LINUX

Maha avatar baba Redhat LINUX Admin documentation LINUX ENTERPRISE SERVER EDITION Version 4 1.
Linux Essential (RH033) Security (RH253) Topics Linux File System /(Root) -etc -bin -sbin -lib -root -usr -selinux -mnt -media -var -boot -tmp -opt -dev -home-proc -lost-found 2. Linux System Admin (RH133) 3. Linux Network
bin - used to store user commands. /usr/bin /also stores user commands sbin System Administrator commands /usr/sbin also stores system commands root home directory of the super user media mount points for file systems mounted boot contains kernel and other files used during system startup lost+found used by fsck to place files whose names cannot be found during file system repair lib contains many library files dev store device files etc Contains configuration files var variable files such as log files and directories proc A virtual file system, that contains system information used by certain programs tmp a scratch pad for users and programs, /tmp has global read/write access. home location of user home directories opt installation directory for third-party package such as Star Office selinux security enhanced linux ------------------------------------------------------------------------------------------------------------------------------------------------------------------File System Table # vi /etc/fstab Column1 - Directory Partition information (/dev/hda9 or LABEL=home) Column 2 Mount point (/dev/hda6, /data, /misc ) Column 3 File system (ext3, nfs, ext2, swap, smbfs) Column 4 option Column 5 dumb directory
Page No 1
Column 6 File system check Add new device to fstab # vi/etc/fstab /dev/hda8 /dataext3 defaults /dev/sb1 :wq! # service nfs start / restart ------------------------------------------------------------------------------------------------------------------------------------------------------------------CD Writing i) Nautilus CD Writing or Burning from GUI Mode Go to X window double click /root explorer, Copy Files or directory from Source and then click GO option from the menu. Select CD CREATOR. Then click CDWRITING icon ii) CD Writing or Burning from Virtual Mode # mkdir abc # cd abc (Put all dumbs inside this directory) # cd.. # mkisofs r o abc.iso abc # cdrecord v dev=1,0,0 abc.iso # cdrecord scanbus (Where your cd writer is present) # man cdrecord (help) ------------------------------------------------------------------------------------------------------------------------------------------------------------------Commands UPDATEDB, SLOCATE, LOCATE # updatadb (update databse) # slocate grub.conf (locate the path grub.conf) # locate httpd.conf (locate path httpd.conf) ------------------------------------------------------------------------------------------------------------------------------------------------------------------linux dump from cd (4 cds) to harddrive Inser disk 1 from drive and come to super user prompt # mount /media/cdrom # cd /media/cdrom # ls # cp av RedHat /var/ftp/pub # cp av images /var/ftp/pub
Page No 2
12 00
/xyz vfat
defaults
# umount /media/cdrom # eject Inser disk 2 from drive and come to super user prompt # mount /media/cdrom # cd /media/cdrom # ls # cp av RedHat /var/ftp/pub # umount /media/cdrom # eject Inser disk 3 from drive and come to super user prompt # mount /media/cdrom # cd /media/cdrom # ls # cp av RedHat /var/ftp/pub # umount /media/cdrom # eject Note : cp -u -update copy only when the SOURCE file is newer than the destination file or when the destination file is missing example : cp avu Redhat /var/ftp/pub --------------------------------------------------------------------------------------------------------------------------------------------------------------Redhat Installation through Network File Sharing) NFS (Network File Sharing method for Linux Installation) From Server Note: Put all Linux dump cds to the server in the directory path /var/ftp/pub # vi /etc/exports /var/ftp/pub *(ro,sync) (For all the client users access this directory ie [*])
Note: Assume if you want to share the /var/ftp/pub to particular client, the command as follows: /var/ftp/pub 192.168.10.2 /255.255.255.0 (rw,sync) (Read /Write access permission) :wq! # exportfs r (read all shared directories) # exportfs av (append and verbose all shared directories) # service nfs start / restart
Page No 3
# service portmap start / restart To Client Note : Put the Linux 1st cd to the client machine and boot. Follow the commands. boot : linux askmethod Linux installation through network 1)NFS image ii)HARDDRIVE 2)FTP 3)HTTP 4)CDROM Select NFS image Servername : server1.example.com (or) 192.168.0.20 server ip Redhat Dir : /var/ftp/pub Now the installation starting NFS (Network File Sharing for some folders Some examples mounting through NFS # vi /etc/exports /mnt/cdrom *(ro,sync) /mnt/floppy *(rw,sync) /home/user2 *(ro,sync) :wq! # exportfs r (read all shared directories) # exportfs av (append and verbose all shared directories) # service nfs restart # service portmap restart To Client # showmount e 192.168.10.1 # mount 192.168.10.1:/var/ftp/pub /data1 # mount 192.168.10.1:/mnt/cdrom /data2 # mount 192.168.10.1:/mnt/floppy /data3 # cd /data1 # ls # cd /data2 # ls
Page No 4
# cd /data3 # ls NFS Overview File sharing service. RPC based service, so it requires Portmap. Packages:
nfs-utils Provides: nfsd - Provides userland portion of NFS service. lockd - NFS lock manager (kernel module) rpciod rpc.mountd - Provides mounting services. rpc.rquotad - Returns quota information. rpc.statd - Used by lockd to recovery locks after a server crash.
portmap Provides portmap program. Portmap maps calls made by other hosts to the correct RPC service. Because portmap is compiled with tcp wrappers support (libwrap), those that need to access portmap must be given access via /etc/hosts.allow and/or /etc/hosts.deny.
Ports TCP/UDP 111 - portmap UDP 2049 - nfsd The other NFS related services vary in the port numbers they use. Clients contact portmap to find out the port number the other RPC services use. Required Services Listed in startup order: NFS Server portmap nfs NFS Client portmap nfslock Configuration /etc/exports NFS server configuration file.
Page No 5
Format: <directory> <host or network>(options) <host or network>(options) ...... It is critical that there not be any spaces between the host/network and it's options.
Example: # Allow all hosts in the somewhere.com domain to mount /var/ftp/pub read-only /var/ftp/pub *.somewhere.com(ro)
# Allow all hosts to mount /var/www/html read-only and allow certain hosts # mount it read-write /var/www/html *(ro) 192.168.1.0/255.255.255.0(rw) 192.168.2.10(rw) # Allow certain hosts to mount /usr read-only and another read-write as root /usr 172.16.0.0/255.255.0.0(ro) 172.16.1.10(rw,no_root_squash) # Allow access to /usr/local by everyone, but only as the anonymous user /usr/local Restrictions Root can't mount an nfs share as root unless no_root_squash is used. Normally when root mounts a share, NFS maps root to the local user nobody. You can't export a directory that is a parent or child of another exported directory within the same file system. e.g. You can't export both /usr and /usr/local unless /usr/local is a separate file system. Common Export Options no_root_squash - Remote hosts can access local shares as root (Dangerous!) ro - Read-only
Page No 6
*(ro,all_squash,anonuid=100,anongid=100)
rw sync
- Read/Write - All file system writes must be committed to disk before the - All remote users are mapped to a local anonymous user. - Specify the uid to user for anonymous access. - Specify the gid to user for anonymous access.
request can be completed. all_squash anonuid anongid /etc/fstab Used for NFS client configuration Example: server:/usr /usr nfs user,soft,intr,rsize=8192,wsize=8192 0 0
Common NFS related mount options soft hard intr - Processes return with an error on a failed I/O attempt - If a process tries to access an unavailable share, it will hang until - Allows NFS requests to be interrupted or killed if the server is
data is retrieved. unreachable nolock - Disable file locking in order to work with older NFS servers rsize wsize - Sets the number of bytes NFS reads from a share at one time - Sets the number of bytes NFS writes to a share at one time * Setting rsize and wsize to 8192 greatly increases performance. (default 1024) (default 1024)
Auto Mounting NFS shares Requires autofs package to be installed. Create entry in /etc/auto.misc for the NFS share: ftp -fstype=nfs,intr,soft 192.168.1.20:/var/pub/ftp If the default autofs setup is used, whenever someone accesses /misc/ftp, the remote NFS share on 192.168.1.20 will be automatically mounted. The options
Page No 7
specified in the /etc/auto.misc have the same meaning as when they are used in /etc/fstab. NFS Utilities exportfs Used to maintain the table of exported file systems. Example Usage: exportfs -r exportfs -v exportfs -a # Refresh the share listing after modifying /etc/exports. # Display a list of shared directories # Exports all shares listed in /etc/exports # This MUST be done in order for your changes to take effect.
# To export a filesystem not in /etc/exports exportfs 192.168.1.0/255.255.255.0:/tmp # Unexport a filesystem exportfs -u 192.168.1.0/255.255.255.0:/tmp showmount Show mount information for an NFS server. Does not require that any local NFS services be running in order to use it. Example Usage: showmount -e 192.168.1.67 # Shows available shares on host 192.168.1.67 showmount -a 192.168.1.67 # Shows the clients connected to host 192.168.1.67 # and the shares they have mounted. rpcinfo Reports RPC information. Can determine if RPC services are running on a host. Example Usage: rpcinfo -p 192.168.1.77 # Display list of RPC services running on 192.168.1.77
Page No 8
----------------------------------------------------------------------------------------------------------------------------------------------------------------KICK START INSTALLTION From Server # cd /etc # cp anaconda-ks.cfg ks.cfg Note : goto X window system, select System tools KICKSTART. Modify basic configuration installation method NFS ip address : 192.168.10.1, Directory : /var/ftp/pub Network : DHCP Select the way you want to do (for Select language, keyboard layout, partition, packages, boot loader etc.,) Above information save the file to ks.cfg Kick start installations possibility on four ways 1. FLOPPY 2.NFS 3.FTP 4.HTTP # mount /media/floppy # cp ks.cfg /media/floppy # umount /media/floppy To Client Note : Put the Linux cd1 from the client machine and boot. Follow the any one command with your choice of installations # linux ks=floppy # linux ks=nfs:192.168.0.254:/kicks/ks.cfg contains ks.cfg file) # linux ks=ftp:192.168.0.254:/kicksftp/ks.cfg cfg directory which contains ks.cfg file) # linux ks=http:192.168.0.254:/kickshttp/ks.cfg cfg directory which stores in ks.cfg file) Installation starting Kickstart Overview Kickstart provides a way to do automated installations. The Kickstart configuration file (ks.cfg) answers all the questions that are normally asked during a normal install. Allows you to automate most of the installation, including the following: Language Selection Mouse Configuration
Page No 9
(kicks This is a directory which (kicksftp This is a (kickshttp This is a
Keyboard Selection/Configuration Boot Loader Installation Disk Partitioning Network Configuration Authentication (NIS, LDAP,Kerberos, Samba, and Hesoid) Firewall Configuration X Window System Configuration Package Selection
Packages

