Upload
prasanth-mullapudi
View
59
Download
5
Tags:
Embed Size (px)
DESCRIPTION
L
Citation preview
Maha avatar baba
Redhat LINUX Admin documentation
LINUX ENTERPRISE SERVER EDITION Version 4
1. Linux Essential (RH033) 2. Linux System Admin (RH133) 3. Linux Network
Security (RH253)
Topics
Linux File System
/(Root)
-etc -bin -sbin -lib -root -usr -mnt -media -var -boot -tmp -opt -dev
-home-proc -lost-found -selinux
bin - used to store user commands. /usr/bin /also stores user commands
sbin – System Administrator commands /usr/sbin also stores system commands
root – home directory of the super user
media – mount points for file systems mounted
boot – contains kernel and other files used during system startup
lost+found – used by fsck to place files whose names cannot be found during file system
repair
lib – contains many library files
dev – store device files
etc – Contains configuration files
var – variable files such as log files and directories
proc – A virtual file system, that contains system information used by certain programs
tmp – a “scratch pad” for users and programs, /tmp has global read/write access.
home – location of user home directories
opt – installation directory for third-party package such as Star Office
selinux – security enhanced linux
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
File System Table
# vi /etc/fstab
Column1 - Directory Partition information (/dev/hda9 or LABEL=home)
Column 2 – Mount point (/dev/hda6, /data, /misc )
Column 3 – File system (ext3, nfs, ext2, swap, smbfs)
Column 4 – option
Column 5 – dumb directory
Column 6 – File system check
Page No 1
Add new device to fstab
# vi/etc/fstab
/dev/hda8 /data ext3 defaults 12
/dev/sb1 /xyz vfat defaults 00
:wq!
# service nfs start / restart
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
CD Writing
i) Nautilus CD Writing or Burning from GUI Mode
Go to X window double click /root explorer,
Copy Files or directory from Source and then click GO option from the menu. Select CD
CREATOR. Then click CDWRITING icon
ii) CD Writing or Burning from Virtual Mode
# mkdir abc
# cd abc (Put all dumbs inside this directory)
# cd..
# mkisofs –r –o abc.iso abc
# cdrecord –v dev=1,0,0 abc.iso
# cdrecord –scanbus (Where your cd writer is present)
# man cdrecord (help)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Commands UPDATEDB, SLOCATE, LOCATE
# updatadb (update databse)
# slocate grub.conf (locate the path grub.conf)
# locate httpd.conf (locate path httpd.conf)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
linux dump from cd (4 cd’s) to harddrive
Inser disk 1 from drive and come to super user prompt
# mount /media/cdrom
# cd /media/cdrom
# ls
# cp – av RedHat /var/ftp/pub
# cp –av images /var/ftp/pub
# umount /media/cdrom
# eject
Page No 2
Inser disk 2 from drive and come to super user prompt
# mount /media/cdrom
# cd /media/cdrom
# ls
# cp – av RedHat /var/ftp/pub
# umount /media/cdrom
# eject
Inser disk 3 from drive and come to super user prompt
# mount /media/cdrom
# cd /media/cdrom
# ls
# cp – av RedHat /var/ftp/pub
# umount /media/cdrom
# eject
Note : cp -u -update copy only when the SOURCE file is newer than the
destination file or when the
destination file is missing
example : cp –avu Redhat /var/ftp/pub
------------------------------------------------------------------------------------------------------------
----------------------------------------------------
Redhat Installation through Network File Sharing)
NFS (Network File Sharing method for Linux Installation)
From Server
Note: Put all Linux dump cd’s to the server in the directory path /var/ftp/pub
# vi /etc/exports
/var/ftp/pub *(ro,sync) (For all the client users access this directory ie [*])
Note: Assume if you want to share the /var/ftp/pub to particular client, the command as
follows:
/var/ftp/pub 192.168.10.2 /255.255.255.0 (rw,sync) (Read /Write access
permission)
:wq!
# exportfs –r (read all shared directories)
# exportfs –av (append and verbose all shared directories)
# service nfs start / restart
# service portmap start / restart
To Client
Note : Put the Linux 1st cd to the client machine and boot. Follow the commands.
Page No 3
boot : linux askmethod
Linux installation through network
1)NFS image
ii)HARDDRIVE
2)FTP
3)HTTP
4)CDROM
Select NFS image
Servername : server1.example.com (or) 192.168.0.20 – server ip
Redhat Dir : /var/ftp/pub
Now the installation starting
NFS (Network File Sharing for some folders
Some examples mounting through NFS
# vi /etc/exports
/mnt/cdrom *(ro,sync)
/mnt/floppy *(rw,sync)
/home/user2 *(ro,sync)
:wq!
# exportfs –r (read all shared directories)
# exportfs –av (append and verbose all shared directories)
# service nfs restart
# service portmap restart
To Client
# showmount –e 192.168.10.1
# mount 192.168.10.1:/var/ftp/pub /data1
# mount 192.168.10.1:/mnt/cdrom /data2
# mount 192.168.10.1:/mnt/floppy /data3
# cd /data1
# ls
# cd /data2
# ls
# cd /data3
# ls
NFS Overview
Page No 4
File sharing service.
RPC based service, so it requires Portmap.
Packages:
nfs-utils
Provides:
nfsd - Provides userland portion of NFS service.
lockd - NFS lock manager (kernel module)
rpciod -
rpc.mountd - Provides mounting services.
rpc.rquotad - Returns quota information.
rpc.statd - Used by lockd to recovery locks after a server crash.
portmap
Provides portmap program. Portmap maps calls made by other hosts to the
correct RPC service. Because portmap is compiled with tcp wrappers
support (libwrap), those that need to access portmap must be given access
via /etc/hosts.allow and/or /etc/hosts.deny.
Ports
TCP/UDP 111 - portmap
UDP 2049 - nfsd
The other NFS related services vary in the port numbers they use. Clients
contact portmap to find out the port number the other RPC services use.
Required Services
Listed in startup order:
NFS Server
portmap
nfs
NFS Client
portmap
nfslock
Configuration
/etc/exports
NFS server configuration file.
Format:
<directory> <host or network>(options) <host or network>(options) ......
It is critical that there not be any spaces between the host/network and
it's options.
Example:
Page No 5
# Allow all hosts in the somewhere.com domain to mount /var/ftp/pub read-
only
/var/ftp/pub *.somewhere.com(ro)
# Allow all hosts to mount /var/www/html read-only and allow certain hosts
# mount it read-write
/var/www/html *(ro) 192.168.1.0/255.255.255.0(rw)
192.168.2.10(rw)
# Allow certain hosts to mount /usr read-only and another read-write as
root
/usr 172.16.0.0/255.255.0.0(ro)
172.16.1.10(rw,no_root_squash)
# Allow access to /usr/local by everyone, but only as the anonymous user
/usr/local *(ro,all_squash,anonuid=100,anongid=100)
Restrictions
Root can't mount an nfs share as root unless no_root_squash is used.
Normally when root mounts a share, NFS maps root to the local user
nobody.
You can't export a directory that is a parent or child of another exported
directory within the same file system.
e.g. You can't export both /usr and /usr/local unless /usr/local is a
separate file system.
Common Export Options
no_root_squash - Remote hosts can access local shares as root
(Dangerous!)
ro - Read-only
rw - Read/Write
sync - All file system writes must be committed to disk before the
request can be completed.
all_squash - All remote users are mapped to a local anonymous user.
anonuid - Specify the uid to user for anonymous access.
anongid - Specify the gid to user for anonymous access.
/etc/fstab
Page No 6
Used for NFS client configuration
Example:
server:/usr /usr nfs user,soft,intr,rsize=8192,wsize=8192 0 0
Common NFS related mount options
soft - Processes return with an error on a failed I/O attempt
hard - If a process tries to access an unavailable share, it will hang until
data is retrieved.
intr - Allows NFS requests to be interrupted or killed if the server is
unreachable
nolock - Disable file locking in order to work with older NFS servers
rsize - Sets the number of bytes NFS reads from a share at one time
(default 1024)
wsize - Sets the number of bytes NFS writes to a share at one time (default
1024)
* Setting rsize and wsize to 8192 greatly increases performance.
Auto Mounting NFS shares
Requires autofs package to be installed.
Create entry in /etc/auto.misc for the NFS share:
ftp -fstype=nfs,intr,soft 192.168.1.20:/var/pub/ftp
If the default autofs setup is used, whenever someone accesses /misc/ftp, the
remote NFS share on 192.168.1.20 will be automatically mounted. The options
specified in the /etc/auto.misc have the same meaning as when they are used
in /etc/fstab.
NFS Utilities
exportfs
Used to maintain the table of exported file systems.
Example Usage:
exportfs -r # Refresh the share listing after modifying /etc/exports.
# This MUST be done in order for your changes to take effect.
exportfs -v # Display a list of shared directories
exportfs -a # Exports all shares listed in /etc/exports
Page No 7
# To export a filesystem not in /etc/exports
exportfs 192.168.1.0/255.255.255.0:/tmp
# Unexport a filesystem
exportfs -u 192.168.1.0/255.255.255.0:/tmp
showmount
Show mount information for an NFS server.
Does not require that any local NFS services be running in order to use it.
Example Usage:
showmount -e 192.168.1.67 # Shows available shares on host
192.168.1.67
showmount -a 192.168.1.67 # Shows the clients connected to host
192.168.1.67
# and the shares they have mounted.
rpcinfo
Reports RPC information.
Can determine if RPC services are running on a host.
