Server Side configuration
===============================================
# yum install nfs-utils nfs-utils-lib
# yum install portmap
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir /nfsshare
# vi /etc/exports
/nfsshare 10.25.214.10(rw,sync,no_root_squash) (Add this line)
=================================================
Client side configuration
==================================================
# yum install nfs-utils nfs-utils-lib
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir -p /home/nfsshare
# mount -t nfs 10.25.214.127:/nfsshare /home/nfsshare
# touch /home/nfsshare/test
# mount | grep nfs
# vim /etc/fstab
10.25.214.127:/nfsshare /home/nfsshare nfs defaults 0 0 (Add This line)
=====================================================
Important commands for NFS
=====================================================
(1)showmount -e : Shows the available shares on your local machine
# showmount -e
Export list for gluster-server:
/nfsshare 10.25.214.10
(2)showmount -e <server-ip or hostname>: Lists the available shares at the remote server
# showmount -e 10.25.214.127
Export list for 10.25.214.127:
/nfsshare 10.25.214.10
(3)exportfs -v : Displays a list of shares files and options on a server
# exportfs -v
/nfsshare 10.25.214.10(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
(4)exportfs -a : Exports all shares listed in /etc/exports, or given name
(5)exportfs -u : Unexports all shares listed in /etc/exports, or given name
(6)exportfs -r : Refresh the server’s list after modifying /etc/exports
=================================================================
NFS Options
=====================================
Some other options we can use in “/etc/exports” file for file sharing is as follows.
(1)ro: With the help of this option we can provide read only access to the shared files i.e client will only be able to read.
(2)rw: This option allows the client server to both read and write access within the shared directory.
(3)sync: Sync confirms requests to the shared directory only once the changes have been committed.
(4)no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger file system, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
(5)no_root_squash: This phrase allows root to connect to the designated directory.
========================================================================
How to Install and Configure FTP Server in CentOS 7 ((vsFTPd 3.0.2))
========================================================================
# yum install vsftpd ftp -y
# systemctl start vsftpd
# systemctl enable vsftpd
# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO (We’ll allow access to the FTP server only the local users, find the anonymous_enable and local_enable directives and verify your configuration match to lines below:)
local_enable=YES
write_enable=YES (Uncomment the write_enable setting to allow changes to the filesystem such as uploading and deleting files)
chroot_local_user=YES (Uncomment tiis line for CHROOT Jailed Environment)
allow_writeable_chroot=YES (Add this line for CHROOT Jailed Environment)
==========================================================================
Create FTP users
useradd sk
passwd sk
==========================================================================
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub
250 Directory successfully changed.
ftp> exit
221 Goodbye.
Login with sk user
=============================================================================
[root@gluster-server ~]# su - sk
[sk@gluster-server ~]$ ftp 110.25.214.127
^C[sk@gluster-server ~]$ ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:sk): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
250 Directory successfully changed.
ftp>
===================================================================================
CHROOT Jailed Environment
===================================================================================
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
550 Failed to change directory.
ftp>
======================================================================================
Block the User to login in ftp server
======================================================================================
# vim /etc/vsftpd/ftpusers
ravi
# vim /etc/vsftpd/user_list
ravi
save and quit
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): pranchal
530 Permission denied.
Login failed.
ftp> exit
221 Goodbye.
=======================================================================================
Active FTP and Passive FTP
=======================================================================================
ftp> passive
Passive mode on.
ftp> passive
Passive mode off.
ftp>
(1) FTP stands for File Transfer protool
(2) FTP is TCP based, there is UDP involved with it
(3) FTP server listen on port 21 (Command and control port)
(4) Port 20 is called as the DATA prot for FTP
(5) There are two ways by which FTP works they are Active FTP and Passive FTP
Active File Transfer Protocal
=======================================
(1) Client connect to server on port 21
(2) client tells server the data port
(3) FTP server connect to the clients data port
(4) Client acknowledges
Passive File Transfer Protocol
========================================
(1) Client connect to server on port 21
(2) Server tells client the data port
(3) Client connect to the FTP server's data port
(4) server acknowledges
=========================================================================
NTP installation and configuration
=========================================================================
Server Side configuration
=========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
==========================================================================
Add these line to ntp.conf
server 1.in.pool.ntp.org==================Sync time with ntp websites
server 0.asia.pool.ntp.org================Sync time with ntp websites
server 1.asia.pool.ntp.org================Sync time with ntp websites
server 127.127.1.0========================sync time with ntp local server
fudge 127.127.1.0 stratum 6===============sync time with ntp local server
For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# systemctl status ntpd
===========================================================================
Client Side configuration
===========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
===========================================================================
Add these line to ntp.conf
server 10.25.214.127 (NTP server IP)
For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# ntpdate -u 10.25.214.127===================Sync the Time with ntp server
Samba server installation and configuration
===============================================================
==================================================================
# yum install samba samba-client samba-common cifs-utils
# mkdir /home1/samba_share
# useradd smbuser1
# useradd smbuser2
# passwd smbuser1
# passwd smbuser2
# smbpasswd -a smbuser1
# smbpasswd -a smbuser2
# groupadd smbuser
# chown :smbuser /home1/samba_share
# usermod -G smbuser smauser1 smbuser2
# usermod -G smbuser smauser1
# usermod -G smbuser smbuser1
# usermod -G smbuser smbuser2
===================================================================
# cp /etc/samba/smb.conf.example /etc/samba/smb.conf
# vim /etc/samba/smb.conf
[samba_share]
comment = samba share
path = /home1/samba_share