Manual
mkkickstart - This package provides utilities that will create a kickstart file based on the current machine's configuration. ksconfig - Provides a graphical interface for creating kickstart files.
Creating a Kickstart File Copy the sample.ks kickstart file from the RH-DOCS directory on the documentation CD and modify it to meet your requirements. Be careful when editing it because the sections must remain in order. The order is: Command Section %package Section %pre & %post Sections
mkkickstart Use the mkkickstart utility to create a kickstart configuration file based on the current system's configuration. ksconfig Use the GUI tool ksconfig to create a kickstart file. Kickstart Installation Types Network Local ks.cfg file must be put on a floppy boot disk. Can install from a local CD-ROM or a local hard drive. Requires a DHCP/BOOTP server. ks.cfg file must be accessible from NFS, FTP, HTTP, or Samba (although I've only been able to get it to work when the ks.cfg file is on NFS). Can install from NFS, FTP, HTTP, & Samba.
Kickstart Installation
Page No 10
Boot with a boot floppy. For a local kickstart installation, the ks.cfg must be located in the root of the boot disk. When SYSLINUX installation screen comes up, specify one of the following options: ks=floppy - If ks.cfg is located on the floppy. ks=hd:fd0/ks.cfg - Same as ks=floppy above. ks=floppy dd - When ks.cfg is located on the floppy and you need a driver disk. ks=nfs:<server>:/path - ks.cfg file is on an NFS server. ks=http:<server>:/path - ks.cfg file is on an HTTP server. ks=ftp:<server>:/path - ks.cfg file is on an FTP server.
Additional Network Installation Info When specifying "linux ks" at the installation prompt: The ks.cfg file must be available via NFS. By default, it is assumed that the ks.cfg file will be on the same server as the DHCP/BOOTP server. To specify a different server for the ks.cfg file, specify the following in the /etc/dhcpd.conf file: filename "/path/to/ks.cfg" next-server <hostname or IP> If the path specified in the "filename" clause ends with a "/", then the file that is looked for is: "/specified/path/<IP>-kickstart" where <IP> is the IP address of the machine making the request. Note that the path specified in the "filename" clause must be the full path to the file and not the relative path from the NFS export. Kickstart will automatically try to mount the NFS export based on the path's name. In the above example, it would first try to mount "/path", then if that failed, "/path/to". If you don't wish to use DHCP to specify the location of the kickstart file, you can specify one of the options listed above to point to the location of the ks.cfg file. To install from NFS, the following directive must be used in the ks.cfg file right after the "install" directive: nfs --server <server> --dir <dir> To install from HTTP or FTP, the following directive must be used in the ks.cfg file right after the "install" directive: url --url http://<server>/path url --url ftp://<server>/path
Page No 11
------------------------------------------------------------------------------------------------------------------------------------------------------------------User Creations, modification and password settings and removing Four ways of user creations 1. adduser groups # useradd vasanth # passwd vasanth new password: xxxxxx retype password: xxxxxx (at least 6 char) # useradd u 650 d /home/vasanth m vasanth # useradd u 700 d /home/prem m prem # usermod u 700 -o -l vasanth babaji (username modify from vasanth to babaji) # passwd d vasanth (remove the password) # userdel r vasanth (remove the vasanth user from /home dir) Some of the important /etc configuration files modification and processing # vi /etc/issue (After login to the user to display Terminal screen number, date and time) Terminal : \l Date : \d Time : \t Hostname : \n wq! Ctrl d (refresh ) # vi /etc/motd (Set the title banner for after login to the user ) -----------------------------xxxxxxxxxxxxxx-------------------------WELCOME TO ELMAQ -----------------------------xxxxxxxxxxxxxx-----------------------:wq! # login : user1 passwd : xxxxxx # login : user2 passwd : xxxxxx # vi /etc/shadow (users and groups password crypt)
Page No 12
2. useradd
3. redhat-config-user
4. click system settings user &
disable the particular user id :wq! # login user1 do not login #vi /etc/passwd (All users id and other information) disable the particular user encrypt password :wq! # login user2 do not login #vi /etc/group ((All the group id and other information are inside) vi /etc/inittab id : 5 (default) chage the run level 1 or 2 or 3 or 4 or 6 :wq! Run level Description 0 Shutdown 1- Single user mode 2 - Multiuse mode without network support 3 - Multi user mode with network support 4 -Not used 5 - Multiuse mode with X window 6 - System restart Change the runlevel during startup (booting) linux
GRUB Redhat linux Enterprise
i) Press a key e come down again press e display Label = / (3 type runlevel), press enter and press b (boot) ii) Press a key a Label = / (3 type runlevel) and press enter List the runlevel files (from runlevel 0-6) # cd /etc/rc.d/rc6.d # ls
Page No 13
# cd /etc/rc.d/rc5.d #ls # cd /etc/rc.d/rc3.d # ls List the services # chkconfig -- list # chkconfig network off # chkconfig vsftpd on # chkconfig xinetd on # chkconfig xinetd off # chkconfig smb on # chkconfig nfs on # chkconfig ypserv on K stop S start # vi /etc/rc.d/rc.local ( create the shell scripts) echo Your name $ name read name echo Your address $ address read address :wq! # vi /etc/rc.d/rc.sysinit (Modify the welcome to linux title screen) we can modify Welcome to linux title other wise Welcome to elmaq.edu :wq! # vi /etc/redhatrelease (Adding some text information) WELCOME TO LINUX TEAM :wq! Adding new Terminals in run level for command interface # vi /etc/inittab copy 6 terminls and paste down modify the terminal number example (8 tty8, 9- tty9, 10-tty10, 11-tty11 etc.,) :wq!
Page No 14
# init q ctrl +d Press the Function keys F8, F9, F10, F11 otherwise ctrl left cursor and right cursor. View different terminals Adding new Terminals in Graphical Mode Come to command user mode # startx -# startx -# startx -# startx -:1 :2 :3 :4 & new terminal set as F8 & new terminal set as F9 & new terminal set as F10 & new terminal set as F11
# startx (run only command mode on run level 3 or 5 ) ---------------------------------------------------------------------------------------------------------------------------------------------------------------Shutdown the linux # shutdown h now (shutdown immediate) # shutdown h 3 (After 3 minutes the machine will shutdown) # halt (power off) #poweroff # reboot (restart) # press ctrl +alt+del (restart) ----------------------------------------------------------------------------------------------------------------------------------------------------------------vi editor (user level) # vi test.c (filename) esc yy copy esc p paste esc dd delete esc cc cut ----------------------------------------------------------------------------------------------------------------------------------------------------------------Switch Desk KDE -Kool Desktop Environment or K desktop Environment GNOME GUN Network Object Module Environment # init 3 # switchdesk kde # startx # init 3
Page No 15
# switchdesk gnome # startx ----------------------------------------------------------------------------------------------------------------------------------------------------------------RPM (Redhat Package Manager) Note : Before going to install the package, first come into Linux package directory then apply the rpm -ivh command. # rpm qa|grep samba (package query for samba) # rpm qa|grep telnet (package query for telnet) # rpm ivh telnet-server(press tab key take full name of telnet package) (install telnet package) # rpm ivh sendmail (press TAB key take full name of sendmail package) (install telnet package) # rpm ivh redhat-config-samba aid (press TAB key take full name of samba package) (install telnet package) # rpm e sendmail (remove sendmail package from linux) # rpm e telnet (remove telnet package from linux) # rpm ql kernel/less (list the kernel oriented files) # rpm ql samba/less (list the samba oriented files) # rpm qf /etc/inittab (Which file required for inittab command) # rpm qf /etc/fstab (Which file required for fstab command) # rpm qf /etc/issue (Which file required for issue command) # rpm U kernel (press TAB key take full name of kernel) (Upgrade the kernel package) ---------------------------------------------------------------------------------------------------------------------------------------------------------------Network Configuration and connectivity # redhat-config-network (Configure the Network Card ) Go to GUI Mode Click System tools Network New Ethernet connection static ip address 192.168.10.50/255.255.255.0 # netconfig # ifconfig (display ip address) # ifconfig eth0:192.168.0.23 up (ip address specify and up) # ping 192.168.10.1 (Check the network connectivity)
Page No 16
# arp a (Display Mac addresses for an added entry of the network machines) # ifdown eth0 (disable the LAN card configuration) # ifconfig # ifup eth0 (enable the LAN card configuration) # ifconfig # service network restart /start # ifup eth0 192.168.10.50 up # service network restart ----------------------------------------------------------------------------------------------------------------------------------------------------------------IP aliashing Define: More than one ip address we can create in single network card. etho this is real lan card for physical ip address eth0:1 ---- virtual ip address eth0:2 ---- virtual ip address eth0:3 ---- virtual ip address # netconfig d eth0:1 (specify the ip 192.168.10.4) # netconfig d eth0:2 (specify the ip 192.168.10.5) # netconfig d eth0:3 (specify the ip 192.168.10.6) list the network card scripts # ls /etc/sysconfig/network-scripts/ # cd /etc/sysconfig/network-scripts # ls # rm ifcfg-eth0:1 (Remove the virtual lan) # ifdown eth0:2 (disable the virtual configuration) # ifconfig # ifup eth0:2 (enable the virtual configuration) # ifconfig ----------------------------------------------------------------------------------------------------------------------------------------------------------------Job Scheduling Note : using cron and at command Crontab minutes of hour / hours of day / day of month / month of year * * * * # date (check the date & time) # crontab e (view the editor)
Page No 17
31 * * * * touch file1.txt 32 * * * * mkdir elmaq 35 * * * * echo hello >> /dev/tty2 :wq! Service crond restart # date # ls Go to terminal 2 (tty2) alt+F2 and check it u-received message as hello. Using crontab for user login $ date $ crontab e 40 * * * * cat > bin.txt 42 * * * * echo HAI >> dev/tty4 :wq! Service crond restart $ date $ ls # crontab e 30 17 * * * * /sbin/ifdown eth0 30 9 * * * * /sbin/ifup eth0 00 20 * * * * /sbin/init 0 # crontab e 42 * * * * echo HAI >> dev/tty4 :wq! service crond restart $ date $ ls view the cron information # cd /etc # vi cron # vi crontab Denied the crontab permission for particular user # vi /etc/crond.deny user2 (crontab not access within user2)
Page No 18
user1 (crontab not access within user1) :wq! Go to user1 or user2 and type the following commands # crontab e (crontab denied) # vi /etc/crond.allow (Allow the crontab permission) root (super user) vasanth (ordinary user) :wq! # crontab help # crontab r # crontab l (list the crondtab informations) # crontab u user1 r (delete a user1 from crontab) crontab to Using vi editor method # vi abc 48 * * * * touch bin.txt :wq! #crontab abc #date Display the crontab job scheduling report # cd /var/spool/cron/ # cat root Job scheduling at command # at now + 1 min (one minute after the following commands will execute) at > touch vasanth.txt at > mkdir elmaq at > echo WECOME TO ELMAQ >> /dev/tty2 at > useradd test at > passwd test at > ctrl + d (finish) note : After one minute type the following command # ls Denied the at permission for particular user # vi /etc/at.deny root (at not access within root) user1 (at not access within user1)
Page No 19
:wq! login : user1 $ at now+1 min (Do not permit) login : root # at now+1 min (Do not permit) # vi /etc/at.allow (Permit the at command) user2 prem :wq! # atq (list the job with at ) # atrm 5 (remove a job from 5) ------------------------------------------------------------------------------------------------------------------------------------------------------------------User Creation for Manual Method # vi /etc/passwd benq : :502:502:/home/benq:/bin/bash (benq is a user name, 502 is a user id, shell : borne shell (bsh) ) #vi /etc/group benq:x:502 # mkdir /home/benq #chown R benq.benq. /home/benq # cd /home login : benq (user login not good prompt) # cp av /etc/skel/. /home/benq # useradd D (view the user details) login : benq (user login good prompt but without password) # pwconv # vi /etc/shadow #pwunconv #vi /etc/shadow
Page No 20
#vi /etc/passwd #pwconv #passwd benq new password : xxxxxx retype password : xxxxxx ------------------------------------------------------------------------------------------------------------------------------------------------------------------FTP (File Tranfer Protocol) Define: Get and Put the files to and from remote machine # service vsftpd start /restart (Very secure FTP) # username : vasanth password : xxxxxx Group of files mget & mput ftp > mget * (group of files received from the user vasanth) ftp > mput * (group of files place to the user vasanth) ftp > ls (list the files in your machine) ftp > !ls (list the files from specified user) ftp > bye (Exit) Single file get & put ftp > get vasanth.txt ftp > get prem.txt ftp > put vk.txt ftp > vijay.bak FTP scripts file # vi /etc/vsftpd # vi /etc/vsftpd/vsftpd.conf ftpd Welcome to Elmaq FTP :wq! # vi /etc/vsftpd.user_list (denay the ftp users login) root
Page No 21
vasanth # vi /etc/vsftpd.ftpusers (denay the ftp users login) root vasanth GFTP (Graphical FTP) Note : go to X window click Internet More Internet Application gFTP HOST : 192.168.0.20 PORT : 20 USER : vasanth Pass : xxxxxx FTP
Now connecting and transfer the files from source to destination, destination to source and vise versa. LFTP # lftp 192.168.0.20 # lftp 192.168.0.20 > ls < pub > # cd pub # mget * (only getting the files from remote machine, no files are putting)
#lftp vasanth@192.168.0.30 password : xxxxx vasanth@station1$ mget * (getting the files from remote user vasanth) ----------------------------------------------------------------------------------------------------------------------------------------------------------------Samba Configuration Def: Share the folders from Linux to windows and windows to Linux Sharing the folders from Linux to windows # service smb start /restart /status # mkdir /data (we take example samba sharing folder /data) # cd /data # cat > mn.txt # cat > bm.txt # useradd sambatest (samba user name) # smbpasswd a sambatest (set the sambapassword for the user name sambatest) # vi /etc/smb.conf (samba configuration file) Global settings Workgroup = LINUXSRV work group name
Page No 22
Hosts allow 192.168.0.70 . 127 (allow the samba for particular host machine) Shared definitions (go to the last line Copy (esc 8 yy 8 lines yanked & Paste) [My share] *************** *************** *************** [elmaq] path = /home/vasanth public =yes writable =yes valid user = user2 (particular user only access ) :wq! # testparm (View the information about what folders we are sharing) # service smb restart # smbclient L localhost Go to windows and login to the samba username=sambatest and give the password :xxxxxx Double click Network neighborhood view /elmaq (domainname) linux folder (/home/vasanth) (Click Network Servers options in X window and view the shared folders) sambaclient and sambamount from linux to linux machine # smbclient //localhost/elmaq (domai name)/-U username=user2 (smbuser) # smbmount //192.168.10.2/elmaq o username =user3 (smbuser) Sharing folders from windows to Linux Note: From windows machine sharing the drive C: or some folders (example /dumb) then go to Linux machine. # smbmount //192.168.0.10 /dump /test o username=administrator 192.168.0.10 (windows machine ip) /dump (soruce folder from windows) /test (destination folder to linux) administrator windows user name # cd/test # ls (or) # mount t smbfs o username=administrator //192.168.0.100/dump /test
Page No 23
# smbtree (samba tree) # smbclient //192.168.0.100/student U administrator password : xxxxx smb:> ls (list the windows files) smb:> mget * (getting & putting the files through samba ftp) smb:>exit
Assign permanently samba and nfs mounting from fstab (linux to linux and windows machine) # vi /etc/fstab 192.168.0.15:/share //192.168.0.15 /sad passwd=xxxxxx 0 0 192.168.0.17:/var/ftp/pub /dump :wq! #service nfs restart #service smb restart # service netfs restart ------------------------------------------------------------------------------------------------------------------------------------------------------------------GRUB and LILO Boot Loader Grub to lilo # lilo Lilo to Grub # grubinstall /dev/hda # vi /boot/grub/grub.conf # root (hd0,0) (comment this line) # kernel /vmlinuz-2-4-21-40 EL ro root = LABEL=/ (comment this line) # initrd /initrd 2.4.21.4 EL.img (comment this line) # boot (comment this line) :wq! After restart the linux system the command prompt appear grub > root (hd0,0) grub > cat (hd0,0)/grub/grub.conf grub > kernel /vmlinuz-2-4-21-40 EL ro root = LABEL=/ 3 grub > initrd /initrd 2.4.21.4 EL.img grub > boot
Page No 24
/opt nfs
defaults
/tmp smbfs
defaults, username=vasanth, nfs defaults 00
