linux/skype-4.3.0.37-fedora.i586.rpm
+</code>
+[[https://www.centos.org/forums/viewtopic.php?f=48&t=47070|Skype Tips]]
+SSH issues
+  * Cannot ssh to yourself passwordlessly with default /etc/ssh/sshd_config
+  * Comment out the following line, like this:
+  * #AuthorizedKeysFile	.ssh/authorized_keys
+  * This allows you to NX into the CentOS7 machine
+  * Update to openssh seems to require RSA keys now and authorized_keys file instead of DSA keys and authorized_keys2 file
+  * Set "PermitRootLogin no"
+  * <del>But MATE does not work, tried KDE with dnf group install "KDE Plasma Workspaces" and seems to work better but still no icons on the screen</del>
+  * <del>But need to configure custom desktop to use /etc/X11/xinit/Xsession mate-session</del>
+  * <del>Also tried /usr/bin/startxfce4 but still general odd behavior</del>
+  * Additional tips: http://ubuntuforums.org/archive/index.php/t-941530.html
+  * systemctl restart sshd.service
+  * User accounts at remove machines connecting to the new machine will need their $HOME/.ssh/known_hosts either rebuilt or offending entries removed
+Update GRUB and splash screen
+  * My saved splash images with varying resolutions are in /root/downloads/splash
+  * <color #ed1c24>As of CentOS 7.2 cannot get custom splash image to appear at boot (with UEFI)</color>
+  * cd /etc/default
+  * cp grub grub.YYYYMMDD
+  * vi grub
+    * remove "rhgb quiet" from the GRUB_CMDLINE_LINUX call
+    * add "vga=0x317" to the GRUB_CMDLINE_LINUX call for better screen resolution (try 0x34b for 1920x1200x8 or 0x34c for 1920x1200x16, or vga=ask to see all available resolutions)
+    * comment out this line: GRUB_TERMINAL_OUTPUT="console"
+    * add this line: GRUB_BACKGROUND="/boot/grub2/splash.png"
+      * Ensure it is rw-r-r permissions
+      * [[http://192.168.1.14/dokuwiki/lib/exe/fetch.php?media=splash.png|Upload this image]] to the directory noted above
+  * For VM/BIOS-based installs, as root: grub2-mkconfig -o /boot/grub2/grub.cfg (Dell XPS 8930)
+  * For UEFI-based installs, as root: grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
+  * More info at [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Customizing_the_GRUB_2_Configuration_File.html|Customizing the Grub2 Config File]] and [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Desktop_Migration_and_Administration_Guide/GRUB.html|RHEL7 GRUB Guide]]
+  * [[https://www.centos.org/forums/viewtopic.php?t=49321|Change GRUB Menu Resolution]]
+  * [[https://www.centos.org/forums/viewtopic.php?t=50957|Change GRUB2 splash screen in CentOS 7]]
+  * [[http://www.tuxfixer.com/set-grub2-custom-splash-screen-on-rhel-7-centos-7-uefi-and-legacy-bios-iso-image/]]
+  * [[https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/desktop_migration_and_administration_guide/grub]]
+    * Tried part about making a special font
+    * Tried installing all grub2* rpms
+    * Tried 640x480 small splash image
+<code>
+GRUB_CMDLINE_LINUX_DEFAULT="video=1024x768"
+GRUB_GFXMODE=1024x768
+GRUB_GFXPAYLOAD_LINUX=keep
+</code>
+Set default GRUB entry
+  * Download [[https://www.systutorials.com/3826/setting-default-entry-in-grub2-and-grub/|grub2-select.bash]]
+If GRUB2 no longer finds other OS to boot (such as Windows 10) use [[https://sourceforge.net/projects/boot-repair-cd/|SourceForge Boot Repair Disk]]
+Install [[clamav_antivirus|ClamAV]]
+Set up local printer(s)
+  * Note that Brother has notes for the HL2170W at https://support.brother.com/g/b/downloadlist.aspx?c=us&lang=en&prod=hl2170w_all&os=127
+    * RPM #1: brhl2170wlpr-2.0.2-1.i386.rpm
+    * RPM #2: cupswrapperHL2170W-2.0.2-1.i386.rpm
+    * Use 'lpstat' and 'lpq' to ensure it's a known destination printer
+  * [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Printer_Configuration.html#sec-Starting_Print_Settings_Config|RHEL7 Print Settings]]
+  * dnf install cups
+  * service cups start
+  * systemctl enable cups
+  * Use System > Administration > Print Settings
+    * Add printer with Network JetDirect by IP address
+    * Default printer driver works OK
+  * Or use web browser:
+  * # dnf install httpd
+  * # /bin/systemctl start httpd.service
+  * # dnf install system-config-firewall
+  * # firewall-config (or System > Administration > Firewall)
+    * Allow http and https as rules
+    * Sometimes the firewall-config command will hang if trying to run via an SSH connection to a remote machine
+    * To add a port manually follow [[http://stackoverflow.com/questions/24729024/centos-7-open-firewall-port]]
+    * To close a port manually follow [[http://www.codero.com/knowledge-base/content/10/377/en/how-to-manage-firewall-rules-in-centos-7.html]]
+  * # systemctl enable httpd
+  * Go to http://localhost:631
+    * Go to Administration tab
+    * Enter credentials for user root
+    * Add printer with prompts
+Firewall Notes
+  * Adding an allowed port at the command line (from [[http://stackoverflow.com/questions/24729024/centos-7-open-firewall-port]]
+  * Use this command to find your active zone(s):
+<code>
+firewall-cmd --get-active-zones
+</code>
+  * It will say either public, dmz, or something else. You should only apply to the zones required.
