Summary

  Subject:

Run Rocky Linux as a Desktop OS: OS Install

   Updated:

2023-06-15

   Author:

Tim Hammond ([email protected])

   Operating Systems:

Rocky 8

Rocky 9

   Background:

This guide was written to help users get setup on a desktop computer and either run KDE or Xfce. There are a host of other applications that are installed as well.

This guide's was origanlly targeted for Fedora 36, but after testing, I came to the following conclustions:

  1. Fedora is too leading and bleeding for my taste.
  2. Secure CRT will only work on CentOS/Rocky 8 and BELOW. They have dropped all support for RHEL based distros.
  3. VMware console is now supported on RHEL 9 based distros.
  4. I didn't want to get into supporting more operating systems (Windows (desktop and server), Rocky, and Ubuntu).

Due to the length of the content, I opted to break the article into the following sections:

  1. Rocky Desktop: OS Install
  2. Rocky Desktop: Desktop Environment
  3. Rocky Desktop: Drivers and Hardware
  4. Rocky Desktop: Additional Software (Email, Office Suite, etc)
  5. Rocky Desktop: Helpful Commands
  6. Rocky Desktop: References
  

Table of Contents

Install

The following is a walk-through of the desired settings.

Download the desired version or the latest version of Rocky Linux from: https://rockylinux.org/download

When it comes to a version of Rocky to use, I am a real minimalist as in, I want a bare bones system and I will install what I want thank you. So I normally opt for the x86_64 Minimal version.

If you are currently running Windows, you can use Rufus to create a bootable USB device. Rufus can be downloaded from: https://rufus.ie/en

Users

The following are the settings that I generally use:

root

Status: enabled Allow SSH: unchecked Password: Reference PWD Manager

localadmin

Status: enabled Allow SSH: checked Password: Reference PWD Manager

Rocky 9.1 Specific Note

During the Rocky 9.1 install, you could only setup the root account. Creating a secondary user account was not an option. In version 9.2, the option came back.

So we need to:

  1. Add the localadmin user.
  2. Change the password for localadmin.
  3. Add the localadmin to the wheel group (for ssh and sudo).
adduser localadmin passwd localadmin usermod -aG wheel localadmin

Networking

Onboard Ethernet

General Configuration Tab Connect Automatically: Unchecked All users have access: Unchecked IPv4 tab Tab Method: Manual DNS: 192.168.30.100,192.168.30.101 Suffix: domain.local IP: 192.168.31.100 Prefix: 24 Gateway: 192.168.31.1 IPv6 tab Tab Method: Disabled

bond0

This network card has (2) 10G SFP+ connections. Each leg connects to two seperate Cisco Nexus 5k Switchs. They are setup in a LAG using LACP.

Create a new "net bond" connection using these setttings:

New bond name: bond0 Interfaces: bond0-1
bond0-2

Use the following settings:

General Configuration Tab Connect Automatically: Checked All users have access: Checked IPv4 tab Tab Method: Manual DNS: 192.168.30.100,192.168.30.101 Suffix: domain.local IP: 192.168.31.101 Prefix: 24 Gateway: 192.168.31.1 IPv6 tab Tab Method: Disabled

Install Location

Select the main OS drive. There is checkbox to assume all of the data, check this. There may be a prompt to delete all, if so, do it.

Package Selection

Make sure to change "SOFTWARE SELECTION" from "server" to "minimal install" or that nothing is checked.

NTP Settings

Timezone: America/Chicago
America/Detroit Remove this NTP server: Default Add NTP servers: tick.domain.local
tock.domain.local

Post Install Basics

Change Hostname

sudo hostnamectl set-hostname he11-dtl-tbh01.domain.local

Rocky 8
Verify and/or Update the IP.

sudo cat /etc/sysconfig/network-scripts/ifcfg-ens192

Rocky 9
Verify and/or Update the IP.

The sysconfig path does not exist anymore and everyone is being forced into using newer versions of nmcli. Fortunately, nmcli has tab/auto-complete to move your way around.

During testing, I found that the LACP bond0 kept flapping. I think it is because I only had one core switch on at the time and DHCP was taking forever (if at all to negotiate). So I used this to force it up. sudo nmcli device connect bond0.

sudo cat /etc/NetworkManager/system-connections/ens192.nmconnection | grep -i address

Verify DNS is setup correctly.

sudo cat /etc/resolv.conf

The output should look something like:

search domain.local nameserver 192.168.30.100 nameserver 192.168.30.101

Verify NTP is setup correctly.

sudo cat /etc/chrony.conf

The output should look something like:

server tock.domain.local iburst server tick.domain.local iburst

LVM Expansion

For whatever reason, during the Fedora OS install, the partition manager did not use the the entire disk. This should not be required for Rocky 8, but it is good to verify.

Various commands to show the size of drives.

sudo lsblk sudo df -h sudo df -h /

Display the size of the volume group.

sudo lvdisplay

Note: This may not be required based on the disk commands above.

Extend the logical volume to use all of the remaining disk space.

sudo lvextend -l +100%FREE /dev/rl_he11--dtl--tbh01-root

Note: This may not be required based on the disk commands above.

For xfs, force the OS to see the extended space:

sudo xfs_growfs /dev/mapper/rl_he11--dtl--tbh01-root

It is probably wise to do a good ol' reboot.

sudo reboot

Verifty Firewall Settings

Setup FirewallD to start during startup and run now.

systemctl status firewalld systemctl start firewalld systemctl enable firewalld

Check the service status.

firewall-cmd --state

List zones.

firewall-cmd --get-zones

List the default zones.

firewall-cmd --get-default-zone

Disable default firewall ports.

firewall-cmd --remove-service=dhcpv6-client --permanent firewall-cmd --remove-service=cockpit --permanent

Apply the firewall changes.

firewall-cmd --reload

Show the current config.

firewall-cmd --list-all

Install basic system Packages

Update the system.

sudo dnf -y update

Rocky 9

sudo dnf -y config-manager --set-enabled crb

Rocky 8 and 9
Install RPM Fusion
Install Extra Packages for Enterprise Linux (EPEL).

sudo dnf -y install epel-release sudo dnf -y install --nogpgcheck https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E %rhel).noarch.rpm sudo dnf -y install --nogpgcheck https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-$(rpm -E %rhel).noarch.rpm sudo dnf -y install --nogpgcheck https://mirrors.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-$(rpm -E %rhel).noarch.rpm

Rocky 8
Install RPM Fusion

sudo dnf -y config-manager --set-enabled epel sudo dnf -y config-manager --set-enabled powertools

To get a list of configured repos:

sudo dnf repolist

Sounds silly, check for updates since install EPEL.

sudo dnf -y upgrade

Install common pre-reqs.

sudo dnf -y install net-tools dnf-utils wget rsyslog tar unzip

Acording to RPM Fusion, you have to reboot for the new repos to show up.

sudo reboot