RPi: setup CentOS installation note

From CMEE4K
Jump to navigation Jump to search
Install NTP, Apache, 

yum install ntp
systemctl enable ntpd
systemctl status ntpd
systemctl start  ntpd

yum install httpd
systemctl enable httpd
systemctl start  httpd
systemctl status httpd

netstat -na | grep 80

yum install mod_ssl
firewall-cmd --zone=public -add-service=http
firewall-cmd --zone=public --add-service=http
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent

——————
systemctl disable kdump
systemctl stop kdump
systemctl -l


yum install wget  pure-ftpd.armv7hl  telnet.armv7hl  telnet-server.armv7hl  putty.armv7hl

telnet-server-0.17-64.el7.armv7hl already installed and latest version

yum install python3
—————

Use nmtui to change network configuration
set hostname

———————
yum install bind bind-utils -y
systemctl enable named
systemctl start named

firewall-cmd --add-port=53/tcp --permanent
firewall-cmd --add-port=53/udp --permanent
firewall-cmd --reload

————— 
add to .bash_profile file
export LANG=en_US.UTF-8

localectl set-locale LANG=en_US.UTF-8
localectl set-keymap us
localectl set-x11-keymap us
localectl status

—————
Change timezone: https://ma.ttias.be/changing-the-time-and-timezone-settings-on-centos-or-rhel/

Temp change timezone
localectl status
timedatectl set-timezone America/Toronto

cd /etc
ls -l localtime
localtime -> ../usr/share/zoneinfo/America/Toronto
localtime -> /usr/share/zoneinfo/UTC
—————————

[root@cmee4k ~]# parted
GNU Parted 3.1
Using /dev/mmcblk0
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print
Model: SD SD64G (sd/mmc)
Disk /dev/mmcblk0: 62.4GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start   End     Size    Type     File system     Flags
 1      4194kB  304MB   300MB   primary  fat16           boot, lba
 2      304MB   816MB   512MB   primary  linux-swap(v1)
 3      816MB   2316MB  1501MB  primary  ext4

(parted) print free                                                       
Model: SD SD64G (sd/mmc)
Disk /dev/mmcblk0: 62.4GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start   End     Size    Type     File system     Flags
        32.3kB  4194kB  4162kB           Free Space
 1      4194kB  304MB   300MB   primary  fat16           boot, lba
 2      304MB   816MB   512MB   primary  linux-swap(v1)
 3      816MB   2316MB  1501MB  primary  ext4
        2316MB  62.4GB  60.1GB           Free Space
———————

fdisk -l
[root@cmee4k ~]# fdisk -l /dev/mmcblk0

Disk /dev/mmcblk0: 62.4 GB, 62377689088 bytes, 121831424 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00060b0d

        Device Boot      Start         End      Blocks   Id  System
/dev/mmcblk0p1   *        8192      593919      292864    c  W95 FAT32 (LBA)
/dev/mmcblk0p2          593920     1593343      499712   82  Linux swap / Solaris
/dev/mmcblk0p3         1593344     4524031     1465344   83  Linux

——————
[root@raspberrypi ~]# lsblk

NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
mmcblk0     179:0    0 59.5G  0 disk 
├─mmcblk0p2 179:2    0  1.9G  0 part /
└─mmcblk0p1 179:1    0  100M  0 part /boot

[root@cmee4k ~]# lsblk
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
mmcblk0     179:0    0 58.1G  0 disk 
├─mmcblk0p2 179:2    0  488M  0 part [SWAP]
├─mmcblk0p3 179:3    0  1.4G  0 part /
└─mmcblk0p1 179:1    0  286M  0 part /boot

—————

cfdisk /dev/mmcblk0
- select the last partition and use ‘Maximize’ option.  —> Cannot max this partition

————
https://serverfault.com/questions/861517/centos-7-extend-partition-with-unallocated-space

[root@raspberrypi ~]# fdisk /dev/mmcblk0
Welcome to fdisk (util-linux 2.23.2).
Command (m for help): p

Disk /dev/mmcblk0: 63.9 GB, 63864569856 bytes, 124735488 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00045fe6