Example Usage:
rpcinfo -p 192.168.1.77 # Display list of RPC services running on
192.168.1.77
------------------------------------------------------------------------------------------------------------------------------------------------------------------
KICK START INSTALLTION
From Server
# cd /etc
# cp anaconda-ks.cfg ks.cfg
Note : goto X window system, select System tools – KICKSTART. Modify basic
configuration installation method
NFS ip address : 192.168.10.1, Directory : /var/ftp/pub
Network : DHCP
Select the way you want to do (for Select language, keyboard layout, partition,
packages, boot loader etc.,)
Above information save the file to ks.cfg
Kick start installations possibility on four ways 1. FLOPPY 2.NFS 3.FTP 4.HTTP
# mount /media/floppy
Page No 8
# cp ks.cfg /media/floppy
# umount /media/floppyTo Client
Note : Put the Linux cd1 from the client machine and boot. Follow the any one command
with your
choice of installations
# linux ks=floppy
# linux ks=nfs:192.168.0.254:/kicks/ks.cfg (kicks – This is a directory which
contains ks.cfg file)
# linux ks=ftp:192.168.0.254:/kicksftp/ks.cfg cfg (kicksftp – This is a directory
which contains ks.cfg file)
# linux ks=http:192.168.0.254:/kickshttp/ks.cfg cfg (kickshttp – This is a
directory which stores in ks.cfg file)
Installation starting
Kickstart
Overview
Kickstart provides a way to do automated installations.
The Kickstart configuration file (ks.cfg) answers all the questions that are normally
asked during a normal install.
Allows you to automate most of the installation, including the following:
Language Selection
Mouse Configuration
Keyboard Selection/Configuration
Boot Loader Installation
Disk Partitioning
Network Configuration
Authentication (NIS, LDAP,Kerberos, Samba, and Hesoid)
Firewall Configuration
X Window System Configuration
Package Selection
Packages
mkkickstart - This package provides utilities that will create a kickstart file
based on the current machine's configuration.
ksconfig - Provides a graphical interface for creating kickstart files.
Creating a Kickstart File
Manual
Page No 9
Copy the sample.ks kickstart file from the RH-DOCS directory on the
documentation CD and modify it to meet your requirements. Be careful when
editing it because the sections must remain in order. The order is:
Command Section
%package Section
%pre & %post Sections
mkkickstart
Use the mkkickstart utility to create a kickstart configuration file based on the
current system's configuration.
ksconfig
Use the GUI tool ksconfig to create a kickstart file.
Kickstart Installation Types
Network
Requires a DHCP/BOOTP server.
ks.cfg file must be accessible from NFS, FTP, HTTP, or Samba (although I've
only been able to get it to work when the ks.cfg file is on NFS).
Can install from NFS, FTP, HTTP, & Samba.
Local
ks.cfg file must be put on a floppy boot disk.
Can install from a local CD-ROM or a local hard drive.
Kickstart Installation
Boot with a boot floppy. For a local kickstart installation, the ks.cfg must be located in
the root of the boot disk.
When SYSLINUX installation screen comes up, specify one of the following options:
ks=floppy - If ks.cfg is located on the floppy.
ks=hd:fd0/ks.cfg - Same as ks=floppy above.
ks=floppy dd - When ks.cfg is located on the floppy and you need a
driver disk.
ks=nfs:<server>:/path - ks.cfg file is on an NFS server.
ks=http:<server>:/path - ks.cfg file is on an HTTP server.
ks=ftp:<server>:/path - ks.cfg file is on an FTP server.
Additional Network Installation Info
When specifying "linux ks" at the installation prompt:
The ks.cfg file must be available via NFS.
By default, it is assumed that the ks.cfg file will be on the same server as
the DHCP/BOOTP server. To specify a different server for the ks.cfg file,
specify the following in the /etc/dhcpd.conf file:
Page No 10
filename "/path/to/ks.cfg"
next-server <hostname or IP>
If the path specified in the "filename" clause ends with a "/", then the file
that is looked for is: "/specified/path/<IP>-kickstart" where <IP> is the IP
address of the machine making the request.
Note that the path specified in the "filename" clause must be the full path
to the file and not the relative path from the NFS export. Kickstart will
automatically try to mount the NFS export based on the path's name. In the
above example, it would first try to mount "/path", then if that failed,
"/path/to".
If you don't wish to use DHCP to specify the location of the kickstart file, you can
specify one of the options listed above to point to the location of the ks.cfg file.
To install from NFS, the following directive must be used in the ks.cfg file right after
the "install" directive:
nfs --server <server> --dir <dir>
To install from HTTP or FTP, the following directive must be used in the ks.cfg file
right after the "install" directive:
url --url http://<server>/path
url --url ftp://<server>/path
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
User Creations, modification and password settings and removing
Four ways of user creations
1. adduser 2. useradd 3. redhat-config-user 4. click system settings – user &
groups
# useradd vasanth
# passwd vasanth
new password: xxxxxx
retype password: xxxxxx (at least 6 char)
# useradd –u 650 –d /home/vasanth –m vasanth
# useradd –u 700 –d /home/prem –m prem
# usermod –u 700 -o -l vasanth babaji (username modify from vasanth to babaji)
# passwd –d vasanth (remove the password)
# userdel –r vasanth (remove the vasanth user from /home dir)
Some of the important /etc configuration files modification and processing
# vi /etc/issue (After login to the user to display Terminal screen number, date and
time)
Page No 11
Terminal : \l
Date : \d
Time : \t
Hostname : \nwq!
Ctrl –d (refresh )
# vi /etc/motd (Set the title banner for after login to the user )
-----------------------------xxxxxxxxxxxxxx--------------------------
WELCOME TO ELMAQ
-----------------------------xxxxxxxxxxxxxx------------------------
:wq!
# login : user1
passwd : xxxxxx
# login : user2
passwd : xxxxxx
# vi /etc/shadow (users and groups password crypt)
disable the particular user id
:wq!
# login user1
do not login
#vi /etc/passwd (All users id and other information)
disable the particular user encrypt password
:wq!
# login user2
do not login
#vi /etc/group ((All the group id and other information are inside)
vi /etc/inittab
id : 5 (default) chage the run level 1 or 2 or 3 or 4 or 6
:wq!
Run level Description
0 – Shutdown
1- Single user mode
Page No 12
2 - Multiuse mode without network support
3 - Multi user mode with network support
4 -Not used
5 - Multiuse mode with X window
6 - System restart
Change the runlevel during startup (booting) linux
i) Press a key e come down again press e display Label = / (3 type runlevel), press
enter and press b (boot)
ii) Press a key a Label = / (3 type runlevel) and press enter
List the runlevel files (from runlevel 0-6)
# cd /etc/rc.d/rc6.d
# ls
# cd /etc/rc.d/rc5.d
#ls
# cd /etc/rc.d/rc3.d
# ls
List the services
# chkconfig -- list
# chkconfig network off
# chkconfig vsftpd on
# chkconfig xinetd on
# chkconfig xinetd off
# chkconfig smb on
# chkconfig nfs on
# chkconfig ypserv on
K – stop
S –start
# vi /etc/rc.d/rc.local ( create the shell scripts)
echo “ Your name “ $ name
read name
echo “ Your address “ $ address
read address
:wq!Page No 13
GRUB Redhat linux Enterprise
# vi /etc/rc.d/rc.sysinit (Modify the welcome to linux title screen)
we can modify “Welcome to linux title “ other wise “ Welcome to elmaq.edu”
:wq!
# vi /etc/redhat–release (Adding some text information)
“WELCOME TO LINUX TEAM”
:wq!
Adding new Terminals in run level for command interface
# vi /etc/inittab
copy 6 terminls and paste down
modify the terminal number example (8 –tty8, 9- tty9, 10-tty10, 11-tty11 etc.,)
:wq!
# init q
ctrl +d
Press the Function keys F8, F9, F10, F11 otherwise ctrl left cursor and right cursor.
View different terminals
Adding new Terminals in Graphical Mode
Come to command user mode
# startx -- :1 & new terminal set as F8
# startx -- :2 & new terminal set as F9
# startx -- :3 & new terminal set as F10
# startx -- :4 & new terminal set as F11
# startx (run only command mode on run level 3 or 5 )-----------------------------------------------------------------------------------------------------------------------------------------------------------------
Shutdown the linux
# shutdown –h now (shutdown immediate)
# shutdown –h 3 (After 3 minutes the machine will shutdown)
# halt (power off)
#poweroff
# reboot (restart)
# press ctrl +alt+del (restart)
------------------------------------------------------------------------------------------------------------
------------------------------------------------------
vi editor (user level)
# vi test.c (filename)
Page No 14
esc yy – copy
esc p –paste
esc dd –delete
esc cc – cut
------------------------------------------------------------------------------------------------------------
------------------------------------------------------
Switch Desk
KDE -Kool Desktop Environment or K desktop Environment
GNOME – GUN Network Object Module Environment
# init 3
# switchdesk kde
# startx
# init 3
# switchdesk gnome
# startx
------------------------------------------------------------------------------------------------------------
------------------------------------------------------
RPM (Redhat Package Manager)
Note : Before going to install the package, first come into Linux package directory then
apply the rpm -ivh command.
