LINUX DAY WISE SCHEDULE SYSTEM …paavampiller.weebly.com/uploads/1/8/3/7/18372107/linux...2 LINUX DAY WISE SCHEDULE SYSTEM ADMINSITRATION DAY 1 Introduction to Linux with Installation

1

2

LINUX

DAY WISE SCHEDULE

SYSTEM ADMINSITRATION

DAY 1 Introduction to Linux with Installation

DAY 2 Basic Commands Part 1

DAY 3 Basic Commands Part II, Vi Editor

DAY 4 User Administration

DAY 5 Group Administration, Basic file permissions

DAY 6 Partitions Part I

DAY 7 Partitions Part II

DAY 8 User, Group Quota & ACL

DAY 9 RAID, Links

DAY 10 LVM, Advance file permissions

DAY 11 Backup, crontab, at

DAY 12 Boot Process

DAY 13 RPMS & YUM

3

NETWORK ADMINISTRATION

DAY 14 Introduction to Networking

DAY 15 NFS

DAY 16 FTP

DAY 17 SAMBA

DAY 18 DNS Part I

DAY 19 DNS Part II

DAY 20 Web Server Part I

DAY 21 Web Server Part II + Proxy

DAY 22 MAIL

DAY 23 NIS, DHCP

DAY 24 Trouble Shooting

DAY 25 Kickstart, Webmin, Virtualization, Iptables

DAY 26 Selinux, Ldap, Live setup

4

Topics

System Administration

1. Linux Installation Guide 06

2. Basic Commands 10

3. VI 15

4. Users and Group Administration 17

5. Permissions 21

6. Partitions 23

7. User and Group Quotas 27

8. Access Control List 30

9. Advanced file permissions 32

10. Link 36

11. RAID 39

12. Logical Volume Manager 41

13. Backups 48

14. Boot Process Practicals 52

15. Installation of packages through RPM and yum 53

5

Server Administration

1. Introduction to networking 55

2. NFS 59

3. FTP 62

4. Samba 65

5. DNS 69

6. APACHE web Server 77

7. Squid Proxy Server 82

8. Mail Server 85

9. NIS Server 89

10. DHCP Server 93

11. Troubleshooting 95

12. Webmin 98

13. Kickstart 99

14. iptables 102

15. SELinux 104

16. Virtualization 106

17. LDAP 108

18. Comparision between Fedora and Ubuntu 112

19. Comparision between Fedora and Suse 116

20. Comparision between Fedora and Solaris 120

21. Installation of Oracle 10g on linux 124

6

Linux

Installation Guide

To Install linux follow following steps: -

To start the installation from DVD/CD set the BIOS to boot from CDROM

This installation guide is to install Linux without any other o/s in the present Hard disk

[ clean hard disk ] where the existing partitions will be overwritten.

Installtion Can be done in to methods

(1) Gui Mode

(2) Text Mode

Insert the first CD and restart the system

Press Enter to Start Installation in GUI mode

boot: press Enter

Or

Type linux text to start installation in text mode

boot : linux text

To do a media check select ok and press enter

To skip it select skip and press enter

Select Language

English

Select KeyBoard

US English

For Full installtion provide Installation Key

Or

Skip

Note: If installation key is not selected then

virtualization or Clustering will be not supported.

NEXT

NEXT

NEXT

NEXT

7

Create the Required Partition on this screen .

Select Custom Layout and delete all partitions if any.

Create 6 partitions.

/boot = 100MB

/ = 2000MB

/usr = 4000MB

/var = 1000MB

/home = 1000MB

SWAP = 2 X RAM

To check RAM size use Ctrl-Alt-F2 and use the free command

# free

To get back to the GUI interface use Ctrl-Alt-F6

Boot Loader Screen Simply select Next

Select Network Devices go for Edit

Select DHCP or manually provide IP Address

For eg: 192.168.0.1/255.255.255.0

HostName: Station1.zoom.com

Gateway 192.168.0.254

DNS 192.168.0.1

Select Time Zone

NEXT

NEXT

NEXT

NEXT

8

Asia/Calcutta

Enter The Password for Root User

Eg : abc123

Select the Softwares to be installed Desktop Environments

GNOME Desktop Environment Application

Editors

Graphicle Internet

Text based Internet Base Systems

Select All

Note : Remaining Packges can be selected even after Installation.

After the completion of Installation Reboot

After Reboot You will get Welcome Screen

Select The License Agreement

Check mark Yes, I agree to the License Agreement

Disable the Firewall. Click on Forward on confirmation click on Yes.

Disable the SELinux. Click on Forward on confirmation click on Yes

Kdump Not Required simply uncheck

NEXT

Forward

Click Next to begin Installation NEXT

Forward Forward

Forward

NEXT

9

Set Date & time for system

Asia/calcutta

Set Up Software updates

Finesh Updates Setup

Create Users

Click on Continue to avoid creating normal users.

Sound Card

To Install additional Softwared Insert Installation CDs

Now the installation is comlpeted On the Login Screen provide =>

Username root

Password abc123

Explore the Linux Operating System

Forward

Forward

Forward

Forward

Forward

Forward

Forward

10

Basic Commands

1. To check the present working directory

[root@server ~]# pwd

Example


/root

2. To show the contents of a directory (folder)

[root@server ~]# ls

Example

[root@server ~]# ls

anaconda-ks.cfg Desktop install.log install.log.syslog

3. To see more details including the permission regarding the contents

of a

directory (folder)

[root@server ~]# ls -l

Example

[root@server ~]# ls -l

total 76

-rw-r--r-- 1 root root 1049 Apr 2 2007 anaconda-ks.cfg

drwxr-xr-x 2 root root 4096 Mar 14 20:13 Desktop

-rw-r--r-- 1 root root 46871 Apr 2 2007 install.log

-rw-r--r-- 1 root root 5175 Apr 2 2007 install.log.syslog

[root@server ~]# ll

total 76

-rw-r--r-- 1 root root 1049 Apr 2 2007 anaconda-ks.cfg

drwxr-xr-x 2 root root 4096 Mar 14 20:13 Desktop

-rw-r--r-- 1 root root 46871 Apr 2 2007 install.log

-rw-r--r-- 1 root root 5175 Apr 2 2007 install.log.syslog

3. To see all contents including hidden files of a directory (folder)

[root@server ~]# ls -a

Example

[root@server ~]# ls -a

11

. .camel_certs .esd_auth .gnome2_private

.metacity

.tcshrc

.. .config .evolution .gstreamer-0.8

.mozilla

.thumbnails

anaconda-ks.cfg .cshrc .fonts.cache-1 .gtkrc

.nautilus

.Trash

.bash_history Desktop .gconf .gtkrc-1.2-gnome2

.recently-

used .viminfo

.bash_logout .dmrc .gconfd .ICEauthority

.rhn-

applet.conf .Xauthority

.bash_profile .eggcups .gnome install.log .rnd

.bashrc .elinks .gnome2 install.log.syslog .ssh

4. To see tree structure of nested directories

[root@server ~]# ls -R /opt

/opt:

zoom

/opt/zoom:

zooma

/opt/zoom/zooma:

zoomb

/opt/zoom/zooma/zoomb:

zooms

/opt/zoom/zooma/zoomb/zooms:

To see a file starting from f

[root@server ~]# ls f*

To see a file have a middle string as disk

[root@server ~]# ls /bin/*disk*

To see a file whose length is 3 charaters

[root@server ~]# ls ???

To see a file which starts with single char & ends up with any number

of character

[root@server ~]# ls ?edh*

5. To create a file

[root@server ~]# cat > file1

hi how are you, how is your zoom

12

6. To see file content

[root@server ~]# cat file1

hi how are you how is your zoom

7. To append a file

[root@server ~]# cat >> file1

iam fine, it is very nice

[root@server ~]# cat file1 file2 >> file3

[root@server ~]# cat file3

8. To create a file using touch command

[root@server ~]# touch f1 f2 f3 f4

[root@server ~]# ls

9. Creating a single directory

[root@server ~]# mkdir dir

10. Creating multiple directories

[root@server ~]# mkdir dir1 dir2 dir3 dir4

[root@server ~]# ls

anaconda-ks.cfg dir dir2 dir4 f2 f4 file2 install.log

labmanual

Desktop dir1 dir3 f1 f3 file1 file3 install.log.syslog

11. To create nested directories

[root@server ~]# mkdir -p d1/d2/d3/d4

To see the tree structure

[root@server ~]# ls -R d1

d1:

d2

d1/d2:

d3

d1/d2/d3:

d4

d1/d2/d3/d4:

[root@server ~]#

13

12. To change a directory

[root@server ~]# cd dir1

[root@server dir1]# cd ..

[root@server ~]# cd ../..

[root@server /]# cd -

/root


/root

[root@server ~]# cd


/root

[root@server ~]#

13. To remove files

[root@server ~]# rm file1

rm: remove regular file `file1'? y

14. To remove an empty directory

[root@server ~]# rmdir dir1

[root@server ~]# ls

anaconda-ks.cfg Desktop dir2 dir4 f2 f4 file3

install.log.syslog

d1 dir dir3 f1 f3 file2 install.log labmanual

15. To remove a directory

[root@server ~]# rm -rf dir

[root@server ~]# ls

anaconda-ks.cfg Desktop dir3 f1 f3 file2 install.log

labmanual

d1 dir2 dir4 f2 f4 file3 install.log.syslog

To copy files

[root@server ~]# cp anaconda-ks.cfg file1

To copy folders

[root@server ~]# cp -r dir2 Desktop

To rename directories and files

[root@server ~]# mv dir3 d4

14

[root@server ~]# ls

anaconda-ks.cfg d4 dir2 f1 f3 file1 file3

install.log.syslog

d1 Desktop dir4 f2 f4 file2 install.log labmanual

To move directories and files

[root@server ~]# mv dir2 /opt

[root@server ~]# ls

anaconda-ks.cfg d4 dir4 f2 f4 file2 install.log

labmanual

d1 Desktop f1 f3 file1 file3 install.log.syslog

[root@server ~]# cd /opt

[root@server opt]# ls

dir2 zoom

To search a word from single or multiple file’s

[root@server ~]# grep tom /etc/passwd /etc/group /etc/gshadow

/etc/passwd:tom:x:500:500::/home/tom:/bin/bash

/etc/group:tom:x:500:

/etc/gshadow:tom:!::

[root@server ~]# cat /etc/passwd | grep tom

To see the type of file

[root@server ~]# file *

To view the date

[root@server ~]# date

[root@server ~]# date -s "07/15/2008 00:06:00 "

mm/dd/yyyy hh:mm:ss

Tue Jul 15 00:06:00 EDT 2008

[root@server ~]# cal

[root@server ~]# cal 12 2008

[root@server ~]# man mkdir

[root@server ~]# man cal

To see the content screen wise

[root@server ~]# ls -l /bin | less

15

Visual Interface

Commands to Go into Insert mode

To open a file use vi <filename>

e.g.

# vi test.txt

i - inserts the text at current cursor position

I - inserts the text at beginning of line

a - appends the text after current cursor position

A - appends the text at end of line

o - inserts a line below current cursor position

O - inserts a line above current cursor position

r - replace a single char at current cursor position

Commands at execute mode

:q - quit without saving

:q! - quit forcefully without saving

:w - save

:wq - save & quit

:wq! - save & quit forcefully

:x - save & quit

:sh - Provides temporary shell

:se nu - Setting line numbers

:se nonu - Removing line numbers

:84 - Press enter goes to line 84

To move the cursor, press the h,j,k,l keys as indicated.

^

k Hint: The h key is at the left and moves

left.

< h l > The l key is at the right and moves

right.

j The j key looks like a down arrow

v

w forward word to word

b back side word to word

Command's at command mode

dd - Deletes a line

2dd - Deletes 2 lines

yy - Copy a line

2yy - Copies 2 lines

p - put (deleted or copied text)

u - Undo (can undo 1000 times)

Ctrl+r - Redo

G - Moves cursor to last line of file

5G - Moves cursor to 5th line of file

16

Shift+ZZ - save & quit

/<findword> - locate word

To find and replace words

:1,$s/<findword>/<replaceword>/gc

e.g.

:1,$s/world/universe/gc

1-- To start the search at from 1st line

$ -> End of File

s -> substitute

g -> global

c -> confirmation

17

User's & Group's Administration

Scenario

There are two groups :

1)salesgrp : salesgrp ID=2000

Sales users should exist in salesgrp

2)fingrp :fingrp ID=3000

Finance users should exist in fingrp

tom

joy

Now create the users with following parameters:

ali u - 2001

tom c - "Mang of Sales Dept"

ram d - /salesdept

shyam s - /bin/ksh

joy g - salesgrp/2000

Create user abdul with following parameters

u - 2002

c - "Director of Sales Dept"

d - /salesdept

s - /bin/csh

g - salesgrp/2000

G - fingrp,mrkgrp

Create a user ali whose user id is 2001

[root@server~]# useradd -u 2001 ali

[root@server~]# grep ali /etc/passwd

Create a user tom whose comment is "Mang of Sales Dept"

[root@server~]# useradd -c "Mang of Sales Dept" tom

[root@server~]# grep tom /etc/passwd

Create a user ram whose home directory exist in /salesdept folder

[root@server~]# mkdir /salesdept

[root@server~]# useradd -d /salesdept/ram ram

[root@server~]# grep ram /etc/passwd

18

Create a user shyam whose shell is ksh

[root@server~]# cat /etc/shells

[root@server~]# useradd -s /bin/ksh shyam

[root@server~]# grep shyam /etc/passwd

Create a user joy/jack whose primary group id is 2000/salesgrp

[root@server~]# groupadd -g 2000 salesgrp

[root@server~]# grep salesgrp /etc/group

[root@server~]# useradd -g 2000 joy

or

[root@server~]# useradd -g salesgrp jack

[root@server~]# grep 2000 /etc/passwd

Create a user abdul with all parameters as in scenario

[root@server~]# useradd -u 2000 -g salesgrp -c "Director of Sales Dept"

-d /salesdept/abdul -s /bin/csh abdul

[root@server~]# grep abdul /etc/passwd

abdul:x:2000:2000:Director of Sales Dept:/salesdept/abdul:/bin/csh

To Modify the parameter of existing user abdul

[root@server ~]# usermod -u 3000 -g fingrp -c "Mang of fin Dept" -d

/findept/abdul -m -s /bin/ksh abdul

[root@server ~]# grep abdul /etc/passwd

abdul:x:3000:3000:Mang of fin Dept:/findept/abdul:/bin/ksh

[root@server ~]# useradd scott

[root@server ~]# grep scott /etc/passwd

scott:x:3001:3001::/home/scott:/bin/bash

To change login name

[root@server ~]# usermod -l tiger scott

[root@server ~]# grep tiger /etc/passwd

tiger:x:3001:3001::/home/scott:/bin/bash

To lock the Account

[root@server ~]# passwd tom

[root@server ~]# usermod -L tom

19

login & check

To Unlock the Account

[root@server ~]# usermod -U tom

login & check

To delete only users account but not home directory & mail account.