        Device Boot      Start         End      Blocks   Id  System
/dev/mmcblk0p1   *        2048      206847      102400    e  W95 FAT16 (LBA)
/dev/mmcblk0p2          206848     4194303     1993728   83  Linux

Command (m for help): d
Partition number (1,2, default 2): 2
Partition 2 is deleted

Command (m for help): n   
Partition type:
   p   primary (1 primary, 0 extended, 3 free)
   e   extended
Select (default p): 

Using default response p
Partition number (2-4, default 2): 2
First sector (206848-124735487, default 206848): 
Using default value 206848
Last sector, +sectors or +size{K,M,G} (206848-124735487, default 124735487): 
Using default value 124735487
Partition 2 of type Linux and of size 59.4 GiB is set

Command (m for help): p

Disk /dev/mmcblk0: 63.9 GB, 63864569856 bytes, 124735488 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00045fe6

        Device Boot      Start         End      Blocks   Id  System
/dev/mmcblk0p1   *        2048      206847      102400    e  W95 FAT16 (LBA)
/dev/mmcblk0p2          206848   124735487    62264320   83  Linux

Command (m for help): w

Then reboot
——————

pvresize /dev/mmcblk0   and   /dev/mmcblk0p2
  Failed to find physical volume "/dev/mmcblk0p2".
  0 physical volume(s) resized or updated / 0 physical volume(s) not resized

—————

[root@localhost ~]# fdisk -l /dev/mmcblk0

Disk /dev/mmcblk0: 63.9 GB, 63864569856 bytes, 124735488 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00045fe6

        Device Boot      Start         End      Blocks   Id  System
/dev/mmcblk0p1   *        2048      206847      102400    e  W95 FAT16 (LBA)
/dev/mmcblk0p2          206848   124735487    62264320   83  Linux


root@localhost ~]# df -k 
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/root        1929616 1703752    109796  94% /
devtmpfs         1965308       0   1965308   0% /dev
tmpfs            1999100       0   1999100   0% /dev/shm
tmpfs            1999100   16840   1982260   1% /run
tmpfs            1999100       0   1999100   0% /sys/fs/cgroup
/dev/mmcblk0p1    102182   51534     50648  51% /boot
tmpfs             399824       0    399824   0% /run/user/0

———
What happen if I did not change the partition type (flag) to 8E (LVM)?
cfdisk /dev/mmcblk0
Change type from 83 to 8E (LVM)
Reboot

Now, parted shows the its Flags is lvm
Still cannot pvresize it

Update kernel in-memory partition table
partx -u /dev/mmcblk0     <— no effect
partx -u /dev/mmcblk0p2   <— no effect

pvresize /dev/mmcblk0p2   <— does not work

‘pvs -a’ shows mmcblk0p1 p2 are physical volume
‘lvs -a’ shows no logical volume

lvextend -r centos/var /dev/mmcblk0p2  <— Did not try this command, since no idea what these parameters mean.

—————

resize2fs  /dev/mmcblk0p2 

[root@localhost ~]# resize2fs  /dev/mmcblk0p2 
resize2fs 1.42.9 (28-Dec-2013)
Filesystem at /dev/mmcblk0p2 is mounted on /; on-line resizing required
old_desc_blocks = 1, new_desc_blocks = 8
The filesystem on /dev/mmcblk0p2 is now 15566080 blocks long.

[root@localhost ~]# df -k
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/root       61300028 1711200  57066132   3% /
devtmpfs         1965308       0   1965308   0% /dev
tmpfs            1999100       0   1999100   0% /dev/shm
tmpfs            1999100   16840   1982260   1% /run
tmpfs            1999100       0   1999100   0% /sys/fs/cgroup
/dev/mmcblk0p1    102182   51534     50648  51% /boot
tmpfs             399824       0    399824   0% /run/user/0

systemctl reboot

————————
After reboot, it shows /dev/root —> / is 3% used.    Look like it is working.