booting of the linux set the password to grub loader Method 1: Goto gnome or KDE terminal and type the following commands: # grup-md5-crypt password : xxxxxx retype : xxxxxx $4567898@#637 (copy this encrypt password and paste to: # vi /etc/grub.conf Before the title in linux Password --md5 $4567898@#63 After the title in linux Password --md5 $4567898@#63 :wq!
Method 2: # grubmd5-crypt >> /boot/grub/grub.conf new passward : xxxxxx retype password :xxxxxx #vi /boot/grub/grub.conf Remove the password at bottom of the line set the password to LILO # rpm qa|grep lilo # vi /etc/lilo.conf -------------------------------password : xxxxxx ---------------------------------:wq! Restart the system We dont know grub password but want remove it from grub.conf Insert the Linux disk1 in to the cdrom drive then boot. The command prompt appears boot: linux rescue
Page No 25
# chroot /mnt/sysimage # vi /etc/grub.conf Remove the password line :wq! # exit # exit ------------------------------------------------------------------------------------------------------------------------------------------------------------------Services # netsysv (what services should be automatically started) # system-config-services Display the all services in X window. ------------------------------------------------------------------------------------------------------------------------------------------------------------------Permissions U user G group O others # cat > file1 # cat > file 2 # ls l # chmod 677 file1 # chmod ugo=rwx file2 # ls l # mkdir test # cp *.txt test # chmod R 766 test (R - Recursively) ------------------------------------------------------------------------------------------------------------------------------------------------------------------Chown (Change Owner) # chown vasanth test1 (now changing the ownership to user vasanth) # chown prem test2 (now changing the ownership to user prem) # chgrp vasanth test1 (now changing the group to vasanth) # chgrp prem test2 (now changing the group to prem) # chown nobody.elmaq sharefile (ownership nobody but group=elmaq) SGID (set Group ID) Special permission numeric value 2
Page No 26
4 read 2 write 1- execute
r - read w- write x-execute
Create 3 users useradd class1 passwd d class1 useradd class2 passwd d class2 useradd class3 passwd d class3 Create a group groupadd elmaq vi /etc/group check the groupname - elmaq groupid elmaq:x:710 class1,class2 (users membership) vi /etc/passwd class1:x:690:690 - > 690 change the group id to 710 class1:x:690:710 (here userid 690(class1) and 710(elmaq) is called group id) class2:x:691:710 (here userid 691(class2) and 710(elmaq) is called group id) class3:x:692:692 (here userid 692(class3) and 692(class3) is called group id) above statements the class1 and class2 had membership from elmaq group Go to root login. Create one common folder for accessing group permission # mkdir /home/angels (here angles is a common folder for accessing the group membership users) # chown nobody.elmaq /home/angles (Set the group ownership of elmaq group) #chmod 2770 /home/angles (set the group id and permissions for user=rwx group=rwx and other=none) Go to other Terminals Login class1 $ cd /home/angles (permissions accept) Login class2 $ cd /home/angles (permissions accept) Login class3 $ cd /home/angles (permissions denied) because this user not membership from elmaq group
Page No 27
------------------------------------------------------------------------------------------------------------------------------------------------------------------STRICKY BIT This is special file permission for Directories. For access this directory only the user ownership and super user. Others cant access. Logon to a user (for example student) Login student # ls ld /tmp # cd /tmp # mkdir stricky # ls ld stricky # chmod 1770 stricky (1 stricky bit ) (or) chmod 1755 stricky (or) # chmod o+t stricky # ls ld stricky ------------------------------------------------------------------------------------------------------------------------------------------------------------------UMASK Login from root root # umask 0022 666 ( - ) File Permission 777( -) Directory Permission 022 = 755 (rwx rx rx) 022 = 644 (rw r r)
vasanth $: umask 0002 666 (-)File Permission 002 = 664 (rw rw r) Change umask root # umask 044 666 (-)File Permission 044 = 622 (rw w w) # cat > mk.txt
Page No 28
777( -) Directory Permission 002 = 775 (rwx rwx rx)
# cat > bn.txt # ls l vasanth $ : umask 044 666 (-)File Permission 044 = 622 (rw w w) # cat > low.txt # cat > high.txt # ls l If you want to change the umask permanently in privilege & non privilege users for following: # vi /etc/bashrc umask = 044 set the umask . ------------------------------------------------------------------------------------------------------------------------------------------------------------------SWITCH USER # su user2 (Skip from root to user2) # su (come back to root) # su user3 (Skip from root to user3) # su ------------------------------------------------------------------------------------------------------------------------------------------------------------------CREATE A NEW PARTITION # df h (Check the free space of your Harddisk) # fdisk l # fdisk /dev/hda :m help :p (print the partition) :n (new partition) first range : 4024 (cylinders) last range : +500M -t (change the partition id) partition (1-13) 13 (Partition volume example /hda13) -l (File System type) - 83 (linux File system) -w (writing table) ctrl +c (exit) # partprobe (without restart system the partition defined)
Page No 29
# mkfs.ext3 /dev/hda13 (ext3 linux filesystem) (or) # mkfs t ext3 /dev/hda13 (or) mkfs j /dev/hda13 # e2label /dev/hda13 /data (Label name = /data) # mkdir /data # mount /dev/hda13 /data (mount /hda13 to /data) # vi /etc/fstab /dev/hda13 :wq! #service nfs restart (It is automatically mounted every time starts the Linux machine /dev/hda4 to /data) DELETE A PARTITION Note : (Before delete a partition , first umount the partition files systems) # fdisk /dev/hda # command (m) help : d # partition (1-9) : 9 (deletion partition) # command(m) : w (writing table) # partprobe /data /ext3defaults 0 0
TCP Wrappers *Security *Ssh Connect to remote machine securerly *telnet It is an insecure way of connecting to a remote machine because the username and password are transmitted in clear text
# vi /etc/hosts.deny sshd:ALL (Disable the service (Secure Shell SSH) for all machines) sshd:192.168.10.3 (Disable the service (Secure Shell SSH) for particular ip machine) vsftp : ALL EXCEPT 192.168.0.30 portmap:ALL icmp:ALL
Page No 30
in.telnetd.ALL EXCEPT 192.168.0.50
# vi /etc/hosts.allow vsftpd:192.168.10.4 (Allow the ftp permission for particular ip machine) sshd:192.168.10.3 (Allow the ssh permission for particular ip machine ) icmp:192.168.10.5 (Allow the icmp permission for particular ip machine ) ALL EXCEPT vsftpd:ALL ------------------------------------------------------------------------------------------------------------------------------------------------------------------Disable the Telnet Service Telnet is xinetd based service. There is no such deamon # cd /ect/xinetd.d # vi telnet disable = yes (telnet service is disabled) :wq: # service xinetd restart Telnet service from linux to linux machine Telent Port 23. It is in secure way of connecting to a remote machine. From server # service xinetd start /restart # telnet 192.168.0.20 login : vasanth password :xxxxxx To client # service xinetd start /restart # telnet 192.168.0.22 login : prem password :xxxxxx
Telnet service from Linux to windows machine Go to win 9x or xp /2000 click start select RUN telnet 192.168.0.20 Login : vasanth Password : xxxxxx
Page No 31
$ ls ------------------------------------------------------------------------------------------------------------------------------------------------------------------SSH (Secure shell) ssh Connect to remote machine securely From server # service sshd start /restart # ssh 192.168.0.20 (or) # ssh vasanth@192.168.0.20 login : vasanth password :xxxxxx (This machine is Root password for secure login) # scp file.txt 192.168.0.22:/home/prem (secure copy for file.txt from client machine) # scp bin.txt 192.168.0.22:/home/prem (secure copy for bin.txt from client machine) To client # service sshd start /restart # ssh 192.168.0.22 (or) # ssh prem@192.168.0.22 login : prem password :xxxxxx (This machine Root password for secure login) # scp elmaq.txt 192.168.0.20:/home/vasanth (secure copy for elmaq.txt from server) # scp letter.txt 192.168.0.20:/home/vasanth (secure copy for letter.txt from server) # vi /etc/ssh/sshd_config # vi /etc /known_hosts (list the users login) #vi /etc/services (show the protocols port value) # vi /etc/securetty ------------------------------------------------------------------------------------------------------------------------------------------------------------------RESCUE MODE Trouble shooting # vi /etc/fstab # LABEL / (comment 1st line) :wq! # vi /etc/shadow # root ::1 (comment 1st line) :wq! # vi /etc/inittab # id : 0 (default) change the run level 0) :wq!
Page No 32
# vi /etc/passwd root:x:0:0:root:/root:/bin/bash this is normal startup root:x:0:0:root:/root:/bin/bash/nologin root not login :wq! -------------------------------------------------------------------------------------------------------------------------------------------------------------------
BACKUP / COMPRESS / UNCOMPRESS # mkdir back (put all files inside this directory) using gzip # tar cvf back.tar back (grouping of directory) # ls l back.tar # tar tvf back.tar (list all files inside back.tar) # gzip back.tar # ls l back.tar.gz gunzip # ls # gunzip back.tar.gz Extracting Copy back.tar.gz to /home/user directory (or) some other directory # cp back.tar.gz /home/user # cd /home/user # tar xvf back.tar # ls using bzip / bunzip # bzip2 back.tar # ls # bunzip back.tar.bz2 Extracting Copy back.tar.bz2 to /home/user directory (or) some other directory # cp back.tar.bz2 /home/user # cd /home/user # tar xvf back.tar
Page No 33
# ls tar to unformatted floppies 1. Floppy low-level format 2. Do not mount the floppy disk
# tar czvf /dev/fd0 mydir (folder) # tar xzvf /dev/fd0/mydir # tar czvf back.tar.gz back # tar xzvf back.tar.gz #tar czvf back.tar.bz2 back #tar xzvf back.tar.bz2 compress / uncompress # compress back.tar # ls l back.tar.z # uncompress back.tar.z -------------------------------------------------------------------------------------------------------------------------------------------------------------------
IPTABLES FIREWALL # service iptables restart # iptables L (list the iptables INPUT /OUTPUT /FORWARD) # iptables A INPUT p tcp j DROP (or) REJECT [A Append, p protocol, j-jump) - DROP tcp in your machine # iptables L # iptables A INPUT p icmp j DROP (or) REJECT [A Append, p protocol, jjump) - DROP icmp in your machine # ping 192.168.0.20 (This is your machine ip address) do not ping # iptables F (Refresh the iptables rules) # ping 192.168.0.20 (This is your machine ip address) ping successfully # iptables A INPUT p tcp --dport 22 j DROP (or) REJECT [A Append, p protocol, j-jump,--dport destination port)
Page No 34
[DROP tcp for other machines, not this machine] # iptables A INPUT p tcp s 192.168.0.22 --dport 22 j DROP (or) REJECT [A Append, p protocol, s- source port j-jump,--dport destination port) [DROP tcp for particular ip (192.168.0.22), not this machine]
# iptables A INPUT p icmp s 192.168.0.22 j DROP (or) REJECT [A Append, p protocol, j-jump, s-source port) [DROP icmp for particular ip (192.168.0.22), not this machine] # iptables D INPUT 1 (delete) # Iptables D INPUT 2 # service iptables save # iptables L # iptables F (Refresh the iptables rules) SET THE IPTABLES FROM SERVER (IP ADDRESS 192.168.0.254) INPUT CHAINS Iptables A INPUT j REJECT (From the sever all ports and services Rejects to the all client machines) Iptables A INPUT I eth0 j REJECT (From the sever interface Rejects to the all client machines) Iptables A INPUT I eth0 s 192.168.0.40 j REJECT (From the sever interface Rejects to only a client machine192.168.0.40) Iptables A INPUT p tcp j REJECT (From the server network services (ftp, telnet, ssh, pop, http etc.,) Reject to the all client machines) Iptables A INPUT p tcp s 192.168.0.30 j REJECT (From the server network services (ftp, telnet, ssh, pop, http etc.,) Reject to only the client machine 192.168.0.35 other clients can access for all services) Iptables A INPUT p tcp s 192.168.0.30 dport 23 j REJECT (From the server network service telnet can
Page No 35
(Reject to only the client machine 192.168.0.35 but other services can access) iptables A INPUT ! s 192.168.0.254 j DROP (Drop all services expect 192.168.0.254) OUTPUT CHAINS Iptables A OUTPUT j REJECT (From server cant access to the client machines service) Iptables A OUTPUT o eth0 j REJECT (From server cant access from all the outbound eth0s) Iptables A OUTPUT o eth0 s 192.168.0.50 j REJECT (From server cant access from only a 192.168.0.50 outbound eth0) Iptables A OUTPUT p tcp j REJECT (From server cant access form all the client machi nes tcp protocol service) Iptables A OUTPUT p tcp d 192.168.0.30 j REJECT (From server cant access form only a client machine 192.168.0.35 for all tcp protocol service) Iptables A OUTPUT p tcp d 192.168.0.30 dport 21 j REJECT (From server cant access form only a client machine 192.168.0.35 FTP protocol. But other services allowed) # vi /etc/services (list the protocol port values) # vi /etc/sysconfig /iptables
-----------------------------------------------------------------------------------------------------------------------------------------------------------------IPTABLES NAT iptables t nat A POSTROUTING o eth1 j MASQURADE For enabling the NAT on the eth1, which represents the entire network. ech0 1 > /proc/sys/net/ipv4/ip_forward vi /etc/sysctl.conf
Page No 36
net.ipv4.icmp_echo_ignore_all=1 net.ip_forward=1 iptables t nat A PREROUTING i eth0 p tcp --dport 80 j REDIRECT --to -port 3128 For redirecting the port from 80 to 3128. Before the client access the eth0, the redirect takes place. iptables A FORWARD s 192.168.10.0/24 d scs.yahoo.com j DROP This will DROP all forward connection in 192.168.10.0 network, it will stop all movements in the server system, it will stop the transaction through scs.yahoo.com. iptables A FORWARD s 192.168.10.234/32 d scs.yahoo.com j ACCEPT scs.yahoo.com can access only through 192.168.0.234 -----------------------------------------------------------------------------------------------------------------------------------------------------------------LINUX BOOTING DISK CREATION FROM RHEL 3 1.Insert the RH first cd and mount /mnt/cdrom 2. insert the blank floppy disk and mount /mnt/floppy 3. cd /mnt/cdrom # cat bootdis..img>/dev/fd0 # dd if=bootdisk.img of=/dev/fd0 In Dos Envirnment the command as RAWRITE.exe LINUX BOOTING DISK CREATION FROM RHEL 4 1. Plug the USB Pen drive 2. Service kudzu start 3. vi/etc/fstab check the file system entry for usb pendrive /dev/sda1 /media/usbdisk vfst defaults 0 0 4. cd /var/ftp/pub/images (Redhat images directory) 5. dd < diskboot.img > /dev/sda1 (now making the booting disk to pen derive) (note : Pen drive file system VFAT) reboot the linux system
Page No 37
6. go to the BIOS setup (change the BOOT device priority first boot USB pen 2nd boot- harddisk 3rd boot cdrom) 7. boot : (the command prompt appears) Linux typical mount points / /boot /home/usr /var /opt /tmp -----------------------------------------------------------------------------------------------------------------------------------------------------------------CONTROLLING SERVICES # redhat-config-services # ntsysv (list what services start / stop) # chkconfig list # service ------------------------------------------------------------------------------------------------------------------------------------------------------------------FLOPPY DISK FORMATTING Low level format # fdformat /dev/fd0H1440 (/usr/bin/fdformat) High level format # mkfs t vfat /dev/fd0 # mke2fs /dev/hda13 (Formatting to ext2 file system) #mkfs t ext3 /dev/fd0 (Formatting to ext3 file system) #mkfs J /dev/hda10 (Formatting to ext3 file system) ------------------------------------------------------------------------------------------------------------------------------------------------------------------REMOVE THE LINUX COMMANDS HISTROY Command mode # HISTSIZE=0 # HISTFILESIZE=0 Remove history commands from root permanently # vi .bash_profile user specific statements HISTSIZE=0 HISTFILESIZE=0 export USERNAME BASH_ENV PATH HIST SIZE HISTFILESIZE
Page No 38
::wq! # export HISTFILESIZE=0 # export HISTSIZE=0 ------------------------------------------------------------------------------------------------------------------------------------------------------------------VIRTUAL NETWORK SCRIPTS # cd /etc/sysconfig/network/network_scripts (all network services display) # echo 1 > /proc/sys/net/ipv4/icmp_ignore_all (pinging off your machine ip address) # echo 1 > /proc/sys/net/ipv4/ip_forward (pinging off your machine ip address) # vi /etc/sysctl.conf (network ipv4_forward information) -------------------------------------------------------------------------------------------------------------------------------------------------------------------
NETWORK INFORMATION SERVICE RPM YPSERV YPBIND - SERVER SIDE - CLIENT FROM NIS SERVER # domainname <domain name> (or) system-config-authentication use NIS information use MD5 password authentication use shadow password authendication click next button domain : <domain name> server : <server ip address> finish vi /etc/yp/yp.conf vi /etc/yp/ypserv.conf vi/var/yp/Makefile (Make for the NIS Databases) # vi /etc/sysconfig/network/nertwork_scripts (check the domain name) chkconfig ypserv on # service ypserv restart
Page No 39
YP-TOOLS
- SERVER SIDE