# rpm –qa|grep “samba” (package query for samba)
# rpm –qa|grep “telnet” (package query for telnet)
# rpm –ivh telnet-server(press tab key take full name of telnet package)
(install telnet package)
# rpm –ivh sendmail (press TAB key take full name of sendmail package)
(install telnet package)
# rpm –ivh redhat-config-samba –aid (press TAB key take full name of samba
package) (install telnet package)
# rpm –e sendmail (remove sendmail package from linux)
# rpm –e telnet (remove telnet package from linux)
# rpm –ql kernel/less (list the kernel oriented files)
# rpm –ql samba/less (list the samba oriented files)
# rpm –qf /etc/inittab (Which file required for inittab command)
# rpm –qf /etc/fstab (Which file required for fstab command)
# rpm –qf /etc/issue (Which file required for issue command)
Page No 15
# rpm –U kernel (press TAB key take full name of kernel) (Upgrade the kernel
package)
------------------------------------------------------------------------------------------------------------
-----------------------------------------------------
Network Configuration and connectivity
# redhat-config-network (Configure the Network Card )
Go to GUI Mode Click System tools – Network – New Ethernet connection – static ip
address 192.168.10.50/255.255.255.0
# netconfig
# ifconfig (display ip address)
# ifconfig eth0:192.168.0.23 up (ip address specify and up)
# ping 192.168.10.1 (Check the network connectivity)
# arp –a (Display Mac addresses for an added entry of the network machines)
# ifdown eth0 (disable the LAN card configuration)
# ifconfig
# ifup eth0 (enable the LAN card configuration)
# ifconfig
# service network restart /start
# ifup eth0 192.168.10.50 up
# service network restart
------------------------------------------------------------------------------------------------------------
------------------------------------------------------
IP aliashing
Define: More than one ip address we can create in single network card.
etho – this is real lan card for physical ip address
eth0:1 ---- virtual ip address
eth0:2 ---- virtual ip address
eth0:3 ---- virtual ip address
# netconfig –d eth0:1 (specify the ip 192.168.10.4)
# netconfig –d eth0:2 (specify the ip 192.168.10.5)
# netconfig –d eth0:3 (specify the ip 192.168.10.6)
list the network card scripts
# ls /etc/sysconfig/network-scripts/
# cd /etc/sysconfig/network-scripts
# ls
# rm ifcfg-eth0:1 (Remove the virtual lan)
# ifdown eth0:2 (disable the virtual configuration)
Page No 16
# ifconfig
# ifup eth0:2 (enable the virtual configuration)
# ifconfig------------------------------------------------------------------------------------------------------------------------------------------------------------------
Job Scheduling
Note : using cron and at command
Crontab
minutes of hour / hours of day / day of month / month of year
* * * *
# date (check the date & time)
# crontab –e (view the editor)
31 * * * * touch file1.txt
32 * * * * mkdir elmaq
35 * * * * echo “hello” >> /dev/tty2
:wq!
Service crond restart
# date
# ls
Go to terminal 2 (tty2) – alt+F2 and check it u-received message as hello.
Using crontab for user login
$ date
$ crontab –e
40 * * * * cat > bin.txt
42 * * * * echo “HAI “ >> dev/tty4
:wq!
Service crond restart
$ date
$ ls
# crontab –e
30 17 * * * * /sbin/ifdown eth0
30 9 * * * * /sbin/ifup eth0
00 20 * * * * /sbin/init 0
# crontab –e
42 * * * * echo “HAI “ >> dev/tty4
:wq!
service crond restart
Page No 17
$ date
$ ls
view the cron information
# cd /etc
# vi cron
# vi crontab
Denied the crontab permission for particular user
# vi /etc/crond.deny
user2 (crontab not access within user2)
user1 (crontab not access within user1)
:wq!
Go to user1 or user2 and type the following commands
# crontab –e (crontab denied)
# vi /etc/crond.allow (Allow the crontab permission)
root (super user)
vasanth (ordinary user)
:wq!
# crontab –help
# crontab –r
# crontab –l (list the crondtab informations)
# crontab –u user1 –r (delete a user1 from crontab)
crontab to Using vi editor method
# vi abc
48 * * * * touch bin.txt
:wq!
#crontab abc
#date
Display the crontab job scheduling report
# cd /var/spool/cron/
# cat root
Job scheduling at command
# at now + 1 min (one minute after the following commands will execute)
at > touch vasanth.txt
at > mkdir elmaq
at > echo “WECOME TO ELMAQ” >> /dev/tty2
Page No 18
at > useradd test
at > passwd test
at > ctrl + d (finish)
note : After one minute type the following command
# ls
Denied the at permission for particular user
# vi /etc/at.deny
root (at not access within root)
user1 (at not access within user1)
:wq!
login : user1
$ at now+1 min (Do not permit)
login : root
# at now+1 min (Do not permit)
# vi /etc/at.allow (Permit the at command)
user2
prem
:wq!
# atq (list the job with at )
# atrm 5 (remove a job from 5)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
User Creation for Manual Method
# vi /etc/passwd
benq : :502:502:/home/benq:/bin/bash (benq is a user name, 502 is a user id, shell :
borne shell (bsh) )
#vi /etc/group
benq:x:502
# mkdir /home/benq
#chown –R benq.benq. /home/benq
# cd /home
login : benq (user login not good prompt)
# cp –av /etc/skel/. /home/benq
Page No 19
# useradd –D (view the user details)
login : benq (user login good prompt but without password)
# pwconv
# vi /etc/shadow
#pwunconv
#vi /etc/shadow
#vi /etc/passwd
#pwconv
#passwd benq
new password : xxxxxx
retype password : xxxxxx
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
FTP (File Tranfer Protocol)
Define: Get and Put the files to and from remote machine
# service vsftpd start /restart (Very secure FTP)
#
username : vasanth
password : xxxxxx
Group of files mget & mput
ftp > mget * (group of files received from the user vasanth)
ftp > mput * (group of files place to the user vasanth)
ftp > ls (list the files in your machine)
ftp > !ls (list the files from specified user)
ftp > bye (Exit)
Single file get & put
ftp > get vasanth.txt
ftp > get prem.txt
ftp > put vk.txt
ftp > vijay.bak
Page No 20
FTP scripts file
# vi /etc/vsftpd
# vi /etc/vsftpd/vsftpd.conf
ftpd “Welcome to Elmaq FTP”
:wq!
# vi /etc/vsftpd.user_list (denay the ftp users login)
root
vasanth
# vi /etc/vsftpd.ftpusers (denay the ftp users login)
root
vasanth
GFTP (Graphical FTP)
Note : go to X window click Internet – More Internet Application – gFTP
HOST : 192.168.0.20 PORT : 20 USER : vasanth Pass : xxxxxx FTP
Now connecting and transfer the files from source to destination, destination to source
and vise versa.
LFTP
# lftp 192.168.0.20
# lftp 192.168.0.20 > ls
< pub >
# cd pub
# mget * (only getting the files from remote machine, no files are putting)
#lftp [email protected]
password : xxxxx
vasanth@station1$ mget * (getting the files from remote user vasanth)
------------------------------------------------------------------------------------------------------------
------------------------------------------------------
Samba Configuration
Def: Share the folders from Linux to windows and windows to Linux
Sharing the folders from Linux to windows
# service smb start /restart /status
# mkdir /data (we take example samba sharing folder /data)
# cd /data
Page No 21
# cat > mn.txt
# cat > bm.txt
# useradd sambatest (samba user name)
# smbpasswd –a sambatest (set the sambapassword for the user name sambatest)
# vi /etc/smb.conf (samba configuration file)
Global settings
Workgroup = LINUXSRV – work group name
Hosts allow 192.168.0.70 . 127 (allow the samba for particular host machine)
Shared definitions (go to the last line Copy (esc 8 yy – 8 lines yanked & Paste)
[My share]
***************
***************
***************
[elmaq]
path = /home/vasanth
public =yes
writable =yes
valid user = user2 (particular user only access )
:wq!
# testparm (View the information about what folders we are sharing)
# service smb restart
# smbclient –L localhost
Go to windows and login to the samba username=sambatest and give the
password :xxxxxx
Double click Network neighborhood view /elmaq (domainname) – linux folder
(/home/vasanth)
(Click Network Servers options in X window and view the shared folders)
sambaclient and sambamount from linux to linux machine
# smbclient //localhost/elmaq (domai name)/-U username=user2 (smbuser)
# smbmount //192.168.10.2/elmaq –o username =user3 (smbuser)
Sharing folders from windows to Linux
Note: From windows machine sharing the drive C: or some folders (example /dumb) then
go to Linux machine.
# smbmount //192.168.0.10 /dump /test –o username=administrator
192.168.0.10 (windows machine ip)
/dump (soruce folder from windows)
Page No 22
/test (destination folder to linux)
administrator – windows user name
# cd/test
# ls
(or)
# mount –t smbfs –o username=administrator //192.168.0.100/dump /test
# smbtree (samba tree)
# smbclient //192.168.0.100/student –U administrator
password : xxxxx
smb:> ls (list the windows files)
smb:> mget * (getting & putting the files through samba ftp)
smb:>exit
Assign permanently samba and nfs mounting from fstab (linux to linux and windows
machine)
# vi /etc/fstab
192.168.0.15:/share /opt nfs defaults 0 0
//192.168.0.15 /sad /tmp smbfs defaults, username=vasanth,
passwd=xxxxxx 0 0
192.168.0.17:/var/ftp/pub /dump nfs defaults 0 0
:wq!
#service nfs restart
#service smb restart
# service netfs restart
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
GRUB and LILO Boot Loader
Grub to lilo
# lilo
Lilo to Grub
# grub–install /dev/hda
# vi /boot/grub/grub.conf
# root (hd0,0) (comment this line)
# kernel /vmlinuz-2-4-21-40 EL ro root = LABEL=/ (comment this line)
# initrd /initrd –2.4.21.4 EL.img (comment this line)
# boot (comment this line)
:wq!
After restart the linux system the command prompt appear
grub > root (hd0,0)
Page No 23
grub > cat (hd0,0)/grub/grub.conf
grub > kernel /vmlinuz-2-4-21-40 EL ro root = LABEL=/ 3
grub > initrd /initrd –2.4.21.4 EL.img
grub > boot
booting of the linux
set the password to grub loader
Method 1:
Goto gnome or KDE terminal and type the following commands:
# grup-md5-crypt
password : xxxxxx
retype : xxxxxx
$4567898@#637 (copy this encrypt password and paste to:
# vi /etc/grub.conf
Before the title in linux
Password --md5 $4567898@#63
After the title in linux
Password --md5 $4567898@#63
:wq!