Note from https://superuser.com/questions/1223814/how-to-extend-partition-linux-parted
After reboot completed, we should use this command to extend it
 xfs_growfs -d /dev/sda2  (centos 7) , centos 6 we should use sudo resize2fs /dev/sda2

[root@localhost ~]# df -Th
Filesystem     Type      Size  Used Avail Use% Mounted on
/dev/root      ext4       59G  1.7G   55G   3% /
devtmpfs       devtmpfs  1.9G     0  1.9G   0% /dev
tmpfs          tmpfs     2.0G     0  2.0G   0% /dev/shm
tmpfs          tmpfs     2.0G   17M  1.9G   1% /run
tmpfs          tmpfs     2.0G     0  2.0G   0% /sys/fs/cgroup
/dev/mmcblk0p1 vfat      100M   51M   50M  51% /boot
tmpfs          tmpfs     391M     0  391M   0% /run/user/0

Reference:  https://blogs.msdn.microsoft.com/cloud_solution_architect/2016/05/24/step-by-step-how-to-resize-a-linux-vm-os-disk-in-azure-arm/

[root@localhost ~]# xfs_growfs -d /dev/mmcblk0p2
xfs_growfs: /dev/mmcblk0p2 is not a mounted XFS filesystem

For Raspberry Pi, even it is CentOS 7 but it is using ext4 physical volume rather XFS filesystem.

————

yum install epel-release

—————
https://www.tecmint.com/install-configure-cache-only-dns-server-in-rhel-centos-7/
firewall-cmd --list-all

change /etc/named.conf file
listen-on port 53 { 127.0.0.1; any; };
allow-query     { localhost; any; };
allow-query-cache       { localhost; any; };

named-checkconf /etc/named.conf

# systemctl restart named
# systemctl enable named
# systemctl status named
# firewall-cmd --add-port=53/udp --permanent
# firewall-cmd --add-port=53/udp --permanent

—— Switch DNS pointer in a system —
vim /etc/sysconfig/network-scripts/ifcfg-lo to add DNS
vim /etc/resolv.conf to change nameserver value

use dig or nslookup command to check the DNS look up.

—————————
yum clean all
yum clean metadata
yum update

yum install yum-config-manager -y
yum --enablerepo=\*  <— too much, no enough cache to handle
yum --enablerepo=updates\* install yum-config-manager   <— no work

yum repolist all 
copy /etc/yum.repos.d/CentOS-CR.repo file and change it to enabled=1

Create and copy /etc/yum.repos.d/epel.repo file
—
[epel]
name=Epel rebuild for armhfp
baseurl=https://armv7.dev.centos.org/repodir/epel-pass-1/
enabled=1
gpgcheck=0
—

Now, ‘yum repolist’  works - shows Epel repo.

yum install net-tools.armv7hl  <— Already installed

yum install subscription-manager.armv7hl -y 
yum install bind-utils -y     <— get dig and nslookup

— In 47.235.11.153 server —
—— Switch DNS pointer in a system : change DNS to 47.235.11.147 —
vim /etc/sysconfig/network-scripts/ifcfg-XXX to add DNS
vim /etc/resolv.conf to change nameserver value

It works.
yum whatprovides '*bin/dig'
—————————

[root@cmee4k network-scripts]# fdisk /dev/mmcblk0
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.


Command (m for help): p

Disk /dev/mmcblk0: 62.4 GB, 62377689088 bytes, 121831424 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00060b0d

        Device Boot      Start         End      Blocks   Id  System
/dev/mmcblk0p1   *        8192      593919      292864    c  W95 FAT32 (LBA)
/dev/mmcblk0p2          593920     1593343      499712   82  Linux swap / Solaris
/dev/mmcblk0p3         1593344     4524031     1465344   83  Linux

Command (m for help): d
Partition number (1-3, default 3): 3
Partition 3 is deleted

Command (m for help): n
Partition type:
   p   primary (2 primary, 0 extended, 2 free)
   e   extended
Select (default p): 
Using default response p
Partition number (3,4, default 3): 
First sector (2048-121831423, default 2048): 1593344
Last sector, +sectors or +size{K,M,G} (1593344-121831423, default 121831423): 
Using default value 121831423
Partition 3 of type Linux and of size 57.3 GiB is set

Command (m for help): p

Disk /dev/mmcblk0: 62.4 GB, 62377689088 bytes, 121831424 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00060b0d