[root@server ~]# userdel tom

[root@server ~]# ls /home

To delete users account along with home directory & mail account.

[root@server ~]# userdel -r tom

[root@server ~]# ls /home

Adding groups

Adding a new group

[root@server ~]# groupadd amerpetgrp

[root@server ~]# grep amerpet /etc/group

amerpetgrp:x:3002:

adding a new group with gid 5000

[root@server ~]# groupadd -g 5000 banjaragrp

[root@server ~]# grep banjaragrp /etc/group

banjaragrp:x:5000:

modifying group with gid

[root@server ~]# groupmod -g 6000 banjaragrp

[root@server ~]# grep banjaragrp /etc/group

banjaragrp:x:6000:

Changing the name of a existing group

[root@server ~]# groupmod -n banjarahills banjaragrp

[root@server ~]# grep banjarahills /etc/group

banjarahills:x:6000:

[root@server ~]# groupdel banjarahills

20

[root@server ~]# grep banjarahills /etc/group

[root@server ~]# useradd jack

[root@server ~]# useradd shyam

[root@server ~]# useradd wiliam

[root@server ~]# gpasswd -M jack,shyam,wiliam salesgrp

[root@server ~]# grep salesgrp /etc/group

salesgrp:x:2000:jack,shyam,wiliam

Removing user wiliam from group salesgrp

[root@server ~]# gpasswd -d wiliam salesgrp


salesgrp:x:2000:jack,shyam

Adding user wiliam to group salesgrp

[root@server ~]# gpasswd -a wiliam salesgrp


salesgrp:x:2000:jack,shyam,wiliam

[root@server ~]# chage -l jack

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^OUTPUT^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Last password change : Jul 14, 2008

Password expires : never

Password inactive : never

Account expires : never

Minimum number of days between password change : 0

Maximum number of days between password change : 99999

Number of days of warning before password expires : 7

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

[root@server ~]# system-config-users &

21

Permissions

[root@server ~]# mkdir /myfolder

[root@server ~]# cd /myfolder/

[root@server myfolder]# ls

[root@server myfolder]# whoami

root

[root@server myfolder]# touch test_file

[root@server myfolder]# ls -ld test_file

-rw-r--r-- 1 root root 0 Jul 13 00:06 test_file

Set write permissions to the group only.

[root@server myfolder]# chmod g+w test_file


-rw-rw-r-- 1 root root 0 Jul 13 00:06 test_file

Remove read permissions for others only.

[root@server myfolder]# chmod o-r test_file


-rw-rw---- 1 root root 0 Jul 13 00:06 test_file

Assign read, write, execute permissions to others only.

[root@server myfolder]# chmod o=rwx test_file


-rw-rw-rwx 1 root root 0 Jul 13 00:06 test_file

Assign execute permissions to owner, group and others also.

[root@server myfolder]# chmod +x test_file


-rwxrwxrwx 1 root root 0 Jul 13 00:06 test_file

Remove execute permissions from owner, group and others also.

[root@server myfolder]# chmod -x test_file

22


-rw-rw-rw- 1 root root 0 Jul 13 00:06 test_file

[root@server myfolder]# chmod 644 test_file


-rw-r--r-- 1 root root 0 Jul 13 00:06 test_file

[root@server myfolder]# pwd

/myfolder

[root@server myfolder]# whoami

root

[root@server myfolder]# mkdir dir1

[root@server myfolder]# ls -ld dir1

drwxr-xr-x 2 root root 4096 Jul 13 01:28 dir1

[root@server myfolder]#

[root@server myfolder]# chmod 777 /myfolder

[root@server ~]# su - tom

[tom@server ~]$ whoami

tom

[tom@server ~]$

[tom@server ~]$ pwd

/home/tom

[tom@server ~]$ ls -l

total 0

[tom@server ~]$ touch myfile

[tom@server ~]$ ls -l

total 0

-rw-rw-r-- 1 tom tom 0 Jul 12 20:20 myfile

[tom@server ~]$ mkdir dir1

[tom@server ~]$ ls -ld dir1

drwxrwxr-x 2 tom tom 4096 Jul 12 20:22 dir1

[tom@server ~]$

23

Partitions

Step 1 ) To Create the partitions

[root@client1 ~]# fdisk -l

[root@client1 ~]# fdisk /dev/hda

Command (m for help): m

d delete a partition

m print this menu

n add a new partition

p print the partition table

q quit without saving changes

w write table to disk and exit

Command (m for help):

Command (m for help): n

First cylinder (1098-2434, default 1098):

Using default value 1098

Last cylinder or +size or +sizeM or +sizeK (1098-2434, default 2434):

+100M

Command (m for help): p





Command (m for help): d

Command (m for help): 10 #write the number of

partition

Command (m for help): w

[root@client1 ~]#

To update the kernel without restarting

[root@client1 ~]# partprobe /dev/hda


Step 2 ) Make the filesystem ( i.e format the partition) ext2, ext3,

vfat

[root@client1 ~]# mkfs.ext2 /dev/hda8

[root@client1 ~]# mkfs.ext3 /dev/hda9

[root@client1 ~]# mkfs.vfat /dev/hda10

24

Step 3 ) Create a folder & Mount the partition to use

[root@client1 ~]# mkdir /mnt/song /mnt/video /mnt/music

[root@client1 ~]# mount /dev/hda8 /mnt/song

[root@client1 ~]# mount /dev/hda9 /mnt/video

[root@client1 ~]# mount /dev/hda10 /mnt/music

[root@client1 ~]# mount

Step 4 ) Write the data inside the partition

[root@client1 ~]# cd /mnt/song

[root@client1 song]#

[root@client1 song]# touch myfile1 myfile2 myfile3

[root@client1 song]# mkdir hyd sec bhills ameerpet

[root@client1 song]# ls

***************** This is the output ********************

ameerpet bhills hyd lost+found myfile1 myfile2 myfile3 sec

[root@client1 myfolder]#

Converting from ext3 to ext2

[root@client1 ~]# umount /dev/hda8

[root@client1 ~]# tune2fs -O ^has_journal /dev/hda8

[root@client1 ~]# mount /dev/hda8 /myfolder/


Convert from ext2 to ext3

[root@client1 ~]# umount /dev/hda8

[root@client1 ~]# tune2fs -j /dev/hda8

[root@client1 ~]# mount /dev/hda8 /myfolder


25

Creating a Swap Partition

Step 1 ) Create the required partition (say 9 partition)



:p

:n

:t { to change the partition ID}

:82 { for swap partition }

:w { save & exit }

[root@client1 ~]#


[root@client1 ~]# fdisk –l

Step 2 ) Make the partition as swap

[root@client1 ~]# mkswap /dev/hda9

To see the status

[root@client1 ~]# swapon –s

To on the swap partition

[root@client1 ~]# swapon /dev/hda9

Again see the status

[root@client1 ~]# swapon -s

To put Off the swap partition

[root@client1 ~]# swapoff /dev/hda9

[root@client1 ~]# swapon –s

26

LABELS

To check the label

[root@client1 ~]# e2label /dev/hda8

To assign the labels

[root@client1 ~]# e2label /dev/hda8 linux

[root@client1 ~]# e2label /dev/hda8

linux

Permanent Mounting

Mounting the partition /dev/hda9 parmanently

[root@client1 ~]# vi /etc/fstab

LABEL=linux /myfolder ext3 defaults

0 0

:wq


[root@client1 ~]# mount -a


Mounting the cdrom

[root@client1 ~]# mkdir /media/cdrom

[root@client1 ~]# mount /dev/cdrom /media/cdrom

To see the disk space

[root@client1 ~]# df -h

To see the block size.

[root@client1 ~]# blockdev --getbsz /dev/hda8

1024

[root@client1 ~]# blockdev --getbsz /dev/hda3

4096

27

User and Group Quotas

Apply Quota on users & Group

Create required users & Group

[root@server ~]# useradd tom

[root@server ~]# groupadd salesgrp

[root@server ~]# groupadd fingrp

[root@server ~]# mkdir /salesdept

[root@server ~]# useradd -g salesgrp sai

[root@server ~]# useradd -g salesgrp ram

[root@server ~]# useradd -G fingrp tata

[root@server ~]# useradd -G fingrp birla

Step 1 ) Create a required partition

[root@server ~]# fdisk -l

[root@server ~]# fdisk /dev/hda

:n

:w

[root@server ~]# partprobe /dev/hda


[root@server ~]# mkfs.ext3 /dev/hda9

Step 2) Mount the partition with user & group quota parameters.

[root@server ~]# mount -o usrquota,grpquota /dev/hda9 /salesdept

[root@server ~]# mount

[root@server ~]# chmod 777 /salesdept/

Step 3 ) Create the Quota Database file

[root@server ~]# quotacheck -cugv /salesdept/

[root@server ~]# ls /salesdept/

aquota.group aquota.user lost+found

28

Step 4) Check the quota Status

[root@server ~]# quotaon -p /dev/hda9

group quota on /salesdept (/dev/hda9) is off

user quota on /salesdept (/dev/hda9) is off

Step 5 ) Enable the quota partition

[root@server ~]# quotaon /dev/hda9

[root@server ~]# quotaon -p /dev/hda9

group quota on /salesdept (/dev/hda9) is on

user quota on /salesdept (/dev/hda9) is on

Step 6 ) Apply quota on a user tom

[root@server ~]# edquota -u tom

Disk quotas for user tom (uid 500):

Filesystem blocks soft hard inodes soft

hard

/dev/hda9 0 0 0 0 3

5

:wq

[root@server ~]# su - tom

[tom@server ~]$ cd /salesdept/

[tom@server salesdept]$ ll

[tom@server salesdept]$ touch tfa

[tom@server salesdept]$ touch tfb

[tom@server salesdept]$ touch tfc

[tom@server salesdept]$ touch tfd

hda9: warning, user file quota exceeded.

[tom@server salesdept]$ mkdir tda

[tom@server salesdept]$ mkdir tdb

hda9: write failed, user file limit reached.

mkdir: cannot create directory `tdb': Disk quota exceeded

29

Step 7 ) Apply quota on a group salesgrp who has primary members as sai

& ram

[root@server ~]# edquota -g salesgrp

[root@server ~]# edquota -g salesgrp

Disk quotas for group salesgrp (gid 501):

Filesystem blocks soft hard inodes

soft hard

/dev/hda9 0 0 0 5

3 5

:wq!

[root@server ~]# cd /salesdept/

[root@server salesdept]# su sai

[sai@server salesdept]$ groups

salesgrp

[sai@server salesdept]$ touch sai1 sai2 sai3

[sai@server salesdept]$ exit

exit

[root@server salesdept]# su ram

[ram@server salesdept]$ groups

salesgrp

[ram@server salesdept]$ touch ram1

hda9: warning, group file quota exceeded.



hda9: write failed, group file limit reached.

touch: cannot touch `ram4': Disk quota exceeded

[ram@server salesdept]$ ll

total 36

-rw------- 1 root root 7168 Jul 15 01:52 aquota.group

-rw------- 1 root root 7168 Jul 15 01:53 aquota.user

drwx------ 2 root root 16384 Jul 15 01:38 lost+found

-rw-r--r-- 1 ram salesgrp 0 Jul 15 01:53 ram1

-rw-r--r-- 1 ram salesgrp 0 Jul 15 01:53 ram3

-rw-r--r-- 1 sai salesgrp 0 Jul 15 01:53 sai1



[ram@server salesdept]$

Note : Quotas are not applicable on secondary group members

30

Access Control List

Create required users & Group

[root@server ~]# useradd tom

[root@server ~]# groupadd salesgrp

[root@server ~]# groupadd fingrp


[root@server ~]# useradd -g salesgrp sai

[root@server ~]# useradd -g salesgrp ram

[root@server ~]# useradd -G fingrp tata

[root@server ~]# useradd -G fingrp birla

Note: Acl's are applied on both primary & secondary members

Step 1 ) Create a required partition

[root@server ~]# fdisk -l

[root@server ~]# fdisk /dev/hda

:n

:w

[root@server ~]# partprobe /dev/hda


[root@server ~]# mkfs.ext3 /dev/hda9

Step 2) Mount the partition with ACLs parameters.

[root@server ~]# mount -o acl /dev/hda9 /salesdept

[root@server ~]# mount

[root@server ~]# chmod 777 /salesdept/

Step 3) Apply ACLS on users & groups

[root@server salesdept]# touch fabc.txt

To apply acl's on users & groups

[root@server salesdept]# setfacl -m

u:tom:rwx,u:ram:rx,g:salesgrp:rx,g:fingrp:rw fabc.txt

31

To check acl list

[root@server salesdept]# getfacl fabc.txt

To modify permission for user tom

[root@server salesdept]# setfacl -m u:tom:r fabc.txt


To exclude user tom ,group fingrp from ACL list

[root@server salesdept]# setfacl -x u:tom,g:fingrp fabc.txt


32

Advanced file permissions

To view the location of a command use which

[root@client24 myfolder]# which cat

/bin/cat

[root@client24 myfolder]# ls -ld /bin/cat

-rwxr-xr-x 1 root root 23100 Nov 27 2006 /bin/cat

[root@client24 myfolder]# su - tom

[tom@client24 ~]$ cat > myfile

hello

Open another terminal as root user

root@client24 ~]# ps -aux

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME

COMMAND

tom 3972 0.0 0.1 3680 432 pts/1 S+ 22:01 0:00 cat


-rwxr-xr-x 1 root root 23100 Nov 27 2006 /bin/cat

Set SUID on the file

[root@client24 myfolder]# chmod 4755 /bin/cat


-rwsr-xr-x 1 root root 23100 Nov 27 2006 /bin/cat


[tom@client24 ~]$ cat >> myfile

Open another terminal as root user

root@client24 ~]# ps -aux

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME

COMMAND

root 4032 0.0 0.1 3680 436 pts/1 S+ 22:05 0:00 cat

[root@client24 ~]# mkdir /myfolder

33

[root@client24 ~]# cd /myfolder

[root@client24 myfolder]# ls

[root@client24 myfolder]# cat > test

Learning Linux is a wise man's decesion.

[root@client24 myfolder]# ls -ld test

-rw-r--r-- 1 root root 41 Jul 13 21:22 test

[root@client24 myfolder]# ls -ld /myfolder

drwxrwxrwx 2 root root 4096 Jul 13 21:21 /myfolder

Set SGID on the folder

[root@client24 myfolder]# chmod 2777 /myfolder

[root@client24 myfolder]# ls -ld /myfolder

drwxrwsrwx 2 root root 4096 Jul 13 21:21 /myfolder


test


[tom@client24 ~]$ cd /myfolder

[tom@client24 myfolder]$ ls -l

total 4


[tom@client24 myfolder]$ cat > myfile

file to test SGID

[tom@client24 myfolder]$ ls -ld myfile

-rw-r--r-- 1 tom root 18 Jul 13 22:14 myfile

[root@client24 myfolder]# su - joy

[joy@client24 ~]$ cd /myfolder

[joy@client24 myfolder]$ ls -l

total 8

-rw-r--r-- 1 tom root 18 Jul 13 22:14 myfile


[joy@client24 myfolder]$ cat > joy_file

34

hello this file is created by joy but because of SGID bit set its group

ownership will be root

[joy@client24 myfolder]$ ls -ld joy_file

-rw-rw-r-- 1 joy root 95 Jul 13 22:15 joy_file

joy and tom have the same primary group called joy

[root@client24 ~]# mkdir /sticky

[root@client24 ~]# chmod 777 /sticky

[root@client24 ~]# su - tom

[tom@client24 ~]$ cd /sticky

[tom@client24 sticky]$ ls -l

total 0

[tom@client24 sticky]$ cat > tom_file

hello am tom, am going to set sticky bit on the /sticky folder.