Method 2:
# grub–md5-crypt >> /boot/grub/grub.conf
new passward : xxxxxx
retype password :xxxxxx
#vi /boot/grub/grub.conf
Remove the password at bottom of the line
set the password to LILO
# rpm –qa|grep “lilo”
# vi /etc/lilo.conf----------------------------------password : xxxxxx------------------------------------:wq!
Restart the system
Page No 24
We don’t know grub password but want remove it from grub.conf
Insert the Linux disk1 in to the cdrom drive then boot. The command prompt appears
boot: linux rescue
# chroot /mnt/sysimage
# vi /etc/grub.conf
Remove the password line
:wq!
# exit
# exit
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
Services
# netsysv (what services should be automatically started)
# system-config-services – Display the all services in X window.
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Permissions
U – user 4 – read r - read
G – group 2 – write w- write
O – others 1- execute x-execute
# cat > file1
# cat > file 2
# ls –l
# chmod 677 file1
# chmod ugo=rwx file2
# ls –l
# mkdir test
# cp *.txt test
# chmod –R 766 test (R - Recursively)
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
Chown (Change Owner)
# chown vasanth test1 (now changing the ownership to user vasanth)
# chown prem test2 (now changing the ownership to user prem)
# chgrp vasanth test1 (now changing the group to vasanth)
# chgrp prem test2 (now changing the group to prem)
# chown nobody.elmaq sharefile (ownership – nobody but group=elmaq)
SGID (set Group ID)
Page No 25
Special permission – numeric value 2
Create 3 users
useradd class1
passwd –d class1
useradd class2
passwd –d class2
useradd class3
passwd –d class3
Create a group
groupadd elmaq
vi /etc/group
check the groupname - elmaq groupid
elmaq:x:710 class1,class2 (users membership)
vi /etc/passwd
class1:x:690:690 - > 690 change the group id to 710
class1:x:690:710 (here userid – 690(class1) and 710(elmaq) is called group id)
class2:x:691:710 (here userid – 691(class2) and 710(elmaq) is called group id)
class3:x:692:692 (here userid – 692(class3) and 692(class3) is called group id)
above statements the class1 and class2 had membership from elmaq group
Go to root login. Create one common folder for accessing group permission
# mkdir /home/angels (here angles is a common folder for accessing the group membership users)
# chown nobody.elmaq /home/angles (Set the group ownership of elmaq group)
#chmod 2770 /home/angles (set the group id and permissions for user=rwx group=rwx and other=none)
Go to other Terminals
Login class1
$ cd /home/angles (permissions accept)
Login class2
$ cd /home/angles (permissions accept)
Login class3
$ cd /home/angles (permissions denied) – because this user not membership from elmaq group
Page No 26
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
STRICKY BIT
This is special file permission for Directories. For access this directory only the user
ownership and super user.
Others can’t access.
Logon to a user (for example student)
Login student
# ls –ld /tmp
# cd /tmp
# mkdir stricky
# ls –ld stricky
# chmod 1770 stricky (1 – stricky bit ) (or) chmod 1755 stricky
(or)
# chmod o+t stricky
# ls –ld stricky
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
UMASKLogin from root
root # umask
0022
666 ( - ) File Permission 777( -) Directory Permission
022 = 644 (rw r r) 022 = 755 (rwx rx rx)
vasanth $: umask
0002
666 (-)File Permission 777( -) Directory Permission
002 = 664 (rw rw r) 002 = 775 (rwx rwx rx)
Change umask
root # umask 044
666 (-)File Permission
044 = 622 (rw w w)
# cat > mk.txt
# cat > bn.txt
Page No 27
# ls –l
vasanth $ : umask 044
666 (-)File Permission
044 = 622 (rw w w)
# cat > low.txt
# cat > high.txt
# ls –l
If you want to change the umask permanently in privilege & non privilege users for following:
# vi /etc/bashrc
umask = 044 – set the umask .
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
SWITCH USER# su – user2 (Skip from root to user2)
# su – (come back to root)
# su – user3 (Skip from root to user3)
# su –
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
CREATE A NEW PARTITION
# df –h (Check the free space of your Harddisk)
# fdisk –l
# fdisk /dev/hda
:m help
:p (print the partition)
:n (new partition)
first range : 4024 (cylinders)
last range : +500M
-t (change the partition id)
partition (1-13) 13 (Partition volume example /hda13)
-l (File System type)
- 83 (linux File system)
-w (writing table)
ctrl +c (exit)
# partprobe (without restart system the partition defined)
# mkfs.ext3 /dev/hda13 (ext3 linux filesystem) (or) # mkfs –t ext3 /dev/hda13 (or) mkfs – j /dev/hda13
# e2label /dev/hda13 /data (Label name = /data)
Page No 28
# mkdir /data
# mount /dev/hda13 /data (mount /hda13 to /data)
# vi /etc/fstab
/dev/hda13 /data /ext3 defaults 0 0
:wq!
#service nfs restart (It is automatically mounted every time starts the Linux machine /dev/hda4 to /data)
DELETE A PARTITION
Note : (Before delete a partition , first umount the partition files systems)
# fdisk /dev/hda
# command (m) help : d
# partition (1-9) : 9 (deletion partition)
# command(m) : w (writing table)
# partprobe
TCP Wrappers
*Security
*Ssh – Connect to remote machine securerly
*telnet – It is an insecure way of connecting to a remote machine because the
username and password are transmitted in clear text
# vi /etc/hosts.deny
sshd:ALL (Disable the service (Secure Shell SSH) for all machines)
sshd:192.168.10.3 (Disable the service (Secure Shell SSH) for particular ip machine)
vsftp : ALL EXCEPT 192.168.0.30
portmap:ALL
icmp:ALL
in.telnetd.ALL EXCEPT 192.168.0.50
# vi /etc/hosts.allow
vsftpd:192.168.10.4 (Allow the ftp permission for particular ip machine)
Page No 29
sshd:192.168.10.3 (Allow the ssh permission for particular ip machine )
icmp:192.168.10.5 (Allow the icmp permission for particular ip machine )
ALL EXCEPT vsftpd:ALL
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
Disable the Telnet Service
Telnet is xinetd based service. There is no such deamon
# cd /ect/xinetd.d
# vi telnet
disable = yes (telnet service is disabled)
:wq:
# service xinetd restart
Telnet service from linux to linux machine
Telent – Port 23. It is in secure way of connecting to a remote machine.
From server
# service xinetd start /restart
# telnet 192.168.0.20
login : vasanth
password :xxxxxx
To client
# service xinetd start /restart
# telnet 192.168.0.22
login : prem
password :xxxxxx
Telnet service from Linux to windows machine
Go to win 9x or xp /2000 click start select RUN – telnet 192.168.0.20
Login : vasanth
Password : xxxxxx
$ ls
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
SSH (Secure shell)ssh – Connect to remote machine securely
Page No 30
From server
# service sshd start /restart
# ssh 192.168.0.20 (or) # ssh [email protected]
login : vasanth
password :xxxxxx (This machine is Root password for secure login)
# scp file.txt 192.168.0.22:/home/prem (secure copy for file.txt from client machine)
# scp bin.txt 192.168.0.22:/home/prem (secure copy for bin.txt from client machine)
To client
# service sshd start /restart
# ssh 192.168.0.22 (or) # ssh [email protected]
login : prem
password :xxxxxx (This machine Root password for secure login)
# scp elmaq.txt 192.168.0.20:/home/vasanth (secure copy for elmaq.txt from server)
# scp letter.txt 192.168.0.20:/home/vasanth (secure copy for letter.txt from server)
# vi /etc/ssh/sshd_config
# vi /etc /known_hosts (list the users login)
#vi /etc/services (show the protocols port value)
# vi /etc/securetty
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
RESCUE MODETrouble shooting
# vi /etc/fstab
# LABEL / (comment 1st line)
:wq!
# vi /etc/shadow
# root ::1 (comment 1st line)
:wq!
# vi /etc/inittab
# id : 0 (default) change the run level 0)
:wq!
# vi /etc/passwd
root:x:0:0:root:/root:/bin/bash – this is normal startup
root:x:0:0:root:/root:/bin/bash/nologin – root not login
:wq!