        Device Boot      Start         End      Blocks   Id  System
/dev/mmcblk0p1   *        8192      593919      292864    c  W95 FAT32 (LBA)
/dev/mmcblk0p2          593920     1593343      499712   82  Linux swap / Solaris
/dev/mmcblk0p3         1593344   121831423    60119040   83  Linux

Command (m for help): w

[root@cmee4k network-scripts]# partx -u /dev/mmcblk0
[root@cmee4k network-scripts]# partx -u /dev/mmcblk0p3

[root@cmee4k network-scripts]# resize2fs /dev/mmcblk0p3
resize2fs 1.42.9 (28-Dec-2013)
Filesystem at /dev/mmcblk0p3 is mounted on /; on-line resizing required
old_desc_blocks = 1, new_desc_blocks = 8
The filesystem on /dev/mmcblk0p3 is now 15029760 blocks long.

[root@cmee4k network-scripts]# df -k 
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/root       59206360 1372016  57803308   3% /


————

chkconfig  —list
systemctl list-unit-files

————
https://www.alphahosting.com/blog/tips/installing-and-configuring-pure-ftpd-on-centos-7/

Modify /etc/pure-ftpd/pure-ftpd.conf
-PAMAuthentication yes
+#PAMAuthentication yes
-#PureDB /etc/pure-ftpd/pureftpd.pdb
+PureDB /etc/pure-ftpd/pureftpd.pdb

# systemctl enable pure-ftpd
# systemctl start  pure-ftpd

[root@cmee4k ~]# pure-pw useradd apache -u apache -g apache -d /var/www/html 
Password:  apache
Enter it again:  apache

[root@cmee4k ~]# pure-pw mkdb

[root@cmee4k ~]# systemctl reload pure-ftpd
Failed to reload pure-ftpd.service: Job type reload is not applicable for unit pure-ftpd.service.
See system logs and 'systemctl status pure-ftpd.service' for details.

[root@cmee4k ~]# ls -l /etc/pure-ftpd/pureftpd.pdb
-rw-------. 1 root root 2216 Mar 16 18:03 /etc/pure-ftpd/pureftpd.pdb

[root@cmee4k ~]# systemctl stop pure-ftpd
[root@cmee4k ~]# systemctl start pure-ftpd

[root@cmee4k ~]# netstat -na | more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN    <— FTP 
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN    <— DNS
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN    <— SSH
tcp6       0      0 :::21                   :::*                    LISTEN     
tcp6       0      0 ::1:53                  :::*                    LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     

———

# firewall-cmd --list-all
# firewall-cmd --add-port=21/tcp --permanent
[root@cmee4k ~]# firewall-cmd --reload
success
[root@cmee4k ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: wlan0
  sources: 
  services: dhcpv6-client ssh
  ports: 22/tcp 80/tcp 443/tcp 53/tcp 53/udp 21/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

It connects.
# ftp 47.235.11.153
Connected to 47.235.11.153 (47.235.11.153).
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 18:16. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
Name (47.235.11.153:root): apache
331 User apache OK. Password required
Password: apache
530 Login authentication failed
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> 

————

# pure-pw useradd ftpuser -u apache -g apache -d /var/www/html 
Password:  ftpuser
Enter it again:  ftpuser
[root@cmee4k ~]# pure-pw mkdb
[root@cmee4k ~]# ls -l /etc/pure-ftpd/pureftpd.pdb
-rw-------. 1 root root 2377 Mar 16 18:19 /etc/pure-ftpd/pureftpd.pdb
[root@cmee4k ~]# systemctl stop pure-ftpd
[root@cmee4k ~]# systemctl start pure-ftpd

Still cannot logon

Troubleshooting Note: If everything above was setup correctly but the user cannot log in, make sure that the system username/groupname you used is higher than 500.

——————


# groupadd -g 600 ftpuser
# useradd -u 600 -g 600 ftpuser
# passwd ftpuser
Changing password for user ftpuser.
New password:  ftpuser
Retype new password:  ftpuser
passwd: all authentication tokens updated successfully.