[tom@client24 sticky]$ ls -l

total 4

-rw-r--r-- 1 tom joy 64 Jul 13 22:36 tom_file

[tom@client24 sticky]$ chmod 664 tom_file

[tom@client24 sticky]$ ls -ld tom_file

-rw-rw-r-- 1 tom joy 64 Jul 13 22:36 tom_file

[root@client24 sticky]# su - joy

[joy@client24 ~]$ cd /sticky

[joy@client24 sticky]$ ls -l

total 4

-rw-rw-r-- 1 tom joy 64 Jul 13 22:37 tom_file

[joy@client24 sticky]$ rm tom_file

[joy@client24 sticky]$ ls

To avoid joy to del the file owned by the user tom apply sticky bit on

the folder.

[root@client24 sticky]# ls -ld /sticky

35

drwxrwxrwx 2 root root 4096 Jul 13 22:38 /sticky

Set Sticky Bit

[root@client24 sticky]# chmod 1777 /sticky

[root@client24 sticky]# ls -ld

drwxrwxrwt 2 root root 4096 Jul 13 22:38 .

[root@client24 sticky]# su - tom

[tom@client24 ~]$ cd /sticky/

[tom@client24 sticky]$ ls

[tom@client24 sticky]$ cat > tom_file

This file is created by tom whose primary group is joy, but joy cannot

delete this file.

[tom@client24 sticky]$ ls -ld /sticky/tom_file

-rw-r--r-- 1 tom joy 89 Jul 13 22:41 /sticky/tom_file

[root@client24 sticky]# su - joy

[joy@client24 ~]$ cd /sticky/


total 4


[joy@client24 sticky]$ rm tom_file

rm: remove write-protected regular file `tom_file'? y

rm: cannot remove `tom_file': Operation not permitted


total 4


36

Links


/dev/hda3 on / type ext3 (rw)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=5,mode=620)

/dev/hda1 on /boot type ext3 (rw)

tmpfs on /dev/shm type tmpfs (rw)

/dev/hda5 on /home type ext3 (rw)

/dev/hda2 on /usr type ext3 (rw)

/dev/hda6 on /var type ext3 (rw)

/dev/hda8 on /myfolder type ext3 (rw)

none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)

[root@client1 ~]#

[root@client1 ~]# cd /myfolder


[root@client1 myfolder]# cat > original_file

This is the original file to test links

[root@client1 myfolder]# ls -ld original_file

-rw-r--r-- 1 root root 40 Jul 12 21:12 original_file

[root@client1 myfolder]# cd

Setting a soft link

[root@client1 ~]# ln -s /myfolder/original_file softlink

[root@client1 ~]# ls -ld softlink

lrwxrwxrwx 1 root root 23 Jul 12 21:12 softlink ->

/myfolder/original_file

[root@client1 ~]# cat softlink


[root@client1 ~]# cat >> softlink

this line is appended by the softlink

[root@client1 ~]# cat /myfolder/original_file


this line is appended by the softlink

37

[root@client1 ~]# ls -ld /myfolder/original_file

-rw-r--r-- 1 root root 78 Jul 12 21:13 /myfolder/original_file

[root@client1 ~]# ls -ld softlink

lrwxrwxrwx 1 root root 23 Jul 12 21:12 softlink ->

/myfolder/original_file

[root@client1 ~]# rm /myfolder/original_file

rm: remove regular file `/myfolder/original_file'? y

[root@client1 ~]# cat softlink

cat: softlink: No such file or directory

Setting a Hard Link

[root@client1 ~]# ln /myfolder/original_file hardlink

ln: creating hard link `hardlink' to `/myfolder/original_file': Invalid

cross-device link

[root@client1 ~]# cd /

[root@client1 /]# cat > original

This is the original file to test links.

[root@client1 /]# cd

[root@client1 ~]# ln /original /root/hardlink

[root@client1 ~]# ls -ld /root/hardlink

-rw-r--r-- 2 root root 41 Jul 12 21:16 /root/hardlink

[root@client1 ~]# ls -ld /original

-rw-r--r-- 2 root root 41 Jul 12 21:16 /original


[root@client1 /]# cat > original


[root@client1 /]# cd

[root@client1 ~]# ln /original /root/hardlink



38



[root@client1 ~]# cat >> hardlink

this is appended by the hardlink file





[root@client1 ~]# rm /original

rm: remove regular file `/original'? y

[root@client1 ~]# cat hardlink


this is appended by the hardlink file

39

Example to Configure RAID 5

Install the required packages

[root@client1 ~]# yum install mdadm* -y

Create the required partition

[root@client1 ~]# mdadm -C /dev/md0 -n3 /dev/hda11 /dev/hda12

/dev/hda13 -l5

mdadm: array /dev/md0 started.

To see the detail information of /dev/md0

[root@client1 ~]# mdadm -D /dev/md0

Format the raid meta device

[root@client1 ~]# mkfs.ext3 /dev/md0

Mount the partition

[root@client1 ~]# mount /dev/md0 /raid_dir


[root@client1 ~]# cd /raid_dir/

[root@client1 raid_dir]# ls

lost+found

Write some content inside the raid partition

[root@client1 raid_dir]# cat > test

hello this is a test file on raid 5

[root@client1 raid_dir]# ls -l

To add a new device as spare

[root@client1 ~]# mdadm -a /dev/md0 /dev/hda14


[root@client1 ~]# mdadm /dev/md0 -f /dev/hda12

mdadm: set /dev/hda12 faulty in /dev/md0

To see the detail information of /dev/md0


40

To remove the faulty device

[root@client1 raid_dir]# mdadm /dev/md0 -r /dev/hda12

mdadm: hot removed /dev/hda12

[root@client1 raid_dir]# mdadm -D /dev/md0

[root@client1 raid_dir]# cd

To stop the raid first unmount the meta device.

[root@client1 ~]# umount /dev/md0

[root@client1 ~]# mdadm -S /dev/md0

mdadm: stopped /dev/md0

To activate or assemble the raid meta device

[root@client1 ~]# mdadm -A /dev/md0 /dev/hda11 /dev/hda14 /dev/hda13

mdadm: /dev/md0 has been started with 3 drives.

41

Logical Volume Manager

To view the Hard disk name and partition information


Disk /dev/hda: 40.0 GB, 40020664320 bytes

255 heads, 63 sectors/track, 4865 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System

/dev/hda1 * 1 13 104391 83 Linux

/dev/hda2 14 523 4096575 83 Linux

/dev/hda3 524 778 2048287+ 83 Linux

/dev/hda4 779 4865 32828827+ 5 Extended

/dev/hda5 779 905 1020096 83 Linux

/dev/hda6 906 1032 1020096 83 Linux

/dev/hda7 1033 1097 522081 82 Linux swap /

Solaris

/dev/hda8 1098 2314 9775521 83 Linux

Create 3 partitions


The number of cylinders for this disk is set to 4865.

There is nothing wrong with that, but this is larger than 1024,

and could in certain setups cause problems with:

1) software that runs at boot time (e.g., old versions of LILO)

2) booting and partitioning software from other OSs

(e.g., DOS FDISK, OS/2 FDISK)





+200M





+200M





+200M

42


The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or

resource busy.

The kernel still uses the old table.

The new table will be used at the next reboot.

Syncing disks.







/dev/hda1 * 1 13 104391 83 Linux

/dev/hda2 14 523 4096575 83 Linux

/dev/hda3 524 778 2048287+ 83 Linux

/dev/hda4 779 4865 32828827+ 5 Extended

/dev/hda5 779 905 1020096 83 Linux

/dev/hda6 906 1032 1020096 83 Linux


Solaris

/dev/hda8 1098 2314 9775521 83 Linux

/dev/hda9 2315 2339 200781 83 Linux

/dev/hda10 2340 2364 200781 83 Linux

/dev/hda11 2365 2389 200781 83 Linux

Create Physical Volumes

[root@client24 ~]# pvcreate /dev/hda9 /dev/hda10 /dev/hda11

Physical volume "/dev/hda9" successfully created



To view Physical Volumes

[root@client24 ~]# pvdisplay

--- Physical volume ---

PV Name /dev/hda9

VG Name vg1

PV Size 196.08 MB / not usable 4.08 MB

Allocatable yes (but full)

PE Size (KByte) 4096

Total PE 48

Free PE 0

Allocated PE 48

PV UUID 5r8qvn-GF0k-NAfo-Rhqc-I3Qn-ZWws-zLCvks


PV Name /dev/hda10

43

VG Name vg1


Allocatable yes


Total PE 48

Free PE 21

Allocated PE 27

PV UUID ys5Wd9-YiQ5-mM7c-sjrt-Mcwb-35oF-8mFyDW


PV Name /dev/hda11

VG Name vg1


Allocatable yes


Total PE 48

Free PE 48

Allocated PE 0

PV UUID 5U81jh-Uddd-0giT-GYUT-pkvu-3MK3-KNkZJi

To create Volume Group

[root@client24 ~]# vgcreate vg1 /dev/hda9 /dev/hda10 /dev/hda11

Volume group "vg1" successfully created

To display Volume Group Information.

[root@client24 ~]# vgdisplay

--- Volume group ---

VG Name vg1

System ID

Format lvm2

Metadata Areas 3

Metadata Sequence No 2

VG Access read/write

VG Status resizable

MAX LV 0

Cur LV 1

Open LV 0

Max PV 0

Cur PV 3

Act PV 3

VG Size 576.00 MB

PE Size 4.00 MB

Total PE 144

Alloc PE / Size 75 / 300.00 MB

Free PE / Size 69 / 276.00 MB

VG UUID P1zXt6-yBWW-SoUq-ZeF1-K7pf-Z69D-GVz8Up

To create logical Volume

[root@client24 ~]# lvcreate vg1 -L +300M -n lv1

Logical volume "lv1" created

44

To view Logical Volume Information.

[root@client24 ~]# lvdisplay

--- Logical volume ---

LV Name /dev/vg1/lv1

VG Name vg1

LV UUID ZvsfPh-Ve0c-y4Qa-VUYy-HbdR-lG3G-66703a

LV Write Access read/write

LV Status available

# open 0

LV Size 300.00 MB

Current LE 75

Segments 2

Allocation inherit

Read ahead sectors 0

Block device 253:0

[root@client24 ~]#

Format the Logical Volume

[root@client24 ~]# mkfs.ext3 /dev/vg1/lv1

mke2fs 1.39 (29-May-2006)

Filesystem label=

OS type: Linux

Block size=1024 (log=0)

Fragment size=1024 (log=0)

102400 inodes, 409600 blocks

20480 blocks (5.00%) reserved for the super user

First data block=1

Maximum filesystem blocks=67633152

50 block groups

8192 blocks per group, 8192 fragments per group

2048 inodes per group

Superblock backups stored on blocks:

8193, 24577, 40961, 57345, 73729, 204801, 221185, 401409

Writing inode tables: done

Creating journal (8192 blocks): done

Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 20 mounts or

180 days, whichever comes first. Use tune2fs -c or -i to override.

[root@client24 ~]# mkdir /mylvm

[root@client24 ~]# mount /dev/vg1/lv1 /mylvm


/dev/hda3 on / type ext3 (rw)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=5,mode=620)

/dev/hda1 on /boot type ext3 (rw)

tmpfs on /dev/shm type tmpfs (rw)

/dev/hda5 on /home type ext3 (rw)

45

/dev/hda2 on /usr type ext3 (rw)

/dev/hda6 on /var type ext3 (rw)

/dev/hda8 on /dada type ext3 (rw)

none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)

/dev/mapper/vg1-lv1 on /mylvm type ext3 (rw)

To resize the Logical Volume

[root@client24 ~]# lvresize -L +100M /dev/vg1/lv1

Extending logical volume lv1 to 400.00 MB

Logical volume lv1 successfully resized

[root@client24 ~]# lvdisplay

--- Logical volume ---

LV Name /dev/vg1/lv1

VG Name vg1

LV UUID ZvsfPh-Ve0c-y4Qa-VUYy-HbdR-lG3G-66703a

LV Write Access read/write

LV Status available

# open 0

LV Size 400.00 MB

Current LE 100

Segments 3

Allocation inherit

Read ahead sectors 0

Block device 253:0

[root@client24 ~]# cd /mylvm

[root@client24 mylvm]# ls

lost+found

[root@client24 mylvm]# touch file1 file2 file3

[root@client24 mylvm]# mkdir hyd sec

[root@client24 mylvm]# ls

file1 file2 file3 hyd lost+found sec

To remove logical Volume

[root@client24 ~]# cd

[root@client24 ~]# umount /mylvm

[root@client24 ~]# lvremove /dev/vg1/lv1

Do you really want to remove active logical volume "lv1"? [y/n]: y

Logical volume "lv1" successfully removed

46


The number of cylinders for this disk is set to 4865.

There is nothing wrong with that, but this is larger than 1024,

and could in certain setups cause problems with:

1) software that runs at boot time (e.g., old versions of LILO)

2) booting and partitioning software from other OSs

(e.g., DOS FDISK, OS/2 FDISK)


First cylinder (2390-4865, default 2390): +300M

Value out of range.

First cylinder (2390-4865, default 2390): w




+300M


The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or

resource busy.

The kernel still uses the old table.

The new table will be used at the next reboot.

Syncing disks.







/dev/hda1 * 1 13 104391 83 Linux

/dev/hda2 14 523 4096575 83 Linux

/dev/hda3 524 778 2048287+ 83 Linux

/dev/hda4 779 4865 32828827+ 5 Extended

/dev/hda5 779 905 1020096 83 Linux

/dev/hda6 906 1032 1020096 83 Linux


Solaris

/dev/hda8 1098 2314 9775521 83 Linux

/dev/hda9 2315 2339 200781 83 Linux

/dev/hda10 2340 2364 200781 83 Linux

/dev/hda11 2365 2389 200781 83 Linux

/dev/hda12 2390 2426 297171 83 Linux

47

[root@client24 ~]# pvcreate /dev/hda12


To extend the volume group.

[root@client24 ~]# vgextend vg1 /dev/hda12

Volume group "vg1" successfully extended

[root@client24 ~]# vgdisplay

--- Volume group ---

VG Name vg1

System ID

Format lvm2

Metadata Areas 4

Metadata Sequence No 5

VG Access read/write

VG Status resizable

MAX LV 0

Cur LV 0

Open LV 0

Max PV 0

Cur PV 4

Act PV 4

VG Size 864.00 MB

PE Size 4.00 MB

Total PE 216

Alloc PE / Size 0 / 0

Free PE / Size 216 / 864.00 MB

VG UUID P1zXt6-yBWW-SoUq-ZeF1-K7pf-Z69D-GVz8Up

48

Backups

Create a folder

[root@client24 myfolder]# mkdir /myfolder

[root@client24 ~]# cd /myfolder/

[root@client24 myfolder]# mkdir dir1

[root@client24 myfolder]#touch 1 test_file tom_file


1 dir1 test_file tom_file

Use the tar command to tape archive the folder.

