Checklist for Installating a new Unix
Server
Guidelines:
- Always backup every file that is being changed by copying it to
the same filename with today's date as the extension
- cp /etc/hosts /etc/hosts.22june03
- Always test every change
1. Initial OS Installation
Configure console type (graphics or serial)
Create the initial Filesystem
Install OS Files
Configure Networking
- Hostname
- IP Address
- Subnet Mask
- Default Gateway
- DNS
- DHCP
- NTP
- NIS
Copy over site standard scripts
2. Additional Network Configuration
- NTP
- Dead Gateway Detection
- NIC Configuration (speed, full or half duplex, etc)
- /etc/nsswitch.conf
3. User Configuration
Backup the original user configuration files:
- /etc/passwd
- /etc/group
- /etc/shadow
- /etc/profile
- /etc/motd
- /etc/issue
- /.profile (root's .profile)
Create users as needed.
Create/mount home directories as needed
Create/customize environmental files/profile files
- /etc/profile
- /etc/motd
- /etc/issue
- /home/username/.profile
4. NIS Configuration
Determine the NIS role of the server:
- NIS Master
- NIS Slave
- NIS Client
Update the configuration files for NIS use:
- /etc/passwd
- /etc/hosts
- /etc/networks
- /etc/group
- /etc/protocols
- /etc/services
- /etc/rpc
- /etc/netgroup
5. Filesystem Configuration
Local Filesystem Configuration:
- Create any additional filesystems that are required for the new
system
- Logical volume name
- Logical volume size
- Mount point name
- Mount point ownership
- Mount point permissions
- Change the size of existing filesystems on the new system as
needed
- Implement mirroring if required
NFS Filesystems:
- Create the required mount points for NFS Mounts
- Change ownership of the mount points
- Change the permissions of the mount points
- Copy the fileystem configuration files (edit as needed):
6. OS Configuration
Adjust swap and dump space
Change Kernel Parameters (HP-UX "kmtune"
will list the tuning parameters)
Installed Patches/Maintenance Release Bundles
Install Backup software
Install Disaster Recovery software
Install man pages
7. Application Software Installation/Configuration
Install Software
Install License Keys
Install/configure License Manager Processes
Install Application Patches/Updates
Customize Locally Installed Software/Utilities/Scripts (/usr, /opt . .
.)
8. Startup/Shutdown Configuration
Create Startup scripts
Create Shutdown scripts
Link scripts to startup and shutdown
/sbin/init.d
/sbin/rc.*
/etc/inittab
9. Service Configuration
/etc/inetd.conf
/etc/services
10. Scheduling Configuration
11. Printing Configuration
Install and configure printers (migrate configuration from another
server if possible):
- Local Printers
- Remote Printers
- Network/Jet Direct Printers
12. System Logging and Monitoring
- Configure logging in /etc/syslog.conf
- Install scripts to monitor key system parameters and to process
log files
- Schedule monitoring (crontab)
13. NFS Export Configuration
What is going to be exported
Who can access
How will it be accessed - ro, rw
Who can be root
/etc/exports
exportfs
14. Apply Custom Procedures/Configuration
Security Hardening
- Disable unused Services
- Restrict Users access to services like telnet and ftp
- Implement encryption
- Check for critical security patches
- Change ownership/permissions of critical system files
- Set umask
- Password policies
- Account lockout policies
15. Configure and Test Backup
- System Backup
- Disaster Recovery
- Test
- Create initial server image for Disaster Recovery