[root@cmee4k etc]# ls -l /home
drwx------. 2 ftpuser ftpuser 4096 Mar 16 18:32 ftpuser

# pure-pw list
apache              /var/www/html/./                                           
ftpuser             /var/www/html/./                                           

[root@cmee4k etc]# pure-pw userdel ftpuser
[root@cmee4k etc]# pure-pw list
apache              /var/www/html/./                                           

[root@cmee4k etc]# pure-pw useradd ftpuser -u ftpuser -g ftpuser -d /home/ftpuser 
Password: ftpuser
Enter it again: ftpuser
[root@cmee4k etc]# systemctl stop pure-ftpd
[root@cmee4k etc]# systemctl start pure-ftpd

[ftpuser@cmee4k ~]$ id
uid=600(ftpuser) gid=600(ftpuser) groups=600(ftpuser) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

Still cannot logon

———————
Edit /etc/pure-ftpd/pure-ftpd.conf file
+ VerboseLog    yes
+ MinUID       500

# systemctl stop|start pure-ftpd

In /var/log/messages
pure-ftpd: (?@47.235.11.147) [WARNING] Can't login as [ftpuser]: account disabled (uid < 500)

# id ftpuser
uid=600(ftpuser) gid=600(ftpuser) groups=600(ftpuser)

The problem ftpuser is existing in pure-ftp configuration

—————

# groupadd -g 1100 endusers
# useradd -u 1100 -g 1100 simon

[root@cmee4k log]# passwd simon
Changing password for user simon.
New password:  X3lr5fl.
Retype new password:   X3lr5fl.
passwd: all authentication tokens updated successfully.

[root@cmee4k log]# ls /home
ftpuser  simon

[root@cmee4k log]# pure-pw useradd syuen02 -u simon -g endusers -d /home/simon
Password: X3lr5fl.
Enter it again:  X3lr5fl.

[root@cmee4k log]# pure-pw list
apache              /var/www/html/./                                           
ftpuser             /home/ftpuser/./                                           
syuen02             /home/simon/./                                             

[root@cmee4k log]# systemctl stop pure-ftpd
[root@cmee4k log]# systemctl start pure-ftpd

#### It does not pick up the password?
pure-ftpd: (?@47.235.11.147) [WARNING] Authentication failed for user [syuen02]
pure-ftpd: (?@47.235.11.147) [WARNING] Authentication failed for user [simon]


Change pure-ftpd.conf file again
+UnixAuthentication   yes

[root@cmee4k log]# systemctl stop pure-ftpd
[root@cmee4k log]# systemctl start pure-ftpd

pure-ftpd: (?@47.235.11.147) [WARNING] Authentication failed for user [syuen02]
pure-ftpd: (?@47.235.11.147) [INFO] simon is now logged in  <— after change the Unix password option

—————————————

https://www.thegeekdiary.com/centos-rhel-7-how-to-install-and-configure-telnet/
# firewall-cmd --add-service=telnet --zone=public --permanent
success
[root@cmee4k etc]# semanage port -a -t telnetd_port_t -p tcp
port option is needed for add

[root@cmee4k etc]# systemctl  start telnet.socket
[root@cmee4k etc]# systemctl  enable telnet.socket
Created symlink from /etc/systemd/system/sockets.target.wants/telnet.socket to /usr/lib/systemd/system/telnet.socket.

# firewall-cmd --reload
success
[root@cmee4k etc]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: wlan0       <— 47.235.11.153 (pingable, but cannot connect)
  sources: 
  services: dhcpv6-client ssh telnet
  ports: 22/tcp 80/tcp 443/tcp 53/tcp 53/udp 21/tcp

# systemctl status telnet.socket
● telnet.socket - Telnet Server Activation Socket
   Loaded: loaded (/usr/lib/systemd/system/telnet.socket; enabled; vendor preset: disabled)
   Active: active (listening) since Mon 2020-03-16 19:37:48 EDT; 7min ago
     Docs: man:telnetd(8)
   Listen: [::]:23 (Stream)
 Accepted: 0; Connected: 0

# firewall-cmd --zone=public --add-port=25/tcp --permanent
success
[root@cmee4k etc]# firewall-cmd --reload
success
[root@cmee4k etc]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: wlan0
  sources: 
  services: dhcpv6-client ssh telnet
  ports: 22/tcp 80/tcp 443/tcp 53/tcp 53/udp 21/tcp 25/tcp

Now, we can telnet 47.235.11.153 and ftpuser into this machine.