[root@client24 ~]# tar -cvf myfolder.tar /myfolder

tar: Removing leading `/' from member names

/myfolder/

/myfolder/dir1/

/myfolder/tom_file

/myfolder/test_file

/myfolder/1

[root@client24 ~]# ls -ld myfolder.tar

-rw-r--r-- 1 root root 10240 Jul 13 03:07 myfolder.tar

To zip the tar file.

[root@client24 ~]# gzip myfolder.tar

[root@client24 ~]# ls -ld myfolder.tar.gz

-rw-r--r-- 1 root root 264 Jul 13 03:07 myfolder.tar.gz

To unzip the tar file

[root@client24 ~]# gunzip myfolder.tar.gz

[root@client24 ~]# ls -ld myfolder.tar

-rw-r--r-- 1 root root 10240 Jul 13 03:07 myfolder.tar

[root@client24 ~]# rm myfolder.tar

rm: remove regular file `myfolder.tar'? y

49

To create a tar file with zip

[root@client24 ~]# tar -cvzf myfolder.tar.gz /myfolder

tar: Removing leading `/' from member names

/myfolder/

/myfolder/dir1/

/myfolder/tom_file

/myfolder/test_file

/myfolder/1

[root@client24 ~]# ls -ld myfolder.tar.gz

-rw-r--r-- 1 root root 251 Jul 13 03:09 myfolder.tar.gz

To view the contents of the tar file without extracting.

[root@client24 ~]# tar -tvzf myfolder.tar.gz

drwxrwxrwx root/root 0 2008-07-13 01:31:34 myfolder/

drwxr-xr-x root/root 0 2008-07-13 01:28:39 myfolder/dir1/

-rw-r--r-- tom/joy 12 2008-07-13 01:29:51 myfolder/tom_file

-rw-rw-rw- root/root 0 2008-07-13 00:06:35 myfolder/test_file

-rw-r--r-- tom/joy 0 2008-07-13 01:31:34 myfolder/1

[root@client24 ~]# rm -r /myfolder

rm: descend into directory `/myfolder'? y

rm: remove directory `/myfolder/dir1'? y

rm: remove regular file `/myfolder/tom_file'? y

rm: remove regular empty file `/myfolder/test_file'? y

rm: remove regular empty file `/myfolder/1'? y

rm: remove directory `/myfolder'? y


To extract the tar file.

[root@client24 /]# tar -xvzf /root/myfolder.tar.gz

myfolder/

myfolder/dir1/

myfolder/tom_file

myfolder/test_file

myfolder/1

[root@client24 /]# ls -ld myfolder

drwxrwxrwx 3 root root 4096 Jul 13 01:31 myfolder

[root@client24 /]# ls /myfolder/

1 dir1 test_file tom_file

[root@client24 ~]# cd /myfolder/

50

To copy files to archive.

[root@client24 myfolder]# ls | cpio -ov > myfolder.cpio

1

dir1

myfolder.cpio

test_file

tom_file

1 block


1 dir1 myfolder.cpio test_file tom_file



[root@client24 myfolder]# rm -r *

rm: remove regular empty file `1'? y

rm: remove directory `dir1'? y

rm: remove regular file `myfolder.cpio'? n

rm: remove regular empty file `test_file'? y

rm: remove regular file `tom_file'? y

To copy files from archive.

[root@client24 myfolder]# cpio -iv < myfolder.cpio

1

dir1

cpio: myfolder.cpio not created: newer or same age version exists

myfolder.cpio

test_file

tom_file

1 block



[root@client24 ~]# cat > test

test file for scp

51

Copy the test file to a remote systems /root directory

[root@client24 ~]# scp -r test 192.168.0.23:/root/

[email protected]'s password:

test

100% 18 0.0KB/s 00:00

[root@client24 ~]# rm test

rm: remove regular file `test'? y

Copy the file on a remote systems to the /root/test directory

[root@client24 ~]# scp -r 192.168.0.23:/root/test .

[email protected]'s password:

test

100% 18 0.0KB/s 00:00

[root@client24 ~]# ls -ld test


Scheduling using at command

[root@client24 ~]# at 5:30

at> mkdir dir1

at> <EOT>

job 2 at 2008-07-13 05:30

To view the at queues

[root@client24 ~]# atq

2 2008-07-13 05:30 a root

To remove the queue

[root@client24 ~]# atrm 2

52

Boot Process Practical

To view the default runlevel on boot

[root@client24 ~]# vi /etc/inittab

id:5:initdefault: line no 18

To view the present runlevel

[root@client24 ~]# runlevel

N 5

To switch to another runlevel

[root@client24 ~]# init 3




To view the grub configuration file

[root@client24 ~]# cat /boot/grub/grub.conf

To view the status of the services in all runlevels.

[root@client24 ~]# chkconfig --list

[root@client24 ~]# chkconfig --list kudzu

kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off

To set the status of a service

[root@client24 ~]# chkconfig bluetooth on

[root@client24 ~]# chkconfig --list bluetooth

bluetooth 0:off 1:off 2:on 3:on 4:on 5:on 6:off

[root@client24 ~]# chkconfig bluetooth off

bluetooth 0:off 1:off 2:off 3:off 4:off 5:off

6:off

[root@client24 ~]# service bluetooth restart

53

Installation of Packages through RPM or YUM

If you want to install from CD or DVD go to packages location generally

in /media/CDROM/Server

To install from NFS server where NFS server's IP is 192.168.0.250 and

share folder is /var/ftp/pub/Server mount the share at client side .

[root@client mnt]# mount 192.168.0.250:/var/ftp/pub/Server /mnt

[root@client mnt]# mount

[root@client mnt]# cd /mnt

[root@client mnt]# ls

To install packages

[root@client mnt]# rpm -i samba* vsftpd*

[root@client mnt]# rpm -iv samba* vsftpd*

[root@client mnt]# rpm -iv samba* vsftpd* --force

[root@client mnt]# rpm -ivh samba* vsftpd* --force

To remove the packages

[root@client mnt]# rpm -e vsftpd

[root@client mnt]# rpm -e vsftpd

[root@client mnt]# rpm -e samba --nodeps

To query the packages

[root@client mnt]# rpm -qa

[root@client mnt]# rpm -qa | sort | less

[root@client mnt]# rpm -q samba

[root@client mnt]# rpm -qa samba*

[root@client mnt]#

[root@client mnt]# rpm -qi samba

[root@client mnt]# rpm -ql samba

[root@client mnt]# rpm -qd samba

[root@client mnt]# rpm -qc samba

[root@client mnt]# rpm -qs samba

54

Installing through yum

Creating a repository at server side where all rpms are copied

[root@client ~]# cd /var/ftp/pub/Server

[root@client Server]# rpm -ivh createrepo-0.4.4-2.fc6.noarch.rpm --

force

Remove the old repodata

[root@client Server]# rm -rf repodata/

Create a new repodata

[root@client Server]# createrepo -g /media/cdrom/Server/repodata/comps-

rhel5-server-core.xml .

[root@client Server]# cd

[root@client ~]#

At client side edit the yum configuration file, provide the path of

repository

[root@client ~]# vi /etc/yum.repos.d/rhel-debuginfo.repo

[core]

name= Linux $releasever - $basearch - Debug

baseurl=ftp://192.168.0.250/pub/Server

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rp

:wq!


[root@client ~]# yum list

[root@client ~]# yum list installed

[root@client ~]# yum list installed samba*

[root@client ~]# yum install vsftpd* samba*

[root@client ~]# yum remove vsftpd* samba*

[root@client ~]# yum grouplist

[root@client ~]# yum groupinstall "Mail Server"

[root@client ~]# yum groupremove "Mail Server"

[root@client ~]# cd /media/cdrom/Server

[root@client ~]# yum localinstall vsftpd*

55

Introduction to Networking

To set the hostname temporarily

[root@station9 ~]# hostname station9.example.com

To view the hostname

[root@station9 ~]# hostname

station9.example.com

Set hostname permanently

[root@station9 ~]# vi /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=station9.example.com

:wq!

Set ip address temporarily

[root@station9 ~]# ifconfig eth0 192.168.0.9 netmask 255.255.255.0

View the interfaces.

[root@station9 ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:13:20:B7:1D:44

inet addr:192.168.0.9 Bcast:192.168.0.255

Mask:255.255.255.0

inet6 addr: fe80::213:20ff:feb7:1d44/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:48153 errors:4 dropped:0 overruns:0 frame:4

TX packets:21992 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:39512670 (37.6 MiB) TX bytes:1720318 (1.6 MiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1





56

Set permanent ip address

[root@station9 ~]# netconfig

Select yes and press the enter key

Press tab and select the text box for IP address

Enter the new IP address similarly enter the subnet mask, default

gateway and primary nameserver.

Select OK and press enter.

Restart the service to activate the new ip address

[root@station9 ~]# service network restart



inet addr:192.168.0.9 Bcast:192.168.0.255

Mask:255.255.255.0








inet addr:127.0.0.1 Mask:255.0.0.0







[root@station9 ~]# netconfig --device eth0:1

[root@station9 ~]# service network restart



inet addr:192.168.0.9 Bcast:192.168.0.255

Mask:255.255.255.0







eth0:1 Link encap:Ethernet HWaddr 00:13:20:B7:1D:44

inet addr:192.168.1.9 Bcast:192.168.1.255

57

Mask:255.255.255.0





RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)


inet addr:127.0.0.1 Mask:255.0.0.0







To set or view the network parameters.

[root@station9 ~]# ethtool eth0

Settings for eth0:

Supported ports: [ TP MII ]

Supported link modes: 10baseT/Half 10baseT/Full

100baseT/Half 100baseT/Full

Supports auto-negotiation: Yes

Advertised link modes: 10baseT/Half 10baseT/Full

100baseT/Half 100baseT/Full

Advertised auto-negotiation: Yes

Speed: 100Mb/s

Duplex: Full

Port: MII

PHYAD: 1

Transceiver: internal

Auto-negotiation: on

Supports Wake-on: g

Wake-on: g

Current message level: 0x00000007 (7)

Link detected: yes

[root@station9 ~]# ifup eth0

[root@station9 ~]# ifdown eth0

[root@station9 ~]# cd /etc/sysconfig/network-scripts/

[root@station9 network-scripts]# ls

ifcfg-eth0 ifdown-isdn ifup-ipsec ifup-routes

ifcfg-eth0:1 ifdown-post ifup-ipv6 ifup-sit

ifcfg-lo ifdown-ppp ifup-ipx ifup-sl

ifdown ifdown-sit ifup-isdn ifup-wireless

ifdown-aliases ifdown-sl ifup-plip init.ipv6-global

ifdown-ippp ifup ifup-plusb network-functions

ifdown-ipsec ifup-aliases ifup-post network-functions-ipv6

ifdown-ipv6 ifup-ippp ifup-ppp

58

[root@station9 network-scripts]# cat ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.0.9

NETMASK=255.255.255.0

GATEWAY=192.168.0.254

[root@station9 network-scripts]# cat ifcfg-eth0:1

DEVICE=eth0:1

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.1.9

NETMASK=255.255.255.0

GATEWAY=192.168.1.254

[root@station9 network-scripts]#

59

Configuration of NFS Server

NFS Server is used to share the folder among Linux/Unix to Linux/Unix

systems.

Step 1 ) CHECK & INSTALL PACKAGES

[root@nfs ~]# rpm -qa | grep nfs

or

[root@nfs ~]# yum list installed | grep nfs

[root@nfs ~]# yum remove nfs* -y

Method 1) Installing through rpm

[root@nfs ~]# mkdir /mnt

[root@nfs ~]# mount 192.168.0.250:/var/ftp/pub/Server /mnt

[root@nfs ~]# mount

[root@nfs ~]# cd /mnt

[root@nfs mnt]# ls

[root@nfs mnt]# rpm -ivh nfs* --force

Method 2 )Installing through yum

[root@nfs mnt]# yum install nfs* -y

Step 2) Create the resources (Files/Folders) to be shared

[root@nfs ~]# mkdir /var/zoom

[root@nfs ~]# mkdir /var/salesdept

[root@nfs salesdept]# chmod 777 /var/zoom

[root@nfs salesdept]# chmod 777 /var/salesdept/

[root@nfs ~]# cd /var/zoom/

[root@nfs zoom]# touch zfa.txt zfb.txt zfc.txt

[root@nfs zoom]# mkdir zdira zdirb zdirc

[root@nfs zoom]# ls

[root@nfs zoom]# cd /var/salesdept

[root@nfs salesdept]# touch sfa.txt sfb.txt sfc.txt

[root@nfs salesdept]# mkdir sda sdb sdc

60

[root@nfs salesdept]# ls -l

Step 3) Add the entries of folders to be shared in /etc/exports file

[root@nfs ~]# vi /etc/exports

/var/zoom 192.168.0.0/255.255.255.0(ro,async)

/var/salesdept 192.168.0.10(rw,sync) 192.168.0.20(rw,async)

:wq!

Step 4 ) Start the Services

[root@nfs ~]# service nfs restart

Step 5) Check the list of shares form NFS server

Syntax : showmount -e <nfs_server_name/ip>

[root@nfs ~]# showmount -e 192.168.0.4

61

Client Side Configuration

To see the list of shares from NFS server

[root@client ~]# ssh 192.168.0.Y

Where Y is any Client IP

[root@client ~]# showmount –e 192.168.0.X

Where X is NFS server IP

[root@client ~]# mkdir /misc/nfs1 /misc/nfs2

[root@client ~]# mount 192.168.0.X:/var/zoom /misc/nfs1

[root@client ~]# mount 192.168.0.X:/var/salesdept /misc/nfs2

[root@client ~]# mount

[root@client ~]# ls /misc/nfs1

[root@client ~]# ls /misc/nfs2

62

Configuration of FTP Server

Step 1) CHECK & INSTALL PACKAGES

[root@mail ~]# rpm -qa | grep vsftpd

[root@mail ~]# yum remove vsftpd* -y

[root@mail ~]# rm -r /etc/vsftpd*

[root@mail ~]# yum install vsftpd* -y

Step 2) Create the resources on ftp server (file/folders & users)

[root@mail ~]# useradd tom

[root@mail ~]# useradd joy

[root@mail ~]# passwd tom

[root@mail ~]# passwd joy

Create or Copy some files inside /var/ftp/pub

[root@mail ~]# cd /var/ftp/pub

[root@mail pub]# touch fa.txt fb.txt music.mp3

[root@mail pub]# ls

Create a Upload folder for anonymous users

[root@mail pub]# mkdir /var/ftp/zoomupload

[root@mail pub]# chmod 777 /var/ftp/zoomupload

NOTE : Create a .message file in a folder to display the message on

entering the zoomupload folder.