# /usr/lib/yp/ypint m ------server host : server1.example.com press ctrl+d press y (updating NIS database) #service yppasswdd restart Note : Through NFS the NIS server users /home directory can sharing to the NIS client Note : The root permissions u=rwx g=rx o=rx (ie chmod 755 /root) vi /etc/exports /home *(rw,sync) /root *(rw,sync) # service nfs restart # exportfs av TOCLIENT system-config-authentication (or) authconfig use NIS information use MD5 password authentication use shadow password authendication click next button domain : <domain name> server : <server ip address> finish # service ypbind restart # cd /etc/securetty # login : (from nis user name) NIS Trouble Shooting (client side) ypwhich - return name of NIS server or map master yptest test NIS configuration Note : NIS server users /home directory can permanently mount to the NIS client vi /etc/fstab 192.168.0.254:/home /home 192.168.0.254:/root service nfs restart service netfs restart
Page No 40
nfs
defaults 00
0 0
/root nfs
defaults
Note : logout the existing users & logon to the NIS server users. ------------------------------------------------------------------------------------------------------------------------------------------------------------------Linux commands (Alias) # alias k=ls l # alias m= mkdir # alias r= rm #alias c=clear check the filetype # file < filename> # file <directory name> # file.txt # file vasanth.txt CAT command # cat A <filename> show all characters # cat s <filename> sqeeral # cat b <filename> number specify each line. Help Utilities # man passwd # passwd --help # ls --help # info less # info passwd Graphical Editor # xemacs # vi # kwrite # kmail # gedit # ooffice (Word) # oocalc (Excel) # oopadmin ( printadmin)
Page No 41
whereis # whereis update # whereis grep # whereis smb.conf find # find / -name *.html # find /var/www/html -type f name *.html exec rm f {} /; # find / -name mount # find /home/vasanth name *.txt exec cp {} {}.org \; # find /home/vasanth name *.txt exec cp {} \txtbackup \; (Search all text files and copy to \txtbackup folder) # find /home/vasanth name *.txt exec rm {} \; (Remove all the text files for specified folder) # which csh # which sh # which rm # which bsh Note : which command is used to identify the path /bin & /sbin Login # exe login <username> # exe login kumar Date & Time change # date s 2005-04-30 # date s 2005-04-30 18:45 # date + %x date # date + %X - time # date +d # date +c ls # ls l (detail information) # ls a (hidden) # ls R (subdirectory listing) # ls li (list the files inode)
Page No 42
SoftLink # ln s kl kumar Different inode and different filename HardLink # ln kl kumar1 same inode different filename Checking free space. # du s h # df h # df /opt
Modify the Linux HOST NAME Go to X window network configuration Change the HOST NAME , IP Address, & set new HOSTNAME & IPADDRESS. SET Command (set the default editor) # set o emacs # set o vi # shopt o vi # shopt - emacs # set o noclobber (clobber on) ------------------------------------------------------------------------------------------------------------------------------------------------------------------DHCP CONFIGURATION # ntsysv Display what services automatically started. # chkconfig dhcpd on # chkconfig list dhcpd cp /usr/share/doc/dhcp-3.op.1/dhcpd.conf.sample /etc/dhcpd.conf # vi /etc/dhcpd.conf subnet 192.168.0.0 net mask 255.255.255.0 Range dynamic_bootp 192.168.0.21 192.168.0.40 ; :wq (save & exit) # service dhcpd restart
Page No 43
# touch /var/lib/dhcp/dhcp.leases # vi /var/lib/dhcp/dhcp.leases # ddns (other users access) # dhclient (dhcp client) ------------------------------------------------------------------------------------------------------------------------------------------------------------------Shell Script Command Execution # vi sum.sh echo enter 1 st value: read num1 echo enter 2 nd value: read num1 sum = `expr num1+num2 echo Total $sum :wq!(Save & Exit) ------------------------------------------------------------------------------------------------------------------------------------------------------------------Squid Proxy 1. Set the proxy server, to restrict the particular websites sharing to the client users.
2. To create the partition volume capacity at least 100 MB up to 2 GB. This partition
can be used to configure the squid proxy. Take the 1000 MB capacity partition (for example /dev/hda9) for squid configuration. # fdisk -l #mkdir /squid # mount /dev/hda9 /squid # ls /squid # df h # vi /etc/fstab /dev/hda9 /squid ext3 0 0 :wq! (save & exit) cd /etc/squid/ cp squid.conf squid.conf.bak vi /etc/squid/squid.conf line no : 53 http port:3142 (specify the port value for example 8080) line no : 695 cache_dir ufs /var/spool/squid 1000 16 256
Page No 44
line no : 705 cache_access_log /var/log/squid/access.log line no : 710 cache_log /var/log/squid/cache.log line no : 720 cache_store_log /var/log/squid/store.log line no 1860 : #http_access allow our_networks acl network src 192.168.0.0/24 acl domain_allow dstdomain .yahoo.com .naukri.com .rediff.com http_access allow network domain_allow acl server src 192.168.0.254/32 http_access allow server acl elmaq src 192.168.0.30/24 http_access deny elmaq :wq!
# squid z (update the database to squid partition /dev/hda9) # service squid restart ------------------------------------------------------------------------------------------------------------------------------------------------------------------RAID Partitions mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/had {10,11,12} Initialize RAID 5 array mke2fs j -b 4096 R stride=16 /dev/md0 (4096 4K blocks, chunk size=64k stride=16) - Format the disk with an ext3 file system vi /proc/mdstat Make sure that the array has finished building mdadm --manage /dev/md0 --fail /dev/hda10 - Simulate a single disk failure mdadm --manage /dev/md0 --add /dev/hda10 Add in the new good drive mdadm --manage /dev/md0 --remove /dev/hda10 If drive failed, remove the existing drive mdadm detail /dev/md0 display the RAID information -------------------------------------------------------------------------------------------------------------------------------------------------------------------
Page No 45
LVM (logical Volume Manager) First Time creation /dev/hda10 = 500MB /dev/hda11 = 400MB /dev/hda12 = 350MB pvcreate /dev/hda10 /dev/11 /dev/hda12 9 (Physical Volume creations) pvdisplay (physical volume display) vgcreate backup /dev/hda10 /dev/hda11 /dev/hda12 (volume groupbackup) vgdisplay (display the volume group size ) lvcreate L 2000M backup n logbackup (logical volume group logbackup (2GB capacity) mkfs j /dev/backup/logbackup mount /dev/backup/logbackup /data (Now /data contains 2GB capacity) vi /etc/fstab /dev/backup/logbackup /data ext3 defaults 0 0
Extend LVM (Do not umount the existing LVM file system-for example /data) /dev/hda13 150MB /dev/hda14 - 100 MB (extra LVM partitions)
pvcreate /dev/hda13 /dev/hda14 (Physical Volume creations) vgextend backup /dev/hda13 /dev/hda14 ( Expand the capacity in existing volume group backup) vgdisplay ( display the volume group size ) lvextend -L +250M /dev/backup/logbackup( Expand the capacity in existing Logical volume +250 MB) ext2online /dev/backup/logbackup (to enlarge the file system) Note: Now /data contains 2.25GB capacity 2000MB and +250MB capacity extended. Remove LVM umount /dev/backup/logbackup lvremove /dev/backup/logbackup (Logical volume remove logbackup)
Page No 46
vgchange an backup (this deactivates the volume group) vgremove backup (this deletes the volume group) ------------------------------------------------------------------------------------------------------------------------------------------------------------------Make a swap partition # fdisk /dev/had #m (for help) #n (add a new partition) # First cylinder(1755) # Last cylinder or megabytes +500M # t change the system partition id # hda(1-10) - 10 # l file system (82 Linux swap) # w (save) # partprobe # mkswap v1 /dev/hda10 # vi/etc/fstab /dev/hda10 :wq! # service nfs restart # swapon a (active the swap partition) # swapon s (check the status of the swap partition) ------------------------------------------------------------------------------------------------------------------------------------------------------------------DISK QUOTAS # vi /etc/fstab set the quotas for LABEL=/home :wq! # mount o remount /home USER QUOTA # quotacheck cm / # quotaon /home # edauota u vasanth (username)
Page No 47
swap
swap
defaults 0 0
/home 1 1
ext3 defaults
usrquota,grpquota
Files systems 0 # login : vasanth # cat >bim.txt GROUP QUOTA
blocks soft 1568 100 (Soft limit 100K)
hard
inods
soft
200 (Hard limit 200K) 287
# edquota g elmaq (groupname) Files systems 0 login : test1 (This test1 is grouped from elmaq) login : test2 (This test2 is grouped from elmaq) Create any files from the users test1 or test2; do not exceed 100k to 200k. Because the quotas defined maximum of 200K. # repquota a (reports the users quota) # quota vasanth (report for particular user quota) quotacheck command options -a = scan all file systems, quota enables /etc/mtab -v = performs verbose scan -u = user quota scan -g = group scan -m = remove the scanner files for example the command as follows quotacheck avugm /home ------------------------------------------------------------------------------------------------------------------------------------------------------------------blocks soft 1568 100 (Soft limit 100K) hard inods soft 200 (Hard limit 200K) 287
SUDO vi /etc/sudoers # User Alias specification User_Alias USERS=user1, user2
Page No 48
#Cmnd_Alias specifications Cmnd_Alias #User Privilage specification root ALL=(ALL) ALL USERS ALL=ALL, COMMAND Login user1 User1@server1$ sudo /usr/sbin/useradd kannan User1@server1$ sudo /usr/sbin/passwd kannan User1@server1$ sudo /sbin/shutdown h now ------------------------------------------------------------------------------------------------------------------------------------------------------------------PAM (Pluggable Authentication Module) /etc/pam.d PAM account specifications /lib/security PAM Accounts Service /etc/pam.d 1. login account required /lib/security/pam_access.so 2. vsftpd account required /lib/security/pam_ftp.so 3. crond account required /lib/security/pam_deny.so 4. hwbrowser account required /lib/security/pam_deny.so 5. system-config-display account required /lib/security/pam_deny.so 6. system-config-samba account required /lib/security/pam_deny.so 7. system-config-securitylevel account required /lib/security/pam_deny.so 8. system-config-rootpassword account required /lib/security/pam_deny.so 9. sshd account required /lib/security/pam_deny.so ------------------------------------------------------------------------------------------------------------------------------------------------------------------Auto Mounter (cd, floppy & nfs) /etc/auto.misc Enable the following options cd pub fstype =iso9660,ro,nosuid,nodev fstype=nfs,intr,soft -fstype=auto :/dev/cdrom (automount the : 192.168.0.254:/pub (automount the :/dev/fd0 (automount the floppy cdrom from /misc/cd) nfs pub folder from misc/pub) floppy from /misc/floppy)
Page No 49
COMMAND
/usr/sbin/useradd,/usr/bin/passwd,/sbin/shutdown h now
/etc/auto.master /misc /etc/auto.misc --timeout=60 service autofs restart ------------------------------------------------------------------------------------------------------------------------------------------------------------------E-Mail Configuration Configuring of IMAP & POP Open the file /etc/dovecot.conf Enable the line protocols=imap imaps pop3 pop3s Save the file Service dovecot restart Configuration of Sendmail (SMTP) Open the file /etc/mail/sendmail.mc Edit the line DAEMON_OPTIONS..... change the IP address to the mailserver's IP address. Save the file. Now in the prompt issue the following command... # m4 sendmail.mc > sendmail.cf Open the file /etc/mail/submit.mc Edit the line FEATURE..... change the IP address to the mailserver's IP address. Save the file.
Now in the prompt issue the following command... # m4 submit.mc > submit.cf Open the file /etc/mail/local-host-names Add the following parameters a. ur mail servers name (ex: server1.example.com) b. mail c. localhost.localdomain
Page No 50
d. localhost e. just ur domain name (ex: example.com) Open the file /etc/mail/access Add the following parameters to the list existing there... ur mail servers name (ex: server1.example.com) (i.e) server1.example.com ur domain name (ex: eample.com) mail <ur mail servers IP> RELAY RELAY RELAY RELAY
Now in the prompt issue the following command... # makemap hash access.db < access # service sendmail restart Create 3 users for user1, user2 and user3 Now create an account in the 'evolution' mail service from server (server1.example.com) Tools -> settings Add new Mail Account -> FullName : user1 E-mail: user1@server1.exampel.com (click forward) Receiving Mail : IMAP Host : server1.example.com (or) u r mail server ip address (Click Forward) Sending Mail : SMTP Host : server1.example.com (Click Forward) Name: user1@server1.example.com Finish Go to user1 inbox Tools -> settings Add new Mail Account -> FullName : user2 E-mail: user2@server1.exampel.com (click forward) Receiving Mail : IMAP Host : server1.example.com (or) u r mail server ip address (Click Forward) Sending Mail : SMTP
Page No 51
Host : server1.example.com (Click Forward) Name: user2@server1.example.com Finish Go to user2 inbox Tools -> settings Add new Mail Account -> FullName : user3 E-mail: user3@server1.exampel.com (click forward) Receiving Mail : IMAP Host : server1.example.com (or) u r mail server ip address (Click Forward) Sending Mail : SMTP Host : server1.example.com (Click Forward) Name: user3@server1.example.com Finish Go to user3 inbox GO to Client machine For Example Station1.example.com Before going to configure the evolution mail Put the entry for /etc/hosts - Mail server IP and Mail server name For example Vi /etc/hosts 192.168.0.254 server1.example.com Go to Evolution Mail Tools -> settings Add new Mail Account -> FullName : user1 E-mail: user1@server1.exampel.com (click forward) Receiving Mail : IMAP Host : server1.example.com (or) u r mail server ip address (Click Forward) Sending Mail : SMTP Host : server1.example.com (Click Forward) Name: user1@server1.example.com Finish Go to user1 inbox
Page No 52
GO to Client machine For Example Station2.example.com Before going to configure the evolution mail Put the entry for /etc/hosts - Mail server IP and Mail server name For example Vi /etc/hosts 192.168.0.254 server1.example.com Go to Evolution Mail Tools -> settings Add new Mail Account -> FullName : user2 E-mail: user2@server1.exampel.com (click forward) Receiving Mail : IMAP Host : server1.example.com (or) u r mail server ip address (Click Forward) Sending Mail : SMTP Host : server1.example.com (Click Forward) Name: user2@server1.example.com Finish Go to user2 inbox GO to Client machine For Example Station3.example.com Before going to configure the evolution mail Put the entry for /etc/hosts - Mail server IP and Mail server name For example Vi /etc/hosts 192.168.0.254 server1.example.com Go to Evolution Tools -> settings Add new Mail Account -> FullName : user3 E-mail: user3@server1.exampel.com (click forward) Receiving Mail : IMAP Host : server1.example.com (or) u r mail server ip address (Click Forward) Sending Mail : SMTP Host : server1.example.com (Click Forward) Name: user3@server1.example.com
Page No 53
Finish Go to user3 inbox Note: Now u can send and receive the mails from station1 (ie user1) to station2 (ie user2) and vice versa. (Send and Receive the Mails from linux server to Windows outlook express) Go to outlook express Select tools - > accounts -> Add mail Display name: user1 E-mail Address : user1@server1.example.com (click next..) My incoming mail server is a IMAP Incoming mail : 192.168.0.254 ( this is linux mail server ip address) Outgoing Mail (SMTP) server 192.168.0.254 ( this is linux mail server ip address) (click next..) Account name : user1 ( this is linux mail server username) Passwd : xxxxx (click next..) finish go to inbox of (192.168.0.254) u can send and receive the mails from linux server to outlook express and vice versa ------------------------------------------------------------------------------------------------------------------------------------------------------------------XDMCP X Desktop Management Control Protocol
In linux you need to provide font using either X font server (xfs) or hard coded font path in xf86 config and xf86config -u conf files. If you plan to use xfs font server, modify the file given below,
Page No 54
vi /etc/rc.d/init.d/xfs (make the following modifications) daemon xfs -droppriv -daemon -port -1 (change the following line as) daemon xfs -droppriv -daemon -port 7100 vi /etc/X11/fs/config (make the following modifications) check whether the following line is commented, #dont listen to tcp ports by default for security reasons #no-listen = tcp If you change or add the port use this comand to restart your x font server, service xfs restart vi /etc/X11/xdm/xdm-config (make the following modifications) : Display Manager.request port : 0 (comment it) ! Display Manager.request port : 0 vi /etc/X11/xdm/Xaccess (make the following modifications, this allows all hosts to connect) #* #any host can get a login window (change to) * #any host can get a login window
vi /etc/X11/gdm/gdm.conf (make the following modifications) [xdmcp] Enable = false (change to) Enable = True Make sure, port = 177
------------------------------------------------------------------------------------------------------------------------------------------------------------------DNS (Domain Name System)
Page No 55
Server: [server1.example.com, 192.168.0.254]
1) service named restart 2) cp /etc/named.conf /var/named/chroot/etc/named.conf

