linux day wise schedule system …paavampiller.weebly.com/uploads/1/8/3/7/18372107/linux...2 linux...
TRANSCRIPT
1
2
LINUX
DAY WISE SCHEDULE
SYSTEM ADMINSITRATION
DAY 1 Introduction to Linux with Installation
DAY 2 Basic Commands Part 1
DAY 3 Basic Commands Part II, Vi Editor
DAY 4 User Administration
DAY 5 Group Administration, Basic file permissions
DAY 6 Partitions Part I
DAY 7 Partitions Part II
DAY 8 User, Group Quota & ACL
DAY 9 RAID, Links
DAY 10 LVM, Advance file permissions
DAY 11 Backup, crontab, at
DAY 12 Boot Process
DAY 13 RPMS & YUM
3
NETWORK ADMINISTRATION
DAY 14 Introduction to Networking
DAY 15 NFS
DAY 16 FTP
DAY 17 SAMBA
DAY 18 DNS Part I
DAY 19 DNS Part II
DAY 20 Web Server Part I
DAY 21 Web Server Part II + Proxy
DAY 22 MAIL
DAY 23 NIS, DHCP
DAY 24 Trouble Shooting
DAY 25 Kickstart, Webmin, Virtualization, Iptables
DAY 26 Selinux, Ldap, Live setup
4
Topics
System Administration
1. Linux Installation Guide 06
2. Basic Commands 10
3. VI 15
4. Users and Group Administration 17
5. Permissions 21
6. Partitions 23
7. User and Group Quotas 27
8. Access Control List 30
9. Advanced file permissions 32
10. Link 36
11. RAID 39
12. Logical Volume Manager 41
13. Backups 48
14. Boot Process Practicals 52
15. Installation of packages through RPM and yum 53
5
Server Administration
1. Introduction to networking 55
2. NFS 59
3. FTP 62
4. Samba 65
5. DNS 69
6. APACHE web Server 77
7. Squid Proxy Server 82
8. Mail Server 85
9. NIS Server 89
10. DHCP Server 93
11. Troubleshooting 95
12. Webmin 98
13. Kickstart 99
14. iptables 102
15. SELinux 104
16. Virtualization 106
17. LDAP 108
18. Comparision between Fedora and Ubuntu 112
19. Comparision between Fedora and Suse 116
20. Comparision between Fedora and Solaris 120
21. Installation of Oracle 10g on linux 124
6
Linux
Installation Guide
To Install linux follow following steps: -
To start the installation from DVD/CD set the BIOS to boot from CDROM
This installation guide is to install Linux without any other o/s in the present Hard disk
[ clean hard disk ] where the existing partitions will be overwritten.
Installtion Can be done in to methods
(1) Gui Mode
(2) Text Mode
Insert the first CD and restart the system
Press Enter to Start Installation in GUI mode
boot: press Enter
Or
Type linux text to start installation in text mode
boot : linux text
To do a media check select ok and press enter
To skip it select skip and press enter
Select Language
English
Select KeyBoard
US English
For Full installtion provide Installation Key
Or
Skip
Note: If installation key is not selected then
virtualization or Clustering will be not supported.
NEXT
NEXT
NEXT
NEXT
7
Create the Required Partition on this screen .
Select Custom Layout and delete all partitions if any.
Create 6 partitions.
/boot = 100MB
/ = 2000MB
/usr = 4000MB
/var = 1000MB
/home = 1000MB
SWAP = 2 X RAM
To check RAM size use Ctrl-Alt-F2 and use the free command
# free
To get back to the GUI interface use Ctrl-Alt-F6
Boot Loader Screen Simply select Next
Select Network Devices go for Edit
Select DHCP or manually provide IP Address
For eg: 192.168.0.1/255.255.255.0
HostName: Station1.zoom.com
Gateway 192.168.0.254
DNS 192.168.0.1
Select Time Zone
NEXT
NEXT
NEXT
NEXT
8
Asia/Calcutta
Enter The Password for Root User
Eg : abc123
Select the Softwares to be installed Desktop Environments
GNOME Desktop Environment Application
Editors
Graphicle Internet
Text based Internet Base Systems
Select All
Note : Remaining Packges can be selected even after Installation.
After the completion of Installation Reboot
After Reboot You will get Welcome Screen
Select The License Agreement
Check mark Yes, I agree to the License Agreement
Disable the Firewall. Click on Forward on confirmation click on Yes.
Disable the SELinux. Click on Forward on confirmation click on Yes
Kdump Not Required simply uncheck
NEXT
Forward
Click Next to begin Installation NEXT
Forward Forward
Forward
NEXT
9
Set Date & time for system
Asia/calcutta
Set Up Software updates
Finesh Updates Setup
Create Users
Click on Continue to avoid creating normal users.
Sound Card
To Install additional Softwared Insert Installation CDs
Now the installation is comlpeted On the Login Screen provide =>
Username root
Password abc123
Explore the Linux Operating System
Forward
Forward
Forward
Forward
Forward
Forward
Forward
10
Basic Commands
1. To check the present working directory
[root@server ~]# pwd
Example
[root@server ~]# pwd
/root
2. To show the contents of a directory (folder)
[root@server ~]# ls
Example
[root@server ~]# ls
anaconda-ks.cfg Desktop install.log install.log.syslog
3. To see more details including the permission regarding the contents
of a
directory (folder)
[root@server ~]# ls -l
Example
[root@server ~]# ls -l
total 76
-rw-r--r-- 1 root root 1049 Apr 2 2007 anaconda-ks.cfg
drwxr-xr-x 2 root root 4096 Mar 14 20:13 Desktop
-rw-r--r-- 1 root root 46871 Apr 2 2007 install.log
-rw-r--r-- 1 root root 5175 Apr 2 2007 install.log.syslog
[root@server ~]# ll
total 76
-rw-r--r-- 1 root root 1049 Apr 2 2007 anaconda-ks.cfg
drwxr-xr-x 2 root root 4096 Mar 14 20:13 Desktop
-rw-r--r-- 1 root root 46871 Apr 2 2007 install.log
-rw-r--r-- 1 root root 5175 Apr 2 2007 install.log.syslog
3. To see all contents including hidden files of a directory (folder)
[root@server ~]# ls -a
Example
[root@server ~]# ls -a
11
. .camel_certs .esd_auth .gnome2_private
.metacity
.tcshrc
.. .config .evolution .gstreamer-0.8
.mozilla
.thumbnails
anaconda-ks.cfg .cshrc .fonts.cache-1 .gtkrc
.nautilus
.Trash
.bash_history Desktop .gconf .gtkrc-1.2-gnome2
.recently-
used .viminfo
.bash_logout .dmrc .gconfd .ICEauthority
.rhn-
applet.conf .Xauthority
.bash_profile .eggcups .gnome install.log .rnd
.bashrc .elinks .gnome2 install.log.syslog .ssh
4. To see tree structure of nested directories
[root@server ~]# ls -R /opt
/opt:
zoom
/opt/zoom:
zooma
/opt/zoom/zooma:
zoomb
/opt/zoom/zooma/zoomb:
zooms
/opt/zoom/zooma/zoomb/zooms:
To see a file starting from f
[root@server ~]# ls f*
To see a file have a middle string as disk
[root@server ~]# ls /bin/*disk*
To see a file whose length is 3 charaters
[root@server ~]# ls ???
To see a file which starts with single char & ends up with any number
of character
[root@server ~]# ls ?edh*
5. To create a file
[root@server ~]# cat > file1
hi how are you, how is your zoom
12
6. To see file content
[root@server ~]# cat file1
hi how are you how is your zoom
7. To append a file
[root@server ~]# cat >> file1
iam fine, it is very nice
[root@server ~]# cat file1 file2 >> file3
[root@server ~]# cat file3
8. To create a file using touch command
[root@server ~]# touch f1 f2 f3 f4
[root@server ~]# ls
9. Creating a single directory
[root@server ~]# mkdir dir
10. Creating multiple directories
[root@server ~]# mkdir dir1 dir2 dir3 dir4
[root@server ~]# ls
anaconda-ks.cfg dir dir2 dir4 f2 f4 file2 install.log
labmanual
Desktop dir1 dir3 f1 f3 file1 file3 install.log.syslog
11. To create nested directories
[root@server ~]# mkdir -p d1/d2/d3/d4
To see the tree structure
[root@server ~]# ls -R d1
d1:
d2
d1/d2:
d3
d1/d2/d3:
d4
d1/d2/d3/d4:
[root@server ~]#
13
12. To change a directory
[root@server ~]# cd dir1
[root@server dir1]# cd ..
[root@server ~]# cd ../..
[root@server /]# cd -
/root
[root@server ~]# pwd
/root
[root@server ~]# cd
[root@server ~]# pwd
/root
[root@server ~]#
13. To remove files
[root@server ~]# rm file1
rm: remove regular file `file1'? y
14. To remove an empty directory
[root@server ~]# rmdir dir1
[root@server ~]# ls
anaconda-ks.cfg Desktop dir2 dir4 f2 f4 file3
install.log.syslog
d1 dir dir3 f1 f3 file2 install.log labmanual
15. To remove a directory
[root@server ~]# rm -rf dir
[root@server ~]# ls
anaconda-ks.cfg Desktop dir3 f1 f3 file2 install.log
labmanual
d1 dir2 dir4 f2 f4 file3 install.log.syslog
To copy files
[root@server ~]# cp anaconda-ks.cfg file1
To copy folders
[root@server ~]# cp -r dir2 Desktop
To rename directories and files
[root@server ~]# mv dir3 d4
14
[root@server ~]# ls
anaconda-ks.cfg d4 dir2 f1 f3 file1 file3
install.log.syslog
d1 Desktop dir4 f2 f4 file2 install.log labmanual
To move directories and files
[root@server ~]# mv dir2 /opt
[root@server ~]# ls
anaconda-ks.cfg d4 dir4 f2 f4 file2 install.log
labmanual
d1 Desktop f1 f3 file1 file3 install.log.syslog
[root@server ~]# cd /opt
[root@server opt]# ls
dir2 zoom
To search a word from single or multiple file’s
[root@server ~]# grep tom /etc/passwd /etc/group /etc/gshadow
/etc/passwd:tom:x:500:500::/home/tom:/bin/bash
/etc/group:tom:x:500:
/etc/gshadow:tom:!::
[root@server ~]# cat /etc/passwd | grep tom
To see the type of file
[root@server ~]# file *
To view the date
[root@server ~]# date
[root@server ~]# date -s "07/15/2008 00:06:00 "
mm/dd/yyyy hh:mm:ss
Tue Jul 15 00:06:00 EDT 2008
[root@server ~]# cal
[root@server ~]# cal 12 2008
[root@server ~]# man mkdir
[root@server ~]# man cal
To see the content screen wise
[root@server ~]# ls -l /bin | less
15
Visual Interface
Commands to Go into Insert mode
To open a file use vi <filename>
e.g.
# vi test.txt
i - inserts the text at current cursor position
I - inserts the text at beginning of line
a - appends the text after current cursor position
A - appends the text at end of line
o - inserts a line below current cursor position
O - inserts a line above current cursor position
r - replace a single char at current cursor position
Commands at execute mode
:q - quit without saving
:q! - quit forcefully without saving
:w - save
:wq - save & quit
:wq! - save & quit forcefully
:x - save & quit
:sh - Provides temporary shell
:se nu - Setting line numbers
:se nonu - Removing line numbers
:84 - Press enter goes to line 84
To move the cursor, press the h,j,k,l keys as indicated.
^
k Hint: The h key is at the left and moves
left.
< h l > The l key is at the right and moves
right.
j The j key looks like a down arrow
v
w forward word to word
b back side word to word
Command's at command mode
dd - Deletes a line
2dd - Deletes 2 lines
yy - Copy a line
2yy - Copies 2 lines
p - put (deleted or copied text)
u - Undo (can undo 1000 times)
Ctrl+r - Redo
G - Moves cursor to last line of file
5G - Moves cursor to 5th line of file
16
Shift+ZZ - save & quit
/<findword> - locate word
To find and replace words
:1,$s/<findword>/<replaceword>/gc
e.g.
:1,$s/world/universe/gc
1-- To start the search at from 1st line
$ -> End of File
s -> substitute
g -> global
c -> confirmation
17
User's & Group's Administration
Scenario
There are two groups :
1)salesgrp : salesgrp ID=2000
Sales users should exist in salesgrp
2)fingrp :fingrp ID=3000
Finance users should exist in fingrp
tom
joy
Now create the users with following parameters:
ali u - 2001
tom c - "Mang of Sales Dept"
ram d - /salesdept
shyam s - /bin/ksh
joy g - salesgrp/2000
Create user abdul with following parameters
u - 2002
c - "Director of Sales Dept"
d - /salesdept
s - /bin/csh
g - salesgrp/2000
G - fingrp,mrkgrp
Create a user ali whose user id is 2001
[root@server~]# useradd -u 2001 ali
[root@server~]# grep ali /etc/passwd
Create a user tom whose comment is "Mang of Sales Dept"
[root@server~]# useradd -c "Mang of Sales Dept" tom
[root@server~]# grep tom /etc/passwd
Create a user ram whose home directory exist in /salesdept folder
[root@server~]# mkdir /salesdept
[root@server~]# useradd -d /salesdept/ram ram
[root@server~]# grep ram /etc/passwd
18
Create a user shyam whose shell is ksh
[root@server~]# cat /etc/shells
[root@server~]# useradd -s /bin/ksh shyam
[root@server~]# grep shyam /etc/passwd
Create a user joy/jack whose primary group id is 2000/salesgrp
[root@server~]# groupadd -g 2000 salesgrp
[root@server~]# grep salesgrp /etc/group
[root@server~]# useradd -g 2000 joy
or
[root@server~]# useradd -g salesgrp jack
[root@server~]# grep 2000 /etc/passwd
Create a user abdul with all parameters as in scenario
[root@server~]# useradd -u 2000 -g salesgrp -c "Director of Sales Dept"
-d /salesdept/abdul -s /bin/csh abdul
[root@server~]# grep abdul /etc/passwd
abdul:x:2000:2000:Director of Sales Dept:/salesdept/abdul:/bin/csh
To Modify the parameter of existing user abdul
[root@server ~]# usermod -u 3000 -g fingrp -c "Mang of fin Dept" -d
/findept/abdul -m -s /bin/ksh abdul
[root@server ~]# grep abdul /etc/passwd
abdul:x:3000:3000:Mang of fin Dept:/findept/abdul:/bin/ksh
[root@server ~]# useradd scott
[root@server ~]# grep scott /etc/passwd
scott:x:3001:3001::/home/scott:/bin/bash
To change login name
[root@server ~]# usermod -l tiger scott
[root@server ~]# grep tiger /etc/passwd
tiger:x:3001:3001::/home/scott:/bin/bash
To lock the Account
[root@server ~]# passwd tom
[root@server ~]# usermod -L tom
19
login & check
To Unlock the Account
[root@server ~]# usermod -U tom
login & check
To delete only users account but not home directory & mail account.
[root@server ~]# userdel tom
[root@server ~]# ls /home
To delete users account along with home directory & mail account.