—————

https://www.raspberrypi.org/forums/viewtopic.php?t=46911

In my Mac, root $HOME/image directory

dd bs=4194304  if=/dev/disk1 | gzip > ./CentOS7_image.gz

gzip -dc ./CentOS7_image.gz | dd bs=4194304 of=/dev/disk1
dd: /dev/disk1: Resource busy  <— destination is disk1

Even I insert both SD RAM where source is disk4, dest is disk1
# dd bs=4194304  if=/dev/disk4 of=/dev/disk1
dd: /dev/disk1: Resource busy

# dd bs=4194304  if=/dev/disk4s1 of=/dev/disk1s1
dd: /dev/disk4s1: Resource busy

# dd   if=/dev/disk4 of=/dev/disk1
dd: /dev/disk1: Resource busy

Mac is not working.

=====================================
Disable DHCP server in linnksys router

yum -y install dhcpd
change /etc/dhcp/dhcpd.conf file as follow
—————
# option definitions common to all supported networks...
option domain-name "cmee4k.ca";
option domain-name-servers  192.168.10.10, 192.168.10.1;
default-lease-time 36000;
max-lease-time 36000;
authoritative;

# A slightly different configuration for an internal subnet.
subnet 192.168.10.0 netmask 255.255.255.0 {
  range  192.168.10.100  192.168.10.199;
  option routers             192.168.10.1;
  option subnet-mask         255.255.255.0;
  option domain-name         "cmee4k.ca";
  option domain-name-servers 192.168.10.10, 192.168.10.1;
  # option broadcast-address   x.x.x.x;
}
—————
systemctl start  dhcpd
systemctl enable dhcpd

Now the DHCP dynamic address is from CentOS7, and its set DNS to CentOS7 too.
CentOS7 port 53 has DNS server, and it will call the DNS in 192.168.10.1 and get out.

—————

Turn off wlan0, enter:  nmcli radio wifi off

===================================
Set up DNS to override some domain name
https://www.redpill-linpro.com/sysadvent/2015/12/08/dns-rpz.html

Edit /etc/named.conf file, add the following lines
————
options {
    …
   response-policy  { zone "rpz"; };
};
zone "rpz" {
        type master;
        file "db.rpz";
};
——
Create /var/named/db.rpz file.    Remember this hostname is cmee4k.ca
———
$TTL 600
@            IN    SOA  localhost. root.localhost.  (
                          2020031901   ; serial
                          1h           ; refresh
                          30m          ; retry
                          1w           ; expiry
                          30m)         ; minimum
             IN    NS    localhost.

localhost                 A       127.0.0.1

; Redirect this site to our internal web sdderver for testing
www.example.com           CNAME   internal-webserver.example.net.
;www.cicsyc.org            CNAME   cmee4k.ca.
;www.cicscanada.com        CNAME   cmee4k.ca.
;www.bmo.com               CNAME   cmee4k.ca.
;www.cibc.com              CNAME   cmee4k.ca.
;www.td.com                CNAME   cmee4k.ca.
;www.scotiabank.com        CNAME   cmee4k.ca.
;www.tangerine.ca          CNAME   cmee4k.ca.
;www.rbcroyalbank.com      CNAME   cmee4k.ca.


; Ads from this network is particularly intrusive
ad.example.com            A       192.168.10.10
www.cicsyc.org            A       192.168.10.10
www.cicscanada.com        A       192.168.10.10
www.bmo.com               A       192.168.10.10
www.cibc.com              A       192.168.10.10
www.td.com                A       192.168.10.10
www.scotiabank.com        A       192.168.10.10
www.tangerine.ca          A       192.168.10.10
www.rbcroyalbank.com      A       192.168.10.10

cicsyc.org            A       192.168.10.10
cicscanada.com        A       192.168.10.10
bmo.com               A       192.168.10.10
cibc.com              A       192.168.10.10
td.com                A       192.168.10.10
scotiabank.com        A       192.168.10.10
tangerine.ca          A       192.168.10.10
rbcroyalbank.com      A       192.168.10.10

; Malware site, we must prevent compromised clients
; from contacting it.
evil.h4xx0r.example.com   A       192.168.10.10
——

Add /var/www/html/index.html file