3) cp /etc/named/* /var/named/chroot/var/named 4) cd /var/named/chroot/etc/
5) vi named.conf
zone "java.com" IN { type master; file "java.com.zone"; allow-update { none; }; }; zone "0.168.192.in-addr.arpa" IN { type master; file "java.com.local"; allow-update { none; }; }; 6) cd /var/named/chroot/var/named 7) cp localhost.zone java.com.zone 8) cp named.local java.com.local 9) vi java.com.zone $TTL @ 86400 IN SOA server1.example.com. root.server1.example.com ( 42 3H 15M 1W 1D ) IN NS www IN A ; serial (d. adams) ; refresh ; retry ; expiry ; minimum
server1.example.com 192.168.0.254
26.
vi java.com.local $TTL 86400

Page No 56
IN
SOA
server1.example.com. root.server1.example.com. ( 1997022700 ; Serial 28800 14400 3600000 86400 ) ; Refresh ; Retry ; Expire ; Minimum (Domain 1 specified) Two Domains
IN 254 254 IN IN
NS PTR
server1.example.com www.java..com
for Same IP address PTR www.virtual.com (Domain 2 specified)
11) service named restart vi /etc/hosts
192.168.0.254 www.java.com
192.168.0.254 neat Device: Static IP add : 10.0.0.25 Netmask DNS: Primary DNS : 10.0.0.25 DNS Path DNS Client: 1) service named restart 2) neat Device: Static IP add : 10.0.0.24 Netmask DNS: Primary DNS : 10.0.0.25 DNS Path : redhat.com/ 3) vi /etc/resolv.conf search www.java.com nameserver 192.168.0.254 4) vi /etc/hosts
Page No 57
www.cirtual.com
: 255.0.0.0
: redhat.com/
: 255.0.0.0
192.168.0.254 192.168.0.254
www.java.com www.cirtual.com
5) service named restart DNS check utility dig x 192.168.0.254 host www.java.com host www.virtual.com host 192.168.0.254 nslookup www.java.com nslookup www.vitrual.com ------------------------------------------------------------------------------------------------------------------------------------------------------------------CONFIGURING APACHE TO HOST A SINGLE SITE In this scenario, we are going to host a website www.vk.com on IP 192.168.10.99. We assume that you have already configured DNS server to resolve this domain.
1.Create a directory under /var called /website. Put the webpages that you have
already created for your website in this directory. If you don't have a website ready, create one single html file for testing.
2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G.