[root@mail zoomupload]# cat > /var/ftp/zoomupload/.message

This is an Upload Directory For Anonymous

[root@mail zoomupload]#

Step 3) Edit the Main Configuration File

63

[root@mail ~]# vi /etc/vsftpd/vsftpd.conf

12 anonymous_enable=YES

15 local_enable=YES

27 anon_upload_enable=YES

35 dirmessage_enable=YES

83 ftpd_banner=Welcome to Zoom Linux.

:wq!

Step 4 )

To block the ftp server users (for eg:-- joy) write the user name in

/etc/vsftpd/ftpusers

[root@mail ~]# vi /etc/vsftpd/ftpusers

joy

:wq!

Step 5) Start the service

[root@mail ~]# service vsftpd restart

64


ftp Clients

ftp

gftp

browser

[root@client ~]# ftp 192.168.0.253

Name (192.168.0.253:root): ftp

331 Please specify the password.

Password:

230 Login successful.

ftp> ls

drwxr-xr-x 3 0 0 4096 Jul 11 20:44 pub

drwxrwxrwx 2 0 0 4096 Jul 11 21:05 zoomupload

To download a single/multiple file use get/mget command

ftp> cd pub

ftp> ls

-rw-r--r-- 1 0 0 0 Jul 11 20:42 fa.txt

-rw-r--r-- 1 0 0 0 Jul 11 20:42 fb.txt

-rw-r--r-- 1 0 0 0 Jul 11 20:42 music.mp3

ftp> get <download file name>

TO upload a single/multiple file use put/mput command

ftp> pwd

ftp> cd ..

ftp> cd zoomupload

ftp> pwd

ftp> mput <upload file name>

ftp> ls

ftp> bye

65

Configuration of Samba Server

It is used to share the files/folders between Linux/Unix to Windows and

vice versa.

Step 1) CHECK & INSTALL PACKAGES

[root@smb ~]# rpm -qa | grep samba

OR

[root@smb ~]# yum list installed | grep samba

[root@smb ~]# yum remove samba* -y

[root@smb ~]# rm -r /etc/samba*

[root@smb ~]# yum install samba* -y

Step 2) Create the resources on Samba server (file/folders & users)

[root@smb ~]# useradd tom

[root@smb ~]# useradd joy

[root@smb ~]# passwd tom

[root@smb ~]# passwd joy

Create or Copy some files inside /var/zoom

[root@smb ~]# mkdir /var/zoom

[root@smb ~]# chmod 777 /var/zoom

[root@smb ~]# cd /var/zoom

[root@smb zoom ]# touch fa.txt fb.txt music.mp3

[root@smb zoom ]# ls


[root@smb ~]# vi /etc/samba/smb.conf

# Go to end of file copy last 8 lines 8yy and press p to paste

[salesshare]

comment = This share is for sales dept

path = /var/zoom

valid users = tom joy

public = no

writable = yes

printable = no

create mask = 0765

:wq!

66

Step 4) Provide a separate samba password for samba users.

[root@smb ~]# smbpasswd -a tom

[root@smb ~]# smbpasswd -a joy

Step 5 ) Check the syntax of configuration file

[root@smb ~]# testparm

Step 6 ) Start the services

[root@smb ~]# service smb restart

67


Scenario 1) Windows as client for Linux Samba Server

Login to windows pc from Linux by using rdesktop command where windows

ip is 192.168.0.16 and samba server’s ip is 192.168.0.253

[root@smb ~]# rdesktop 192.168.0.16 &

Login to windows machine

Click on start button

Run

open [ \\ip\sharename ]

eg. [ \\192.168.0.100\sharename ]

provide samba username & password

Scenario 2) Linux as client for Linux Samba Server

To see the list linux Samba Server in network

[root@client ~]# findsmb

To see the list of Shares on Samba Server

[root@client ~]# smbclient -L //192.168.0.253

Method 1) By mounting

[root@client ~]# mount //192.168.0.253/salesshare /mnt -o

username=tom

Password:


[root@client ~]# cd /mnt


68

Method 2) By smbclient method

Use put and get commands to upload and download respectively.

[root@client ~]# smbclient //192.168.0.253/salesshare -U tom

Password:

Domain=[SMB] OS=[Unix] Server=[Samba 3.0.23c-2]

smb: \> ls

. D 0 Sat Jul 12 03:29:30

2008

.. D 0 Sat Jul 12 03:28:54

2008

fa.txt 0 Sat Jul 12 03:29:30

2008

music.mp3 0 Sat Jul 12 03:29:30

2008

fb.txt 0 Sat Jul 12 03:29:30

2008

61755 blocks of size 16384. 52294 blocks available

smb: \> exit

[root@client ~]#

Scenario 3) Linux as client for Windows [ IP=192.168.0.16 ]

In windows the shared folders are windir1 windir2 and the users are

winu1 winu2

Method 1) By mounting

[root@client ~]# mount //192.168.0.16/windir1 /mnt -o username=winu1

Password:


[root@client ~]# cd /mnt


Method 2) By smbclient method

Use put and get commands to upload and download respectively.

[root@client ~]# smbclient //192.168.0.16/windir2 -U winu1

Password:

smb: \> ls

smb: \> help

smb: \> exit

[root@client ~]#

69

Configuration of Master DNS Server

Current DNS Master IP is 192.168.0.1

Current DNS Slave IP is 192.168.0.2

Step 1: CHECK IP & HOST ENTRIES

[root@client ~]# ifconfig

[root@client ~]# netconfig

[root@client ~]# service network restart

[root@client ~]# ping 192.168.0.0 -b

[root@client ~]# vi /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=masterdns.zoom.com

:wq!

[root@client ~]# vi /etc/hosts

127.0.0.1 localhost.localdomain localhost

192.168.0.1 masterdns.zoom.com masterdns

:wq!

[root@client ~]# hostname masterdns.zoom.com

[root@client ~]# hostname

masterdns.zoom.com

* NOW LOG OFF & LOG IN *

Step 2 : CHECK & INSTALL THE PACKAGES

[root@masterdns ~]# rpm -qa | egrep -i "bind|caching"

Or

[root@masterdns ~]# yum list installed | egrep -i "bind|caching"

[root@masterdns ~]# yum remove bind* caching* -y

[root@masterdns ~]# rm -r /etc/named*

[root@masterdns ~]# rm -rf /var/named*

Now Install the packages

[root@masterdns ~]# yum install bind* cach* -y

70

Step 3a) Edit Main Configuration File 1

[root@masterdns ~]# vi /etc/named.caching-nameserver.conf

listen-on port 53 { 127.0.0.1; 192.168.0.1; }; ## line no 15

allow-query { localhost; 192.168.0.0/24; }; ## line no 23

match-clients { localhost; 192.168.0.0/24; }; ## line no 32

:wq!

Step 3b) Edit Main Configuration File 2

[root@masterdns ~]# vi /etc/named.rfc1912.zones

#Copy the sample script forward/reverse zone by pressing 12yy & paste press p

zone "localhost" IN { ## 12yy

type master;

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

};

##p

zone "zoom.com" IN {

type master;

file "zoom.for";

allow-update { 192.168.0.2; }; ## Slaves IP

};


type master;

file "zoom.rev";

allow-update { 192.168.0.2; }; ## Slaves IP

};

:wq!

Step 4) Create FORWARD ZONE & REVERSE ZONE

[root@masterdns ~]# cd /var/named/chroot/var/named/

[root@masterdns named]# ls

[root@masterdns named]# cp -p localhost.zone zoom.for

[root@masterdns named]# cp -p named.local zoom.rev

[root@masterdns named]# ll

71

EDIT THE FORWARD ZONE FILE

[root@masterdns named]# vi zoom.for

$TTL 86400

@ IN SOA masterdns.zoom.com. root.zoom.com. (

42 ; serial (d.

adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS masterdns.zoom.com.

IN NS slavedns.zoom.com.

masterdns IN A 192.168.0.1

slave IN A 192.168.0.2

nfs IN A 192.168.0.10

ftp IN A 192.168.0.11

smb IN A 192.168.0.12

mail IN A 192.168.0.15

zoom.com IN MX 4 mail

web IN A 192.168.0.20

www IN CNAME web

sales1 IN A 192.168.0.21

mark1 IN A 192.168.0.22

adm1 IN A 192.168.0.23

:wq!

[root@masterdns named]#

72

EDIT THE REVERESE ZONE FILE

[root@masterdns named]# vi zoom.rev

$TTL 86400

@ IN SOA masterdns.zoom.com. root.zoom.com. (

1997022700 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS masterdns.zoom.com.

IN NS slavedns.zoom.com.

1 IN PTR masterdns.zoom.com.

2 IN PTR slavedns.zoom.com.

10 IN PTR nfs.zoom.com.

11 IN PTR ftp.zoom.com.

12 IN PTR smb.zoom.com.

15 IN PTR mail.zoom.com.

20 IN PTR web.zoom.com.

21 IN PTR sales1.zoom.com.

22 IN PTR mark1.zoom.com.

23 IN PTR adm1.zoom.com.

:wq!

[root@masterdns named]#

Step 5 ) Check Syntax errors of Configuration file & Zone file

# To check configuration file syntax errors

[root@localhost ~]# named-checkconf /etc/named.caching-nameserver.conf

[root@localhost ~]# named-checkconf /etc/named.rfc1912.zones

# To check ZONE file syntax errors

[root@localhost ~]# named-checkzone zoom.com

/var/named/chroot/var/named/zoom.for

[root@localhost ~]# named-checkzone zoom.com

/var/named/chroot/var/named/zoom.rev

Step 6 ) START THE SERVICES

[root@masterdns named]# service named restart

73

Step 7 ) Provide the IP OF Master DNS

[root@masterdns named]# vi /etc/resolv.conf

nameserver 192.168.0.1

:wq!

Step 8) Check the resolution

[root@masterdns named]# dig masterdns.zoom.com

[root@masterdns named]# dig slavedns.zoom.com

[root@masterdns named]# dig nfs.zoom.com

[root@masterdns named]# dig sales1.zoom.com

[root@masterdns named]# dig -x 192.168.0.1



74

CONFIGURATION OF SLAVE DNS







NETWORKING=yes

HOSTNAME=slavedns.zoom.com

:wq!



192.168.0.2 slavedns.zoom.com slavedns

:wq!

[root@client ~]# hostname slavedns.zoom.com


slavedns.zoom.com



[root@slavedns ~]# rpm -qa | egrep -i "bind|caching"

Or

[root@slavedns ~]# yum list installed | egrep -i "bind|caching"

[root@slavedns ~]# yum remove bind* caching*

[root@slavedns ~]# rm /etc/named*

[root@slavedns ~]# rm -rf /var/named*


[root@slavedns ~]# yum install bind* cach*

75

Step 3a) Edit MAIN CONFIGURATION FILE

[root@slavedns ~]# vi named.caching-nameserver.conf

listen-on port 53 { 127.0.0.1; 192.168.0.2; }; ## line no 15

allow-query { localhost; 192.168.0.0/24; }; ## line no 23

match-clients { localhost; 192.168.0.0/24; }; ## line no 32

:wq!

Step 3b) Edit Main Configuration File 2

[root@slavedns ~]# vi /etc/named.rfc1912.zones

zone "zoom.com" IN {

type slave;

file "slaves/fzoom";

masters { 192.168.0.1; }; ## Master DNS IP

};


type slave;

file "slaves/rzoom";

masters { 192.168.0.1; }; ## Master DNS IP

};

:wq!

[root@slavedns ~]# cd /var/named/chroot/var/named/slaves

[root@slavedns slaves]# ls

[root@slavedns slaves]# service named restart

After starting the service automatically the zone files will be

replicated at the slave side from master.

[root@slavedns slaves]# ls

fzoom rzoom

[root@slavedns etc]# vi /etc/resolv.conf

# Only provide Slaves DNS IP


[root@slavedns ~]# service named restart

[root@slavedns ~]# dig slavedns.zoom.com

[root@slavedns ~]# dig masterdns.zoom.com

Note : Add an entry in forward zone file at master side and increase

serial number then start service

Check the updates at slave dns

76


Provide the IP of DNS in following file

Note : /etc/resolv.conf supports maximun 3 DNS entries

[root@client ~]# vi /etc/resolv.conf



:wq!

[root@client]# dig masterdns.zoom.com

[root@client]# dig slavedns.zoom.com

[root@client]# dig nfs.zoom.com

[root@client]# dig sales1.zoom.com

[root@client]# dig -x 192.168.0.1



[root@client]# ping masterdns.zoom.com

[root@client]# ping slavedns.zoom.com

77

Configuring APACHE WEB Server ( Apache )

Part One

Configuring a Single Site with www.zoom.com name at IP 192.168.0.X

Step 1) Host Entries

To Check the web server running at Server machine add the entry in

/etc/hosts file

[root@web ~]# vi /etc/hosts


192.168.0.X www.zoom.com

:wq!

Step 2 ) CHECK & INSTALL PACKAGES

[root@station4 ~]# rpm -qa | grep httpd

or

[root@station4 ~]# yum list installed | grep httpd

[root@station4 ~]# yum remove httpd* -y

Method 1 :

Installing through rpm

[root@station4 ~]# mkdir /mnt

[root@station4 ~]# mount 192.168.0.250:/var/ftp/pub/Server /mnt

[root@station4 ~]# mount

[root@station4 ~]# cd /mnt

[root@station4 mnt]# ls

[root@station4 mnt]# rpm -ivh httpd* --force

Method 2 :


[root@station4 pkgs]# yum install httpd* -y


[root@web ~]# vi /etc/httpd/conf/httpd.conf

ServerAdmin [email protected] ## 250 recives mail generated by apache

server

ServerName www.zoom.com:80 ## 264 name of web sit

DocumentRoot "/var/www/html" ## 280 web pages folder

DirectoryIndex zoom.html ## 390 index or home pages

:wq!

78

Step 4 ) Create the resource

Create index or home html file in DocumentRoot folder i.e

/var/www/html

[root@web ~]# cd /var/www/html

[root@web ~]# vi zoom.html

<html>

<body bgcolor=yellow>

<marquee> <h1> THIS IS ZOOM TECHNOLOGIES </h1></marquee>

<h6> THIS IS ZOOM TECHNOLOGIES </h6>

</body>

</html>

Step 5) START THE SERVICE

[root@web ~]# service httpd restart

Step 6 ) Open the Browser & type

http://www.zoom.com

or

http://192.168.0.X

79

Part TWO

Configuring a Multiple Site i.e Virtual Hosting

We are going to host four sites

www.zoom.com ,www.yahoo.com, www.google.com,

www.rediff.com

1) NameBased : multiple site on single on IP 192.168.0.X1

www.zoom.com ,www.yahoo.com, www.google.com

2) Port Based: www.google.com at port 5000

3) IP BASED : 192.168.0.X2

Step 1) Host Entries

To Check the web server running at Server machine add the entry

/etc/hosts file

[root@web ~]# ifconfig

Assigning default IP

[root@web ~]# netconfig

Assigning a Virtual IP

[root@web ~]# netconfig --device eth0:1

[ ] Use dynamic IP configuration (BOOTP/DHCP)

IP address: 192.168.0.X2_____

Netmask: 255.255.255.0___

Default gateway (IP): 192.168.0.254___

Primary nameserver: 192.168.0.1_____

OK Back

[root@web ~]# service network restart

[root@web ~]# ifconfig

[root@web ~]# vi /etc/hosts


192.168.0.X1 www.zoom.com

192.168.0.X1 www.yahoo.com

192.168.0.X1 www.google.com

192.168.0.X2 www.rediff.com

:wq!

