・AlmaLinux9.6のインストール後に基本設定として行うべきことを知りたい。
・具体的な手順を教えてほしい。
こういった疑問に答えます。
本記事の内容
- AlmaLinux9.6インストール後に最初に行う基本設定
この記事を書いている私は、某SIerに勤務しながら、
WEB系エンジニア・インフラエンジニアに憧れて、プログラミングおよびインフラ技術の勉強をしています。
こういった私が、解説していきます。
私が実機で試したコマンドや画像を載せて書いています。
記事の信頼性担保に繋がると思います。
AlmaLinux9.6インストール後に最初に行う基本設定
前回までの記事
selinuxの無効化
インストール直後はselinuxが有効になっているので、無効化します。
/etc/selinux/config
[root@b-bidns01 ~]# vi /etc/selinux/config
1
2 # This file controls the state of SELinux on the system.
3 # SELINUX= can take one of these three values:
4 # enforcing - SELinux security policy is enforced.
5 # permissive - SELinux prints warnings instead of enforcing.
6 # disabled - No SELinux policy is loaded.
7 # See also:
8 # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/using_selinu x/changing-selinux-states-and-modes_using-selinux#changing-selinux-modes-at-boot-time_changi ng-selinux-states-and-modes
9 #
10 # NOTE: Up to RHEL 8 release included, SELINUX=disabled would also
11 # fully disable SELinux during boot. If you need a system with SELinux
12 # fully disabled instead of SELinux running with no policy loaded, you
13 # need to pass selinux=0 to the kernel command line. You can use grubby
14 # to persistently set the bootloader to boot with selinux=0:
15 #
16 # grubby --update-kernel ALL --args selinux=0
17 #
18 # To revert back to SELinux enabled:
19 #
20 # grubby --update-kernel ALL --remove-args selinux
21 #
22 SELINUX=disabled ←★★★変更
23 # SELINUXTYPE= can take one of these three values:
24 # targeted - Targeted processes are protected,
25 # minimum - Modification of targeted policy. Only selected processes are protected.
26 # mls - Multi Level Security protection.
27 SELINUXTYPE=targeted
28
29
一度、OS再起動すると、無効になります。
[root@b-bidns01 ~]# getenforce Disabled
firewalldの基本設定
- 家庭内用のゾーンhome にソースIPを追加
- デフォルトのゾーンpublic からsshを削除
[root@b-bidns01 ~]# firewall-cmd --zone=home --add-source=192.168.100.0/24 --permanent success [root@b-bidns01 ~]# firewall-cmd --remove-service=ssh --zone=public --permanent success [root@b-bidns01 ~]# firewall-cmd --reload success
不要なサービスの無効化
systemctl disable auditd.service
systemctl disable smartd.service
systemctl disable mdmonitor.service
[root@b-bidns01 ~]# systemctl disable auditd.service Removed "/etc/systemd/system/multi-user.target.wants/auditd.service". [root@b-bidns01 ~]# systemctl disable smartd.service Removed "/etc/systemd/system/multi-user.target.wants/smartd.service". [root@b-bidns01 ~]# systemctl disable mdmonitor.service Removed "/etc/systemd/system/multi-user.target.wants/mdmonitor.service".
時刻同期の設定と確認
/etc/chrony.conf
[root@a-bidns02 ~]# vi /etc/chrony.conf
# These servers were defined in the installation: #pool 2.almalinux.pool.ntp.org iburst server ntp.nict.jp iburst server ntp.jst.mfeed.ad.jp iburst
systemctl restart chronyd
chronyc tracking
[root@a-bidns02 ~]# chronyc tracking Reference ID : D2ADA039 (ntp2.jst.mfeed.ad.jp) Stratum : 3 Ref time (UTC) : Sat Aug 30 02:41:17 2025 System time : 0.000000003 seconds fast of NTP time Last offset : -0.000019891 seconds RMS offset : 0.000019891 seconds Frequency : 5.875 ppm slow Residual freq : +38.764 ppm Skew : 0.075 ppm Root delay : 0.061272506 seconds Root dispersion : 0.001174478 seconds Update interval : 2.0 seconds Leap status : Normal
chronyc sources
[root@a-bidns02 ~]# chronyc sources MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* ntp-a3.nict.go.jp 1 6 17 0 -36us[ -315us] +/- 7073us ^- ntp2.jst.mfeed.ad.jp 2 6 17 0 +1609us[+1609us] +/- 32ms
パッケージの最新化
dnf update -y
自動更新の有効化
dnf install dnf-automatic
[root@b-bidns01 ~]# dnf install dnf-automatic Last metadata expiration check: 0:08:49 ago on Fri Aug 29 23:25:57 2025. Dependencies resolved. ==================================================================================================== Package Architecture Version Repository Size ==================================================================================================== Installing: dnf-automatic noarch 4.14.0-25.el9.alma.1 baseos 31 k Transaction Summary ==================================================================================================== Install 1 Package Total download size: 31 k Installed size: 57 k Is this ok [y/N]: y Downloading Packages: dnf-automatic-4.14.0-25.el9.alma.1.noarch.rpm 3.1 kB/s | 31 kB 00:10 ---------------------------------------------------------------------------------------------------- Total 2.9 kB/s | 31 kB 00:10 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : dnf-automatic-4.14.0-25.el9.alma.1.noarch 1/1 Running scriptlet: dnf-automatic-4.14.0-25.el9.alma.1.noarch 1/1 Verifying : dnf-automatic-4.14.0-25.el9.alma.1.noarch 1/1 Installed: dnf-automatic-4.14.0-25.el9.alma.1.noarch Complete!