[root@server ~]# userdel -r tom
[root@server ~]# ls /home
Adding groups
Adding a new group
[root@server ~]# groupadd amerpetgrp
[root@server ~]# grep amerpet /etc/group
amerpetgrp:x:3002:
adding a new group with gid 5000
[root@server ~]# groupadd -g 5000 banjaragrp
[root@server ~]# grep banjaragrp /etc/group
banjaragrp:x:5000:
modifying group with gid
[root@server ~]# groupmod -g 6000 banjaragrp
[root@server ~]# grep banjaragrp /etc/group
banjaragrp:x:6000:
Changing the name of a existing group
[root@server ~]# groupmod -n banjarahills banjaragrp
[root@server ~]# grep banjarahills /etc/group
banjarahills:x:6000:
[root@server ~]# groupdel banjarahills
20
[root@server ~]# grep banjarahills /etc/group
[root@server ~]# useradd jack
[root@server ~]# useradd shyam
[root@server ~]# useradd wiliam
[root@server ~]# gpasswd -M jack,shyam,wiliam salesgrp
[root@server ~]# grep salesgrp /etc/group
salesgrp:x:2000:jack,shyam,wiliam
Removing user wiliam from group salesgrp
[root@server ~]# gpasswd -d wiliam salesgrp
[root@server ~]# grep salesgrp /etc/group
salesgrp:x:2000:jack,shyam
Adding user wiliam to group salesgrp
[root@server ~]# gpasswd -a wiliam salesgrp
[root@server ~]# grep salesgrp /etc/group
salesgrp:x:2000:jack,shyam,wiliam
[root@server ~]# chage -l jack
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^OUTPUT^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Last password change : Jul 14, 2008
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[root@server ~]# system-config-users &
21
Permissions
[root@server ~]# mkdir /myfolder
[root@server ~]# cd /myfolder/
[root@server myfolder]# ls
[root@server myfolder]# whoami
root
[root@server myfolder]# touch test_file
[root@server myfolder]# ls -ld test_file
-rw-r--r-- 1 root root 0 Jul 13 00:06 test_file
Set write permissions to the group only.
[root@server myfolder]# chmod g+w test_file
[root@server myfolder]# ls -ld test_file
-rw-rw-r-- 1 root root 0 Jul 13 00:06 test_file
Remove read permissions for others only.
[root@server myfolder]# chmod o-r test_file
[root@server myfolder]# ls -ld test_file
-rw-rw---- 1 root root 0 Jul 13 00:06 test_file
Assign read, write, execute permissions to others only.
[root@server myfolder]# chmod o=rwx test_file
[root@server myfolder]# ls -ld test_file
-rw-rw-rwx 1 root root 0 Jul 13 00:06 test_file
Assign execute permissions to owner, group and others also.
[root@server myfolder]# chmod +x test_file
[root@server myfolder]# ls -ld test_file
-rwxrwxrwx 1 root root 0 Jul 13 00:06 test_file
Remove execute permissions from owner, group and others also.
[root@server myfolder]# chmod -x test_file
22
[root@server myfolder]# ls -ld test_file
-rw-rw-rw- 1 root root 0 Jul 13 00:06 test_file
[root@server myfolder]# chmod 644 test_file
[root@server myfolder]# ls -ld test_file
-rw-r--r-- 1 root root 0 Jul 13 00:06 test_file
[root@server myfolder]# pwd
/myfolder
[root@server myfolder]# whoami
root
[root@server myfolder]# mkdir dir1
[root@server myfolder]# ls -ld dir1
drwxr-xr-x 2 root root 4096 Jul 13 01:28 dir1
[root@server myfolder]#
[root@server myfolder]# chmod 777 /myfolder
[root@server ~]# su - tom
[tom@server ~]$ whoami
tom
[tom@server ~]$
[tom@server ~]$ pwd
/home/tom
[tom@server ~]$ ls -l
total 0
[tom@server ~]$ touch myfile
[tom@server ~]$ ls -l
total 0
-rw-rw-r-- 1 tom tom 0 Jul 12 20:20 myfile
[tom@server ~]$ mkdir dir1
[tom@server ~]$ ls -ld dir1
drwxrwxr-x 2 tom tom 4096 Jul 12 20:22 dir1
[tom@server ~]$
23
Partitions
Step 1 ) To Create the partitions
[root@client1 ~]# fdisk -l
[root@client1 ~]# fdisk /dev/hda
Command (m for help): m
d delete a partition
m print this menu
n add a new partition
p print the partition table
q quit without saving changes
w write table to disk and exit
Command (m for help):
Command (m for help): n
First cylinder (1098-2434, default 1098):
Using default value 1098
Last cylinder or +size or +sizeM or +sizeK (1098-2434, default 2434):
+100M
Command (m for help): p
Command (m for help): n
Command (m for help): p
Command (m for help): n
Command (m for help): p
Command (m for help): d
Command (m for help): 10 #write the number of
partition
Command (m for help): w
[root@client1 ~]#
To update the kernel without restarting
[root@client1 ~]# partprobe /dev/hda
[root@client1 ~]# fdisk -l
Step 2 ) Make the filesystem ( i.e format the partition) ext2, ext3,
vfat
[root@client1 ~]# mkfs.ext2 /dev/hda8
[root@client1 ~]# mkfs.ext3 /dev/hda9
[root@client1 ~]# mkfs.vfat /dev/hda10
24
Step 3 ) Create a folder & Mount the partition to use
[root@client1 ~]# mkdir /mnt/song /mnt/video /mnt/music
[root@client1 ~]# mount /dev/hda8 /mnt/song
[root@client1 ~]# mount /dev/hda9 /mnt/video
[root@client1 ~]# mount /dev/hda10 /mnt/music
[root@client1 ~]# mount
Step 4 ) Write the data inside the partition
[root@client1 ~]# cd /mnt/song
[root@client1 song]#
[root@client1 song]# touch myfile1 myfile2 myfile3
[root@client1 song]# mkdir hyd sec bhills ameerpet
[root@client1 song]# ls
***************** This is the output ********************
ameerpet bhills hyd lost+found myfile1 myfile2 myfile3 sec
[root@client1 myfolder]#
Converting from ext3 to ext2
[root@client1 ~]# umount /dev/hda8
[root@client1 ~]# tune2fs -O ^has_journal /dev/hda8
[root@client1 ~]# mount /dev/hda8 /myfolder/
[root@client1 ~]# mount
Convert from ext2 to ext3
[root@client1 ~]# umount /dev/hda8
[root@client1 ~]# tune2fs -j /dev/hda8
[root@client1 ~]# mount /dev/hda8 /myfolder
[root@client1 ~]# mount
25
Creating a Swap Partition
Step 1 ) Create the required partition (say 9 partition)
[root@client1 ~]# fdisk -l
[root@client1 ~]# fdisk /dev/hda
:p
:n
:t { to change the partition ID}
:82 { for swap partition }
:w { save & exit }
[root@client1 ~]#
[root@client1 ~]# partprobe /dev/hda
[root@client1 ~]# fdisk –l
Step 2 ) Make the partition as swap
[root@client1 ~]# mkswap /dev/hda9
To see the status
[root@client1 ~]# swapon –s
To on the swap partition
[root@client1 ~]# swapon /dev/hda9
Again see the status
[root@client1 ~]# swapon -s
To put Off the swap partition
[root@client1 ~]# swapoff /dev/hda9
[root@client1 ~]# swapon –s
26
LABELS
To check the label
[root@client1 ~]# e2label /dev/hda8
To assign the labels
[root@client1 ~]# e2label /dev/hda8 linux
[root@client1 ~]# e2label /dev/hda8
linux
Permanent Mounting
Mounting the partition /dev/hda9 parmanently
[root@client1 ~]# vi /etc/fstab
LABEL=linux /myfolder ext3 defaults
0 0
:wq
[root@client1 ~]# mount
[root@client1 ~]# mount -a
[root@client1 ~]# mount
Mounting the cdrom
[root@client1 ~]# mkdir /media/cdrom
[root@client1 ~]# mount /dev/cdrom /media/cdrom
To see the disk space
[root@client1 ~]# df -h
To see the block size.
[root@client1 ~]# blockdev --getbsz /dev/hda8
1024
[root@client1 ~]# blockdev --getbsz /dev/hda3
4096
27
User and Group Quotas
Apply Quota on users & Group
Create required users & Group
[root@server ~]# useradd tom
[root@server ~]# groupadd salesgrp
[root@server ~]# groupadd fingrp
[root@server ~]# mkdir /salesdept
[root@server ~]# useradd -g salesgrp sai
[root@server ~]# useradd -g salesgrp ram
[root@server ~]# useradd -G fingrp tata
[root@server ~]# useradd -G fingrp birla
Step 1 ) Create a required partition
[root@server ~]# fdisk -l
[root@server ~]# fdisk /dev/hda
:n
:w
[root@server ~]# partprobe /dev/hda
[root@server ~]# mkdir /salesdept
[root@server ~]# mkfs.ext3 /dev/hda9
Step 2) Mount the partition with user & group quota parameters.
[root@server ~]# mount -o usrquota,grpquota /dev/hda9 /salesdept
[root@server ~]# mount
[root@server ~]# chmod 777 /salesdept/
Step 3 ) Create the Quota Database file
[root@server ~]# quotacheck -cugv /salesdept/
[root@server ~]# ls /salesdept/
aquota.group aquota.user lost+found
28
Step 4) Check the quota Status
[root@server ~]# quotaon -p /dev/hda9
group quota on /salesdept (/dev/hda9) is off
user quota on /salesdept (/dev/hda9) is off
Step 5 ) Enable the quota partition
[root@server ~]# quotaon /dev/hda9
[root@server ~]# quotaon -p /dev/hda9
group quota on /salesdept (/dev/hda9) is on
user quota on /salesdept (/dev/hda9) is on
Step 6 ) Apply quota on a user tom
[root@server ~]# edquota -u tom
Disk quotas for user tom (uid 500):
Filesystem blocks soft hard inodes soft
hard
/dev/hda9 0 0 0 0 3
5
:wq
[root@server ~]# su - tom
[tom@server ~]$ cd /salesdept/
[tom@server salesdept]$ ll
[tom@server salesdept]$ touch tfa
[tom@server salesdept]$ touch tfb
[tom@server salesdept]$ touch tfc
[tom@server salesdept]$ touch tfd
hda9: warning, user file quota exceeded.
[tom@server salesdept]$ mkdir tda
[tom@server salesdept]$ mkdir tdb
hda9: write failed, user file limit reached.
mkdir: cannot create directory `tdb': Disk quota exceeded
29
Step 7 ) Apply quota on a group salesgrp who has primary members as sai
& ram
[root@server ~]# edquota -g salesgrp
[root@server ~]# edquota -g salesgrp
Disk quotas for group salesgrp (gid 501):
Filesystem blocks soft hard inodes
soft hard
/dev/hda9 0 0 0 5
3 5
:wq!
[root@server ~]# cd /salesdept/
[root@server salesdept]# su sai
[sai@server salesdept]$ groups
salesgrp
[sai@server salesdept]$ touch sai1 sai2 sai3
[sai@server salesdept]$ exit
exit
[root@server salesdept]# su ram
[ram@server salesdept]$ groups
salesgrp
[ram@server salesdept]$ touch ram1
hda9: warning, group file quota exceeded.
[ram@server salesdept]$ touch ram3
[ram@server salesdept]$ touch ram4
hda9: write failed, group file limit reached.
touch: cannot touch `ram4': Disk quota exceeded
[ram@server salesdept]$ ll
total 36
-rw------- 1 root root 7168 Jul 15 01:52 aquota.group
-rw------- 1 root root 7168 Jul 15 01:53 aquota.user
drwx------ 2 root root 16384 Jul 15 01:38 lost+found
-rw-r--r-- 1 ram salesgrp 0 Jul 15 01:53 ram1
-rw-r--r-- 1 ram salesgrp 0 Jul 15 01:53 ram3
-rw-r--r-- 1 sai salesgrp 0 Jul 15 01:53 sai1
-rw-r--r-- 1 sai salesgrp 0 Jul 15 01:53 sai2
-rw-r--r-- 1 sai salesgrp 0 Jul 15 01:53 sai3
[ram@server salesdept]$
Note : Quotas are not applicable on secondary group members
30
Access Control List
Create required users & Group
[root@server ~]# useradd tom
[root@server ~]# groupadd salesgrp
[root@server ~]# groupadd fingrp
[root@server ~]# mkdir /salesdept
[root@server ~]# useradd -g salesgrp sai
[root@server ~]# useradd -g salesgrp ram
[root@server ~]# useradd -G fingrp tata
[root@server ~]# useradd -G fingrp birla
Note: Acl's are applied on both primary & secondary members
Step 1 ) Create a required partition
[root@server ~]# fdisk -l
[root@server ~]# fdisk /dev/hda
:n
:w
[root@server ~]# partprobe /dev/hda
[root@server ~]# mkdir /salesdept
[root@server ~]# mkfs.ext3 /dev/hda9
Step 2) Mount the partition with ACLs parameters.
[root@server ~]# mount -o acl /dev/hda9 /salesdept
[root@server ~]# mount
[root@server ~]# chmod 777 /salesdept/
Step 3) Apply ACLS on users & groups
[root@server salesdept]# touch fabc.txt
To apply acl's on users & groups
[root@server salesdept]# setfacl -m
u:tom:rwx,u:ram:rx,g:salesgrp:rx,g:fingrp:rw fabc.txt
31
To check acl list
[root@server salesdept]# getfacl fabc.txt
To modify permission for user tom
[root@server salesdept]# setfacl -m u:tom:r fabc.txt
[root@server salesdept]# getfacl fabc.txt
To exclude user tom ,group fingrp from ACL list
[root@server salesdept]# setfacl -x u:tom,g:fingrp fabc.txt
[root@server salesdept]# getfacl fabc.txt
32
Advanced file permissions
To view the location of a command use which
[root@client24 myfolder]# which cat
/bin/cat
[root@client24 myfolder]# ls -ld /bin/cat
-rwxr-xr-x 1 root root 23100 Nov 27 2006 /bin/cat
[root@client24 myfolder]# su - tom
[tom@client24 ~]$ cat > myfile
hello
Open another terminal as root user
root@client24 ~]# ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME
COMMAND
tom 3972 0.0 0.1 3680 432 pts/1 S+ 22:01 0:00 cat
[root@client24 myfolder]# ls -ld /bin/cat
-rwxr-xr-x 1 root root 23100 Nov 27 2006 /bin/cat
Set SUID on the file
[root@client24 myfolder]# chmod 4755 /bin/cat
[root@client24 myfolder]# ls -ld /bin/cat
-rwsr-xr-x 1 root root 23100 Nov 27 2006 /bin/cat
[root@client24 myfolder]# su - tom
[tom@client24 ~]$ cat >> myfile
Open another terminal as root user
root@client24 ~]# ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME
COMMAND
root 4032 0.0 0.1 3680 436 pts/1 S+ 22:05 0:00 cat
[root@client24 ~]# mkdir /myfolder
33
[root@client24 ~]# cd /myfolder
[root@client24 myfolder]# ls
[root@client24 myfolder]# cat > test
Learning Linux is a wise man's decesion.
[root@client24 myfolder]# ls -ld test
-rw-r--r-- 1 root root 41 Jul 13 21:22 test
[root@client24 myfolder]# ls -ld /myfolder
drwxrwxrwx 2 root root 4096 Jul 13 21:21 /myfolder
Set SGID on the folder
[root@client24 myfolder]# chmod 2777 /myfolder
[root@client24 myfolder]# ls -ld /myfolder
drwxrwsrwx 2 root root 4096 Jul 13 21:21 /myfolder
[root@client24 myfolder]# ls
test
[root@client24 myfolder]# su - tom
[tom@client24 ~]$ cd /myfolder
[tom@client24 myfolder]$ ls -l
total 4
-rw-r--r-- 1 root root 41 Jul 13 21:22 test
[tom@client24 myfolder]$ cat > myfile
file to test SGID
[tom@client24 myfolder]$ ls -ld myfile
-rw-r--r-- 1 tom root 18 Jul 13 22:14 myfile
[root@client24 myfolder]# su - joy
[joy@client24 ~]$ cd /myfolder
[joy@client24 myfolder]$ ls -l
total 8
-rw-r--r-- 1 tom root 18 Jul 13 22:14 myfile
-rw-r--r-- 1 root root 41 Jul 13 21:22 test
[joy@client24 myfolder]$ cat > joy_file
34
hello this file is created by joy but because of SGID bit set its group
ownership will be root
[joy@client24 myfolder]$ ls -ld joy_file
-rw-rw-r-- 1 joy root 95 Jul 13 22:15 joy_file
joy and tom have the same primary group called joy
[root@client24 ~]# mkdir /sticky
[root@client24 ~]# chmod 777 /sticky
[root@client24 ~]# su - tom
[tom@client24 ~]$ cd /sticky
[tom@client24 sticky]$ ls -l
total 0
[tom@client24 sticky]$ cat > tom_file
hello am tom, am going to set sticky bit on the /sticky folder.