Step 2 ) Repeat the Step 2 Part 1

80


[root@web ~]# vi /etc/httpd/conf/httpd.conf

############ NAME BASED ######################

NameVirtualHost 192.168.0.X1:80

<VirtualHost 192.168.0.X1:80>

ServerAdmin [email protected]

DocumentRoot /var/www/html/zoom

ServerName www.zoom.com

DirectoryIndex zoom.html

</VirtualHost>



DocumentRoot /var/www/html/yahoo

ServerName www.yahoo.com

DirectoryIndex yahoo.html

</VirtualHost>

############ PORT BASED ######################

Listen 5000

<VirtualHost 192.168.0.X1:5000>


DocumentRoot /var/www/html/google

ServerName www.google.com

DirectoryIndex google.html

</VirtualHost>

############ NAME BASED ######################

############ IP BASED ######################



DocumentRoot /var/www/html/rediff

ServerName www.rediff.com

DirectoryIndex rediff.html

</VirtualHost>

########## To authenticate Web server i.e asking username & password

for www.yahoo.com ##########

<Directory /var/www.html/yahoo>

AuthName "zoomauth"

AuthUserFile /etc/httpd/conf/htpasswd

AuthType Basic

Require valid-user

</Directory>

:wq!

http://www.yahoo.com/

81

Step 4 ) Create the resource

Create DocumentRoot folder for each site

[root@web ~]# cd /var/www/html

[root@web ~]# mkdir zoom yahoo google rediff

Create index or home html file respective DocumentRoot folder

Similar to Step 4 part one

Step 5 ) Create a user & provide web password to access www.yahoo.com

site

[root@web ~]# useradd tom

[root@web ~]# htpasswd -c /etc/httpd/conf/htpasswd tom

Step 6) START THE SERVICES

[root@web ~]# service httpd restart


http://www.zoom.com

http://www.yahoo.com

http://www.google.com:5000

http://192.168.0.X2

Client Side Configurtion

Step 1 ) Provide the ip of DNS


http://www.zoom.com

http://www.yahoo.com

http://www.google.com:5000

http://192.168.0.X2

82

Configuration of PROXY SERVER

It is used to share the internet from one machine to several clients

Current Proxy server IP is 192.168.0.20

GateWay 192.168.0.254

DNS 200.200.200.200

Step 1a ): CHECK IP & HOST ENTRIES



[ ] Use dynamic IP configuration (BOOTP/DHCP)

IP address: 192.168.0.20

Netmask: 255.255.255.0

Default gateway (IP): 192.168.0.254

Primary nameserver: 200.200.200.200

OK Back



[root@client ~]# route -nv # Check Gateway IP

[root@client ~]# cat /etc/resolv.conf # Check DNS IP


NETWORKING=yes

HOSTNAME=proxy.zoom.com

:wq!



192.168.0.20 proxy.zoom.com proxy

:wq!

[root@client ~]# hostname proxy.zoom.com


proxy.zoom.com


Step 1b) Now Open the Browser & Check Internet is comming on Proxy

Server

83


[root@proxy ~]# rpm -qa squid*

or

[root@proxy ~]# yum list installed squid*

[root@proxy ~]# yum remove squid* -y


[root@proxy ~]# yum install squid* -y

Step 3) Edit Main Configuration File

[root@proxy ~]# vi /etc/squid/squid.conf

# I) To Configure squid as only Simple Proxy i.e Only For sharing

73 http_port 3128

2831 visible_hostname ZOOMPROXY

# II) To Configure squid as Caching Proxy i.e caching website in local

harddisk

993 cache_dir ufs /var/spool/squid 100 16 256

# III) To Configure squid as Proxy FireWall

# syntax for the firewall rule

# acl aclname acltype string1/file_name

2517 # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

2518

####################################################################

2519

2520 #create a rule for particular network

2521

2522 acl zoomlinuxnetwork src 192.168.0.0/24

2523

2524 #create a rule for blocking particular site say www.naukri.com

2525

2526 acl jobsite url_regex www.naukri.com

2527

2528 #create a rule for time duration

2529

2530 acl classtime time S M T W H F A

18:30-22:30

2531

2532 # http_access allow all

2533 http_access deny jobsite

2534 http_access deny classtime

2535 http_access allow zoomlinuxnetwork

2536

####################################################################

:wq!

84

Step 4) START THE SERVICE

[root@proxy ~]# service squid restart


For proxy any Browser is a client i.e a client can be on server or any

other machine.

1) If a client is Firefox

Open Firefox

-> Edit

-> Preference

-> General

-> Connection Setting

->Manual Proxy configuration

->HTTP Proxy 192.168.0.X

Port 3128

Where X is the proxy servers IP

Now type the website names in locationbar

2) If a client is Internet Explorer

Open Internet Explorer

Tools

->Internet Options

->Connections

-> LAN Setting

->Proxy Server

-> Address 192.168.0.X

Port 3128

85

Configuration of MAIL Server

Mail server name is mail.zoom.com whose IP is 192.168.0.20







NETWORKING=yes

HOSTNAME=mail.zoom.com

:wq!



192.168.0.20 mail.zoom.com mail

:wq!

[root@client ~]# hostname mail.zoom.com


mail.zoom.com



[root@mail ~]# rpm -qa | egrep -i "sendmail|m4"

or

[root@mail ~]# yum list installed | egrep -i "sendmail|m4"

[root@mail ~]# yum remove sendmail* m4* -y

[root@mail ~]# rm -r /etc/mail*


[root@mail ~]# yum install sendmail* m4* -y

86


[root@mail ~]# vi /etc/mail/sendmail.mc

116 dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

155 LOCAL_DOMAIN(`mail.zoom.com')dnl

:wq!

Step 4) Compile the file

[root@mail ~]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

Step 5 ) Start the service

[root@mail ~]# service sendmail restart

Step 6 ) Create users & test the mail at command prompt by mail client

utility.

[root@mail ~]# useradd tom

[root@mail ~]# useradd joy

[root@mail ~]# passwd tom

[root@mail ~]# passwd joy

Switch to a user tom and sendmail a mail to joy

[root@mail ~]# su - tom

[tom@mail ~]$ mail [email protected]

Subject: test mail from tom

he hello

test mail from tom

mail test 1

. ## New row first column type dot (.) To end the

message

Cc: [email protected]

[tom@mail ~]$

[tom@mail ~]$ exit

mailto:[email protected]

87

Switch to a user joy & check the mails

[root@mail ~]# su - joy

[joy@mail ~]$

Type mail and see the output as below

[joy@mail ~]$ mail

Mail version 8.1 6/6/93. Type ? for help.

"/var/spool/mail/joy": 1 message 1 new

>N 1 [email protected] Sat Jul 12 04:54 19/601 "test mail from

tom"

& 1

Message 1:

From [email protected] Sat Jul 12 04:54:18 2008

Date: Sat, 12 Jul 2008 04:51:38 -0400

From: [email protected]

To: [email protected]

Subject: test mail from tom

Cc: [email protected]

he hello

test mail from tom

mail test 1

& x

You have mail in /var/spool/mail/joy

[joy@mail ~]$ exit

88

Configuration of Squirrelmail

Squirrelmail is used to integrate sendmail with front end interface so

that a user can logging through browser.

Install all require packages for squirrelmail along with there

dependency.

[root@mail ~]# yum install httpd* perl-5* php* curl* dovecot* cyrus*

squirrelmail* -y

NOTE : If some packages files are missing it is better to reinstall the

packages by rpm command forcefully.

[root@mail ~]# mount 192.168.0.250:/var/ftp/pub/Server /mnt

[root@mail ~]# mount

[root@mail ~]# cd /mnt

[root@mail mnt]# ls

[root@mail mnt]# rpm -ivh httpd* perl-5* php* curl* dovecot* cyrus*

squirrelmail* --force

[root@mail ~]# service sendmail restart

[root@mail ~]# service httpd restart

[root@mail ~]# service dovecot restart

Or

[root@mail ~]# service cyrus-imapd restart

[root@mail ~]# service saslauthd restart

CLIENT SIDE CONFIGURATION

Step 1)

Provide the IP OF DNS.

[root@mail ~]# vi /etc/resolv.conf

nameserver 192.168.0.X

:wq!

Step 2)

Open the Browser and provide the following url.

http://mail.zoom.com/webmail

or

http://<ip_mailserver/webmail>

Provide UserName & Password

Name testuser

Password testuser

89

Configuration of NIS (Network Information Service)

Current NIS server IP is 192.168.0.20







NETWORKING=yes

HOSTNAME=nisserver.zoom.com

NISDOMAIN=zoom.com

:wq!



192.168.0.20 nisserver.zoom.com nisserver

:wq!

[root@client ~]# nisdomainname zoom.com

[root@client ~]# hostname nisserver.zoom.com


nisserver.zoom.com



[root@nisserver ~]# rpm -qa yp*

or

[root@nisserver ~]# yum list installed yp*

[root@nisserver ~]# yum remove yp* -y

[root@nisserver ~]# rm -r /var/yp*


[root@nisserver ~]# yum install yp* -y

90


[root@station9 ~]# vi /var/yp/Makefile

NOPUSH=true ## 23

all: passwd group hosts \ ## 109

:wq!

Step 4 ) Start the service

[root@station9 ~]# service ypserv restart

Step 5 ) Create NIS maps i.e NIS database

[root@station9 ~]# /usr/lib/yp/ypinit -m ## -m -->

master

NOTE : NIS database is stored in /var/yp

Step 6 ) Start the service so that NIS database get's Activated

[root@station9 ~]# service yppasswdd restart

Step 7) Create new users

[root@station9 ~]# useradd tom

[root@station9 ~]# useradd joy

[root@station9 ~]# passwd tom

[root@station9 ~]# passwd joy

Step 8)

If a new user/group/password's are created or modified, then the NIS

database has to be manually updated.

NOTE : Go to /var/yp & run a command make

[root@station9 ~]# cd /var/yp

[root@station9 ~]# ls

[root@station9 ~]# make

Step 9)

NOTE : If a database contents are modified then again restart services

[root@station9 ~]# service ypserv restart

[root@station9 ~]# service yppasswdd restart

91

Configuration of NFS with NIS

[root@nisserver ~]# yum install nfs* -y

[root@nisserver ~]# vi /etc/exports

/home 192.168.0.0/24(rw,sync)

:wq!

[root@nisserver ~]# service nfs restart

[root@nisserver ~]# showmount -e 192.168.0.X ## X is NFS

servers IP








NETWORKING=yes

HOSTNAME=nisclient.zoom.com

NISDOMAIN=zoom.com

:wq!



192.168.0.1 nisclient.zoom.com nisclient

:wq!

[root@client ~]# nisdomainname zoom.com

[root@client ~]# hostname nisclient.zoom.com


nisclient.zoom.com


92

Step 2 ) Make the client Machine as Member of NIS-Server

[root@station20 ~]# authconfig-tui

Select [*] Use NIS

[ OK ]

Select

Domain => India.com

Server => 192.168.0.100

[root@station20 ~]# ypwhich

[root@station20 ~]# mount 192.168.0.20:/home /home

nisserver.zoom.com

[root@station20 ~]#

Now log in as a NIS server user

[root@station20 ~]# su - tom

[tom@station20 ~]$

93

Configuration of DHCP SERVER


[root@dhcpserver ~]# rpm -qa dhcp-*

or

[root@dhcpserver ~]# yum list installed dhcp-*

[root@dhcpserver ~]# yum remove dhcp-* -y


[root@dhcpserver ~]# yum install dhcp-* -y

Step 2) copy the example file in configurartion file

[root@dhcpserver ~]# CP /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample

/etc/dhcpd.conf


[root@dhcpserver ~]# vi /etc/dhcpd.conf

4 subnet 192.168.0.0 netmask 255.255.255.0 { # Network ID

7 option routers 192.168.0.254; # GateWay or

Router IP

8 option subnet-mask 255.255.255.0;

10 option nis-domain "zoom.com"; # NIS DOMAIN

11 option domain-name "zoom.com"; # DNS DOMAIN

12 option domain-name-servers 192.168.0.1; # DNS IP

21 range dynamic-bootp 192.168.0.150 192.168.0.170; # Pool of IP

31 host nfs { # reservation of

IP

32 option host-name "nfs.zoom.com"; # OR

33 hardware ethernet aa:ab:56:78:AB:CD; # Mac binding

34 fixed-address 192.168.0.10;

35 }

36 host smb {

37 option host-name "smb.zoom.com";

38 hardware ethernet ad:ab:56:78:AB:CD;

39 fixed-address 192.168.0.15;

40 }

41 }

:wq

Step 4 ) START THE SERVICES

[root@dhcpserver ~]# service dhcpd restart

94


Step 1) Select the Dhcp in netconfig command


Select

[*] Use dynamic IP Configuration ( BOOTP/DHCP)

Step 2) START THE SERVICES


Step 3 ) Now Check wheather all the Entries are comming

[root@client ~]# ifconfig # to now IP

[root@client ~]# route -nv # to check GateWay

[root@client ~]# cat /etc/resolv.conf # to check DNS entries

[root@client ~]# nisdomainname # to check NisDomainName


NOTE : Host name will not come the /etc/sysconfig/network file should

have following entries ONLY


NETWORKING=yes

:wq!