The last 7 files will look sa here under :#<VirtualHost *> # # # # # ServerAdmin webmaster@dummy-host.example.com DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
3.Copy these 7 lines by issuing the command 7yy. Paste these 7 lines at the end by
pressing p. Your file will look as here under :#<VirtualHost *> # ServerAdmin webmaster@dummy-host.example.com
Page No 58
# # # #
DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost> #<VirtualHost *> # # # # # ServerAdmin webmaster@dummy-host.example.com DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost> 4.Change the last 7 lines to the following :<VirtualHost 192.168.10.99> DocumentRoot /var/website </VirtualHost> 5. Save the file and exit.
6)Now, at the prompt, issue the command service httpd start 7)Start a web browser and type www.vk.com at the address bar. 8)You will see index.html which will be the first page of ur website
CONFIGURING APACHE TO HOST MULTIPLE SITES ON SAME IP In this scenario, we are going to host website www.vk.com and www.redhat.com on IP 192.168.10.99. We assume that you have already configured DNS server to resolve these domains.
1.Create a directory under /var called /website to store www.vk.com webpages and a
directory under /var called /newweb to store www.redhat.com webpages. Put the respective webpages that you have already created for your websites in the corresponding directories. If you don't have a website ready, create one single html file for testing in each directory.
2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G.