[tom@client24 sticky]$ ls -l
total 4
-rw-r--r-- 1 tom joy 64 Jul 13 22:36 tom_file
[tom@client24 sticky]$ chmod 664 tom_file
[tom@client24 sticky]$ ls -ld tom_file
-rw-rw-r-- 1 tom joy 64 Jul 13 22:36 tom_file
[root@client24 sticky]# su - joy
[joy@client24 ~]$ cd /sticky
[joy@client24 sticky]$ ls -l
total 4
-rw-rw-r-- 1 tom joy 64 Jul 13 22:37 tom_file
[joy@client24 sticky]$ rm tom_file
[joy@client24 sticky]$ ls
To avoid joy to del the file owned by the user tom apply sticky bit on
the folder.
[root@client24 sticky]# ls -ld /sticky
35
drwxrwxrwx 2 root root 4096 Jul 13 22:38 /sticky
Set Sticky Bit
[root@client24 sticky]# chmod 1777 /sticky
[root@client24 sticky]# ls -ld
drwxrwxrwt 2 root root 4096 Jul 13 22:38 .
[root@client24 sticky]# su - tom
[tom@client24 ~]$ cd /sticky/
[tom@client24 sticky]$ ls
[tom@client24 sticky]$ cat > tom_file
This file is created by tom whose primary group is joy, but joy cannot
delete this file.
[tom@client24 sticky]$ ls -ld /sticky/tom_file
-rw-r--r-- 1 tom joy 89 Jul 13 22:41 /sticky/tom_file
[root@client24 sticky]# su - joy
[joy@client24 ~]$ cd /sticky/
[joy@client24 sticky]$ ls -l
total 4
-rw-r--r-- 1 tom joy 89 Jul 13 22:41 tom_file
[joy@client24 sticky]$ rm tom_file
rm: remove write-protected regular file `tom_file'? y
rm: cannot remove `tom_file': Operation not permitted
[joy@client24 sticky]$ ls -l
total 4
-rw-r--r-- 1 tom joy 89 Jul 13 22:41 tom_file
36
Links
[root@client1 ~]# mount
/dev/hda3 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/hda1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
/dev/hda5 on /home type ext3 (rw)
/dev/hda2 on /usr type ext3 (rw)
/dev/hda6 on /var type ext3 (rw)
/dev/hda8 on /myfolder type ext3 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
[root@client1 ~]#
[root@client1 ~]# cd /myfolder
[root@client1 myfolder]# ls
[root@client1 myfolder]# cat > original_file
This is the original file to test links
[root@client1 myfolder]# ls -ld original_file
-rw-r--r-- 1 root root 40 Jul 12 21:12 original_file
[root@client1 myfolder]# cd
Setting a soft link
[root@client1 ~]# ln -s /myfolder/original_file softlink
[root@client1 ~]# ls -ld softlink
lrwxrwxrwx 1 root root 23 Jul 12 21:12 softlink ->
/myfolder/original_file
[root@client1 ~]# cat softlink
This is the original file to test links
[root@client1 ~]# cat >> softlink
this line is appended by the softlink
[root@client1 ~]# cat /myfolder/original_file
This is the original file to test links
this line is appended by the softlink
37
[root@client1 ~]# ls -ld /myfolder/original_file
-rw-r--r-- 1 root root 78 Jul 12 21:13 /myfolder/original_file
[root@client1 ~]# ls -ld softlink
lrwxrwxrwx 1 root root 23 Jul 12 21:12 softlink ->
/myfolder/original_file
[root@client1 ~]# rm /myfolder/original_file
rm: remove regular file `/myfolder/original_file'? y
[root@client1 ~]# cat softlink
cat: softlink: No such file or directory
Setting a Hard Link
[root@client1 ~]# ln /myfolder/original_file hardlink
ln: creating hard link `hardlink' to `/myfolder/original_file': Invalid
cross-device link
[root@client1 ~]# cd /
[root@client1 /]# cat > original
This is the original file to test links.
[root@client1 /]# cd
[root@client1 ~]# ln /original /root/hardlink
[root@client1 ~]# ls -ld /root/hardlink
-rw-r--r-- 2 root root 41 Jul 12 21:16 /root/hardlink
[root@client1 ~]# ls -ld /original
-rw-r--r-- 2 root root 41 Jul 12 21:16 /original
[root@client1 ~]# cd /
[root@client1 /]# cat > original
This is the original file to test links.
[root@client1 /]# cd
[root@client1 ~]# ln /original /root/hardlink
[root@client1 ~]# ls -ld /root/hardlink
-rw-r--r-- 2 root root 41 Jul 12 21:16 /root/hardlink
38
[root@client1 ~]# ls -ld /original
-rw-r--r-- 2 root root 41 Jul 12 21:16 /original
[root@client1 ~]# cat >> hardlink
this is appended by the hardlink file
[root@client1 ~]# ls -ld /root/hardlink
-rw-r--r-- 2 root root 79 Jul 12 21:18 /root/hardlink
[root@client1 ~]# ls -ld /original
-rw-r--r-- 2 root root 79 Jul 12 21:18 /original
[root@client1 ~]# rm /original
rm: remove regular file `/original'? y
[root@client1 ~]# cat hardlink
This is the original file to test links.
this is appended by the hardlink file
39
Example to Configure RAID 5
Install the required packages
[root@client1 ~]# yum install mdadm* -y
Create the required partition
[root@client1 ~]# mdadm -C /dev/md0 -n3 /dev/hda11 /dev/hda12
/dev/hda13 -l5
mdadm: array /dev/md0 started.
To see the detail information of /dev/md0
[root@client1 ~]# mdadm -D /dev/md0
Format the raid meta device
[root@client1 ~]# mkfs.ext3 /dev/md0
Mount the partition
[root@client1 ~]# mount /dev/md0 /raid_dir
[root@client1 ~]# mount
[root@client1 ~]# cd /raid_dir/
[root@client1 raid_dir]# ls
lost+found
Write some content inside the raid partition
[root@client1 raid_dir]# cat > test
hello this is a test file on raid 5
[root@client1 raid_dir]# ls -l
To add a new device as spare
[root@client1 ~]# mdadm -a /dev/md0 /dev/hda14
[root@client1 ~]# mdadm -D /dev/md0
[root@client1 ~]# mdadm /dev/md0 -f /dev/hda12
mdadm: set /dev/hda12 faulty in /dev/md0
To see the detail information of /dev/md0
[root@client1 ~]# mdadm -D /dev/md0
40
To remove the faulty device
[root@client1 raid_dir]# mdadm /dev/md0 -r /dev/hda12
mdadm: hot removed /dev/hda12
[root@client1 raid_dir]# mdadm -D /dev/md0
[root@client1 raid_dir]# cd
To stop the raid first unmount the meta device.
[root@client1 ~]# umount /dev/md0
[root@client1 ~]# mdadm -S /dev/md0
mdadm: stopped /dev/md0
To activate or assemble the raid meta device
[root@client1 ~]# mdadm -A /dev/md0 /dev/hda11 /dev/hda14 /dev/hda13
mdadm: /dev/md0 has been started with 3 drives.
41
Logical Volume Manager
To view the Hard disk name and partition information
[root@client24 ~]# fdisk -l
Disk /dev/hda: 40.0 GB, 40020664320 bytes
255 heads, 63 sectors/track, 4865 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 13 104391 83 Linux
/dev/hda2 14 523 4096575 83 Linux
/dev/hda3 524 778 2048287+ 83 Linux
/dev/hda4 779 4865 32828827+ 5 Extended
/dev/hda5 779 905 1020096 83 Linux
/dev/hda6 906 1032 1020096 83 Linux
/dev/hda7 1033 1097 522081 82 Linux swap /
Solaris
/dev/hda8 1098 2314 9775521 83 Linux
Create 3 partitions
[root@client24 ~]# fdisk /dev/hda
The number of cylinders for this disk is set to 4865.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Command (m for help): n
First cylinder (2315-4865, default 2315):
Using default value 2315
Last cylinder or +size or +sizeM or +sizeK (2315-4865, default 4865):
+200M
Command (m for help): n
First cylinder (2340-4865, default 2340):
Using default value 2340
Last cylinder or +size or +sizeM or +sizeK (2340-4865, default 4865):
+200M
Command (m for help): n
First cylinder (2365-4865, default 2365):
Using default value 2365
Last cylinder or +size or +sizeM or +sizeK (2365-4865, default 4865):
+200M
42
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: Device or
resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
[root@client24 ~]# partprobe /dev/hda
[root@client24 ~]# fdisk -l
Disk /dev/hda: 40.0 GB, 40020664320 bytes
255 heads, 63 sectors/track, 4865 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 13 104391 83 Linux
/dev/hda2 14 523 4096575 83 Linux
/dev/hda3 524 778 2048287+ 83 Linux
/dev/hda4 779 4865 32828827+ 5 Extended
/dev/hda5 779 905 1020096 83 Linux
/dev/hda6 906 1032 1020096 83 Linux
/dev/hda7 1033 1097 522081 82 Linux swap /
Solaris
/dev/hda8 1098 2314 9775521 83 Linux
/dev/hda9 2315 2339 200781 83 Linux
/dev/hda10 2340 2364 200781 83 Linux
/dev/hda11 2365 2389 200781 83 Linux
Create Physical Volumes
[root@client24 ~]# pvcreate /dev/hda9 /dev/hda10 /dev/hda11
Physical volume "/dev/hda9" successfully created
Physical volume "/dev/hda10" successfully created
Physical volume "/dev/hda11" successfully created
To view Physical Volumes
[root@client24 ~]# pvdisplay
--- Physical volume ---
PV Name /dev/hda9
VG Name vg1
PV Size 196.08 MB / not usable 4.08 MB
Allocatable yes (but full)
PE Size (KByte) 4096
Total PE 48
Free PE 0
Allocated PE 48
PV UUID 5r8qvn-GF0k-NAfo-Rhqc-I3Qn-ZWws-zLCvks
--- Physical volume ---
PV Name /dev/hda10
43
VG Name vg1
PV Size 196.08 MB / not usable 4.08 MB
Allocatable yes
PE Size (KByte) 4096
Total PE 48
Free PE 21
Allocated PE 27
PV UUID ys5Wd9-YiQ5-mM7c-sjrt-Mcwb-35oF-8mFyDW
--- Physical volume ---
PV Name /dev/hda11
VG Name vg1
PV Size 196.08 MB / not usable 4.08 MB
Allocatable yes
PE Size (KByte) 4096
Total PE 48
Free PE 48
Allocated PE 0
PV UUID 5U81jh-Uddd-0giT-GYUT-pkvu-3MK3-KNkZJi
To create Volume Group
[root@client24 ~]# vgcreate vg1 /dev/hda9 /dev/hda10 /dev/hda11
Volume group "vg1" successfully created
To display Volume Group Information.
[root@client24 ~]# vgdisplay
--- Volume group ---
VG Name vg1
System ID
Format lvm2
Metadata Areas 3
Metadata Sequence No 2
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 0
Max PV 0
Cur PV 3
Act PV 3
VG Size 576.00 MB
PE Size 4.00 MB
Total PE 144
Alloc PE / Size 75 / 300.00 MB
Free PE / Size 69 / 276.00 MB
VG UUID P1zXt6-yBWW-SoUq-ZeF1-K7pf-Z69D-GVz8Up
To create logical Volume
[root@client24 ~]# lvcreate vg1 -L +300M -n lv1
Logical volume "lv1" created
44
To view Logical Volume Information.
[root@client24 ~]# lvdisplay
--- Logical volume ---
LV Name /dev/vg1/lv1
VG Name vg1
LV UUID ZvsfPh-Ve0c-y4Qa-VUYy-HbdR-lG3G-66703a
LV Write Access read/write
LV Status available
# open 0
LV Size 300.00 MB
Current LE 75
Segments 2
Allocation inherit
Read ahead sectors 0
Block device 253:0
[root@client24 ~]#
Format the Logical Volume
[root@client24 ~]# mkfs.ext3 /dev/vg1/lv1
mke2fs 1.39 (29-May-2006)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
102400 inodes, 409600 blocks
20480 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=67633152
50 block groups
8192 blocks per group, 8192 fragments per group
2048 inodes per group
Superblock backups stored on blocks:
8193, 24577, 40961, 57345, 73729, 204801, 221185, 401409
Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 20 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
[root@client24 ~]# mkdir /mylvm
[root@client24 ~]# mount /dev/vg1/lv1 /mylvm
[root@client24 ~]# mount
/dev/hda3 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/hda1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
/dev/hda5 on /home type ext3 (rw)
45
/dev/hda2 on /usr type ext3 (rw)
/dev/hda6 on /var type ext3 (rw)
/dev/hda8 on /dada type ext3 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
/dev/mapper/vg1-lv1 on /mylvm type ext3 (rw)
To resize the Logical Volume
[root@client24 ~]# lvresize -L +100M /dev/vg1/lv1
Extending logical volume lv1 to 400.00 MB
Logical volume lv1 successfully resized
[root@client24 ~]# lvdisplay
--- Logical volume ---
LV Name /dev/vg1/lv1
VG Name vg1
LV UUID ZvsfPh-Ve0c-y4Qa-VUYy-HbdR-lG3G-66703a
LV Write Access read/write
LV Status available
# open 0
LV Size 400.00 MB
Current LE 100
Segments 3
Allocation inherit
Read ahead sectors 0
Block device 253:0
[root@client24 ~]# cd /mylvm
[root@client24 mylvm]# ls
lost+found
[root@client24 mylvm]# touch file1 file2 file3
[root@client24 mylvm]# mkdir hyd sec
[root@client24 mylvm]# ls
file1 file2 file3 hyd lost+found sec
To remove logical Volume
[root@client24 ~]# cd
[root@client24 ~]# umount /mylvm
[root@client24 ~]# lvremove /dev/vg1/lv1
Do you really want to remove active logical volume "lv1"? [y/n]: y
Logical volume "lv1" successfully removed
46
[root@client24 ~]# fdisk /dev/hda
The number of cylinders for this disk is set to 4865.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Command (m for help): n
First cylinder (2390-4865, default 2390): +300M
Value out of range.
First cylinder (2390-4865, default 2390): w
First cylinder (2390-4865, default 2390):
Using default value 2390
Last cylinder or +size or +sizeM or +sizeK (2390-4865, default 4865):
+300M
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: Device or
resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
[root@client24 ~]# partprobe /dev/hda
[root@client24 ~]# fdisk -l
Disk /dev/hda: 40.0 GB, 40020664320 bytes
255 heads, 63 sectors/track, 4865 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 13 104391 83 Linux
/dev/hda2 14 523 4096575 83 Linux
/dev/hda3 524 778 2048287+ 83 Linux
/dev/hda4 779 4865 32828827+ 5 Extended
/dev/hda5 779 905 1020096 83 Linux
/dev/hda6 906 1032 1020096 83 Linux
/dev/hda7 1033 1097 522081 82 Linux swap /
Solaris
/dev/hda8 1098 2314 9775521 83 Linux
/dev/hda9 2315 2339 200781 83 Linux
/dev/hda10 2340 2364 200781 83 Linux
/dev/hda11 2365 2389 200781 83 Linux
/dev/hda12 2390 2426 297171 83 Linux
47
[root@client24 ~]# pvcreate /dev/hda12
Physical volume "/dev/hda12" successfully created
To extend the volume group.