----------------------------------------------------------------------------------------------------------------------------
----------------------------------------
Page No 31
BACKUP / COMPRESS / UNCOMPRESS
# mkdir back (put all files inside this directory)
using gzip
# tar cvf back.tar back (grouping of directory)
# ls –l back.tar
# tar tvf back.tar (list all files inside back.tar)
# gzip back.tar
# ls –l back.tar.gz
gunzip
# ls
# gunzip back.tar.gz
Extracting
Copy back.tar.gz to /home/user directory (or) some other directory
# cp back.tar.gz /home/user
# cd /home/user
# tar xvf back.tar
# ls
using bzip / bunzip
# bzip2 back.tar
# ls
# bunzip back.tar.bz2
Extracting
Copy back.tar.bz2 to /home/user directory (or) some other directory
# cp back.tar.bz2 /home/user
# cd /home/user
# tar xvf back.tar
# ls
tar to unformatted floppies
1. Floppy low-level format 2. Do not mount the floppy disk
# tar czvf /dev/fd0 mydir (folder)
# tar xzvf /dev/fd0/mydir
# tar czvf back.tar.gz back
# tar xzvf back.tar.gz
Page No 32
#tar czvf back.tar.bz2 back
#tar xzvf back.tar.bz2
compress / uncompress
# compress back.tar
# ls –l back.tar.z
# uncompress back.tar.z
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
IPTABLES
FIREWALL
# service iptables restart
# iptables – L (list the iptables INPUT /OUTPUT /FORWARD)
# iptables –A INPUT –p tcp –j DROP (or) REJECT [A –Append, p –protocol, j-jump) -
DROP tcp in your machine
# iptables – L
# iptables –A INPUT –p icmp –j DROP (or) REJECT [A –Append, p –protocol, j-jump) -
DROP icmp in your machine
# ping 192.168.0.20 (This is your machine ip address) do not ping
# iptables –F (Refresh the iptables rules)
# ping 192.168.0.20 (This is your machine ip address) ping successfully
# iptables –A INPUT –p tcp --dport 22 –j DROP (or) REJECT [A –Append, p –
protocol, j-jump,--dport –destination port)
[DROP tcp for other
machines, not this machine]
# iptables –A INPUT –p tcp –s 192.168.0.22 --dport 22 –j DROP (or) REJECT [A –
Append, p –protocol, s- source port
j-jump,--dport – destination port) [DROP tcp for particular ip
(192.168.0.22), not this machine]
# iptables –A INPUT –p icmp –s 192.168.0.22 –j DROP (or) REJECT [A –Append, p
–protocol, j-jump, s-source port)
Page No 33
[DROP icmp for particular
ip (192.168.0.22), not this machine]
# iptables –D INPUT 1 (delete)
# Iptables –D INPUT 2
# service iptables save
# iptables – L
# iptables –F (Refresh the iptables rules)
SET THE IPTABLES FROM SERVER (IP ADDRESS 192.168.0.254)
INPUT CHAINS
Iptables –A INPUT –j REJECT (From the sever all ports and services Rejects to the all
client machines)
Iptables –A INPUT –I eth0 –j REJECT (From the sever interface Rejects to the all client
machines)
Iptables –A INPUT –I eth0 –s 192.168.0.40 –j REJECT (From the sever interface
Rejects to only a
client machine192.168.0.40)
Iptables –A INPUT –p tcp –j REJECT (From the server network services (ftp, telnet, ssh,
pop, http etc.,)
Reject to the all client machines)
Iptables –A INPUT –p tcp –s 192.168.0.30 –j REJECT (From the server network
services (ftp, telnet, ssh, pop, http etc.,)
Reject to only the client machine 192.168.0.35 other clients
can access for all services)
Iptables –A INPUT –p tcp –s 192.168.0.30 –dport 23 –j REJECT (From the server
network service telnet can
(Reject to only the client machine 192.168.0.35 but other
services can access)
iptables –A INPUT ! –s 192.168.0.254 –j DROP (Drop all services expect
192.168.0.254)
OUTPUT CHAINS
Iptables –A OUTPUT –j REJECT (From server can’t access to the client machines
service)
Iptables –A OUTPUT –o eth0 –j REJECT (From server can’t access from all the
outbound eth0’s)
Iptables –A OUTPUT –o eth0 –s 192.168.0.50 –j REJECT (From server can’t access
from only a 192.168.0.50
Page No 34
outbound eth0)
Iptables –A OUTPUT –p tcp –j REJECT (From server can’t access form all the client
machi nes tcp protocol service)
Iptables –A OUTPUT –p tcp –d 192.168.0.30 –j REJECT (From server can’t access
form only a client machine
192.168.0.35 for all tcp protocol service)
Iptables –A OUTPUT –p tcp –d 192.168.0.30 –dport 21 –j REJECT (From server can’t
access form only a client machine
192.168.0.35 FTP protocol. But other services
allowed)
# vi /etc/services (list the protocol port values)
# vi /etc/sysconfig /iptables
------------------------------------------------------------------------------------------------------------
-------------------------------------------------------
IPTABLES – NAT
iptables –t nat –A POSTROUTING –o eth1 –j MASQURADE
For enabling the NAT on the eth1, which represents the entire network.
ech0 “1” > /proc/sys/net/ipv4/ip_forward
vi /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all=1
net.ip_forward=1
iptables –t nat –A PREROUTING –i eth0 –p tcp --dport 80 –j REDIRECT --to -port
3128
For redirecting the port from 80 to 3128. Before the client access the eth0, the redirect
takes place.
iptables –A FORWARD –s 192.168.10.0/24 –d scs.yahoo.com –j DROP
This will DROP all forward connection in 192.168.10.0 network, it will stop all movements
in the server system, it will stop the transaction through scs.yahoo.com.
iptables –A FORWARD –s 192.168.10.234/32 –d scs.yahoo.com –j ACCEPT
scs.yahoo.com can access only through 192.168.0.234
Page No 35
------------------------------------------------------------------------------------------------------------
-------------------------------------------------------
LINUX BOOTING DISK CREATION FROM RHEL 3
1.Insert the RH first cd and mount /mnt/cdrom
2. insert the blank floppy disk and mount /mnt/floppy
3. cd /mnt/cdrom
# cat bootdis..img>/dev/fd0
# dd if=bootdisk.img of=/dev/fd0
In Dos Envirnment the command as
RAWRITE.exe
LINUX BOOTING DISK CREATION FROM RHEL 4
1. Plug the USB Pen drive
2. Service kudzu start
3. vi/etc/fstab
check the file system entry for usb pendrive
/dev/sda1 /media/usbdisk vfst defaults 0 0
4. cd /var/ftp/pub/images (Redhat images directory)
5. dd < diskboot.img > /dev/sda1 (now making the booting disk to pen derive)
(note : Pen drive file system VFAT)
reboot the linux system
6. go to the BIOS setup (change the BOOT device priority first boot – USB pen 2nd
boot- harddisk 3rd boot – cdrom)
7. boot : (the command prompt appears)
Linux typical mount points
/ /boot /home/usr /var /opt /tmp
------------------------------------------------------------------------------------------------------------
-------------------------------------------------------
CONTROLLING SERVICES
# redhat-config-services
# ntsysv (list what services start / stop)
# chkconfig – list
# service
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
FLOPPY DISK FORMATTING
Page No 36
Low level format
# fdformat /dev/fd0H1440 (/usr/bin/fdformat)
High level format
# mkfs –t vfat /dev/fd0
# mke2fs /dev/hda13 (Formatting to ext2 file system)
#mkfs –t ext3 /dev/fd0 (Formatting to ext3 file system)
#mkfs –J /dev/hda10 (Formatting to ext3 file system)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
REMOVE THE LINUX COMMANDS HISTROY
Command mode
# HISTSIZE=0
# HISTFILESIZE=0
Remove history commands from root permanently
# vi .bash_profile
user specific statements
HISTSIZE=0
HISTFILESIZE=0
export USERNAME BASH_ENV PATH HIST SIZE HISTFILESIZE
::wq!
# export HISTFILESIZE=0
# export HISTSIZE=0
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
VIRTUAL NETWORK SCRIPTS
# cd /etc/sysconfig/network/network_scripts (all network services display)
# echo “1” > /proc/sys/net/ipv4/icmp_ignore_all (pinging off your machine ip address)
# echo “1” > /proc/sys/net/ipv4/ip_forward (pinging off your machine ip address)
# vi /etc/sysctl.conf (network ipv4_forward information)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
NETWORK INFORMATION SERVICE
RPM
Page No 37
YPSERV - SERVER SIDEYP-TOOLS - SERVER SIDE
YPBIND - CLIENT
FROM NIS SERVER
# domainname <domain name>
(or)
system-config-authentication
use NIS – information
use MD5 password – authentication
use shadow password – authendication
click next button
domain : <domain name>
server : <server ip address>
finish
vi /etc/yp/yp.conf
vi /etc/yp/ypserv.conf
vi/var/yp/Makefile (Make for the NIS Databases)
# vi /etc/sysconfig/network/nertwork_scripts (check the domain name)
chkconfig ypserv on
# service ypserv restart
# /usr/lib/yp/ypint –m
-------
server host : server1.example.com
press ctrl+d
press y (updating NIS database)
#service yppasswdd restart
Note : Through NFS the NIS server users /home directory can sharing to the NIS client
Note : The root permissions u=rwx g=rx o=rx (ie chmod 755 /root)
vi /etc/exports
/home *(rw,sync)
/root *(rw,sync)
# service nfs restart
# exportfs –av
TOCLIENT
system-config-authentication
(or)
authconfig
use NIS – information
use MD5 password – authentication
Page No 38
use shadow password – authendication
click next button
domain : <domain name>
server : <server ip address>
finish
# service ypbind restart
# cd /etc/securetty
# login : (from nis user name)
NIS Trouble Shooting (client side)
ypwhich - return name of NIS server or map master
yptest – test NIS configuration
Note : NIS server users /home directory can permanently mount to the NIS client
vi /etc/fstab
192.168.0.254:/home /home nfs defaults 0 0
192.168.0.254:/root /root nfs defaults 0 0
service nfs restart
service netfs restart
Note : logout the existing users & logon to the NIS server users.
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Linux commands (Alias)
# alias k=”ls – l”
# alias m= “mkdir “
# alias r= “rm”
#alias c=”clear”
check the filetype
# file < filename>
# file <directory name>
# file.txt
# file vasanth.txt
CAT command
# cat –A <filename> show all characters
# cat –s <filename> sqeeral
# cat –b <filename> number specify each line.
Page No 39
Help Utilities
# man passwd
# passwd --help
# ls --help
# info less
# info passwd
Graphical Editor
# xemacs
# vi
# kwrite
# kmail
# gedit
# ooffice (Word)
# oocalc (Excel)
# oopadmin ( printadmin)
whereis
# whereis update
# whereis grep
# whereis smb.conf
find
# find / -name *.html
# find /var/www/html -type f –name *.html –exec rm –f {} /;
# find / -name mount
# find /home/vasanth –name “*.txt” –exec cp {} {}.org \;
# find /home/vasanth –name “*.txt” –exec cp {} \txtbackup \; (Search all text files
and copy to \txtbackup folder)
# find /home/vasanth –name “*.txt” –exec rm {} \; (Remove all the text files for
specified folder)
# which csh
# which sh
# which rm
# which bsh
Note : which command is used to identify the path /bin & /sbin
Login
Page No 40
# exe login <username>
# exe login kumar
Date & Time change
# date –s “2005-04-30”
# date –s “2005-04-30 18:45”
# date + “%x” – date
# date + “%X” - time
# date +d
# date +c
ls
# ls –l (detail information)
# ls – a (hidden)
# ls –R (subdirectory listing)
# ls –li (list the files inode)
SoftLink
# ln –s kl kumar
Different inode and different filename
HardLink
# ln kl kumar1
same inode different filename
Checking free space.