The last 7 files will look sa here under :#<VirtualHost *> # ServerAdmin webmaster@dummy-host.example.com
Page No 59
# # # #
DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
3.Copy these 7 lines by issuing the command 7yy. Paste these 7 lines at the end by
pressing p. Your file will look as here under :#<VirtualHost *> # # # # # ServerAdmin webmaster@dummy-host.example.com DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost> 4. Repeat Step 3. The end of the file will look like here under :#<VirtualHost *> # # # # # ServerAdmin webmaster@dummy-host.example.com DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
Page No 60
# # # # #
ServerAdmin webmaster@dummy-host.example.com DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
5.If you want to host multiple domains on the same IP, there is a directive called
NameVirtualHost that you need to configure. You will find this directive to be commented just above the Virtual Host area. Change it to NameVirtualHost 192.168.10.99 . Once this is done, change the last lines to the following :<VirtualHost 192.168.10.99> DocumentRoot /var/website DirectoryIndex index.html </VirtualHost> <VirtualHost 192.168.10.99> DocumentRoot /var/newweb DirectoryIndex index.html </VirtualHost> 6. Save the file and exit. 7. Now, at the prompt, issue the command service httpd start 8. Start a web browser and type www.vk.com at the address bar. 9. You will see the index.html which will be the first page of www.vk.com 10. Now type www.redhat.com at the address bar. 11. You will see the ndex.html which will be the first page of www.redhat.com
Page No 61
NOTE : If you do not give the DirectoryIndex directive, you will always get the index.html of www.vk.com only. ------------------------------------------------------------------------------------------------------------------------------------------------------------------MULTI PLE SITES ON SAME IP ADDESS AND ALSO SHARING THE FOLDERS THROUGH HTTP Line No : 1004 NameVirtualHost 192.168.0.254:80 (www.java.com) VirtualHost 192.168.0.254:80> ServerAdmin root@server1.example.com DocumentRoot /var/www/html/java (This folder contains the web index.html) DirectoryIndex index.html ServerName www.java.com ErrorLog logs/dummy-java.com-error_log CustomLog logs/dummy-java.com-access_log common <Location javanotes> (This javanotes folder contains /var/www/html/java) Order allow,deny Allow from all </Location> </VirtualHost> (www.virtual.com) <VirtualHost 192.168.0.254:80> ServerAdmin root@server1.example.com DocumentRoot /var/www/html/virtual (This folder contains the web index.html) DirectoryIndex index.html ServerName www.virtual.com ErrorLog logs/dummy-virtual.com-error_log CustomLog logs/dummy-virtual.com-access_log common </VirtualHost> service httpd restart go to FIRE ROX and type the following with address bar http://www.java.com
Page No 62
------------------------------------------------------------------------------------------------------------------------------------------------------------------Introduction Alternatives
It is possible for several programs fulfilling the same or similar functions to be installed on a single system at the same time. For example, many systems have several text editors installed at once. This gives choice to the users of a system, allowing each to use a different editor, if desired, but makes it difficult for a program to make a good choice of editor to invoke if the user has not specified a particular preference. In our example, we are going to create a link called editor, which will have a generic name of myeditor. This link and generic name are going to be associated with 3 text editors, namely gedit, kwrite and emacs. We will then switch the default editor between these 3 editors according to user preference. The steps to implement this scenario are less, but the concept is not that simple to understand. Implementing Our Alternative Issue the following commands:Code: alternatives --install /etc/alternatives/editor myeditor /usr/bin/kwrite 90 alternatives --install /etc/alternatives/editor myeditor /usr/bin/gedit 90 alternatives --install /etc/alternatives/editor myeditor /usr/bin/emacs 90 The first command installs a link editor under /etc/alternatives directory, links it to a generic name of myeditor, which in turn is linked to the kwrite application with a priority of 90. The next two commands do the same thing for gedit and emacs. Now, Issue the following command Code: alternatives --config myeditor Your output will be as follows :Page No 63
code: There are 3 programs which provide 'myeditor'. Selection *+ 1 2 3 Command /usr/bin/kwrite /usr/bin/gedit /usr/bin/emacs -----------------------------------------------
Enter to keep the current selection[+], or type selection number: The option with the + sign is the default application. As you see, the above command also expects you to specify another choice if you wish to. Now, we have successfully created our alternative and have associated it with the above 3 applications. Now, double click on the Home icon on your desktop. I am assuming that you are currently working on KDE. Right click on any text file and then select Open With -> Other. In the window that is displayed, type /etc/alternatives/myeditor in the Open With Text Box and then tick the checkbox at the bottom that says Remember Application Association for this type of file and then click on the OK button. That's it. As you see in the above output, kwrite is the default editor. That is, whenever you double click on a text file, it will be opened in kwrite. Run the previous command again code: alternatives --config myeditor You will get the following output. Just type 2 as the selection number and press enter :code: There are 3 programs which provide 'myeditor'. Selection *+ 1 2 3 Command /usr/bin/kwrite /usr/bin/gedit /usr/bin/emacs
-----------------------------------------------
Page No 64
Enter to keep the current selection[+], or type selection number: 2 -------------------------------------------------------------------------------------------------------------------------------------------------------------------
Trouble shooting QUESTIONS 1. Rename your /etc/fstab configuration file. One possible name is /etc/bak.fstab 2. Rename your /etc/passwd configuration file. One possible name is /etc/bak.passwd 3. Backup your /boot/grub/grub.conf configuration file. One possible name is /etc/bak.grub.conf Edit the currently existing /boot/grub/grub.conf configuration file. Change the entry in the kernel Command line for root to the label for a different directory. For example #root (hda0,0) # cat (hd0,0)/grub/grub.conf # Kernel /vmlinuz-2.4.21.EL ro root =LABEL=/boot # initrd /initrd.img 4. LVM (For example To create a LVM Grouping of each 500 MB of /dev/hda5 & /dev/hda6 and mount to the /misc ) 5. Remove the .bash_profile .bash_logout .bashrc files from non privileged users & correct it. 6. Add nologin option to /etc/passwd in users section. Example (vasanth:x: 500:500:/ home/vasanth /bin/bash/nologin) and logon to the user. 7. Rename your /etc/shadow configuration file. One possible name is /etc/bak.shadow 8. Administrator not knowing the root password, but he wants login to root. 9. Modify some of the options or remove the file /etc/X11/xorg.conf and wcorrect it (X window trouble) 10. Modify some of the options inside the /etc/X11/xinit/xinitrc and correct it (X window trouble) 11. Change the runlevel to using /etc/inittab command 12. Damage the file systems like /home /var /opt /tmp and correct it
Page No 65
13. Permanently assign the different label name to the existing file system 14. Change the label name for existing files systems like LABEL=/, LABEL=/home, LABEL=/var & reboot the system, analyze the problem and correct it. 15. Using fdisk create a new partition, delete a partition, formatting, mounting, and permanently assign the drives from the fstab. 16. Set the Grub Boot loader password & remove the Boot loader password using Linux boot CD. 17. Trouble shooting X windows System # vi /etc/X11/xorg.conf Font path = :wq! # startx (problem starting) # service xfs off (problem starting in X window). 18. Apache trouble shooting Problem : apache service could not start # vi /etc/httpd/conf/httpd.conf listen 0.0.0.80 line no : 151 -> enable this line :wq! (save & exit) # Service httpd restart (service could not start) 19. Corrupt the file /bin/bash. And correct it. 20. Corrupt the file /sbin/init. And correct it 21. Damage the Existing Linux swap and make a new swap partition and include the /etc/fstab 22. chattr + i /etc/passwd, chattr +i /etc/group, chattr +i /etc/shadow (This is read only files). The users not login. 23. chattr + i /etc/securetty (This is read only files). Virtual console / tty problem 24. Open the file vi /etc/X11/fs/config comment to all FONT PATH options. And restart the system. 25. Comment the 1ST line from vi/etc/fstab for following # LABEL=/ :wq! Reboot the system & correct it.
Page No 66
(Remove the font path)
ext3 defaults
12
26. i) Rename your /etc/inittab configuration file. One possible name is /etc/bak.initttab ii) /etc/inittab # id:5:initdefault: (reboot the system and correct it)
27. For example your system was installed win98 and LINUX. (Problem creating -clear the linux MBR) Booting your system through win98 boot disk and apply the command FDISK /MBR, Restart the system now LINUX MBR is cleared. Recover the LIUNX MBR. 28. Rename your /etc/rc.d/rc.sysinit configuration file. One possible name is /etc/rc.d/bak.rc.sysinit 29. Rename your /etc/profile configuration file. One possible name is /etc/bak.profile 30. Rename your /etc/bashrc configuration file. One possible name is /etc/bak.bashrc 31. After typing the following command, check it three times and hit enter but once dd if= /dev/zero of=/dev/hda bs=446 count=1; reboot sector) 32. Use the following commands can overwrite the MOUNT command. # cp /bin/date /bin/mount (reboot the system) correct that problem 33. /etc/shadow #root:$1$1PlkLa::: (restart the system and correct it) 34. Go to vi /etc/sysconfig/network Netwroking = yes (change Networking=no) Hostname = localhost localhostdomain :wq! (save and exit) Problem : All Daemons are not functioning or not working 35. Go to vi /etc/selinux/config SElinux = disabled (change SElinux = enforcing=0 or enforcing=1) Save, exit and restart the system and correct that problem. 36. Remove all permissions to /tmp for the command as chmod 000 /tmp and restart the linux system. The X window problems creating. (wiped out your boot
Page No 67
37. Remove all permissions to /home for the command as chmod 000 /home and restart the linux system. The X window problems creating. 38. You can check it whether /tmp or /home directory is full (ie No Diskspace) or not. Because if any one is full the Xwindow problem is create it.
Page No 68
MAIL CONFIGURATION cd /etc/mail SENDMAIL CONFIGURATION vi sendmail.mc dnl # DAEMON-OPTIONS (port=smtp,Addr=127.0.0.1,NAME=MTA dnl -- line no 105 (Comment this line :wq! (save and exit) m4 sendmail.mc > sendmail.cf chkconfig sendmail on service sendmail restart IMAP,IMAPs,POP3 and POP3s Incoming Mail Configuration vi /etc/dovecot.conf protocols = imap imaps pop3 pop3s Note : (If the Examinar asking question IMAP you choose only IMAP) (If the Examinar asking question IMAPs(IMAP secure) you choose only IMAPs) :wq! (save and exit)
Page No 69
chkconfig dovecot on service dovecot restart go to X window and click Evolution mail and configure the mail for user JOHN in POP3 and SMTP. Now user john gets the mail. go to X window and click Evolution mail and configure the mail for user JANE in IMAP and SMTP. Now user jane gets the mail. Send the mail from ROOT to user JOHN using MAIL and MUTT Command Go to virtual console and apply the following commands : root@server1# mail -v john@server1.example.com Subject : HAI this is test mail . (dot) (Carbon copy)
CC :
ctrl-z ( mail informations stopped)
root@server1# mutt Press a key m (MAIL) To: john@server1.example.com Subject: TESTING MAIL Press y to sending a Mail Go to Evolution Mail click Send&Receive options, the user JOHN gets the mail.
Page No 70
-----------------------------------------------------------------------------------------------------------------------------------------------------------------Create a MAIL Certification cd /usr/share/ssl/certs rm dovecot.pem make dovecot.pem Country Name (2 letters code) GB : in State (or) province name (fullname) : tamilnadu Localityname (city) : Coimbatore Organisation name (eg.company): elmaq Organisation Unit Name(eg:section): Redhat Common Name (eg.Your Name or yours servers.hostname) : server1.example.com E-mail Address : john@server1.example.com cd /usr/share/ssl/certs/dovecot.pem (This is for Evolutation config. Mail certification) cp /usr/share/ssl/certs/dovecot.pem /usr/share/ssl/private (This Mail certification for mutt) ------------------------------------------------------------------------------------------------------------------------------------------------------------------IPTABLES Configure imaps in such a way that john gets authenticated and allowed to use Imaps. Cracker.org machines should not get authenticated Iptables A INPUT s 192.168.1.0/255.255.255.0 p tcp dport 993 j REJECT (IMAPs) Iptables A INPUT s 192.168.1.0/255.255.255.0 p tcp dport 143 j REJECT (IMAP) Configure POP3 on your system such that user jane is able to receive mails. Disable POP3 for cracker.org machines Iptables A INPUT s 192.168.1.0/255.255.255.0 p tcp dport 110 j REJECT (POP3) Iptables A INPUT s 192.168.1.0/255.255.255.0 p tcp dport 995 j REJECT (POP3s) -----------------------------------------------------------------------------------------------------------------------------------------------------------------Page No 71
Create a MAIL ALIASES for example.com as something.com Vi /etc/aliases (go to last line) example.com: something.com
NIS CLIENT (using Auto Mount) Vi /etc/auto.master /rhome /etc/auto.misc :wq ! (save and exit) vi /etc/auto.misc Go to last line nisuser1 -rw,soft,intr server1.example.com:/rhome/nisuser1
::wq! (save and exit) service autofs restart chkconfig autofs on go to virtual console and logon to the nisuser1
Page No 72
Page No 73
Page No 74
Page No 75