[root@client24 ~]# vgextend vg1 /dev/hda12
Volume group "vg1" successfully extended
[root@client24 ~]# vgdisplay
--- Volume group ---
VG Name vg1
System ID
Format lvm2
Metadata Areas 4
Metadata Sequence No 5
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 4
Act PV 4
VG Size 864.00 MB
PE Size 4.00 MB
Total PE 216
Alloc PE / Size 0 / 0
Free PE / Size 216 / 864.00 MB
VG UUID P1zXt6-yBWW-SoUq-ZeF1-K7pf-Z69D-GVz8Up
48
Backups
Create a folder
[root@client24 myfolder]# mkdir /myfolder
[root@client24 ~]# cd /myfolder/
[root@client24 myfolder]# mkdir dir1
[root@client24 myfolder]#touch 1 test_file tom_file
[root@client24 myfolder]# ls
1 dir1 test_file tom_file
Use the tar command to tape archive the folder.
[root@client24 ~]# tar -cvf myfolder.tar /myfolder
tar: Removing leading `/' from member names
/myfolder/
/myfolder/dir1/
/myfolder/tom_file
/myfolder/test_file
/myfolder/1
[root@client24 ~]# ls -ld myfolder.tar
-rw-r--r-- 1 root root 10240 Jul 13 03:07 myfolder.tar
To zip the tar file.
[root@client24 ~]# gzip myfolder.tar
[root@client24 ~]# ls -ld myfolder.tar.gz
-rw-r--r-- 1 root root 264 Jul 13 03:07 myfolder.tar.gz
To unzip the tar file
[root@client24 ~]# gunzip myfolder.tar.gz
[root@client24 ~]# ls -ld myfolder.tar
-rw-r--r-- 1 root root 10240 Jul 13 03:07 myfolder.tar
[root@client24 ~]# rm myfolder.tar
rm: remove regular file `myfolder.tar'? y
49
To create a tar file with zip
[root@client24 ~]# tar -cvzf myfolder.tar.gz /myfolder
tar: Removing leading `/' from member names
/myfolder/
/myfolder/dir1/
/myfolder/tom_file
/myfolder/test_file
/myfolder/1
[root@client24 ~]# ls -ld myfolder.tar.gz
-rw-r--r-- 1 root root 251 Jul 13 03:09 myfolder.tar.gz
To view the contents of the tar file without extracting.
[root@client24 ~]# tar -tvzf myfolder.tar.gz
drwxrwxrwx root/root 0 2008-07-13 01:31:34 myfolder/
drwxr-xr-x root/root 0 2008-07-13 01:28:39 myfolder/dir1/
-rw-r--r-- tom/joy 12 2008-07-13 01:29:51 myfolder/tom_file
-rw-rw-rw- root/root 0 2008-07-13 00:06:35 myfolder/test_file
-rw-r--r-- tom/joy 0 2008-07-13 01:31:34 myfolder/1
[root@client24 ~]# rm -r /myfolder
rm: descend into directory `/myfolder'? y
rm: remove directory `/myfolder/dir1'? y
rm: remove regular file `/myfolder/tom_file'? y
rm: remove regular empty file `/myfolder/test_file'? y
rm: remove regular empty file `/myfolder/1'? y
rm: remove directory `/myfolder'? y
[root@client24 ~]# cd /
To extract the tar file.
[root@client24 /]# tar -xvzf /root/myfolder.tar.gz
myfolder/
myfolder/dir1/
myfolder/tom_file
myfolder/test_file
myfolder/1
[root@client24 /]# ls -ld myfolder
drwxrwxrwx 3 root root 4096 Jul 13 01:31 myfolder
[root@client24 /]# ls /myfolder/
1 dir1 test_file tom_file
[root@client24 ~]# cd /myfolder/
50
To copy files to archive.
[root@client24 myfolder]# ls | cpio -ov > myfolder.cpio
1
dir1
myfolder.cpio
test_file
tom_file
1 block
[root@client24 myfolder]# ls
1 dir1 myfolder.cpio test_file tom_file
[root@client24 myfolder]# ls
1 dir1 myfolder.cpio test_file tom_file
[root@client24 myfolder]# rm -r *
rm: remove regular empty file `1'? y
rm: remove directory `dir1'? y
rm: remove regular file `myfolder.cpio'? n
rm: remove regular empty file `test_file'? y
rm: remove regular file `tom_file'? y
To copy files from archive.
[root@client24 myfolder]# cpio -iv < myfolder.cpio
1
dir1
cpio: myfolder.cpio not created: newer or same age version exists
myfolder.cpio
test_file
tom_file
1 block
[root@client24 myfolder]# ls
1 dir1 myfolder.cpio test_file tom_file
[root@client24 ~]# cat > test
test file for scp
51
Copy the test file to a remote systems /root directory
[root@client24 ~]# scp -r test 192.168.0.23:/root/
[email protected]'s password:
test
100% 18 0.0KB/s 00:00
[root@client24 ~]# rm test
rm: remove regular file `test'? y
Copy the file on a remote systems to the /root/test directory
[root@client24 ~]# scp -r 192.168.0.23:/root/test .
[email protected]'s password:
test
100% 18 0.0KB/s 00:00
[root@client24 ~]# ls -ld test
-rw-r--r-- 1 root root 18 Jul 13 03:27 test
Scheduling using at command
[root@client24 ~]# at 5:30
at> mkdir dir1
at> <EOT>
job 2 at 2008-07-13 05:30
To view the at queues
[root@client24 ~]# atq
2 2008-07-13 05:30 a root
To remove the queue
[root@client24 ~]# atrm 2
52
Boot Process Practical
To view the default runlevel on boot
[root@client24 ~]# vi /etc/inittab
id:5:initdefault: line no 18
To view the present runlevel
[root@client24 ~]# runlevel
N 5
To switch to another runlevel
[root@client24 ~]# init 3
[root@client24 ~]# init 0
[root@client24 ~]# init 1
[root@client24 ~]# init 6
To view the grub configuration file
[root@client24 ~]# cat /boot/grub/grub.conf
To view the status of the services in all runlevels.
[root@client24 ~]# chkconfig --list
[root@client24 ~]# chkconfig --list kudzu
kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off
To set the status of a service
[root@client24 ~]# chkconfig bluetooth on
[root@client24 ~]# chkconfig --list bluetooth
bluetooth 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@client24 ~]# chkconfig bluetooth off
bluetooth 0:off 1:off 2:off 3:off 4:off 5:off
6:off
[root@client24 ~]# service bluetooth restart
53
Installation of Packages through RPM or YUM
If you want to install from CD or DVD go to packages location generally
in /media/CDROM/Server
To install from NFS server where NFS server's IP is 192.168.0.250 and
share folder is /var/ftp/pub/Server mount the share at client side .
[root@client mnt]# mount 192.168.0.250:/var/ftp/pub/Server /mnt
[root@client mnt]# mount
[root@client mnt]# cd /mnt
[root@client mnt]# ls
To install packages
[root@client mnt]# rpm -i samba* vsftpd*
[root@client mnt]# rpm -iv samba* vsftpd*
[root@client mnt]# rpm -iv samba* vsftpd* --force
[root@client mnt]# rpm -ivh samba* vsftpd* --force
To remove the packages
[root@client mnt]# rpm -e vsftpd
[root@client mnt]# rpm -e vsftpd
[root@client mnt]# rpm -e samba --nodeps
To query the packages
[root@client mnt]# rpm -qa
[root@client mnt]# rpm -qa | sort | less
[root@client mnt]# rpm -q samba
[root@client mnt]# rpm -qa samba*
[root@client mnt]#
[root@client mnt]# rpm -qi samba
[root@client mnt]# rpm -ql samba
[root@client mnt]# rpm -qd samba
[root@client mnt]# rpm -qc samba
[root@client mnt]# rpm -qs samba
54
Installing through yum
Creating a repository at server side where all rpms are copied
[root@client ~]# cd /var/ftp/pub/Server
[root@client Server]# rpm -ivh createrepo-0.4.4-2.fc6.noarch.rpm --
force
Remove the old repodata
[root@client Server]# rm -rf repodata/
Create a new repodata
[root@client Server]# createrepo -g /media/cdrom/Server/repodata/comps-
rhel5-server-core.xml .
[root@client Server]# cd
[root@client ~]#
At client side edit the yum configuration file, provide the path of
repository
[root@client ~]# vi /etc/yum.repos.d/rhel-debuginfo.repo
[core]
name= Linux $releasever - $basearch - Debug
baseurl=ftp://192.168.0.250/pub/Server
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rp
:wq!
Installing through yum
[root@client ~]# yum list
[root@client ~]# yum list installed
[root@client ~]# yum list installed samba*
[root@client ~]# yum install vsftpd* samba*
[root@client ~]# yum remove vsftpd* samba*
[root@client ~]# yum grouplist
[root@client ~]# yum groupinstall "Mail Server"
[root@client ~]# yum groupremove "Mail Server"
[root@client ~]# cd /media/cdrom/Server
[root@client ~]# yum localinstall vsftpd*
55
Introduction to Networking
To set the hostname temporarily
[root@station9 ~]# hostname station9.example.com
To view the hostname
[root@station9 ~]# hostname
station9.example.com
Set hostname permanently
[root@station9 ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=station9.example.com
:wq!
Set ip address temporarily
[root@station9 ~]# ifconfig eth0 192.168.0.9 netmask 255.255.255.0
View the interfaces.
[root@station9 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:13:20:B7:1D:44
inet addr:192.168.0.9 Bcast:192.168.0.255
Mask:255.255.255.0
inet6 addr: fe80::213:20ff:feb7:1d44/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48153 errors:4 dropped:0 overruns:0 frame:4
TX packets:21992 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:39512670 (37.6 MiB) TX bytes:1720318 (1.6 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1249 errors:0 dropped:0 overruns:0 frame:0
TX packets:1249 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1285258 (1.2 MiB) TX bytes:1285258 (1.2 MiB)
56
Set permanent ip address
[root@station9 ~]# netconfig
Select yes and press the enter key
Press tab and select the text box for IP address
Enter the new IP address similarly enter the subnet mask, default
gateway and primary nameserver.
Select OK and press enter.
Restart the service to activate the new ip address
[root@station9 ~]# service network restart
[root@station9 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:13:20:B7:1D:44
inet addr:192.168.0.9 Bcast:192.168.0.255
Mask:255.255.255.0
inet6 addr: fe80::213:20ff:feb7:1d44/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48173 errors:4 dropped:0 overruns:0 frame:4
TX packets:22001 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:39514528 (37.6 MiB) TX bytes:1720864 (1.6 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1249 errors:0 dropped:0 overruns:0 frame:0
TX packets:1249 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1285258 (1.2 MiB) TX bytes:1285258 (1.2 MiB)
[root@station9 ~]# netconfig --device eth0:1
[root@station9 ~]# service network restart
[root@station9 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:13:20:B7:1D:44
inet addr:192.168.0.9 Bcast:192.168.0.255
Mask:255.255.255.0
inet6 addr: fe80::213:20ff:feb7:1d44/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48749 errors:4 dropped:0 overruns:0 frame:4
TX packets:22678 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:39873471 (38.0 MiB) TX bytes:1802196 (1.7 MiB)
eth0:1 Link encap:Ethernet HWaddr 00:13:20:B7:1D:44
inet addr:192.168.1.9 Bcast:192.168.1.255
57
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1249 errors:0 dropped:0 overruns:0 frame:0
TX packets:1249 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1285258 (1.2 MiB) TX bytes:1285258 (1.2 MiB)
To set or view the network parameters.
[root@station9 ~]# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: Yes
Speed: 100Mb/s
Duplex: Full
Port: MII
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: g
Wake-on: g
Current message level: 0x00000007 (7)
Link detected: yes
[root@station9 ~]# ifup eth0
[root@station9 ~]# ifdown eth0
[root@station9 ~]# cd /etc/sysconfig/network-scripts/
[root@station9 network-scripts]# ls
ifcfg-eth0 ifdown-isdn ifup-ipsec ifup-routes
ifcfg-eth0:1 ifdown-post ifup-ipv6 ifup-sit
ifcfg-lo ifdown-ppp ifup-ipx ifup-sl
ifdown ifdown-sit ifup-isdn ifup-wireless
ifdown-aliases ifdown-sl ifup-plip init.ipv6-global
ifdown-ippp ifup ifup-plusb network-functions
ifdown-ipsec ifup-aliases ifup-post network-functions-ipv6
ifdown-ipv6 ifup-ippp ifup-ppp
58
[root@station9 network-scripts]# cat ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.9
NETMASK=255.255.255.0
GATEWAY=192.168.0.254
[root@station9 network-scripts]# cat ifcfg-eth0:1
DEVICE=eth0:1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.9
NETMASK=255.255.255.0
GATEWAY=192.168.1.254
[root@station9 network-scripts]#
59
Configuration of NFS Server
NFS Server is used to share the folder among Linux/Unix to Linux/Unix
systems.
Step 1 ) CHECK & INSTALL PACKAGES
[root@nfs ~]# rpm -qa | grep nfs
or
[root@nfs ~]# yum list installed | grep nfs
[root@nfs ~]# yum remove nfs* -y
Method 1) Installing through rpm
[root@nfs ~]# mkdir /mnt
[root@nfs ~]# mount 192.168.0.250:/var/ftp/pub/Server /mnt
[root@nfs ~]# mount
[root@nfs ~]# cd /mnt
[root@nfs mnt]# ls
[root@nfs mnt]# rpm -ivh nfs* --force
Method 2 )Installing through yum
[root@nfs mnt]# yum install nfs* -y
Step 2) Create the resources (Files/Folders) to be shared
[root@nfs ~]# mkdir /var/zoom
[root@nfs ~]# mkdir /var/salesdept
[root@nfs salesdept]# chmod 777 /var/zoom
[root@nfs salesdept]# chmod 777 /var/salesdept/
[root@nfs ~]# cd /var/zoom/
[root@nfs zoom]# touch zfa.txt zfb.txt zfc.txt
[root@nfs zoom]# mkdir zdira zdirb zdirc
[root@nfs zoom]# ls
[root@nfs zoom]# cd /var/salesdept
[root@nfs salesdept]# touch sfa.txt sfb.txt sfc.txt
[root@nfs salesdept]# mkdir sda sdb sdc
60
[root@nfs salesdept]# ls -l
Step 3) Add the entries of folders to be shared in /etc/exports file
[root@nfs ~]# vi /etc/exports
/var/zoom 192.168.0.0/255.255.255.0(ro,async)
/var/salesdept 192.168.0.10(rw,sync) 192.168.0.20(rw,async)
:wq!
Step 4 ) Start the Services
[root@nfs ~]# service nfs restart
Step 5) Check the list of shares form NFS server
Syntax : showmount -e <nfs_server_name/ip>
[root@nfs ~]# showmount -e 192.168.0.4
61
Client Side Configuration
To see the list of shares from NFS server
[root@client ~]# ssh 192.168.0.Y
Where Y is any Client IP
[root@client ~]# showmount –e 192.168.0.X
Where X is NFS server IP
[root@client ~]# mkdir /misc/nfs1 /misc/nfs2
[root@client ~]# mount 192.168.0.X:/var/zoom /misc/nfs1
[root@client ~]# mount 192.168.0.X:/var/salesdept /misc/nfs2
[root@client ~]# mount
[root@client ~]# ls /misc/nfs1
[root@client ~]# ls /misc/nfs2
62
Configuration of FTP Server
Step 1) CHECK & INSTALL PACKAGES
[root@mail ~]# rpm -qa | grep vsftpd
[root@mail ~]# yum remove vsftpd* -y
[root@mail ~]# rm -r /etc/vsftpd*
[root@mail ~]# yum install vsftpd* -y
Step 2) Create the resources on ftp server (file/folders & users)
[root@mail ~]# useradd tom
[root@mail ~]# useradd joy
[root@mail ~]# passwd tom
[root@mail ~]# passwd joy
Create or Copy some files inside /var/ftp/pub
[root@mail ~]# cd /var/ftp/pub
[root@mail pub]# touch fa.txt fb.txt music.mp3
[root@mail pub]# ls
Create a Upload folder for anonymous users
[root@mail pub]# mkdir /var/ftp/zoomupload
[root@mail pub]# chmod 777 /var/ftp/zoomupload
NOTE : Create a .message file in a folder to display the message on
entering the zoomupload folder.