Reboot the machine and check the entries

95

Troubleshooting

To Recover Root Password

Restart the PC while restarting press any key to get Grub Screen.

press 'e'

Select kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/1 kernel /

Again press 'e' to edit

Edit kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/1 '1'

press enter

press b to boot

At shell prompt type the commands

sh-3.00# passwd

2 )Assinging Grub Password

[root@server ~]# grub-md5-crypt >> /boot/grub/grub.conf

type the passwd ## these two entries will be not visible

Retype the passwd

[root@server ~]# vi /boot/grub/grub.conf

hiddenmenu

password --md5 < encryptedpasswd > ## Add this line

here

title Linux Server (2.6.18-8.el5)

:wq

3) Recovering Root or Grub password if both are forgotten

Boot from Bootable linux CD and type

boot : linux rescue

select keyboard-> select language ->select networking Y/N

sh-3.00# chroot /mnt/sysimage

sh-3.00# mount

sh-3.00# passwd # to remove root passwd

To remove GRUB password remove the encrypted password line from

/etc/grub/grub.conf

sh-3.00#

96

To Configure printer

[root@server ~]# system-config-priter &

To configure Modem

[root@server ~]# system-config-network &

Select Modem -> then type telephone number of the ISP provider

-> ISP name -> then username & password

To check or kill certain process ID's

[root@server ~]# ps -aux

[root@server ~]# kill <number of proccess>

[root@server ~]# kill -9 <number of process >

[root@server ~]# kill -9 <number of process > To Kill

forcefully

[root@server ~]# system-config-priter &

[root@server ~]# system-config-network &

[root@server ~]# ps -aux

[root@server ~]# kill <number of proccess>

[root@server ~]# kill -9 <number of process > To Kill

forcefully

To see the cpu & process status

[root@server ~]# top

To see the open port number

[root@server ~]# netstat -ant

To see the remote machine open port number

[root@server ~]# nmap <remote_IP>

To view how long the system is running

[root@server ~]# uptime

To view Process, Resources and File systems

[root@server ~]# gnome-system-monitor

To dump the traffic on the network

97

[root@server ~]# tcpdump -i eth0

To display or change Ethernet card settings

[root@server ~]# ethtool eth0

To view the traffic to the Ethernet card

[root@server ~]# iptraf

To Report RPC Information

[root@server ~]# rpcinfo -p

98

Configuration OF Webmin

Webmin is a GUI based tool to configure Linux System & Network

Administration

Download the file from internet or copy from any source media in side

/opt directory

[root@server ~]# cd /opt


webmin-1.360.tar.gz

[root@server opt]# tar -xvzf webmin-1.360.tar.gz


webmin-1.360 webmin-1.360.tar.gz

[root@server opt]# cd webmin-1.360


[root@server opt]# ./setup.sh

1) Select the default options & provide your web admin password

2) Open the Browser

[root@server opt]# firefox http://localhost:10000 &

provide username & password and start configuration in GUI

Mode

To Change the admin passwd after webmin installation

[root@server opt]# cd webmin-1.360

[root@server webmin-1.360]# ./changepass.pl /etc/webmin/ admin admin

TO UNINSTALL WEBMIN

[root@server opt]# sh /etc/webmin/uninstall.sh

99

Configuration Of Kickstart File

Kickstart file is used to install the OS at client machine without

Providing the Entries which are asked during Installation.

Kickstart File should be available on the machine where the copy of O/S

DVD or CD is stored.

In our scenario the kickstart file is on machine 192.168.0.100 and copy

of CD or DVD is inside /var/ftp/pub

Step 1)

Copy all *.rpms from DVD/CD's in a folder /var/ftp/pub/Server/

Step 2)

Configure your machine as NFS,FTP & DHCP

Copy all rpms from DVD/CD's in a folder /var/ftp/pub/Server

[root@server ~]# yum install nfs* vsftpd* dhcpd* *kickstart* -y

[root@server ~]# vi /etc/exports

/var/ftp/pub 192.168.0.0/24(ro,async)

:wq!

[root@server ~]# service nfs restart

[root@server ~]# service vsftpd restart

[root@server ~]# service dhcpd restart

[root@server ~]# chkconfig nfs on

[root@server ~]# chkconfig vsftpd on

[root@server ~]# chkconfig dhcpd on

Step 3) Create the Kickstart File by using the following command.

[root@server ~]# system-config-kickstart &

Kickstart wizard will be opened then select the following options

Basic Configuration

Default Language => English (USA)

Keyboard => U.S english

Time Zone => Asia/Calcutta

Root Password => abc123

Confirm Password => abc123

Installation Method

Perform new installation

100

Select the install method

Ftp

ftp Server => 192.168.0.250

Ftp Directory => /pub

Or

Nfs

Nfs Server => 192.168.0.100

Nfs Directory => /var/ftp/pub

Boot Loader Option

Install new boot loader

Partition information

Create the required partition

/boot = 100 MB

/ = 2000 MB

/usr = 4000 MB

/var = 1000 MB

/home = 1000 Mb

swap = Double of RAm

Network Configuration

Select DHCP

Authentication

* Use shadow Passwords

* Use Md5

Firewall Configuration

Select Security Level => Disable firewall

Select SeLinux => Disable

Display Configuration

Select Configuration the X windows System

Color Depth = 24 Resolution 1024x768

Package Selection ( Select the following entries )

Desktop Environment

Gnome Desktop

Application

Editors

Graphical Internet

Text-based Internet

Base System

Select All packages

Save the file at /var/ftp/pub where the of linux o/s is copied.

And give the the name as

ksftp.cfg

or

ksnfs.cfg

Step 4 ) Go to /var/ftp/pub and give execute permission to kickstart

file

[root@server ~]# cd /var/ftp/pub

[root@server ~]# chmod +x *.cfg

101

Client Side configuration

Step 1)

Set the BIOS first Bootable Device as CDROM.

Step 2)

Take Linux RHEL5 Bootable CD and Boot.

Step 3)

Now at the Boot prompt Type following Commands.

boot : linux ks=nfs:192.168.0.X:/var/ftp/pub/ksn.cfg

OR

boot : linux ks=ftp://192.168.0.X/pub/ksf.cfg

Step 4 )

Once the installation Starts Remove the Bootable CD/DVD.

102

Configuration of iptables (Linux Firewalls)

Step 1) Check & Install the package

[root@firewall ~]# rpm –qa iptables*

OR

[root@firewall ~]# yum list installed iptables*

[root@firewall ~]# yum remove iptables* -y

[root@firewall ~]# yum install iptables* -y

Step 2 ) Start the Services

[root@firewall ~]# service iptables restart

To see the list of Rules in Filter Chain

[root@firewall ~]# iptables -L

Step 3 ) Create the Rules of filter Table

Note : All key words are Case Sensitive

To block the ping from system 192.168.0.23 to 192.168.0.24

[root@firewall ~]# iptables -I INPUT -p icmp -s 192.168.0.23 -d

192.168.0.24 -j REJECT

Note : REJECT will give the Acknowledgement

[root@firewall ~]# iptables -L

[root@client1 ~]# ping 192.168.0.24

PING 192.168.0.24 (192.168.0.24) 56(84) bytes of data.

From 192.168.0.24 icmp_seq=1 Destination Port Unreachable



[root@firewall ~]# iptables -I INPUT -p icmp -s 192.168.0.23 -d

192.168.0.24 -j DROP

Note : DROP will not give the Acknowledgement

[root@client1 ~]# ping 192.168.0.24

PING 192.168.0.24 (192.168.0.24) 56(84) bytes of data.

[root@firewall ~]# iptables -F

103

[root@client23 ~]# ftp 192.168.0.24

Connected to 192.168.0.24.

220 (vsFTPd 2.0.5)

530 Please login with USER and PASS.

530 Please login with USER and PASS.

KERBEROS_V4 rejected as an authentication type

Name (192.168.0.24:root): ftp

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (192,168,0,24,187,117)

150 Here comes the directory listing.

drwxr-xr-x 2 0 0 4096 Jan 17 2007 pub

226 Directory send OK.

ftp> bye

221 Goodbye.

To block the ftp client from system 192.168.0.23 to ftp server

192.168.0.24

[root@firewall ~]# iptables -I INPUT -p tcp -s 192.168.0.23 -d

192.168.0.24 --dport 21 -j REJECT

[root@client23 ~]# ftp 192.168.0.24

ftp: connect: Connection refused

ftp> ls

Not connected.

ftp>

104

SELinux

The /etc/selinux/config stores the status of SELinux.

[root@ selinux ~]# vi /etc/selinux/config

To get the status of SELinux use getenforce.

[root@selinux ~]# getenforce

Enforcing

To change the status of SELinux use setenforce

[root@selinux ~]# setenforce

usage: setenforce [ Enforcing | Permissive | 1 | 0 ]

[root@selinux ~]# setenforce Permissive

[root@selinux ~]# getenforce

Permissive

To view all the booleans

[root@selinux ~]# getsebool -a

To set a Booleans value

[root@selinux ~]# setsebool -P allow_ftpd_anon_write 1

-P overrides defaults.

[root@selinux ~]# getsebool -a |grep allow_ftpd_anon_write

allow_ftpd_anon_write --> on

[root@selinux ~]# setsebool -P allow_ftpd_anon_write 0

[root@selinux ~]# getsebool -a |grep allow_ftpd_anon_write

allow_ftpd_anon_write --> off

Restart the system to relable the filesystem

The selinux filesystem is in /selinux

Enabling or disabling selinux at boot time

In kernel line while booting pass parameter

selinux=0 – disable

selinux=1 – enable

105

Checking the logs of denied programs

#sealert –b

Checking the status of curent policy

#seinfo

Managing selinux graphically

#system-config-selinux

106

Configuration of Virtualization Server

[root@virtualserver ~]# yum install xen* virt-manager* kernel-xen* -y

Note: Restart the machine and boot from Xen kernel option from the GRUB

screen.

[root@virtualserver ~]# virt-manager &

Select Xen host

Domain-0 Will be displayed on screen

Creating a new virtual system

forward

Naming your virtual system

System Name => vm1

Choosing a virtual method

( select ) paravirtualized

Or

Full virtualization

Provide the path for installation server or media path

Install Media => ftp://192.168.0.250/pub

forward

Kickstart URL => ftp://192.168.0.250/pub/ksftp.cfg

Select the storage space

Partition => /dev/hda12

forward

Allocate memory and Cpu

VM Max Memory (MB) => 200

VM Startup Memory (MB) => 200

Please enter the number of virtual CPU's this VM

VCPUs => 2

Read the Summary if correct procceed or repeat

finish

Choose the password for new keyring

Now the intallation will start & u will get the boot

screen

After Installation Start the Virtual machine.

Note: To start the virtual machine execute the

following command.

[root@virtualserver ~]# xm create vm1

107

Using config file "/etc/xen/vm1".

Going to boot Linux Server (2.6.18-8.el5xen)

kernel: /vmlinuz-2.6.18-8.el5xen

initrd: /initrd-2.6.18-8.el5xen.img

Started domain vm1

[root@virtualserver ~]# virt-manager &

[root@virtualserver ~]# xm shutdown vm1

108

Lightweight Directory Access Protocol

1). LDAP INTRODUCTION & CONFIGURATION :

LDAP was originally used as the backbone of Microsoft's Active

Directory Service and Novell's Novell Directory Services (NDS)

products. LDAP can also interact with other login programs, such as

Remote Authentication Dial-in User Service (RADIUS), which the network

equipment of many ISPs uses to manage dialup Internet access.

It was later recognized that LDAP had features that could make it

a desirable replacement for NIS in some scenarios. For example, it uses

a single TCP port (389) for regular communication and another port

(636) for encrypted transactions. LDAP also can interact with many

login authentication, authorization, and accounting programs external

to Linux and UNIX.

The LDAP Directory Structure

LDAP directory entries are arranged in a tree structure. Under

the root, there are branches that represent countries, organizations,

organizational units, and people.

2). Scenario

These concepts are easier to explain when working from an example, so

imagine the IT department in a small organization called zoom.com has

many Linux servers it needs to administer.

* The company wants a simple, secure, centralized login scheme for

all of the servers.

* It has decided to use the LDAP domain example.com for its LDAP

database, in which one domain component (DC) will be zoom, and the

other will be com.

* The database will have only one organizational unit simply called

People, which is the LDAP default.

* Each person will have such attributes as a username (User ID or

UID), password, Linux home directory, and login shell.

* The Linux server named ldapserverzoom with the IP address

192.168.0.100 will act as the LDAP server containing the database.

* The Linux server named sales1 will be used to test the system as

the LDAP client and has the IP address 192.168.0.102.

* Server ldapserverzoom has a special user account named ldapuser

that will be used to test the LDAP logins.

3) Installing The LDAP Packages

# yum install *ldap* -y

4)Create a database directory

# mkdir /var/lib/ldap/zoom.com

# chown ldap:ldap /var/lib/ldap/zoom.com

109

5) Create an LDAP "root" password

# slappasswd

6) Create some users & assign passwords

7) EDIT THE MAIN CONFIGURATION FILE

# vi /etc/openldap/slapd.conf

database bdb

suffix "dc=zoom,dc=com"

rootdn "cn=Manager,dc=zoom,dc=com"

rootpw <paste the password generated by slpasswd

command>

directory /var/lib/ldap/zoom.com

:wq!

8) Create Your LDAP Database

#vi /usr/share/openldap/migration/migrate_common.ph

:%s/padl/zoom/g

:wq!

9) Copy the DB_CONFIG.example starter file to your ldap database

directory of /var/lib/ldap/ zoom.com.

# cp -p /etc/openldap/DB_CONFIG.example

/var/lib/ldap/zoom.com/DB_CONFIG

10) . Migrate your system authentication files using the

migrate_all_offline.sh script that should reside in the same directory

as the migrate_common.ph file.

# /usr/share/openldap/migration/migrate_all_offline.sh

11) LDAP wonâ€™t start unless the files in the database directory are

owned by the ldap user. Use the chown command to do this.

# chown -R ldap:ldap /var/lib/ldap/zoom.com

12. Start LDAP Service.

# service ldap start

# chkconfig ldap on

You are ready to go! The database has been created.

13) Test the LDAP database

# ldapsearch -x -b 'dc=zoom,dc=com' '(objectclass=*)'

110

LDAP PART 2 LDAP GUI Management Tools

Step 1 ) download phpldapadmin-1.1.0.5.tar.gz packages

Step 2 ) copy inside /var/www/html & extract

# tar -xvzf phpldapadmin-1.1.0.5.tar.gz

Step 3 ) Install httpd packages

# yum install httpd* -y

# vi /etc/httpd/conf/httpd.conf

# change Document Root Path

DocumentRoot "/var/www/html/phpldapadmin-1.1.0.5"

Go line no 390 there give in Directoryindex index.php

:wq!

Step 4)

# cd /var/www/html/phpldapadmin-1.1.0.5/config

# cp -p config.php.example config.php

Step 5)

# vi /etc/pgp.ini

:/16M replace with 120M

:wq!

Step 6 )

service httpd restart

Step 7 )

Open the browser

http://localhost

See screen shot ldap1.png

ldap2.png

111

Configuring The LDAP Client

Now that the LDAP server is configured properly, you can turn your

attention to configuring and testing the clients.

Edit the ldap.conf configuration file

LDAP clients are configured using the /etc/openldap/ldap.conf file. You

need to make sure that the file refers to the LDAP server's IP address

for the zoom.com. The file should look like this:

# vi /etc/openldap/ldap.conf

HOST 192.168.1.100

BASE dc=example,dc=com

:wq!

mount the home folder which is been exported from ldapserverzoom

# mount 192.168.0.100:/home /home

112

Comparison Between Fedora and Ubuntu Linux.

It is easy to apply your existing knowledge of Fedora to Ubuntu. The key

differences between them are covered in this article.