# du –s –h
# df –h
# df /opt
Modify the Linux HOST NAME
Go to X window network configuration – Change the HOST NAME , IP Address, & set new
HOSTNAME & IPADDRESS.
SET Command (set the default editor)
# set – o emacs
# set –o vi
# shopt –o vi
# shopt - emacs
Page No 41
# set –o noclobber (clobber on)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
DHCP CONFIGURATION
# ntsysv
Display what services automatically started.
# chkconfig dhcpd on
# chkconfig – list dhcpd
cp /usr/share/doc/dhcp-3.op.1/dhcpd.conf.sample /etc/dhcpd.conf
# vi /etc/dhcpd.conf
subnet 192.168.0.0 net mask 255.255.255.0
Range dynamic_bootp 192.168.0.21 192.168.0.40 ;
:wq (save & exit)
# service dhcpd restart
# touch /var/lib/dhcp/dhcp.leases
# vi /var/lib/dhcp/dhcp.leases
# ddns (other users access)
# dhclient (dhcp client)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Shell Script Command Execution
# vi sum.sh
echo “ enter 1 st value: “
read num1
echo “ enter 2 nd value: “
read num1
sum = `expr num1+num2’
echo “Total” $sum
:wq!(Save & Exit)------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Squid Proxy
1. Set the proxy server, to restrict the particular websites sharing to the client users.
2. To create the partition volume capacity at least 100 MB up to 2 GB. This partition
can be used to configure the squid proxy.
Take the 1000 MB capacity partition (for example /dev/hda9) for squid configuration.
# fdisk -l
Page No 42
#mkdir /squid
# mount /dev/hda9 /squid
# ls /squid
# df – h
# vi /etc/fstab
/dev/hda9 /squid ext3 0 0
:wq! (save & exit)
cd /etc/squid/
cp squid.conf squid.conf.bak
vi /etc/squid/squid.conf
line no : 53 http port:3142 (specify the port value for example 8080)
line no : 695 cache_dir ufs /var/spool/squid 1000 16 256
line no : 705 cache_access_log /var/log/squid/access.log
line no : 710 cache_log /var/log/squid/cache.log
line no : 720 cache_store_log /var/log/squid/store.log
line no 1860 : #http_access allow our_networks
acl network src 192.168.0.0/24
acl domain_allow dstdomain .yahoo.com .naukri.com .rediff.com
http_access allow network domain_allow
acl server src 192.168.0.254/32
http_access allow server
acl elmaq src 192.168.0.30/24
http_access deny elmaq
:wq!
# squid –z (update the database to squid partition /dev/hda9)
# service squid restart------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
RAID – Partitions
mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/had {10,11,12} –
Initialize RAID 5 array
mke2fs –j -b 4096 –R stride=16 /dev/md0 (4096 – 4K blocks, chunk size=64k – stride=16) - Format the disk with an
ext3 file system
Page No 43
vi /proc/mdstat – Make sure that the array has finished building
mdadm --manage /dev/md0 --fail /dev/hda10 - Simulate a single disk failure
mdadm --manage /dev/md0 --add /dev/hda10 – Add in the new good drive
mdadm --manage /dev/md0 --remove /dev/hda10 – If drive failed, remove the
existing drive
mdadm –detail /dev/md0 – display the RAID information
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
LVM (logical Volume Manager)
First Time creation
/dev/hda10 = 500MB /dev/hda11 = 400MB /dev/hda12 = 350MB
pvcreate /dev/hda10 /dev/11 /dev/hda12 9 (Physical Volume creations)
pvdisplay (physical volume display)
vgcreate backup /dev/hda10 /dev/hda11 /dev/hda12 (volume group- backup)
vgdisplay (display the volume group size )
lvcreate –L 2000M backup –n logbackup (logical volume group – logbackup
(2GB capacity)
mkfs –j /dev/backup/logbackup
mount /dev/backup/logbackup /data (Now /data contains 2GB capacity)
vi /etc/fstab
/dev/backup/logbackup /data ext3 defaults 0 0
Extend LVM (Do not umount the existing LVM file system-for example /data )
/dev/hda13 – 150MB /dev/hda14 - 100 MB (extra LVM partitions)
pvcreate /dev/hda13 /dev/hda14 (Physical Volume creations)
vgextend backup /dev/hda13 /dev/hda14 ( Expand the capacity in existing volume
group –backup)
vgdisplay ( display the volume group size )
Page No 44
lvextend -L +250M /dev/backup/logbackup( Expand the capacity in existing Logical
volume +250 MB)
ext2online /dev/backup/logbackup (to enlarge the file system)
Note: Now /data contains 2.25GB capacity – 2000MB and +250MB capacity extended.
Remove LVM
umount /dev/backup/logbackup
lvremove /dev/backup/logbackup (Logical volume remove logbackup)
vgchange –an backup (this deactivates the volume group)
vgremove backup (this deletes the volume group)
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Make a swap partition
# fdisk /dev/had
#m (for help)
#n (add a new partition)
# First cylinder(1755)
# Last cylinder or megabytes +500M
# t – change the system partition id
# hda(1-10) - 10
# l – file system (82 – Linux swap)
# w (save)
# partprobe
# mkswap –v1 /dev/hda10
# vi/etc/fstab
/dev/hda10 swap swap defaults 0 0
:wq!
# service nfs restart
# swapon –a (active the swap partition)
# swapon –s (check the status of the swap partition)------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
DISK QUOTAS
# vi /etc/fstab
set the quota’s for
LABEL=/home /home ext3 defaults
usrquota,grpquota 1 1
Page No 45
:wq!
# mount –o remount /home
USER QUOTA
# quotacheck –cm /
# quotaon /home
# edauota –u vasanth (username)
Files systems blocks soft hard inods soft
1568 100 (Soft limit 100K) 200 (Hard limit 200K) 287
0
# login : vasanth
# cat >bim.txt
GROUP QUOTA
# edquota –g elmaq (groupname)
Files systems blocks soft hard inods soft
1568 100 (Soft limit 100K) 200 (Hard limit 200K) 287
0
login : test1 (This test1 is grouped from elmaq)
login : test2 (This test2 is grouped from elmaq)
Create any files from the user’s test1 or test2; do not exceed 100k to 200k.
Because the quotas defined maximum of 200K.
# repquota –a (reports the users quota)
# quota vasanth (report for particular user quota)
quotacheck command options
-a = scan all file systems, quota enables /etc/mtab
-v = performs verbose scan
-u = user quota scan
-g = group scan
-m = remove the scanner files
for example the command as follows
quotacheck –avugm /home
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Page No 46
SUDO
vi /etc/sudoers
# User Alias specification
User_Alias USERS=user1, user2
#Cmnd_Alias specifications
Cmnd_Alias COMMAND = /usr/sbin/useradd,/usr/bin/passwd,/sbin/shutdown –h
now
#User Privilage specification
root ALL=(ALL) ALL
USERS ALL=ALL, COMMAND
Login user1
User1@server1$ sudo /usr/sbin/useradd kannan
User1@server1$ sudo /usr/sbin/passwd kannan
User1@server1$ sudo /sbin/shutdown –h now
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
PAM (Pluggable Authentication Module)
/etc/pam.d – PAM account specifications
/lib/security – PAM Accounts Service
/etc/pam.d
1. login – account required /lib/security/pam_access.so
2. vsftpd – account required /lib/security/pam_ftp.so
3. crond – account required /lib/security/pam_deny.so
4. hwbrowser – account required /lib/security/pam_deny.so
5. system-config-display – account required /lib/security/pam_deny.so
6. system-config-samba – account required /lib/security/pam_deny.so
7. system-config-securitylevel – account required /lib/security/pam_deny.so
8. system-config-rootpassword – account required /lib/security/pam_deny.so
9. sshd – account required /lib/security/pam_deny.so
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Auto Mounter (cd, floppy & nfs)
/etc/auto.misc
Enable the following options
Page No 47
cd –fstype =iso9660,ro,nosuid,nodev :/dev/cdrom (automount the cdrom
from /misc/cd)
pub –fstype=nfs,intr,soft : 192.168.0.254:/pub (automount the nfs
pub folder from misc/pub)
floppy -fstype=auto :/dev/fd0 (automount the floppy
from /misc/floppy)
/etc/auto.master
/misc /etc/auto.misc --timeout=60
service autofs restart
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
E-Mail Configuration
Configuring of IMAP & POP
Open the file /etc/dovecot.conf
Enable the line protocols=imap imaps pop3 pop3s
Save the file
Service dovecot restart
Configuration of Sendmail (SMTP)
Open the file /etc/mail/sendmail.mc
Edit the line “DAEMON_OPTIONS..... “
change the IP address to the mailserver's IP address.
Save the file.
Now in the prompt issue the following command...
# m4 sendmail.mc > sendmail.cf
Open the file /etc/mail/submit.mc
Edit the line “FEATURE..... “
change the IP address to the mailserver's IP address.
Save the file.
Now in the prompt issue the following command...
# m4 submit.mc > submit.cf
Open the file /etc/mail/local-host-names
Page No 48
Add the following parameters
a. ur mail servers name (ex: server1.example.com)
b. mail
c. localhost.localdomain
d. localhost
e. just ur domain name (ex: example.com)
Open the file /etc/mail/access
Add the following parameters to the list existing there...
ur mail servers name (ex: server1.example.com)
(i.e) server1.example.com RELAY
ur domain name (ex: eample.com) RELAY
mail RELAY
<ur mail servers IP> RELAY
Now in the prompt issue the following command...