[root@mail zoomupload]# cat > /var/ftp/zoomupload/.message
This is an Upload Directory For Anonymous
[root@mail zoomupload]#
Step 3) Edit the Main Configuration File
63
[root@mail ~]# vi /etc/vsftpd/vsftpd.conf
12 anonymous_enable=YES
15 local_enable=YES
27 anon_upload_enable=YES
35 dirmessage_enable=YES
83 ftpd_banner=Welcome to Zoom Linux.
:wq!
Step 4 )
To block the ftp server users (for eg:-- joy) write the user name in
/etc/vsftpd/ftpusers
[root@mail ~]# vi /etc/vsftpd/ftpusers
joy
:wq!
Step 5) Start the service
[root@mail ~]# service vsftpd restart
64
Client Side Configuration
ftp Clients
ftp
gftp
browser
[root@client ~]# ftp 192.168.0.253
Name (192.168.0.253:root): ftp
331 Please specify the password.
Password:
230 Login successful.
ftp> ls
drwxr-xr-x 3 0 0 4096 Jul 11 20:44 pub
drwxrwxrwx 2 0 0 4096 Jul 11 21:05 zoomupload
To download a single/multiple file use get/mget command
ftp> cd pub
ftp> ls
-rw-r--r-- 1 0 0 0 Jul 11 20:42 fa.txt
-rw-r--r-- 1 0 0 0 Jul 11 20:42 fb.txt
-rw-r--r-- 1 0 0 0 Jul 11 20:42 music.mp3
ftp> get <download file name>
TO upload a single/multiple file use put/mput command
ftp> pwd
ftp> cd ..
ftp> cd zoomupload
ftp> pwd
ftp> mput <upload file name>
ftp> ls
ftp> bye
65
Configuration of Samba Server
It is used to share the files/folders between Linux/Unix to Windows and
vice versa.
Step 1) CHECK & INSTALL PACKAGES
[root@smb ~]# rpm -qa | grep samba
OR
[root@smb ~]# yum list installed | grep samba
[root@smb ~]# yum remove samba* -y
[root@smb ~]# rm -r /etc/samba*
[root@smb ~]# yum install samba* -y
Step 2) Create the resources on Samba server (file/folders & users)
[root@smb ~]# useradd tom
[root@smb ~]# useradd joy
[root@smb ~]# passwd tom
[root@smb ~]# passwd joy
Create or Copy some files inside /var/zoom
[root@smb ~]# mkdir /var/zoom
[root@smb ~]# chmod 777 /var/zoom
[root@smb ~]# cd /var/zoom
[root@smb zoom ]# touch fa.txt fb.txt music.mp3
[root@smb zoom ]# ls
Step 3) Edit the Main Configuration File
[root@smb ~]# vi /etc/samba/smb.conf
# Go to end of file copy last 8 lines 8yy and press p to paste
[salesshare]
comment = This share is for sales dept
path = /var/zoom
valid users = tom joy
public = no
writable = yes
printable = no
create mask = 0765
:wq!
66
Step 4) Provide a separate samba password for samba users.
[root@smb ~]# smbpasswd -a tom
[root@smb ~]# smbpasswd -a joy
Step 5 ) Check the syntax of configuration file
[root@smb ~]# testparm
Step 6 ) Start the services
[root@smb ~]# service smb restart
67
Client Side Configuration
Scenario 1) Windows as client for Linux Samba Server
Login to windows pc from Linux by using rdesktop command where windows
ip is 192.168.0.16 and samba server’s ip is 192.168.0.253
[root@smb ~]# rdesktop 192.168.0.16 &
Login to windows machine
Click on start button
Run
open [ \\ip\sharename ]
eg. [ \\192.168.0.100\sharename ]
provide samba username & password
Scenario 2) Linux as client for Linux Samba Server
To see the list linux Samba Server in network
[root@client ~]# findsmb
To see the list of Shares on Samba Server
[root@client ~]# smbclient -L //192.168.0.253
Method 1) By mounting
[root@client ~]# mount //192.168.0.253/salesshare /mnt -o
username=tom
Password:
[root@client ~]# mount
[root@client ~]# cd /mnt
[root@client mnt]# ls
68
Method 2) By smbclient method
Use put and get commands to upload and download respectively.
[root@client ~]# smbclient //192.168.0.253/salesshare -U tom
Password:
Domain=[SMB] OS=[Unix] Server=[Samba 3.0.23c-2]
smb: \> ls
. D 0 Sat Jul 12 03:29:30
2008
.. D 0 Sat Jul 12 03:28:54
2008
fa.txt 0 Sat Jul 12 03:29:30
2008
music.mp3 0 Sat Jul 12 03:29:30
2008
fb.txt 0 Sat Jul 12 03:29:30
2008
61755 blocks of size 16384. 52294 blocks available
smb: \> exit
[root@client ~]#
Scenario 3) Linux as client for Windows [ IP=192.168.0.16 ]
In windows the shared folders are windir1 windir2 and the users are
winu1 winu2
Method 1) By mounting
[root@client ~]# mount //192.168.0.16/windir1 /mnt -o username=winu1
Password:
[root@client ~]# mount
[root@client ~]# cd /mnt
[root@client mnt]# ls
Method 2) By smbclient method
Use put and get commands to upload and download respectively.
[root@client ~]# smbclient //192.168.0.16/windir2 -U winu1
Password:
smb: \> ls
smb: \> help
smb: \> exit
[root@client ~]#
69
Configuration of Master DNS Server
Current DNS Master IP is 192.168.0.1
Current DNS Slave IP is 192.168.0.2
Step 1: CHECK IP & HOST ENTRIES
[root@client ~]# ifconfig
[root@client ~]# netconfig
[root@client ~]# service network restart
[root@client ~]# ping 192.168.0.0 -b
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=masterdns.zoom.com
:wq!
[root@client ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.1 masterdns.zoom.com masterdns
:wq!
[root@client ~]# hostname masterdns.zoom.com
[root@client ~]# hostname
masterdns.zoom.com
* NOW LOG OFF & LOG IN *
Step 2 : CHECK & INSTALL THE PACKAGES
[root@masterdns ~]# rpm -qa | egrep -i "bind|caching"
Or
[root@masterdns ~]# yum list installed | egrep -i "bind|caching"
[root@masterdns ~]# yum remove bind* caching* -y
[root@masterdns ~]# rm -r /etc/named*
[root@masterdns ~]# rm -rf /var/named*
Now Install the packages
[root@masterdns ~]# yum install bind* cach* -y
70
Step 3a) Edit Main Configuration File 1
[root@masterdns ~]# vi /etc/named.caching-nameserver.conf
listen-on port 53 { 127.0.0.1; 192.168.0.1; }; ## line no 15
allow-query { localhost; 192.168.0.0/24; }; ## line no 23
match-clients { localhost; 192.168.0.0/24; }; ## line no 32
:wq!
Step 3b) Edit Main Configuration File 2
[root@masterdns ~]# vi /etc/named.rfc1912.zones
#Copy the sample script forward/reverse zone by pressing 12yy & paste press p
zone "localhost" IN { ## 12yy
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
##p
zone "zoom.com" IN {
type master;
file "zoom.for";
allow-update { 192.168.0.2; }; ## Slaves IP
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "zoom.rev";
allow-update { 192.168.0.2; }; ## Slaves IP
};
:wq!
Step 4) Create FORWARD ZONE & REVERSE ZONE
[root@masterdns ~]# cd /var/named/chroot/var/named/
[root@masterdns named]# ls
[root@masterdns named]# cp -p localhost.zone zoom.for
[root@masterdns named]# cp -p named.local zoom.rev
[root@masterdns named]# ll
71
EDIT THE FORWARD ZONE FILE
[root@masterdns named]# vi zoom.for
$TTL 86400
@ IN SOA masterdns.zoom.com. root.zoom.com. (
42 ; serial (d.
adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS masterdns.zoom.com.
IN NS slavedns.zoom.com.
masterdns IN A 192.168.0.1
slave IN A 192.168.0.2
nfs IN A 192.168.0.10
ftp IN A 192.168.0.11
smb IN A 192.168.0.12
mail IN A 192.168.0.15
zoom.com IN MX 4 mail
web IN A 192.168.0.20
www IN CNAME web
sales1 IN A 192.168.0.21
mark1 IN A 192.168.0.22
adm1 IN A 192.168.0.23
:wq!
[root@masterdns named]#
72
EDIT THE REVERESE ZONE FILE
[root@masterdns named]# vi zoom.rev
$TTL 86400
@ IN SOA masterdns.zoom.com. root.zoom.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS masterdns.zoom.com.
IN NS slavedns.zoom.com.
1 IN PTR masterdns.zoom.com.
2 IN PTR slavedns.zoom.com.
10 IN PTR nfs.zoom.com.
11 IN PTR ftp.zoom.com.
12 IN PTR smb.zoom.com.
15 IN PTR mail.zoom.com.
20 IN PTR web.zoom.com.
21 IN PTR sales1.zoom.com.
22 IN PTR mark1.zoom.com.
23 IN PTR adm1.zoom.com.
:wq!
[root@masterdns named]#
Step 5 ) Check Syntax errors of Configuration file & Zone file
# To check configuration file syntax errors
[root@localhost ~]# named-checkconf /etc/named.caching-nameserver.conf
[root@localhost ~]# named-checkconf /etc/named.rfc1912.zones
# To check ZONE file syntax errors
[root@localhost ~]# named-checkzone zoom.com
/var/named/chroot/var/named/zoom.for
[root@localhost ~]# named-checkzone zoom.com
/var/named/chroot/var/named/zoom.rev
Step 6 ) START THE SERVICES
[root@masterdns named]# service named restart
73
Step 7 ) Provide the IP OF Master DNS
[root@masterdns named]# vi /etc/resolv.conf
nameserver 192.168.0.1
:wq!
Step 8) Check the resolution
[root@masterdns named]# dig masterdns.zoom.com
[root@masterdns named]# dig slavedns.zoom.com
[root@masterdns named]# dig nfs.zoom.com
[root@masterdns named]# dig sales1.zoom.com
[root@masterdns named]# dig -x 192.168.0.1
[root@masterdns named]# dig -x 192.168.0.2
[root@masterdns named]# dig -x 192.168.0.3
74
CONFIGURATION OF SLAVE DNS
Step 1: CHECK IP & HOST ENTRIES
[root@client ~]# ifconfig
[root@client ~]# netconfig
[root@client ~]# service network restart
[root@client ~]# ping 192.168.0.0 -b
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=slavedns.zoom.com
:wq!
[root@client ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.2 slavedns.zoom.com slavedns
:wq!
[root@client ~]# hostname slavedns.zoom.com
[root@client ~]# hostname
slavedns.zoom.com
* NOW LOG OFF & LOG IN *
Step 2 : CHECK & INSTALL THE PACKAGES
[root@slavedns ~]# rpm -qa | egrep -i "bind|caching"
Or
[root@slavedns ~]# yum list installed | egrep -i "bind|caching"
[root@slavedns ~]# yum remove bind* caching*
[root@slavedns ~]# rm /etc/named*
[root@slavedns ~]# rm -rf /var/named*
Now Install the packages
[root@slavedns ~]# yum install bind* cach*
75
Step 3a) Edit MAIN CONFIGURATION FILE
[root@slavedns ~]# vi named.caching-nameserver.conf
listen-on port 53 { 127.0.0.1; 192.168.0.2; }; ## line no 15
allow-query { localhost; 192.168.0.0/24; }; ## line no 23
match-clients { localhost; 192.168.0.0/24; }; ## line no 32
:wq!
Step 3b) Edit Main Configuration File 2
[root@slavedns ~]# vi /etc/named.rfc1912.zones
zone "zoom.com" IN {
type slave;
file "slaves/fzoom";
masters { 192.168.0.1; }; ## Master DNS IP
};
zone "0.168.192.in-addr.arpa" IN {
type slave;
file "slaves/rzoom";
masters { 192.168.0.1; }; ## Master DNS IP
};
:wq!
[root@slavedns ~]# cd /var/named/chroot/var/named/slaves
[root@slavedns slaves]# ls
[root@slavedns slaves]# service named restart
After starting the service automatically the zone files will be
replicated at the slave side from master.
[root@slavedns slaves]# ls
fzoom rzoom
[root@slavedns etc]# vi /etc/resolv.conf
# Only provide Slaves DNS IP
nameserver 192.168.0.2
[root@slavedns ~]# service named restart
[root@slavedns ~]# dig slavedns.zoom.com
[root@slavedns ~]# dig masterdns.zoom.com
Note : Add an entry in forward zone file at master side and increase
serial number then start service
Check the updates at slave dns
76
Client Side Configuration
Provide the IP of DNS in following file
Note : /etc/resolv.conf supports maximun 3 DNS entries
[root@client ~]# vi /etc/resolv.conf
nameserver 192.168.0.1
nameserver 192.168.0.2
:wq!
[root@client]# dig masterdns.zoom.com
[root@client]# dig slavedns.zoom.com
[root@client]# dig nfs.zoom.com
[root@client]# dig sales1.zoom.com
[root@client]# dig -x 192.168.0.1
[root@client]# dig -x 192.168.0.2
[root@client]# dig -x 192.168.0.3
[root@client]# ping masterdns.zoom.com
[root@client]# ping slavedns.zoom.com
77
Configuring APACHE WEB Server ( Apache )
Part One
Configuring a Single Site with www.zoom.com name at IP 192.168.0.X
Step 1) Host Entries
To Check the web server running at Server machine add the entry in
/etc/hosts file
[root@web ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.X www.zoom.com
:wq!
Step 2 ) CHECK & INSTALL PACKAGES
[root@station4 ~]# rpm -qa | grep httpd
or
[root@station4 ~]# yum list installed | grep httpd
[root@station4 ~]# yum remove httpd* -y
Method 1 :
Installing through rpm
[root@station4 ~]# mkdir /mnt
[root@station4 ~]# mount 192.168.0.250:/var/ftp/pub/Server /mnt
[root@station4 ~]# mount
[root@station4 ~]# cd /mnt
[root@station4 mnt]# ls
[root@station4 mnt]# rpm -ivh httpd* --force
Method 2 :
Installing through yum
[root@station4 pkgs]# yum install httpd* -y
Step 3) Edit the Main Configuration File
[root@web ~]# vi /etc/httpd/conf/httpd.conf
ServerAdmin [email protected] ## 250 recives mail generated by apache
server
ServerName www.zoom.com:80 ## 264 name of web sit
DocumentRoot "/var/www/html" ## 280 web pages folder
DirectoryIndex zoom.html ## 390 index or home pages
:wq!