/etc/dnf/automatic.conf
[root@b-bidns01 ~]# vi /etc/dnf/automatic.conf
# Whether updates should be applied when they are available, by # dnf-automatic.timer. notifyonly.timer, download.timer and # install.timer override this setting. apply_updates = yes ←★★★変更
systemctl enable dnf-automatic-install.timer
systemctl start dnf-automatic-install.timer
[root@b-bidns01 ~]# systemctl enable dnf-automatic-install.timer Created symlink /etc/systemd/system/timers.target.wants/dnf-automatic-install.timer → /usr/lib/systemd/system/dnf-automatic-install.timer. [root@b-bidns01 ~]# systemctl start dnf-automatic-install.timer
日本語環境に変更
dnf install langpacks-ja -y
[root@b-bidns01 ~]# dnf install langpacks-ja -y Last metadata expiration check: 1:35:52 ago on Sat Aug 30 10:42:47 2025. Dependencies resolved. ==================================================================================================== Package Architecture Version Repository Size ==================================================================================================== Installing: langpacks-ja noarch 3.0-16.el9 appstream 9.5 k Installing dependencies: google-noto-cjk-fonts-common noarch 20230817-2.el9 appstream 11 k google-noto-sans-cjk-ttc-fonts noarch 20230817-2.el9 appstream 81 M langpacks-core-font-ja noarch 3.0-16.el9 appstream 9.4 k langpacks-core-ja noarch 3.0-16.el9 appstream 9.5 k Installing weak dependencies: glibc-langpack-ja x86_64 2.34-168.el9_6.23 baseos 327 k google-noto-serif-cjk-ttc-fonts noarch 20230817-2.el9 appstream 116 M Transaction Summary ==================================================================================================== Install 7 Packages Total download size: 197 M Installed size: 300 M Downloading Packages: (1/7): google-noto-cjk-fonts-common-20230817-2.el9.noarch.rpm 62 kB/s | 11 kB 00:00 (2/7): langpacks-core-font-ja-3.0-16.el9.noarch.rpm 176 kB/s | 9.4 kB 00:00 (3/7): langpacks-core-ja-3.0-16.el9.noarch.rpm 41 kB/s | 9.5 kB 00:00 (4/7): langpacks-ja-3.0-16.el9.noarch.rpm 123 kB/s | 9.5 kB 00:00 (5/7): glibc-langpack-ja-2.34-168.el9_6.23.x86_64.rpm 687 kB/s | 327 kB 00:00 (6/7): google-noto-sans-cjk-ttc-fonts-20230817-2.el9.noarch.rpm 4.3 MB/s | 81 MB 00:18 (7/7): google-noto-serif-cjk-ttc-fonts-20230817-2.el9.noarch.rpm 5.5 MB/s | 116 MB 00:20 ---------------------------------------------------------------------------------------------------- Total 8.9 MB/s | 197 MB 00:22 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : google-noto-cjk-fonts-common-20230817-2.el9.noarch 1/7 Installing : google-noto-sans-cjk-ttc-fonts-20230817-2.el9.noarch 2/7 Installing : langpacks-core-font-ja-3.0-16.el9.noarch 3/7 Installing : google-noto-serif-cjk-ttc-fonts-20230817-2.el9.noarch 4/7 Installing : glibc-langpack-ja-2.34-168.el9_6.23.x86_64 5/7 Installing : langpacks-core-ja-3.0-16.el9.noarch 6/7 Installing : langpacks-ja-3.0-16.el9.noarch 7/7 Running scriptlet: langpacks-ja-3.0-16.el9.noarch 7/7 Verifying : google-noto-cjk-fonts-common-20230817-2.el9.noarch 1/7 Verifying : google-noto-sans-cjk-ttc-fonts-20230817-2.el9.noarch 2/7 Verifying : google-noto-serif-cjk-ttc-fonts-20230817-2.el9.noarch 3/7 Verifying : langpacks-core-font-ja-3.0-16.el9.noarch 4/7 Verifying : langpacks-core-ja-3.0-16.el9.noarch 5/7 Verifying : langpacks-ja-3.0-16.el9.noarch 6/7 Verifying : glibc-langpack-ja-2.34-168.el9_6.23.x86_64 7/7 Installed: glibc-langpack-ja-2.34-168.el9_6.23.x86_64 google-noto-cjk-fonts-common-20230817-2.el9.noarch google-noto-sans-cjk-ttc-fonts-20230817-2.el9.noarch google-noto-serif-cjk-ttc-fonts-20230817-2.el9.noarch langpacks-core-font-ja-3.0-16.el9.noarch langpacks-core-ja-3.0-16.el9.noarch langpacks-ja-3.0-16.el9.noarch Complete!
localectl set-locale LANG=ja_JP.UTF-8
source /etc/locale.conf
[root@b-bidns01 ~]# localectl set-locale LANG=ja_JP.UTF-8 [root@b-bidns01 ~]# source /etc/locale.conf
[root@b-bidns01 ~]# timedatectl Local time: 土 2025-08-30 12:20:13 JST Universal time: 土 2025-08-30 03:20:13 UTC RTC time: 土 2025-08-30 03:20:13 Time zone: Asia/Tokyo (JST, +0900) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@b-bidns01 ~]# date 2025年 8月 30日 土曜日 12:20:18 JST [root@b-bidns01 ~]# cal 8月 2025 日 月 火 水 木 金 土 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