LINUX

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LINUX

Uploaded by

Copyright:

Available Formats

Maha avatar baba Redhat LINUX Admin documentation LINUX ENTERPRISE SERVER EDITION Version 4 1.

(kicks This is a directory which (kicksftp This is a (kickshttp This is a

4. click system settings user &

defaults, username=vasanth, nfs defaults 00

4 read 2 write 1- execute

r - read w- write x-execute

777( -) Directory Permission 002 = 775 (rwx rwx rx)

in.telnetd.ALL EXCEPT 192.168.0.50

Files systems 0 # login : vasanth # cat >bim.txt GROUP QUOTA

blocks soft 1568 100 (Soft limit 100K)

200 (Hard limit 200K) 287

SUDO vi /etc/sudoers # User Alias specification User_Alias USERS=user1, user2

------------------------------------------------------------------------------------------------------------------------------------------------------------------DNS (Domain Name System)

Server: [server1.example.com, 192.168.0.254]

1) service named restart 2) cp /etc/named.conf /var/named/chroot/etc/named.conf

vi java.com.local $TTL 86400

for Same IP address PTR www.virtual.com (Domain 2 specified)

11) service named restart vi /etc/hosts

2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G.

DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common

2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G.

DocumentRoot /www/docs/dummy-host.example.com ServerName dummy-host.example.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common

Enter to keep the current selection[+], or type selection number: 2 -------------------------------------------------------------------------------------------------------------------------------------------------------------------

(Remove the font path)

ctrl-z ( mail informations stopped)

You might also like