78
Step 4 ) Create the resource
Create index or home html file in DocumentRoot folder i.e
/var/www/html
[root@web ~]# cd /var/www/html
[root@web ~]# vi zoom.html
<html>
<body bgcolor=yellow>
<marquee> <h1> THIS IS ZOOM TECHNOLOGIES </h1></marquee>
<h6> THIS IS ZOOM TECHNOLOGIES </h6>
</body>
</html>
Step 5) START THE SERVICE
[root@web ~]# service httpd restart
Step 6 ) Open the Browser & type
http://www.zoom.com
or
http://192.168.0.X
79
Part TWO
Configuring a Multiple Site i.e Virtual Hosting
We are going to host four sites
www.zoom.com ,www.yahoo.com, www.google.com,
www.rediff.com
1) NameBased : multiple site on single on IP 192.168.0.X1
www.zoom.com ,www.yahoo.com, www.google.com
2) Port Based: www.google.com at port 5000
3) IP BASED : 192.168.0.X2
Step 1) Host Entries
To Check the web server running at Server machine add the entry
/etc/hosts file
[root@web ~]# ifconfig
Assigning default IP
[root@web ~]# netconfig
Assigning a Virtual IP
[root@web ~]# netconfig --device eth0:1
[ ] Use dynamic IP configuration (BOOTP/DHCP)
IP address: 192.168.0.X2_____
Netmask: 255.255.255.0___
Default gateway (IP): 192.168.0.254___
Primary nameserver: 192.168.0.1_____
OK Back
[root@web ~]# service network restart
[root@web ~]# ifconfig
[root@web ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.X1 www.zoom.com
192.168.0.X1 www.yahoo.com
192.168.0.X1 www.google.com
192.168.0.X2 www.rediff.com
:wq!
Step 2 ) Repeat the Step 2 Part 1
80
Step 3) Edit the Main Configuration File
[root@web ~]# vi /etc/httpd/conf/httpd.conf
############ NAME BASED ######################
NameVirtualHost 192.168.0.X1:80
<VirtualHost 192.168.0.X1:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/zoom
ServerName www.zoom.com
DirectoryIndex zoom.html
</VirtualHost>
<VirtualHost 192.168.0.X1:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/yahoo
ServerName www.yahoo.com
DirectoryIndex yahoo.html
</VirtualHost>
############ PORT BASED ######################
Listen 5000
<VirtualHost 192.168.0.X1:5000>
ServerAdmin [email protected]
DocumentRoot /var/www/html/google
ServerName www.google.com
DirectoryIndex google.html
</VirtualHost>
############ NAME BASED ######################
############ IP BASED ######################
<VirtualHost 192.168.0.X2:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/rediff
ServerName www.rediff.com
DirectoryIndex rediff.html
</VirtualHost>
########## To authenticate Web server i.e asking username & password
for www.yahoo.com ##########
<Directory /var/www.html/yahoo>
AuthName "zoomauth"
AuthUserFile /etc/httpd/conf/htpasswd
AuthType Basic
Require valid-user
</Directory>
:wq!
81
Step 4 ) Create the resource
Create DocumentRoot folder for each site
[root@web ~]# cd /var/www/html
[root@web ~]# mkdir zoom yahoo google rediff
Create index or home html file respective DocumentRoot folder
Similar to Step 4 part one
Step 5 ) Create a user & provide web password to access www.yahoo.com
site
[root@web ~]# useradd tom
[root@web ~]# htpasswd -c /etc/httpd/conf/htpasswd tom
Step 6) START THE SERVICES
[root@web ~]# service httpd restart
Step 7 ) Open the Browser & type
http://www.zoom.com
http://www.yahoo.com
http://www.google.com:5000
http://192.168.0.X2
Client Side Configurtion
Step 1 ) Provide the ip of DNS
Step 2 ) Open the Browser & type
http://www.zoom.com
http://www.yahoo.com
http://www.google.com:5000
http://192.168.0.X2
82
Configuration of PROXY SERVER
It is used to share the internet from one machine to several clients
Current Proxy server IP is 192.168.0.20
GateWay 192.168.0.254
DNS 200.200.200.200
Step 1a ): CHECK IP & HOST ENTRIES
[root@client ~]# ifconfig
[root@client ~]# netconfig
[ ] Use dynamic IP configuration (BOOTP/DHCP)
IP address: 192.168.0.20
Netmask: 255.255.255.0
Default gateway (IP): 192.168.0.254
Primary nameserver: 200.200.200.200
OK Back
[root@client ~]# service network restart
[root@client ~]# ping 192.168.0.0 -b
[root@client ~]# route -nv # Check Gateway IP
[root@client ~]# cat /etc/resolv.conf # Check DNS IP
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=proxy.zoom.com
:wq!
[root@client ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.20 proxy.zoom.com proxy
:wq!
[root@client ~]# hostname proxy.zoom.com
[root@client ~]# hostname
proxy.zoom.com
* NOW LOG OFF & LOG IN *
Step 1b) Now Open the Browser & Check Internet is comming on Proxy
Server
83
Step 2 : CHECK & INSTALL THE PACKAGES
[root@proxy ~]# rpm -qa squid*
or
[root@proxy ~]# yum list installed squid*
[root@proxy ~]# yum remove squid* -y
Now Install the packages
[root@proxy ~]# yum install squid* -y
Step 3) Edit Main Configuration File
[root@proxy ~]# vi /etc/squid/squid.conf
# I) To Configure squid as only Simple Proxy i.e Only For sharing
73 http_port 3128
2831 visible_hostname ZOOMPROXY
# II) To Configure squid as Caching Proxy i.e caching website in local
harddisk
993 cache_dir ufs /var/spool/squid 100 16 256
# III) To Configure squid as Proxy FireWall
# syntax for the firewall rule
# acl aclname acltype string1/file_name
2517 # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
2518
####################################################################
2519
2520 #create a rule for particular network
2521
2522 acl zoomlinuxnetwork src 192.168.0.0/24
2523
2524 #create a rule for blocking particular site say www.naukri.com
2525
2526 acl jobsite url_regex www.naukri.com
2527
2528 #create a rule for time duration
2529
2530 acl classtime time S M T W H F A
18:30-22:30
2531
2532 # http_access allow all
2533 http_access deny jobsite
2534 http_access deny classtime
2535 http_access allow zoomlinuxnetwork
2536
####################################################################
:wq!
84
Step 4) START THE SERVICE
[root@proxy ~]# service squid restart
Client Side Configuration
For proxy any Browser is a client i.e a client can be on server or any
other machine.
1) If a client is Firefox
Open Firefox
-> Edit
-> Preference
-> General
-> Connection Setting
->Manual Proxy configuration
->HTTP Proxy 192.168.0.X
Port 3128
Where X is the proxy servers IP
Now type the website names in locationbar
2) If a client is Internet Explorer
Open Internet Explorer
Tools
->Internet Options
->Connections
-> LAN Setting
->Proxy Server
-> Address 192.168.0.X
Port 3128
85
Configuration of MAIL Server
Mail server name is mail.zoom.com whose IP is 192.168.0.20
Step 1: CHECK IP & HOST ENTRIES
[root@client ~]# ifconfig
[root@client ~]# netconfig
[root@client ~]# service network restart
[root@client ~]# ping 192.168.0.0 -b
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=mail.zoom.com
:wq!
[root@client ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.20 mail.zoom.com mail
:wq!
[root@client ~]# hostname mail.zoom.com
[root@client ~]# hostname
mail.zoom.com
* NOW LOG OFF & LOG IN *
Step 2 : CHECK & INSTALL THE PACKAGES
[root@mail ~]# rpm -qa | egrep -i "sendmail|m4"
or
[root@mail ~]# yum list installed | egrep -i "sendmail|m4"
[root@mail ~]# yum remove sendmail* m4* -y
[root@mail ~]# rm -r /etc/mail*
Now Install the packages
[root@mail ~]# yum install sendmail* m4* -y
86
Step 3) Edit Main Configuration File
[root@mail ~]# vi /etc/mail/sendmail.mc
116 dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
155 LOCAL_DOMAIN(`mail.zoom.com')dnl
:wq!
Step 4) Compile the file
[root@mail ~]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Step 5 ) Start the service
[root@mail ~]# service sendmail restart
Step 6 ) Create users & test the mail at command prompt by mail client
utility.
[root@mail ~]# useradd tom
[root@mail ~]# useradd joy
[root@mail ~]# passwd tom
[root@mail ~]# passwd joy
Switch to a user tom and sendmail a mail to joy
[root@mail ~]# su - tom
[tom@mail ~]$ mail [email protected]
Subject: test mail from tom
he hello
test mail from tom
mail test 1
. ## New row first column type dot (.) To end the
message
[tom@mail ~]$
[tom@mail ~]$ exit
87
Switch to a user joy & check the mails
[root@mail ~]# su - joy
[joy@mail ~]$
Type mail and see the output as below
[joy@mail ~]$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/joy": 1 message 1 new
>N 1 [email protected] Sat Jul 12 04:54 19/601 "test mail from
tom"
& 1
Message 1:
From [email protected] Sat Jul 12 04:54:18 2008
Date: Sat, 12 Jul 2008 04:51:38 -0400
From: [email protected]
Subject: test mail from tom
he hello
test mail from tom
mail test 1
& x
You have mail in /var/spool/mail/joy
[joy@mail ~]$ exit
88
Configuration of Squirrelmail
Squirrelmail is used to integrate sendmail with front end interface so
that a user can logging through browser.
Install all require packages for squirrelmail along with there
dependency.
[root@mail ~]# yum install httpd* perl-5* php* curl* dovecot* cyrus*
squirrelmail* -y
NOTE : If some packages files are missing it is better to reinstall the
packages by rpm command forcefully.
[root@mail ~]# mount 192.168.0.250:/var/ftp/pub/Server /mnt
[root@mail ~]# mount
[root@mail ~]# cd /mnt
[root@mail mnt]# ls
[root@mail mnt]# rpm -ivh httpd* perl-5* php* curl* dovecot* cyrus*
squirrelmail* --force
[root@mail ~]# service sendmail restart
[root@mail ~]# service httpd restart
[root@mail ~]# service dovecot restart
Or
[root@mail ~]# service cyrus-imapd restart
[root@mail ~]# service saslauthd restart
CLIENT SIDE CONFIGURATION
Step 1)
Provide the IP OF DNS.
[root@mail ~]# vi /etc/resolv.conf
nameserver 192.168.0.X
:wq!
Step 2)
Open the Browser and provide the following url.
http://mail.zoom.com/webmail
or
http://<ip_mailserver/webmail>
Provide UserName & Password
Name testuser
Password testuser
89
Configuration of NIS (Network Information Service)
Current NIS server IP is 192.168.0.20
Step 1: CHECK IP & HOST ENTRIES
[root@client ~]# ifconfig
[root@client ~]# netconfig
[root@client ~]# service network restart
[root@client ~]# ping 192.168.0.0 -b
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=nisserver.zoom.com
NISDOMAIN=zoom.com
:wq!
[root@client ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.20 nisserver.zoom.com nisserver
:wq!
[root@client ~]# nisdomainname zoom.com
[root@client ~]# hostname nisserver.zoom.com
[root@client ~]# hostname
nisserver.zoom.com
* NOW LOG OFF & LOG IN *
Step 2 : CHECK & INSTALL THE PACKAGES
[root@nisserver ~]# rpm -qa yp*
or
[root@nisserver ~]# yum list installed yp*
[root@nisserver ~]# yum remove yp* -y
[root@nisserver ~]# rm -r /var/yp*
Now Install the packages
[root@nisserver ~]# yum install yp* -y
90
Step 3) Edit Main Configuration File
[root@station9 ~]# vi /var/yp/Makefile
NOPUSH=true ## 23
all: passwd group hosts \ ## 109
:wq!
Step 4 ) Start the service
[root@station9 ~]# service ypserv restart
Step 5 ) Create NIS maps i.e NIS database
[root@station9 ~]# /usr/lib/yp/ypinit -m ## -m -->
master
NOTE : NIS database is stored in /var/yp
Step 6 ) Start the service so that NIS database get's Activated
[root@station9 ~]# service yppasswdd restart
Step 7) Create new users
[root@station9 ~]# useradd tom
[root@station9 ~]# useradd joy
[root@station9 ~]# passwd tom
[root@station9 ~]# passwd joy
Step 8)
If a new user/group/password's are created or modified, then the NIS
database has to be manually updated.
NOTE : Go to /var/yp & run a command make
[root@station9 ~]# cd /var/yp
[root@station9 ~]# ls
[root@station9 ~]# make
Step 9)
NOTE : If a database contents are modified then again restart services
[root@station9 ~]# service ypserv restart
[root@station9 ~]# service yppasswdd restart
91
Configuration of NFS with NIS
[root@nisserver ~]# yum install nfs* -y
[root@nisserver ~]# vi /etc/exports
/home 192.168.0.0/24(rw,sync)
:wq!
[root@nisserver ~]# service nfs restart
[root@nisserver ~]# showmount -e 192.168.0.X ## X is NFS
servers IP
CLIENT SIDE CONFIGURATION
Step 1: CHECK IP & HOST ENTRIES
[root@client ~]# ifconfig
[root@client ~]# netconfig
[root@client ~]# service network restart
[root@client ~]# ping 192.168.0.0 -b
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=nisclient.zoom.com
NISDOMAIN=zoom.com
:wq!
[root@client ~]# vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.1 nisclient.zoom.com nisclient
:wq!
[root@client ~]# nisdomainname zoom.com
[root@client ~]# hostname nisclient.zoom.com
[root@client ~]# hostname
nisclient.zoom.com
* NOW LOG OFF & LOG IN *
92
Step 2 ) Make the client Machine as Member of NIS-Server
[root@station20 ~]# authconfig-tui
Select [*] Use NIS
[ OK ]
Select
Domain => India.com
Server => 192.168.0.100
[root@station20 ~]# ypwhich
[root@station20 ~]# mount 192.168.0.20:/home /home
nisserver.zoom.com
[root@station20 ~]#
Now log in as a NIS server user
[root@station20 ~]# su - tom
[tom@station20 ~]$
93
Configuration of DHCP SERVER
Step 1 : CHECK & INSTALL THE PACKAGES
[root@dhcpserver ~]# rpm -qa dhcp-*
or
[root@dhcpserver ~]# yum list installed dhcp-*
[root@dhcpserver ~]# yum remove dhcp-* -y
Now Install the packages
[root@dhcpserver ~]# yum install dhcp-* -y
Step 2) copy the example file in configurartion file
[root@dhcpserver ~]# CP /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample
/etc/dhcpd.conf
Step 3) Edit Main Configuration File
[root@dhcpserver ~]# vi /etc/dhcpd.conf
4 subnet 192.168.0.0 netmask 255.255.255.0 { # Network ID
7 option routers 192.168.0.254; # GateWay or
Router IP
8 option subnet-mask 255.255.255.0;
10 option nis-domain "zoom.com"; # NIS DOMAIN
11 option domain-name "zoom.com"; # DNS DOMAIN
12 option domain-name-servers 192.168.0.1; # DNS IP
21 range dynamic-bootp 192.168.0.150 192.168.0.170; # Pool of IP
31 host nfs { # reservation of
IP
32 option host-name "nfs.zoom.com"; # OR
33 hardware ethernet aa:ab:56:78:AB:CD; # Mac binding
34 fixed-address 192.168.0.10;
35 }
36 host smb {
37 option host-name "smb.zoom.com";
38 hardware ethernet ad:ab:56:78:AB:CD;
39 fixed-address 192.168.0.15;
40 }
41 }
:wq
Step 4 ) START THE SERVICES
[root@dhcpserver ~]# service dhcpd restart
94
CLIENT SIDE CONFIGURATION
Step 1) Select the Dhcp in netconfig command
[root@client ~]# netconfig
Select
[*] Use dynamic IP Configuration ( BOOTP/DHCP)
Step 2) START THE SERVICES
[root@client ~]# service network restart
Step 3 ) Now Check wheather all the Entries are comming
[root@client ~]# ifconfig # to now IP
[root@client ~]# route -nv # to check GateWay
[root@client ~]# cat /etc/resolv.conf # to check DNS entries
[root@client ~]# nisdomainname # to check NisDomainName
[root@client ~]# hostname
NOTE : Host name will not come the /etc/sysconfig/network file should
have following entries ONLY
[root@client ~]# vi /etc/sysconfig/network
NETWORKING=yes
:wq!