+  * If you want to add a port such as 8080 to your public zone:
+<code>
+firewall-cmd --zone=public --add-port=8080/tcp --permanent
+</code>
+  * Then remember to reload the firewall for changes to take effect.
+<code>
+firewall-cmd --reload
+</code>
+Managing runlevel settings
+  * Switch to runlevel 5:
+<code>
+# systemctl isolate graphical.target
+</code>
+  * Initiate runlevel 5 by default:
+<code>
+# systemctl set-default graphical.target
+</code>
+  * Switch to runlevel 3:
+<code>
+# systemctl isolate multi-user.target
+</code>
+  * Initiate runlevel 3 by default:
+<code>
+# systemctl set-default multi-user.target
+</code>
+  * For other run-level info, see [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-Managing_Services_with_systemd-Targets.html#sect-Managing_Services_with_systemd-Targets-Change_Default|RHEL7 Working with Systemd Targets]]
+----
+USB HEADSET:
+Plugin to right-side lower USB jack on HP Pavilion P7-1235, type dmesg at root prompt to see if it was found by system
+  [37013.137134] usb 8-1: New USB device found, idVendor=046d, idProduct=0a44
+  [37013.137145] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
+  [37013.137151] usb 8-1: Product: Logitech USB Headset
+  [37013.137160] usb 8-1: Manufacturer: Logitech
+  [37013.399267] input: Logitech Logitech USB Headset as /devices/pci0000:00/0000:00:10.1/usb8/8-1/8-
+:1.3/input/input85
+  [37013.449648] hid-generic 0003:046D:0A44.004B: input,hidraw3: USB HID v1.00 Device [Logitech Logitech USB
+  Headset] on usb-0000:00:10.1-1/input3
+Right-click the speaker icon in the top panel and choose Sound Preferences.  Or, navigate to System > Preferences > Hardware > Sound \\
+Sound effects tab:  Sound theme: No Sounds\\
+Hardware tab:  Highlight Headset H390, Profile: Analog Stereo Output + Analog Mono Input \\
+Input tab:  choose Headset H390 Analog Mono \\
+Output tab:  choose Headset H390 Analog Stereo, Connector is Headphones
+Settings are saved to $HOME/.config/pulse
+See Linux Mint [[https://forums.linuxmint.com/viewtopic.php?t=246194|Sound settings keep switching output against my will]] and possibly [[https://forums.linuxmint.com/viewtopic.php?t=224479|HDMI + Sound + Mint 18]]
+----
+__OLD Notes and Issues__
+If on VirtualBox, go to main menu and choose "Insert Guest Additions CD Image..." and run the following commands:
+<code>
+mount -o ro /dev/disk/by-label/VBOXADDITIONS* /mnt
+cd /mnt
+./VBoxLinuxAdditions.run --nox11
+shutdown -r now
+</code>
+Missing Desktop icons: https://www.centos.org/forums/viewtopic.php?f=48&t=47271
+  - Make sure caja is the default file manager in System --> Control Center --> Preferred Applications -->System tab.
+  - Add caja to automatically start in System--> Control Center --> Startup Applications.
+  - Reboot.
+**Tried /usr/bin/display with a .jpg or .png file, but this error results:**
+<code>
+[juckins@centos7-test-64: /tmp/splash]$ display default.png
+display: color is not known to server `FOREGROUND':
+No such file or directory @ error/xwindow.c/XGetPixelPacket/3064.
+</code>
+  * This does work on FC20 i686.  libpng may be a different version.  http://forum.porteus.org/viewtopic.php?t=3900&p=28045
+  * Test images in $HOME/Downloads
+ImageMagick may be a different version.
+UPDATE: Does work after installing Skype and its dependencies below (nux-desktop?)
+Comment out the GRUB_TERMINAL_OUTPUT line in /etc/default/grub using a # at the start of the line, and grub should use a graphics mode again
+First see if the default kernel is the latest one for boot.  If not, add the following line to /etc/default/grub
+<code>GRUB_DEFAULT=0</code>
+Also remove the "rhgb quiet" flags.
+Get the splash.png from http://juckins.net/dokuwiki/lib/exe/fetch.php?media=splash.png and put into /boot/grub2/
+<code>GRUB_BACKGROUND="/boot/grub2/splash.png"</code>
+Then run:
+<code>grub2-mkconfig -o /boot/grub2/grub.cfg</code>
+Notes on grub splash screen:
+  * https://ask.fedoraproject.org/en/question/28087/how-do-i-set-the-grub2-background-image/
+  * https://help.ubuntu.com/community/Grub2/Displays