# makemap hash access.db < access
# service sendmail restart
Create 3 users for user1, user2 and user3
Now create an account in the 'evolution' mail service from server
(server1.example.com)
Tools -> settings
Add new Mail Account ->
FullName : user1
E-mail: [email protected] (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: [email protected]
Finish
Go to user1 inbox
Tools -> settings
Add new Mail Account ->
FullName : user2
E-mail: [email protected] (click forward)
Page No 49
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: [email protected]
Finish
Go to user2 inbox
Tools -> settings
Add new Mail Account ->
FullName : user3
E-mail: [email protected] (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: [email protected]
Finish
Go to user3 inbox
GO to Client machine For Example Station1.example.com
Before going to configure the evolution mail
Put the entry for /etc/hosts - Mail server IP and Mail server name
For example
Vi /etc/hosts
192.168.0.254 server1.example.com
Go to Evolution Mail
Tools -> settings
Add new Mail Account ->
FullName : user1
E-mail: [email protected] (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: [email protected]
Finish
Page No 50
Go to user1 inbox
GO to Client machine For Example Station2.example.com
Before going to configure the evolution mail
Put the entry for /etc/hosts - Mail server IP and Mail server name
For example
Vi /etc/hosts
192.168.0.254 server1.example.com
Go to Evolution Mail
Tools -> settings
Add new Mail Account ->
FullName : user2
E-mail: [email protected] (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: [email protected]
Finish
Go to user2 inbox
GO to Client machine For Example Station3.example.com
Before going to configure the evolution mail
Put the entry for /etc/hosts - Mail server IP and Mail server name
For example
Vi /etc/hosts
192.168.0.254 server1.example.com
Go to Evolution
Tools -> settings
Add new Mail Account ->
FullName : user3
E-mail: [email protected] (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Page No 51
Name: [email protected]
Finish
Go to user3 inbox
Note: Now u can send and receive the mails from station1 (ie user1) to
station2 (ie user2) and vice versa.
(Send and Receive the Mails from linux server to Windows outlook express)
Go to outlook express
Select tools - > accounts -> Add mail
Display name: user1
E-mail Address : [email protected]
(click next……..)
My incoming mail server is a IMAP
Incoming mail : 192.168.0.254 ( this is linux mail server ip address)
Outgoing Mail (SMTP) server
192.168.0.254 ( this is linux mail server ip address)
(click next……..)
Account name : user1 ( this is linux mail server username)
Passwd : xxxxx
(click next……..)
finish
go to inbox of (192.168.0.254) u can send and receive the mails from linux
server to outlook express and vice versa
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
X Desktop Management Control ProtocolXDMCP
In linux you need to provide font using either X font server (xfs) or hard coded font path
in xf86 config and xf86config -u conf files. If you plan to use xfs font server, modify the
file given below,
vi /etc/rc.d/init.d/xfs (make the following modifications)
Page No 52
“ daemon xfs -droppriv -daemon -port -1 ”
(change the following line as)
“ daemon xfs -droppriv -daemon -port 7100 ”
vi /etc/X11/fs/config (make the following modifications)
check whether the following line is commented,
“ #dont listen to tcp ports by default for security reasons ”“ #no-listen = tcp ”
If you change or add the port use this comand to restart your x font server,
service xfs restart
vi /etc/X11/xdm/xdm-config (make the following modifications):
Display Manager.request port : 0(comment it)! Display Manager.request port : 0
vi /etc/X11/xdm/Xaccess (make the following modifications, this allows all hosts to connect)
#* #any host can get a login window
(change to)
* #any host can get a login window
vi /etc/X11/gdm/gdm.conf (make the following modifications)
[xdmcp] “ Enable = false ”
(change to)
“ Enable = True ”
Make sure, “ port = 177 ”
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
DNS (Domain Name System)
Server:
[server1.example.com, 192.168.0.254]
Page No 53
1) service named restart
2) cp /etc/named.conf /var/named/chroot/etc/named.conf
3) cp /etc/named/* /var/named/chroot/var/named
4) cd /var/named/chroot/etc/
5) vi named.conf
zone "java.com" IN {
type master;
file "java.com.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "java.com.local";
allow-update { none; };
};
6) cd /var/named/chroot/var/named
7) cp localhost.zone java.com.zone
8) cp named.local java.com.local
9) vi java.com.zone
$TTL 86400
@ IN SOA server1.example.com. root.server1.example.com (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS server1.example.com
www IN A 192.168.0.254
26. vi java.com.local
$TTL 86400
@ IN SOA server1.example.com. root.server1.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
Page No 54
3600000 ; Expire
86400 ) ; Minimum
IN NS server1.example.com
254 IN PTR www.java. .com (Domain 1 specified) Two Domains for
Same IP address
254 IN PTR www.virtual.com (Domain 2 specified)
11) service named restart
vi /etc/hosts
192.168.0.254 www.java.com
192.168.0.254 www.cirtual.com
neat
Device:
Static IP add : 10.0.0.25
Netmask : 255.0.0.0
DNS:
Primary DNS : 10.0.0.25
DNS Path : redhat.com/
DNS Client:
1) service named restart
2) neat
Device:
Static IP add : 10.0.0.24
Netmask : 255.0.0.0
DNS:
Primary DNS : 10.0.0.25
DNS Path : redhat.com/
3) vi /etc/resolv.conf
search www.java.com
nameserver 192.168.0.254
4) vi /etc/hosts
192.168.0.254 www.java.com
192.168.0.254 www.cirtual.com
5) service named restart
DNS check utility
Page No 55
dig –x 192.168.0.254
host www.java.com
host www.virtual.com
host 192.168.0.254
nslookup www.java.com
nslookup www.vitrual.com
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
CONFIGURING APACHE TO HOST A SINGLE SITE
In this scenario, we are going to host a website www.vk.com on IP 192.168.10.99. We
assume that you have already configured DNS server to resolve this domain.
1.Create a directory under /var called /website. Put the webpages that you have
already created for your website in this directory. If you don't have a website ready,
create one single html file for testing.
2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G. The
last 7 files will look sa here under :-
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
3.Copy these 7 lines by issuing the command 7yy. Paste these 7 lines at the end by
pressing p. Your file will look as here under :-
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
Page No 56
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
4.Change the last 7 lines to the following :-
<VirtualHost 192.168.10.99>
DocumentRoot /var/website
</VirtualHost>
5. Save the file and exit.
6)Now, at the prompt, issue the command service httpd start
7)Start a web browser and type www.vk.com at the address bar.
8)You will see index.html which will be the first page of ur website
CONFIGURING APACHE TO HOST MULTIPLE SITES ON SAME IP
In this scenario, we are going to host website www.vk.com and www.redhat.com on IP
192.168.10.99. We assume that you have already configured DNS server to resolve
these domains.
1.Create a directory under /var called /website to store www.vk.com webpages and a
directory under /var called /newweb to store www.redhat.com webpages. Put the
respective webpages that you have already created for your websites in the
corresponding directories. If you don't have a website ready, create one single html file
for testing in each directory.
2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G. The
last 7 files will look sa here under :-
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
Page No 57
3.Copy these 7 lines by issuing the command 7yy. Paste these 7 lines at the end by
pressing p. Your file will look as here under :-
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
4. Repeat Step 3. The end of the file will look like here under :-
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
Page No 58
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
5.If you want to host multiple domains on the same IP, there is a directive called
NameVirtualHost that you need to configure. You will find this directive to be
commented just above the Virtual Host area. Change it to NameVirtualHost
192.168.10.99 . Once this is done, change the last lines to the following :-
<VirtualHost 192.168.10.99>
DocumentRoot /var/website
DirectoryIndex index.html
</VirtualHost>
<VirtualHost 192.168.10.99>
DocumentRoot /var/newweb
DirectoryIndex index.html
</VirtualHost>
6. Save the file and exit.
7. Now, at the prompt, issue the command service httpd start
8. Start a web browser and type www.vk.com at the address bar.
9. You will see the index.html which will be the first page of www.vk.com
10. Now type www.redhat.com at the address bar.
11. You will see the ndex.html which will be the first page of www.redhat.com
NOTE : If you do not give the DirectoryIndex directive, you will always get the
index.html of www.vk.com only.
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
MULTI PLE SITES ON SAME IP ADDESS AND ALSO SHARING THE FOLDERS
THROUGH HTTP
Line No : 1004 NameVirtualHost 192.168.0.254:80
Page No 59
(www.java.com)
VirtualHost 192.168.0.254:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/java (This folder contains the web index.html)
DirectoryIndex index.html
ServerName www.java.com
ErrorLog logs/dummy-java.com-error_log
CustomLog logs/dummy-java.com-access_log common
<Location javanotes> (This javanotes folder contains /var/www/html/java)
Order allow,deny
Allow from all
</Location>
</VirtualHost>
(www.virtual.com)
<VirtualHost 192.168.0.254:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/virtual (This folder contains the web index.html)
DirectoryIndex index.html
ServerName www.virtual.com
ErrorLog logs/dummy-virtual.com-error_log
CustomLog logs/dummy-virtual.com-access_log common
</VirtualHost>
service httpd restart
go to FIRE ROX and type the following with address bar
http://www.java.com
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Alternatives Introduction
It is possible for several programs fulfilling the same or similar functions to be installed
on a single system at the same time. For example, many systems have several text
editors installed at once.
Page No 60
This gives choice to the users of a system, allowing each to use a different editor, if
desired, but makes it difficult for a program to make a good choice of editor to invoke if
the user has not specified a particular preference.
In our example, we are going to create a link called editor, which will have a generic
name of myeditor. This link and generic name are going to be associated with 3 text
editors, namely gedit, kwrite and emacs. We will then switch the default editor between
these 3 editors according to user preference. The steps to implement this scenario are
less, but the concept is not that simple to understand.
Implementing Our Alternative
Issue the following commands:-
Code:
alternatives --install /etc/alternatives/editor myeditor /usr/bin/kwrite 90
alternatives --install /etc/alternatives/editor myeditor /usr/bin/gedit 90
alternatives --install /etc/alternatives/editor myeditor /usr/bin/emacs 90
The first command installs a link editor under /etc/alternatives directory, links it to a
generic name of myeditor, which in turn is linked to the kwrite application with a priority
of 90. The next two commands do the same thing for gedit and emacs.