Reboot the machine and check the entries
95
Troubleshooting
To Recover Root Password
Restart the PC while restarting press any key to get Grub Screen.
press 'e'
Select kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/1 kernel /
Again press 'e' to edit
Edit kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/1 '1'
press enter
press b to boot
At shell prompt type the commands
sh-3.00# passwd
2 )Assinging Grub Password
[root@server ~]# grub-md5-crypt >> /boot/grub/grub.conf
type the passwd ## these two entries will be not visible
Retype the passwd
[root@server ~]# vi /boot/grub/grub.conf
hiddenmenu
password --md5 < encryptedpasswd > ## Add this line
here
title Linux Server (2.6.18-8.el5)
:wq
3) Recovering Root or Grub password if both are forgotten
Boot from Bootable linux CD and type
boot : linux rescue
select keyboard-> select language ->select networking Y/N
sh-3.00# chroot /mnt/sysimage
sh-3.00# mount
sh-3.00# passwd # to remove root passwd
To remove GRUB password remove the encrypted password line from
/etc/grub/grub.conf
sh-3.00#
96
To Configure printer
[root@server ~]# system-config-priter &
To configure Modem
[root@server ~]# system-config-network &
Select Modem -> then type telephone number of the ISP provider
-> ISP name -> then username & password
To check or kill certain process ID's
[root@server ~]# ps -aux
[root@server ~]# kill <number of proccess>
[root@server ~]# kill -9 <number of process >
[root@server ~]# kill -9 <number of process > To Kill
forcefully
[root@server ~]# system-config-priter &
[root@server ~]# system-config-network &
[root@server ~]# ps -aux
[root@server ~]# kill <number of proccess>
[root@server ~]# kill -9 <number of process > To Kill
forcefully
To see the cpu & process status
[root@server ~]# top
To see the open port number
[root@server ~]# netstat -ant
To see the remote machine open port number
[root@server ~]# nmap <remote_IP>
To view how long the system is running
[root@server ~]# uptime
To view Process, Resources and File systems
[root@server ~]# gnome-system-monitor
To dump the traffic on the network
97
[root@server ~]# tcpdump -i eth0
To display or change Ethernet card settings
[root@server ~]# ethtool eth0
To view the traffic to the Ethernet card
[root@server ~]# iptraf
To Report RPC Information
[root@server ~]# rpcinfo -p
98
Configuration OF Webmin
Webmin is a GUI based tool to configure Linux System & Network
Administration
Download the file from internet or copy from any source media in side
/opt directory
[root@server ~]# cd /opt
[root@server opt]# ls
webmin-1.360.tar.gz
[root@server opt]# tar -xvzf webmin-1.360.tar.gz
[root@server opt]# ls
webmin-1.360 webmin-1.360.tar.gz
[root@server opt]# cd webmin-1.360
[root@server opt]# ls
[root@server opt]# ./setup.sh
1) Select the default options & provide your web admin password
2) Open the Browser
[root@server opt]# firefox http://localhost:10000 &
provide username & password and start configuration in GUI
Mode
To Change the admin passwd after webmin installation
[root@server opt]# cd webmin-1.360
[root@server webmin-1.360]# ./changepass.pl /etc/webmin/ admin admin
TO UNINSTALL WEBMIN
[root@server opt]# sh /etc/webmin/uninstall.sh
99
Configuration Of Kickstart File
Kickstart file is used to install the OS at client machine without
Providing the Entries which are asked during Installation.
Kickstart File should be available on the machine where the copy of O/S
DVD or CD is stored.
In our scenario the kickstart file is on machine 192.168.0.100 and copy
of CD or DVD is inside /var/ftp/pub
Step 1)
Copy all *.rpms from DVD/CD's in a folder /var/ftp/pub/Server/
Step 2)
Configure your machine as NFS,FTP & DHCP
Copy all rpms from DVD/CD's in a folder /var/ftp/pub/Server
[root@server ~]# yum install nfs* vsftpd* dhcpd* *kickstart* -y
[root@server ~]# vi /etc/exports
/var/ftp/pub 192.168.0.0/24(ro,async)
:wq!
[root@server ~]# service nfs restart
[root@server ~]# service vsftpd restart
[root@server ~]# service dhcpd restart
[root@server ~]# chkconfig nfs on
[root@server ~]# chkconfig vsftpd on
[root@server ~]# chkconfig dhcpd on
Step 3) Create the Kickstart File by using the following command.
[root@server ~]# system-config-kickstart &
Kickstart wizard will be opened then select the following options
Basic Configuration
Default Language => English (USA)
Keyboard => U.S english
Time Zone => Asia/Calcutta
Root Password => abc123
Confirm Password => abc123
Installation Method
Perform new installation
100
Select the install method
Ftp
ftp Server => 192.168.0.250
Ftp Directory => /pub
Or
Nfs
Nfs Server => 192.168.0.100
Nfs Directory => /var/ftp/pub
Boot Loader Option
Install new boot loader
Partition information
Create the required partition
/boot = 100 MB
/ = 2000 MB
/usr = 4000 MB
/var = 1000 MB
/home = 1000 Mb
swap = Double of RAm
Network Configuration
Select DHCP
Authentication
* Use shadow Passwords
* Use Md5
Firewall Configuration
Select Security Level => Disable firewall
Select SeLinux => Disable
Display Configuration
Select Configuration the X windows System
Color Depth = 24 Resolution 1024x768
Package Selection ( Select the following entries )
Desktop Environment
Gnome Desktop
Application
Editors
Graphical Internet
Text-based Internet
Base System
Select All packages
Save the file at /var/ftp/pub where the of linux o/s is copied.
And give the the name as
ksftp.cfg
or
ksnfs.cfg
Step 4 ) Go to /var/ftp/pub and give execute permission to kickstart
file
[root@server ~]# cd /var/ftp/pub
[root@server ~]# chmod +x *.cfg
101
Client Side configuration
Step 1)
Set the BIOS first Bootable Device as CDROM.
Step 2)
Take Linux RHEL5 Bootable CD and Boot.
Step 3)
Now at the Boot prompt Type following Commands.
boot : linux ks=nfs:192.168.0.X:/var/ftp/pub/ksn.cfg
OR
boot : linux ks=ftp://192.168.0.X/pub/ksf.cfg
Step 4 )
Once the installation Starts Remove the Bootable CD/DVD.
102
Configuration of iptables (Linux Firewalls)
Step 1) Check & Install the package
[root@firewall ~]# rpm –qa iptables*
OR
[root@firewall ~]# yum list installed iptables*
[root@firewall ~]# yum remove iptables* -y
[root@firewall ~]# yum install iptables* -y
Step 2 ) Start the Services
[root@firewall ~]# service iptables restart
To see the list of Rules in Filter Chain
[root@firewall ~]# iptables -L
Step 3 ) Create the Rules of filter Table
Note : All key words are Case Sensitive
To block the ping from system 192.168.0.23 to 192.168.0.24
[root@firewall ~]# iptables -I INPUT -p icmp -s 192.168.0.23 -d
192.168.0.24 -j REJECT
Note : REJECT will give the Acknowledgement
[root@firewall ~]# iptables -L
[root@client1 ~]# ping 192.168.0.24
PING 192.168.0.24 (192.168.0.24) 56(84) bytes of data.
From 192.168.0.24 icmp_seq=1 Destination Port Unreachable
From 192.168.0.24 icmp_seq=2 Destination Port Unreachable
From 192.168.0.24 icmp_seq=3 Destination Port Unreachable
[root@firewall ~]# iptables -I INPUT -p icmp -s 192.168.0.23 -d
192.168.0.24 -j DROP
Note : DROP will not give the Acknowledgement
[root@client1 ~]# ping 192.168.0.24
PING 192.168.0.24 (192.168.0.24) 56(84) bytes of data.
[root@firewall ~]# iptables -F
103
[root@client23 ~]# ftp 192.168.0.24
Connected to 192.168.0.24.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (192.168.0.24:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (192,168,0,24,187,117)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jan 17 2007 pub
226 Directory send OK.
ftp> bye
221 Goodbye.
To block the ftp client from system 192.168.0.23 to ftp server
192.168.0.24
[root@firewall ~]# iptables -I INPUT -p tcp -s 192.168.0.23 -d
192.168.0.24 --dport 21 -j REJECT
[root@client23 ~]# ftp 192.168.0.24
ftp: connect: Connection refused
ftp> ls
Not connected.
ftp>
104
SELinux
The /etc/selinux/config stores the status of SELinux.
[root@ selinux ~]# vi /etc/selinux/config
To get the status of SELinux use getenforce.
[root@selinux ~]# getenforce
Enforcing
To change the status of SELinux use setenforce
[root@selinux ~]# setenforce
usage: setenforce [ Enforcing | Permissive | 1 | 0 ]
[root@selinux ~]# setenforce Permissive
[root@selinux ~]# getenforce
Permissive
To view all the booleans
[root@selinux ~]# getsebool -a
To set a Booleans value
[root@selinux ~]# setsebool -P allow_ftpd_anon_write 1
-P overrides defaults.
[root@selinux ~]# getsebool -a |grep allow_ftpd_anon_write
allow_ftpd_anon_write --> on
[root@selinux ~]# setsebool -P allow_ftpd_anon_write 0
[root@selinux ~]# getsebool -a |grep allow_ftpd_anon_write
allow_ftpd_anon_write --> off
Restart the system to relable the filesystem
The selinux filesystem is in /selinux
Enabling or disabling selinux at boot time
In kernel line while booting pass parameter
selinux=0 – disable
selinux=1 – enable
105
Checking the logs of denied programs
#sealert –b
Checking the status of curent policy
#seinfo
Managing selinux graphically
#system-config-selinux
106
Configuration of Virtualization Server
[root@virtualserver ~]# yum install xen* virt-manager* kernel-xen* -y
Note: Restart the machine and boot from Xen kernel option from the GRUB
screen.
[root@virtualserver ~]# virt-manager &
Select Xen host
Domain-0 Will be displayed on screen
Creating a new virtual system
forward
Naming your virtual system
System Name => vm1
Choosing a virtual method
( select ) paravirtualized
Or
Full virtualization
Provide the path for installation server or media path
Install Media => ftp://192.168.0.250/pub
forward
Kickstart URL => ftp://192.168.0.250/pub/ksftp.cfg
Select the storage space
Partition => /dev/hda12
forward
Allocate memory and Cpu
VM Max Memory (MB) => 200
VM Startup Memory (MB) => 200
Please enter the number of virtual CPU's this VM
VCPUs => 2
Read the Summary if correct procceed or repeat
finish
Choose the password for new keyring
Now the intallation will start & u will get the boot
screen
After Installation Start the Virtual machine.
Note: To start the virtual machine execute the
following command.
[root@virtualserver ~]# xm create vm1
107
Using config file "/etc/xen/vm1".
Going to boot Linux Server (2.6.18-8.el5xen)
kernel: /vmlinuz-2.6.18-8.el5xen
initrd: /initrd-2.6.18-8.el5xen.img
Started domain vm1
[root@virtualserver ~]# virt-manager &
[root@virtualserver ~]# xm shutdown vm1
108
Lightweight Directory Access Protocol
1). LDAP INTRODUCTION & CONFIGURATION :
LDAP was originally used as the backbone of Microsoft's Active
Directory Service and Novell's Novell Directory Services (NDS)
products. LDAP can also interact with other login programs, such as
Remote Authentication Dial-in User Service (RADIUS), which the network
equipment of many ISPs uses to manage dialup Internet access.
It was later recognized that LDAP had features that could make it
a desirable replacement for NIS in some scenarios. For example, it uses
a single TCP port (389) for regular communication and another port
(636) for encrypted transactions. LDAP also can interact with many
login authentication, authorization, and accounting programs external
to Linux and UNIX.
The LDAP Directory Structure
LDAP directory entries are arranged in a tree structure. Under
the root, there are branches that represent countries, organizations,
organizational units, and people.
2). Scenario
These concepts are easier to explain when working from an example, so
imagine the IT department in a small organization called zoom.com has
many Linux servers it needs to administer.
* The company wants a simple, secure, centralized login scheme for
all of the servers.
* It has decided to use the LDAP domain example.com for its LDAP
database, in which one domain component (DC) will be zoom, and the
other will be com.
* The database will have only one organizational unit simply called
People, which is the LDAP default.
* Each person will have such attributes as a username (User ID or
UID), password, Linux home directory, and login shell.
* The Linux server named ldapserverzoom with the IP address
192.168.0.100 will act as the LDAP server containing the database.
* The Linux server named sales1 will be used to test the system as
the LDAP client and has the IP address 192.168.0.102.
* Server ldapserverzoom has a special user account named ldapuser
that will be used to test the LDAP logins.
3) Installing The LDAP Packages
# yum install *ldap* -y
4)Create a database directory
# mkdir /var/lib/ldap/zoom.com
# chown ldap:ldap /var/lib/ldap/zoom.com
109
5) Create an LDAP "root" password
# slappasswd
6) Create some users & assign passwords
7) EDIT THE MAIN CONFIGURATION FILE
# vi /etc/openldap/slapd.conf
database bdb
suffix "dc=zoom,dc=com"
rootdn "cn=Manager,dc=zoom,dc=com"
rootpw <paste the password generated by slpasswd
command>
directory /var/lib/ldap/zoom.com
:wq!
8) Create Your LDAP Database
#vi /usr/share/openldap/migration/migrate_common.ph
:%s/padl/zoom/g
:wq!
9) Copy the DB_CONFIG.example starter file to your ldap database
directory of /var/lib/ldap/ zoom.com.
# cp -p /etc/openldap/DB_CONFIG.example
/var/lib/ldap/zoom.com/DB_CONFIG
10) . Migrate your system authentication files using the
migrate_all_offline.sh script that should reside in the same directory
as the migrate_common.ph file.
# /usr/share/openldap/migration/migrate_all_offline.sh
11) LDAP won’t start unless the files in the database directory are
owned by the ldap user. Use the chown command to do this.
# chown -R ldap:ldap /var/lib/ldap/zoom.com
12. Start LDAP Service.
# service ldap start
# chkconfig ldap on
You are ready to go! The database has been created.
13) Test the LDAP database
# ldapsearch -x -b 'dc=zoom,dc=com' '(objectclass=*)'
110
LDAP PART 2 LDAP GUI Management Tools
Step 1 ) download phpldapadmin-1.1.0.5.tar.gz packages
Step 2 ) copy inside /var/www/html & extract
# tar -xvzf phpldapadmin-1.1.0.5.tar.gz
Step 3 ) Install httpd packages
# yum install httpd* -y
# vi /etc/httpd/conf/httpd.conf
# change Document Root Path
DocumentRoot "/var/www/html/phpldapadmin-1.1.0.5"
Go line no 390 there give in Directoryindex index.php
:wq!
Step 4)
# cd /var/www/html/phpldapadmin-1.1.0.5/config
# cp -p config.php.example config.php
Step 5)
# vi /etc/pgp.ini
:/16M replace with 120M
:wq!
Step 6 )
service httpd restart
Step 7 )
Open the browser
http://localhost
See screen shot ldap1.png
ldap2.png
111
Configuring The LDAP Client
Now that the LDAP server is configured properly, you can turn your
attention to configuring and testing the clients.
Edit the ldap.conf configuration file
LDAP clients are configured using the /etc/openldap/ldap.conf file. You
need to make sure that the file refers to the LDAP server's IP address
for the zoom.com. The file should look like this:
# vi /etc/openldap/ldap.conf
HOST 192.168.1.100
BASE dc=example,dc=com
:wq!
mount the home folder which is been exported from ldapserverzoom
# mount 192.168.0.100:/home /home
112
Comparison Between Fedora and Ubuntu Linux.
It is easy to apply your existing knowledge of Fedora to Ubuntu. The key
differences between them are covered in this article.