Operating System Fedora Ubuntu

Minimum Hardware

Requirement

i386, ppc, x86_64, Sparc (via

Aurora Project), alpha (via

AlphaCore)

AMD64, i386

Supported architecture For text mode: 200 MHz

Pentium-class, 64MB RAM,

620MB HDD

For graphical mode: 400 MHz


620MB HDD

For text-mode: 192 MB RAM,

450 MB hard drive

For graphical-mode: 256 MB

RAM, preferable at least 2 GB

HDD

Basic Commands & Vi

Same Same

User & group

Administration

useradd, usermod, userdel,

groupadd, groupmod,

groupdel

User’s & Group database

File

/etc/passwd

/etc/shadow

/etc/group

UPG scheme

Uid=Min_uid and group uid=500

Home_dir=Automatically get‟s

created “/home/username”

Same

Same

UPG scheme

Uid=Min_uid and group

uid=1000

“-m” option is used to

Create user‟s home dir

Same

Same

Basic File Permission

chmod, chown, chgrp

Same

Same

Partition

Default file system

ext2,ext3,vfat,swap

fdisk

Same

Same

http://auroralinux.org/

http://alphacore.info/

113

/etc/fstab

Mount

ACL

Same Same

Quota

Same Same

suid

sgid

Sticky bit

Same Same

Links Same Same

Raid mdadm

Same Same

LVM

Same Same

Backup & Recovery

tar, cpio & dump

Same Same

Package Administration

Repository

Install a package file

Remove a package

Show available packages

List all installed packages

List files in a package file

rpm

Yum

/etc/yum.repo/core

yum install package.rpm

rpm -i package.rpm

rpm -e package_name

yum list available

yum list installed

rpm -qa

rpm -qpl package.rpm

rpm

Apt-get

/etc/apt/source.list

dpkg --install package.deb

apt-get remove package_name

apt-cache dumpavail

dpkg –list

dpkg --contents package.deb

service chkconfig <service>

start/stop/restart

/etc/init.d/<service>

tart/stop/restart

114

Fedora & Ubuntu Network Administration

Fedora Ubuntu

Assigning IP Address

ifconfig

Permanent

Same

netconfig

Same

vi /etc/network/interface

auto eth0

iface eth0 inet dhcp

address 192.168.0.x

netmask 255.255.255.0

gateway 192.168.0.x

:wq

1.NFS Server

1)Required Package

2)Configuration file

3)service

nfs*

/etc/exports

nfs

nfs*

/etc/exports

nfs-kernel-server

2.FTP Server

1)Required Package


3)service

vsftpd*

/etc/vsftpd/vsftpd.conf

vsftpd

vsftpd*

/etc/vsftpd.conf

vsftpd

/home/ftp/pub

3.SAMBA Server

1)Required Package


3)service

samba*

/etc/samba/smb.conf

smb

samba*

/etc/samba/smb.conf

samba

4.DNS Server

1)Required Package


3)service

bind* cach*

/etc/named.caching-

nameserver

/etc/named.rfc1912.zones

/var/named/chroot/var/named

localhost.zone

named.local

named

bind9*

/etc/bind/named.conf

/etc/bind

Db.O

Db.127

bind9

5.Web Server

1)Required Package

httpd*

apache2*

115


3)service

/etc/httpd/conf/httpd.conf

httpd

/etc/apache2/apache2.conf

apache2

6.Mail Server

1)Required Package


3)service

sendmail*

/etc/mail/sendmail.mc

/etc/mail/sendmail.cf

sendmail

postfix*

To configure run command

dpkg-reconfigure postfix

/etc/postfix/main.mc

postfix

7.Squid Server

1)Required Package


3)service

squid*

/etc/squid/squid.conf

squid

squid*


Squid

8.Nis Server

1)Required Package


3)service

yp*

/var/yp/Makefile

Ypserv

yppasswdd

nis*

/var/yp/Makefile

nis

9.DHCP Server

1)Required Package


3)service

dhcp*

/etc/dhcpd.conf

dhcpd

dhcp*

/etc/dhcp3/dhcpd.conf

dhcp3-server

116

Comparison Between Fedora and Suse Linux

System Administration

Apply your existing knowledge of Redhat or Fedora to suse. The key


Operating

System

Fedora Suse Linux

Minimum

Hardware

Requirement

For text mode: 200 MHz


620MB HDD



620MB HDD

For text mode: 200 MHz


620MB HDD



620MB HDD

Supported

architecture

i386, ppc, x86_64, sparc (via

Aurora Project), alpha (via

AlphaCore

i586, x86_64, ppc

Basic Commands

& Vi

Same Same

User & group

Administration

Useradd,usermod,

userdel,groupadd

Groupmod,group

del

User’s & Group

database File

/etc/passwd

/etc/shadow

/etc/group

UPG scheme

Uid=Min_uid and group uid=500

Home_dir=Automatically get‟s

created “/home/username”

Same

Same

General Linux scheme

Min uid & gid starts from

1000

“-m” option is used to

create user‟s home dir

Same

Same

http://auroralinux.org/

http://alphacore.info/

117

Basic File

Permission

chmod, chown,

chgrp

Same

Same

Partition

Default file system

ext2, ext3, vfat,

swap

fdisk

/etc/fstab

Mount

ext3

Same

reiserfs

Same

ACL Same Same

Quota Same Same

suid, sgid

Sticky bit

Same Same

Links Same Same

Raid Same Same

LVM Same Same

Backup &

Recovery

Same Same

Package

Administration

RPM

Same

yum

Same

yast2

118

FEDORA AND SUSE NETWORK ADMINISTRATION

Fedora Suse

Assigning ip Address

ifconfig

Permanent

Same

netconfig

Same

Yast2 lan &

1.NFS Server

1)Required Package


3)service

nfs*

/etc/exports

nfs

nfs*

/etc/exports

nfsserver

2.FTP Server

1)Required Package


3)service

vsftpd*


vsftpd

vsftpd*

/etc/vsftpd.conf

vsftpd

/srv/ftp/pub

3.SAMBA Server

1)Required Package


3)service

samba*

/etc/samba/smb.conf

smb

samba*

/etc/samba/smb.conf

smb

4.DNS Server

1)Required Package


3)service

bind* cach*

/etc/named.caching-

nameserver

/etc/named.rfc1912.zones


localhost.zone

named.local

bind*

/etc/named.conf

/var/lib/named

localhost.zone

127.0.0.zone

5.Web Server

1)Required Package


3)service

httpd*

/etc/httpd/conf/httpd.conf

httpd

apache2*

/etc/apache2/httpd.conf

apache2

6.Mail Server

1)Required Package


3)service

sendmail*



sendmail*

/etc/mail/linux.mc

/etc/sendmail.cf

119

7.Squid Server

1)Required Package


3)service

squid*


squid

squid*


squid

8.NIS Server

1)Required Package


3)service

yp*

/var/yp/Makefile

ypserv

yppasswdd

yp*

/var/yp/Makefile

ypserv

9.DHCP Server

1)Required Package


3)service

dhcp*

/etc/dhcpd.conf

dhcpd

dhcp*

/etc/dhcpd.conf

dhcpd

120

Comparison Between Fedora And Solaris .

SYSTEM ADMINISTRATION

Apply your existing knowledge of Fedora on Solaris. The key


Operating System Fedora Solaris

Basic Command Same Same

User & Group

Administration

„UPG‟ scheme is there

for normal user.

‘UID’ Min_uid=500

„GID‟ Min_gid=500

HOME_DIR

/home/username

General SOE scheme is followed.

„UID‟ Min_uid=100

„GID‟ Min_gid=100

‘-m’ Option is used for

Creating user‟s home directory.

Default Location = /export/home

useradd,usermod & userdel.

groupadd,groupmod &

groupdel.

Same.

Same.

User’s & group’s database

file’s.

/etc/passwd.

/etc/shadow.

/etc/group.

Same.

Same

Basic File Permissions, &

Commands

chown,chmod & chgrp.

Same.

Same.

Partitioning Commands

Default file systems

Permenent mounting file’s

fdisk & parted.

ext2

ext3

vfat & swap.

/etc/fstab

/etc/mtab

Format.

ufs

lofs

hsfs & swap.

/etc/vfstab

/etc/mnttab

121

Mount

Same.

Same.

Acl setfacl.

getfacl

setfacl.

getfacl

Quotas

Commands

Quotacheck, quotaon,

Quotaoff & edquota

Support should be given

while mounting.

Same.

.

Touch a file with „quotas‟

Under the same file system.

Same.

Advanced file permission’s

Sticky bit, SUID, SGID

Same.

Same.

Links

Same. Same.

RAID

mdadm. Metainit

metaattach

metadb &

metadetach.

LVM

Lvm.

growfs & svm

Backup & Restore

tar, cpio

Same.

dump.

Same.

ufsdump.

Package Administration.

Commands.

rpm

yum

Commands.

pkgadd. to install

pgkrm. to remove a package .

pkginfo to get info of packages.

pkgchk. to check the packages

To check & start the

Service’s

chkconfig --list

service named restart

chkconfig named on

ls /etc/init.d

or

svcs

svcadm

enable/disable

svc:/network/dns/server.default

122

Comparision Between Fedora And Solaris

Network Administration

Apply your existing knowledge of Redhat Linux and Solaris.

The key differences between them are covered in this article.

Operating System Fedora Linux Solaris

Assigning ip-address

ifconfig

Database files

/etc/host

Hostname

Same.

Same.

/etc/sysconfig/network

Same.

Same.

/etc/nodenames

1.NFS Server

1)Required Package


3)service

nfs-utils,portmap.

/etc/exports.

nfs & portmap.

Defaulty it comes with ‟SOE‟.

/etc/dfs/dfstab.

/etc/inet.d/nfs.server

2.FTP Server

1)Required Package


3)service

vsftpd


vsftpd

SUNWftpr, SUNWftpu

SUNWftpur

/etc/ftpd/ftpaccess

ftp.default

3.SAMBA Server

1)Required Package


3)service

Samba, samba-common,

samba-client , samba-client

/etc/samba/smb.conf

Smb

SUNWsmbaS, SUNWsmbac

SUNWsmbau, SUNWsmbar

/etc/sfw/smb.conf

samba

4.DNS Server

1)Required Package


Zone files

3)service

bind*

caching*

/etc/named.caching-

nameserver.conf

/etc/named-rfc1912.zones


named

SUNWbind, SUNWbindr

SUNWbindS, SUNWbinutils

SUNWbinutilsS.

/etc/named.conf

/var/named

server.dns

server.client

5.WEB Server

123

1)Required Package


DataBase files

3)service

httpd, httpd-devel, httpd-

manual

/etc/httpd/httpd.conf

/var/www/html

httpd

SUNWapchs, SUNWapchd

SUNWapchr, SUNWapcu

/etc/apache/httpd.conf

/var/apache/htdocs

apache

6.MAIL Server

1)Required Package


3) Service

sendmail, sendmail-devel

sendmail-cf, sendmail-doc



sendmail

Defaultly get installed by

Operating system

/etc/mail/main.mc


sendmail

7.DHCP Server

1)Required Package


3)service

dhcpd, dhcpd-devel

/etc/dhcpd.conf

dhcpd

SUNWdhcm, SUNWdhcsb

SUNWdhcsr, SUNWdhcsu

Gui-Tool

svm & dhcpmgr

dhcp

124

Oracle 10g Installation

Oracle 10g Installation guide for Red Hat Enterprise Linux ES/AS 5 (x86)

Changing the Red Hat Release

As RHEL5 has been released after Oracle 10g was, Oracle 10g does not support

RHEL5 logically. The latest version 10g supports in RHEL4. So we have to get

round it by changing the release configuration file:

echo "rhel4" > /etc/redhat-release

Disk Partitions

100MB ext3 /boot

9GB ext3 /

6GB ext3 /var

6GB ext3 /usr

6GB ext3 /home

1GB Swap Partition

125

The following packages (or higher versions) must be installed

gcc-3.2.3-2 or higher

make-3.79

binutils-2.11

openmotif-2.2.2-16

setarch-1.3-1

compat-db-4.0.14.5

compat-gcc-7.3-2.96.122

compat-gcc-c++-7.3-2.96.122

compat-libstdc++-7.3-2.96.122

compat-libstdc++-devel-7.3-2.96.122

Create the Oracle user and groups

# groupadd oinstall

# groupadd dba

# useradd -g oinstall -G dba oracle

# passwd oracle

Creat Directories

# mkdir -p /u01/app/oracle

# chown -R oracle:oinstall /u01/app/oracle

126

Change the directory permission to 775

# chmod -R 775 /u01/app/oracle

Specify the values in the /etc/sysctl.conf file, they persist when you reboot the system

kernel.shmall = 2097152

kernel.shmmax = 2147483648

kernel.shmmni = 4096

kernel.sem = 250 32000 100 128

fs.file-max = 65536

net.ipv4.ip_local_port_range = 1024 65000

Increase the shell limits

Add the following lines to /etc/security/limits.conf file:

* soft nproc 2047

* hard nproc 16384

* soft nofile 1024

* hard nofile 65536

Add the following line to the file /etc/pam.d/login , if it does not exist:

session required /lib/security/pam_limits.so

127

Add these lines to export path in the file /etc/profile

export ORACLE_BASE=/u01/app/oracle

export ORACLE_SID=dba

export ORACLE_HOME=/u01/app/oracle/product/10.1.0/db_1

export

LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/perl/lib/5.6.1:$ORA

CLE_HOME/ctx/lib

export

PATH=:$ORACLE_HOME/bin:$ORACLE_HOME/perl/bin:$ORACLE_HOME/perl/lib

/5.6.1:$ORACLE_HOME/ldap/odi/bin:$ORACLE_HOME/opmn/bin:$ORACLE_HOM

E/dcm/bin:/usr/local/bin:/usr/openwin/bin:/usr/local/j2sdk1.4.2/bin:$PATH

Now login as oracle user and issue the commands to start installation.

$ ORACLE_BASE=/u01/app/oracle

$ ORACLE_SID=dba

$ export ORACLE_BASE ORACLE_SID

$ unset ORACLE_HOME

$ unset TNS_ADMIN

$ /mnt/cdrom/./runInstaller

128

To enable communication between oracle server and client, sample tnsnames.ors file

# TNSNAMES.ORA Network Configuration File

# Generated by Oracle configuration tools.

zoom =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = station12)(PORT = 1521))

)

(CONNECT_DATA =

(SID = dba)

(SERVER = DEDICATED)

)

)

server1 =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.0.1)(PORT = 1521))

)

(CONNECT_DATA =

(SERVER = DEDICATED)

(SERVICE_NAME = dba2)

)

)

INST1_HTTP =

129

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = station12)(PORT = 1521))

)

(CONNECT_DATA =

(SERVER = SHARED)

(SERVICE_NAME = MODOSE)

(PRESENTATION = http://HRService)

)

)

EXTPROC_CONNECTION_DATA =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))

)

(CONNECT_DATA =

(SID = PLSExtProc)

(PRESENTATION = RO)

)

)

TO AUTOMATE THE LSNRCTL AND ORACLE STARTING

1. Make a script file and write the following code in it.

su -oracle << EOF

130

/u01/app/oracle/product/9.2.0/bin sqlplus /nolog

<< EOF

connect /as sysdba;

startup;

spool off;

EOF

su -oracle << EOF

lsnrctl start << EOF

exit 0

Documents

LINUX DAY WISE SCHEDULE SYSTEM …paavampiller.weebly.com/uploads/1/8/3/7/18372107/linux...2 LINUX DAY WISE SCHEDULE SYSTEM ADMINSITRATION DAY 1 Introduction to Linux with Installation