Now, Issue the following command
Code:
alternatives --config myeditor
Your output will be as follows :-
code:
There are 3 programs which provide 'myeditor'.
Selection Command
-----------------------------------------------
*+ 1 /usr/bin/kwrite
2 /usr/bin/gedit
3 /usr/bin/emacs
Page No 61
Enter to keep the current selection[+], or type selection number:
The option with the + sign is the default application. As you see, the above command
also expects you to specify another choice if you wish to. Now, we have successfully
created our alternative and have associated it with the above 3 applications.
Now, double click on the Home icon on your desktop. I am assuming that you are
currently working on KDE. Right click on any text file and then select Open With ->
Other. In the window that is displayed, type /etc/alternatives/myeditor in the Open With
Text Box and then tick the checkbox at the bottom that says Remember Application
Association for this type of file and then click on the OK button. That's it. As you see in
the above output, kwrite is the default editor. That is, whenever you double click on a
text file, it will be opened in kwrite. Run the previous command again
code:
alternatives --config myeditor
You will get the following output. Just type 2 as the selection number and press enter :-
code:
There are 3 programs which provide 'myeditor'.
Selection Command
-----------------------------------------------
*+ 1 /usr/bin/kwrite
2 /usr/bin/gedit
3 /usr/bin/emacs
Enter to keep the current selection[+], or type selection number: 2
------------------------------------------------------------------------------------------------------------
--------------------------------------------------------
Trouble shooting QUESTIONS
1. Rename your /etc/fstab configuration file. One possible name is /etc/bak.fstab
2. Rename your /etc/passwd configuration file. One possible name is /etc/bak.passwd
Page No 62
3. Backup your /boot/grub/grub.conf configuration file. One possible name is
/etc/bak.grub.conf
Edit the currently existing /boot/grub/grub.conf configuration file. Change the entry in the kernel
Command line for root to the label for a different directory. For example
#root (hda0,0)
# cat (hd0,0)/grub/grub.conf
# Kernel /vmlinuz-2.4.21.EL ro root =LABEL=/boot
# initrd /initrd.img
4. LVM (For example To create a LVM Grouping of each 500 MB of /dev/hda5 & /dev/hda6 and mount to the /misc )
5. Remove the .bash_profile .bash_logout .bashrc files from non privileged users &
correct it.
6. Add nologin option to /etc/passwd in users section. Example (vasanth:x: 500:500:/ home/vasanth /bin/bash/nologin)
and logon to the user.
7. Rename your /etc/shadow configuration file. One possible name is /etc/bak.shadow
8. Administrator not knowing the root password, but he wants login to root.
9. Modify some of the options or remove the file /etc/X11/xorg.conf and wcorrect it (X
window trouble)
10. Modify some of the options inside the /etc/X11/xinit/xinitrc and correct it (X window
trouble)
11. Change the runlevel to using /etc/inittab command
12. Damage the file systems like /home /var /opt /tmp and correct it
13. Permanently assign the different label name to the existing file system
14. Change the label name for existing files systems like LABEL=/, LABEL=/home, LABEL=/var & reboot the
system, analyze the problem and correct it.
15. Using fdisk create a new partition, delete a partition, formatting, mounting, and permanently assign the
drives from the fstab.
16. Set the Grub Boot loader password & remove the Boot loader password using Linux
boot CD.
17. Trouble shooting X windows System
# vi /etc/X11/xorg.conf
Font path = “ “(Remove the font path)
Page No 63
:wq!
# startx (problem starting)
# service xfs off (problem starting in X window).
18. Apache trouble shooting
Problem : apache service could not start
# vi /etc/httpd/conf/httpd.conf
listen 0.0.0.80 line no : 151 -> enable this line
:wq! (save & exit)
# Service httpd restart (service could not start)
19. Corrupt the file /bin/bash. And correct it.
20. Corrupt the file /sbin/init. And correct it
21. Damage the Existing Linux swap and make a new swap partition and include the /etc/fstab
22. chattr + i /etc/passwd, chattr +i /etc/group, chattr +i /etc/shadow (This is read only files). The users not login.
23. chattr + i /etc/securetty (This is read only files). Virtual console / tty problem
24. Open the file vi /etc/X11/fs/config comment to all FONT PATH options. And restart the
system.
25. Comment the 1ST line from vi/etc/fstab for following
# LABEL=/ / ext3 defaults 1 2
:wq!
Reboot the system & correct it.
26. i) Rename your /etc/inittab configuration file. One possible name is /etc/bak.initttab
ii) /etc/inittab
# id:5:initdefault: (reboot the system and correct it)
27. For example your system was installed win98 and LINUX. (Problem creating -clear
the linux MBR)
Booting your system through win98 boot disk and apply the command FDISK
/MBR,
Restart the system now LINUX MBR is cleared. Recover the LIUNX MBR.
28. Rename your /etc/rc.d/rc.sysinit configuration file. One possible name is
/etc/rc.d/bak.rc.sysinit
29. Rename your /etc/profile configuration file. One possible name is /etc/bak.profile
Page No 64
30. Rename your /etc/bashrc configuration file. One possible name is /etc/bak.bashrc
31. After typing the following command, check it three times and hit enter but once
dd if= /dev/zero of=/dev/hda bs=446 count=1; reboot (wiped out your boot
sector)
32. Use the following commands can overwrite the MOUNT command.
# cp /bin/date /bin/mount (reboot the system) correct that problem
33. /etc/shadow
#root:$1$1PlkLa::: (restart the system and correct it)
34. Go to vi /etc/sysconfig/network
Netwroking = yes (change Networking=no)
Hostname = localhost localhostdomain
:wq! (save and exit)
Problem : All Daemons are not functioning or not working
35. Go to vi /etc/selinux/config
SElinux = disabled (change SElinux = enforcing=0 or enforcing=1)
Save, exit and restart the system and correct that problem.
36. Remove all permissions to /tmp for the command as chmod 000 /tmp and restart
the linux system. The X window
problems creating.
37. Remove all permissions to /home for the command as chmod 000 /home and
restart the linux system. The X window
problems creating.
38. You can check it whether /tmp or /home directory is full (ie No Diskspace) or not.
Because if any one is full the Xwindow problem is create it.
Page No 65
MAIL CONFIGURATION
cd /etc/mail
SENDMAIL CONFIGURATION
vi sendmail.mc
Page No 66
dnl # DAEMON-OPTIONS (port=smtp,Addr=127.0.0.1,NAME=MTA dnl -- line no 105
(Comment this line
:wq! (save and exit)
m4 sendmail.mc > sendmail.cf
chkconfig sendmail on
service sendmail restart
IMAP,IMAPs,POP3 and POP3s Incoming Mail Configuration
vi /etc/dovecot.conf
protocols = imap imaps pop3 pop3s
Note :
(If the Examinar asking question IMAP you choose only IMAP)
(If the Examinar asking question IMAPs(IMAP secure) you choose only IMAPs)
:wq! (save and exit)
chkconfig dovecot on
service dovecot restart
go to X window and click Evolution mail and configure the mail for user JOHN in POP3
and SMTP.
Now user john gets the mail.
go to X window and click Evolution mail and configure the mail for user JANE in IMAP and
SMTP.
Now user jane gets the mail.
Send the mail from ROOT to user JOHN using MAIL and MUTT Command
Go to virtual console and apply the following commands :
root@server1# mail -v [email protected]
Subject : HAI this is test mail
. (dot)
Page No 67
CC : (Carbon copy)
ctrl-z ( mail informations stopped)
root@server1# mutt
Press a key m (MAIL)
Subject: TESTING MAIL
Press y to sending a Mail
Go to Evolution Mail click Send&Receive options, the user JOHN gets the mail.
----------------------------------------------------------------------------------------------------------------------------
---------------------------------------
Create a MAIL Certification
cd /usr/share/ssl/certs
rm dovecot.pem
make dovecot.pem
Country Name (2 letters code) GB : in
State (or) province name (fullname) : tamilnadu
Localityname (city) : Coimbatore
Organisation name (eg.company): elmaq
Organisation Unit Name(eg:section): Redhat
Common Name (eg.Your Name or yours servers.hostname) : server1.example.com
E-mail Address : [email protected]
cd /usr/share/ssl/certs/dovecot.pem (This is for Evolutation config. Mail certification)
cp /usr/share/ssl/certs/dovecot.pem /usr/share/ssl/private (This Mail certification
for mutt)
----------------------------------------------------------------------------------------------------------------------------
----------------------------------------
IPTABLES
Page No 68
Configure imaps in such a way that john gets authenticated and allowed to use Imaps.
Cracker.org machines should not get authenticated
Iptables –A INPUT –s 192.168.1.0/255.255.255.0 –p tcp –dport 993 –j REJECT
(IMAPs)
Iptables –A INPUT –s 192.168.1.0/255.255.255.0 –p tcp –dport 143 –j REJECT
(IMAP)
Configure POP3 on your system such that user jane is able to receive mails. Disable
POP3 for cracker.org machines
Iptables –A INPUT –s 192.168.1.0/255.255.255.0 –p tcp –dport 110 –j REJECT
(POP3)
Iptables –A INPUT –s 192.168.1.0/255.255.255.0 –p tcp –dport 995 –j REJECT
(POP3s)
----------------------------------------------------------------------------------------------------------------------------
---------------------------------------
Create a MAIL ALIASES for example.com as something.com
Vi /etc/aliases (go to last line)
example.com: something.com
NIS CLIENT (using Auto Mount)
Vi /etc/auto.master
/rhome /etc/auto.misc
:wq ! (save and exit)
vi /etc/auto.misc
Go to last line
nisuser1 -rw,soft,intr server1.example.com:/rhome/nisuser1
::wq! (save and exit)
service autofs restart
Page No 69
chkconfig autofs on
go to virtual console and logon to the nisuser1
Page No 70
Page No 71
Page No 72