Operating System Fedora Ubuntu
Minimum Hardware
Requirement
i386, ppc, x86_64, Sparc (via
Aurora Project), alpha (via
AlphaCore)
AMD64, i386
Supported architecture For text mode: 200 MHz
Pentium-class, 64MB RAM,
620MB HDD
For graphical mode: 400 MHz
Pentium-class, 192MB RAM,
620MB HDD
For text-mode: 192 MB RAM,
450 MB hard drive
For graphical-mode: 256 MB
RAM, preferable at least 2 GB
HDD
Basic Commands & Vi
Same Same
User & group
Administration
useradd, usermod, userdel,
groupadd, groupmod,
groupdel
User’s & Group database
File
/etc/passwd
/etc/shadow
/etc/group
UPG scheme
Uid=Min_uid and group uid=500
Home_dir=Automatically get‟s
created “/home/username”
Same
Same
UPG scheme
Uid=Min_uid and group
uid=1000
“-m” option is used to
Create user‟s home dir
Same
Same
Basic File Permission
chmod, chown, chgrp
Same
Same
Partition
Default file system
ext2,ext3,vfat,swap
fdisk
Same
Same
113
/etc/fstab
Mount
ACL
Same Same
Quota
Same Same
suid
sgid
Sticky bit
Same Same
Links Same Same
Raid mdadm
Same Same
LVM
Same Same
Backup & Recovery
tar, cpio & dump
Same Same
Package Administration
Repository
Install a package file
Remove a package
Show available packages
List all installed packages
List files in a package file
rpm
Yum
/etc/yum.repo/core
yum install package.rpm
rpm -i package.rpm
rpm -e package_name
yum list available
yum list installed
rpm -qa
rpm -qpl package.rpm
rpm
Apt-get
/etc/apt/source.list
dpkg --install package.deb
apt-get remove package_name
apt-cache dumpavail
dpkg –list
dpkg --contents package.deb
service chkconfig <service>
start/stop/restart
/etc/init.d/<service>
tart/stop/restart
114
Fedora & Ubuntu Network Administration
Fedora Ubuntu
Assigning IP Address
ifconfig
Permanent
Same
netconfig
Same
vi /etc/network/interface
auto eth0
iface eth0 inet dhcp
address 192.168.0.x
netmask 255.255.255.0
gateway 192.168.0.x
:wq
1.NFS Server
1)Required Package
2)Configuration file
3)service
nfs*
/etc/exports
nfs
nfs*
/etc/exports
nfs-kernel-server
2.FTP Server
1)Required Package
2)Configuration file
3)service
vsftpd*
/etc/vsftpd/vsftpd.conf
vsftpd
vsftpd*
/etc/vsftpd.conf
vsftpd
/home/ftp/pub
3.SAMBA Server
1)Required Package
2)Configuration file
3)service
samba*
/etc/samba/smb.conf
smb
samba*
/etc/samba/smb.conf
samba
4.DNS Server
1)Required Package
2)Configuration file
3)service
bind* cach*
/etc/named.caching-
nameserver
/etc/named.rfc1912.zones
/var/named/chroot/var/named
localhost.zone
named.local
named
bind9*
/etc/bind/named.conf
/etc/bind
Db.O
Db.127
bind9
5.Web Server
1)Required Package
httpd*
apache2*
115
2)Configuration file
3)service
/etc/httpd/conf/httpd.conf
httpd
/etc/apache2/apache2.conf
apache2
6.Mail Server
1)Required Package
2)Configuration file
3)service
sendmail*
/etc/mail/sendmail.mc
/etc/mail/sendmail.cf
sendmail
postfix*
To configure run command
dpkg-reconfigure postfix
/etc/postfix/main.mc
postfix
7.Squid Server
1)Required Package
2)Configuration file
3)service
squid*
/etc/squid/squid.conf
squid
squid*
/etc/squid/squid.conf
Squid
8.Nis Server
1)Required Package
2)Configuration file
3)service
yp*
/var/yp/Makefile
Ypserv
yppasswdd
nis*
/var/yp/Makefile
nis
9.DHCP Server
1)Required Package
2)Configuration file
3)service
dhcp*
/etc/dhcpd.conf
dhcpd
dhcp*
/etc/dhcp3/dhcpd.conf
dhcp3-server
116
Comparison Between Fedora and Suse Linux
System Administration
Apply your existing knowledge of Redhat or Fedora to suse. The key
differences between them are covered in this article.
Operating
System
Fedora Suse Linux
Minimum
Hardware
Requirement
For text mode: 200 MHz
Pentium-class, 64MB RAM,
620MB HDD
For graphical mode: 400 MHz
Pentium-class, 192MB RAM,
620MB HDD
For text mode: 200 MHz
Pentium-class, 64MB RAM,
620MB HDD
For graphical mode: 400 MHz
Pentium-class, 192MB RAM,
620MB HDD
Supported
architecture
i386, ppc, x86_64, sparc (via
Aurora Project), alpha (via
AlphaCore
i586, x86_64, ppc
Basic Commands
& Vi
Same Same
User & group
Administration
Useradd,usermod,
userdel,groupadd
Groupmod,group
del
User’s & Group
database File
/etc/passwd
/etc/shadow
/etc/group
UPG scheme
Uid=Min_uid and group uid=500
Home_dir=Automatically get‟s
created “/home/username”
Same
Same
General Linux scheme
Min uid & gid starts from
1000
“-m” option is used to
create user‟s home dir
Same
Same
117
Basic File
Permission
chmod, chown,
chgrp
Same
Same
Partition
Default file system
ext2, ext3, vfat,
swap
fdisk
/etc/fstab
Mount
ext3
Same
reiserfs
Same
ACL Same Same
Quota Same Same
suid, sgid
Sticky bit
Same Same
Links Same Same
Raid Same Same
LVM Same Same
Backup &
Recovery
Same Same
Package
Administration
RPM
Same
yum
Same
yast2
118
FEDORA AND SUSE NETWORK ADMINISTRATION
Fedora Suse
Assigning ip Address
ifconfig
Permanent
Same
netconfig
Same
Yast2 lan &
1.NFS Server
1)Required Package
2)Configuration file
3)service
nfs*
/etc/exports
nfs
nfs*
/etc/exports
nfsserver
2.FTP Server
1)Required Package
2)Configuration file
3)service
vsftpd*
/etc/vsftpd/vsftpd.conf
vsftpd
vsftpd*
/etc/vsftpd.conf
vsftpd
/srv/ftp/pub
3.SAMBA Server
1)Required Package
2)Configuration file
3)service
samba*
/etc/samba/smb.conf
smb
samba*
/etc/samba/smb.conf
smb
4.DNS Server
1)Required Package
2)Configuration file
3)service
bind* cach*
/etc/named.caching-
nameserver
/etc/named.rfc1912.zones
/var/named/chroot/var/named
localhost.zone
named.local
bind*
/etc/named.conf
/var/lib/named
localhost.zone
127.0.0.zone
5.Web Server
1)Required Package
2)Configuration file
3)service
httpd*
/etc/httpd/conf/httpd.conf
httpd
apache2*
/etc/apache2/httpd.conf
apache2
6.Mail Server
1)Required Package
2)Configuration file
3)service
sendmail*
/etc/mail/sendmail.mc
/etc/mail/sendmail.cf
sendmail*
/etc/mail/linux.mc
/etc/sendmail.cf
119
7.Squid Server
1)Required Package
2)Configuration file
3)service
squid*
/etc/squid/squid.conf
squid
squid*
/etc/squid/squid.conf
squid
8.NIS Server
1)Required Package
2)Configuration file
3)service
yp*
/var/yp/Makefile
ypserv
yppasswdd
yp*
/var/yp/Makefile
ypserv
9.DHCP Server
1)Required Package
2)Configuration file
3)service
dhcp*
/etc/dhcpd.conf
dhcpd
dhcp*
/etc/dhcpd.conf
dhcpd
120
Comparison Between Fedora And Solaris .
SYSTEM ADMINISTRATION
Apply your existing knowledge of Fedora on Solaris. The key
differences between them are covered in this article.
Operating System Fedora Solaris
Basic Command Same Same
User & Group
Administration
„UPG‟ scheme is there
for normal user.
‘UID’ Min_uid=500
„GID‟ Min_gid=500
HOME_DIR
/home/username
General SOE scheme is followed.
„UID‟ Min_uid=100
„GID‟ Min_gid=100
‘-m’ Option is used for
Creating user‟s home directory.
Default Location = /export/home
useradd,usermod & userdel.
groupadd,groupmod &
groupdel.
Same.
Same.
User’s & group’s database
file’s.
/etc/passwd.
/etc/shadow.
/etc/group.
Same.
Same
Basic File Permissions, &
Commands
chown,chmod & chgrp.
Same.
Same.
Partitioning Commands
Default file systems
Permenent mounting file’s
fdisk & parted.
ext2
ext3
vfat & swap.
/etc/fstab
/etc/mtab
Format.
ufs
lofs
hsfs & swap.
/etc/vfstab
/etc/mnttab
121
Mount
Same.
Same.
Acl setfacl.
getfacl
setfacl.
getfacl
Quotas
Commands
Quotacheck, quotaon,
Quotaoff & edquota
Support should be given
while mounting.
Same.
.
Touch a file with „quotas‟
Under the same file system.
Same.
Advanced file permission’s
Sticky bit, SUID, SGID
Same.
Same.
Links
Same. Same.
RAID
mdadm. Metainit
metaattach
metadb &
metadetach.
LVM
Lvm.
growfs & svm
Backup & Restore
tar, cpio
Same.
dump.
Same.
ufsdump.
Package Administration.
Commands.
rpm
yum
Commands.
pkgadd. to install
pgkrm. to remove a package .
pkginfo to get info of packages.
pkgchk. to check the packages
To check & start the
Service’s
chkconfig --list
service named restart
chkconfig named on
ls /etc/init.d
or
svcs
svcadm
enable/disable
svc:/network/dns/server.default
122
Comparision Between Fedora And Solaris
Network Administration
Apply your existing knowledge of Redhat Linux and Solaris.
The key differences between them are covered in this article.
Operating System Fedora Linux Solaris
Assigning ip-address
ifconfig
Database files
/etc/host
Hostname
Same.
Same.
/etc/sysconfig/network
Same.
Same.
/etc/nodenames
1.NFS Server
1)Required Package
2)Configuration file
3)service
nfs-utils,portmap.
/etc/exports.
nfs & portmap.
Defaulty it comes with ‟SOE‟.
/etc/dfs/dfstab.
/etc/inet.d/nfs.server
2.FTP Server
1)Required Package
2)Configuration file
3)service
vsftpd
/etc/vsftpd/vsftpd.conf
vsftpd
SUNWftpr, SUNWftpu
SUNWftpur
/etc/ftpd/ftpaccess
ftp.default
3.SAMBA Server
1)Required Package
2)Configuration file
3)service
Samba, samba-common,
samba-client , samba-client
/etc/samba/smb.conf
Smb
SUNWsmbaS, SUNWsmbac
SUNWsmbau, SUNWsmbar
/etc/sfw/smb.conf
samba
4.DNS Server
1)Required Package
2)Configuration file
Zone files
3)service
bind*
caching*
/etc/named.caching-
nameserver.conf
/etc/named-rfc1912.zones
/var/named/chroot/var/named
named
SUNWbind, SUNWbindr
SUNWbindS, SUNWbinutils
SUNWbinutilsS.
/etc/named.conf
/var/named
server.dns
server.client
5.WEB Server
123
1)Required Package
2)Configuration file
DataBase files
3)service
httpd, httpd-devel, httpd-
manual
/etc/httpd/httpd.conf
/var/www/html
httpd
SUNWapchs, SUNWapchd
SUNWapchr, SUNWapcu
/etc/apache/httpd.conf
/var/apache/htdocs
apache
6.MAIL Server
1)Required Package
2)Configuration file
3) Service
sendmail, sendmail-devel
sendmail-cf, sendmail-doc
/etc/mail/sendmail.mc
/etc/mail/sendmail.cf
sendmail
Defaultly get installed by
Operating system
/etc/mail/main.mc
/etc/mail/sendmail.cf
sendmail
7.DHCP Server
1)Required Package
2)Configuration file
3)service
dhcpd, dhcpd-devel
/etc/dhcpd.conf
dhcpd
SUNWdhcm, SUNWdhcsb
SUNWdhcsr, SUNWdhcsu
Gui-Tool
svm & dhcpmgr
dhcp
124
Oracle 10g Installation
Oracle 10g Installation guide for Red Hat Enterprise Linux ES/AS 5 (x86)
Changing the Red Hat Release
As RHEL5 has been released after Oracle 10g was, Oracle 10g does not support
RHEL5 logically. The latest version 10g supports in RHEL4. So we have to get
round it by changing the release configuration file:
echo "rhel4" > /etc/redhat-release
Disk Partitions
100MB ext3 /boot
9GB ext3 /
6GB ext3 /var
6GB ext3 /usr
6GB ext3 /home
1GB Swap Partition
125
The following packages (or higher versions) must be installed
gcc-3.2.3-2 or higher
make-3.79
binutils-2.11
openmotif-2.2.2-16
setarch-1.3-1
compat-db-4.0.14.5
compat-gcc-7.3-2.96.122
compat-gcc-c++-7.3-2.96.122
compat-libstdc++-7.3-2.96.122
compat-libstdc++-devel-7.3-2.96.122
Create the Oracle user and groups
# groupadd oinstall
# groupadd dba
# useradd -g oinstall -G dba oracle
# passwd oracle
Creat Directories
# mkdir -p /u01/app/oracle
# chown -R oracle:oinstall /u01/app/oracle
126
Change the directory permission to 775
# chmod -R 775 /u01/app/oracle
Specify the values in the /etc/sysctl.conf file, they persist when you reboot the system
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
Increase the shell limits
Add the following lines to /etc/security/limits.conf file:
* soft nproc 2047
* hard nproc 16384
* soft nofile 1024
* hard nofile 65536
Add the following line to the file /etc/pam.d/login , if it does not exist:
session required /lib/security/pam_limits.so
127
Add these lines to export path in the file /etc/profile
export ORACLE_BASE=/u01/app/oracle
export ORACLE_SID=dba
export ORACLE_HOME=/u01/app/oracle/product/10.1.0/db_1
export
LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/perl/lib/5.6.1:$ORA
CLE_HOME/ctx/lib
export
PATH=:$ORACLE_HOME/bin:$ORACLE_HOME/perl/bin:$ORACLE_HOME/perl/lib
/5.6.1:$ORACLE_HOME/ldap/odi/bin:$ORACLE_HOME/opmn/bin:$ORACLE_HOM
E/dcm/bin:/usr/local/bin:/usr/openwin/bin:/usr/local/j2sdk1.4.2/bin:$PATH
Now login as oracle user and issue the commands to start installation.
$ ORACLE_BASE=/u01/app/oracle
$ ORACLE_SID=dba
$ export ORACLE_BASE ORACLE_SID
$ unset ORACLE_HOME
$ unset TNS_ADMIN
$ /mnt/cdrom/./runInstaller
128
To enable communication between oracle server and client, sample tnsnames.ors file
# TNSNAMES.ORA Network Configuration File
# Generated by Oracle configuration tools.
zoom =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = station12)(PORT = 1521))
)
(CONNECT_DATA =
(SID = dba)
(SERVER = DEDICATED)
)
)
server1 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.0.1)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = dba2)
)
)
INST1_HTTP =
129
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = station12)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = SHARED)
(SERVICE_NAME = MODOSE)
(PRESENTATION = http://HRService)
)
)
EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
)
)
TO AUTOMATE THE LSNRCTL AND ORACLE STARTING
1. Make a script file and write the following code in it.
su -oracle << EOF
130
/u01/app/oracle/product/9.2.0/bin sqlplus /nolog
<< EOF
connect /as sysdba;
startup;
spool off;
EOF
su -oracle << EOF
lsnrctl start << EOF
exit 0