browseable = yes
guest ok = no
writable = no
read only = no
create mask = 0755
======================================================================
# testparm
# systemctl restart smb
# systemctl enable smb
# chmod -R 777 /home1/samba_share/
# chown -R smbuser1 /home1/samba_share/
# chown -R smbuser1:smbuser /home1/samba_share/
# smbpasswd -a test=================For non privileged samba user
========================================================================
===============================================
# yum install nfs-utils nfs-utils-lib
# yum install portmap
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir /nfsshare
# vi /etc/exports
/nfsshare 10.25.214.10(rw,sync,no_root_squash) (Add this line)
=================================================
Client side configuration
==================================================
# yum install nfs-utils nfs-utils-lib
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir -p /home/nfsshare
# mount -t nfs 10.25.214.127:/nfsshare /home/nfsshare
# touch /home/nfsshare/test
# mount | grep nfs
# vim /etc/fstab
10.25.214.127:/nfsshare /home/nfsshare nfs defaults 0 0 (Add This line)
=====================================================
Important commands for NFS
=====================================================
(1)showmount -e : Shows the available shares on your local machine
# showmount -e
Export list for gluster-server:
/nfsshare 10.25.214.10
(2)showmount -e <server-ip or hostname>: Lists the available shares at the remote server
# showmount -e 10.25.214.127
Export list for 10.25.214.127:
/nfsshare 10.25.214.10
(3)exportfs -v : Displays a list of shares files and options on a server
# exportfs -v
/nfsshare 10.25.214.10(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
(4)exportfs -a : Exports all shares listed in /etc/exports, or given name
(5)exportfs -u : Unexports all shares listed in /etc/exports, or given name
(6)exportfs -r : Refresh the server’s list after modifying /etc/exports
=================================================================
NFS Options
=====================================
Some other options we can use in “/etc/exports” file for file sharing is as follows.
(1)ro: With the help of this option we can provide read only access to the shared files i.e client will only be able to read.
(2)rw: This option allows the client server to both read and write access within the shared directory.
(3)sync: Sync confirms requests to the shared directory only once the changes have been committed.
(4)no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger file system, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
(5)no_root_squash: This phrase allows root to connect to the designated directory.
========================================================================
How to Install and Configure FTP Server in CentOS 7 ((vsFTPd 3.0.2))
========================================================================
# yum install vsftpd ftp -y
# systemctl start vsftpd
# systemctl enable vsftpd
# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO (We’ll allow access to the FTP server only the local users, find the anonymous_enable and local_enable directives and verify your configuration match to lines below:)
local_enable=YES
write_enable=YES (Uncomment the write_enable setting to allow changes to the filesystem such as uploading and deleting files)
chroot_local_user=YES (Uncomment tiis line for CHROOT Jailed Environment)
allow_writeable_chroot=YES (Add this line for CHROOT Jailed Environment)
==========================================================================
Create FTP users
useradd sk
passwd sk
==========================================================================
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub
250 Directory successfully changed.
ftp> exit
221 Goodbye.
Login with sk user
=============================================================================
[root@gluster-server ~]# su - sk
[sk@gluster-server ~]$ ftp 110.25.214.127
^C[sk@gluster-server ~]$ ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:sk): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
250 Directory successfully changed.
ftp>
===================================================================================
CHROOT Jailed Environment
===================================================================================
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
550 Failed to change directory.
ftp>
======================================================================================
Block the User to login in ftp server
======================================================================================
# vim /etc/vsftpd/ftpusers
ravi
# vim /etc/vsftpd/user_list
ravi
save and quit
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): pranchal
530 Permission denied.
Login failed.
ftp> exit
221 Goodbye.
=======================================================================================
Active FTP and Passive FTP
=======================================================================================
ftp> passive
Passive mode on.
ftp> passive
Passive mode off.
ftp>
(1) FTP stands for File Transfer protool
(2) FTP is TCP based, there is UDP involved with it
(3) FTP server listen on port 21 (Command and control port)
(4) Port 20 is called as the DATA prot for FTP
(5) There are two ways by which FTP works they are Active FTP and Passive FTP
Active File Transfer Protocal
=======================================
(1) Client connect to server on port 21
(2) client tells server the data port
(3) FTP server connect to the clients data port
(4) Client acknowledges
Passive File Transfer Protocol
========================================
(1) Client connect to server on port 21
(2) Server tells client the data port
(3) Client connect to the FTP server's data port
(4) server acknowledges
=========================================================================
NTP installation and configuration
=========================================================================
Server Side configuration
=========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
==========================================================================
Add these line to ntp.conf
server 1.in.pool.ntp.org==================Sync time with ntp websites
server 0.asia.pool.ntp.org================Sync time with ntp websites
server 1.asia.pool.ntp.org================Sync time with ntp websites
server 127.127.1.0========================sync time with ntp local server
fudge 127.127.1.0 stratum 6===============sync time with ntp local server
For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# systemctl status ntpd
===========================================================================
Client Side configuration
===========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
===========================================================================
Add these line to ntp.conf
server 10.25.214.127 (NTP server IP)
For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# ntpdate -u 10.25.214.127===================Sync the Time with ntp server
Samba server installation and configuration
===============================================================
==================================================================
# yum install samba samba-client samba-common cifs-utils
# mkdir /home1/samba_share
# useradd smbuser1
# useradd smbuser2
# passwd smbuser1
# passwd smbuser2
# smbpasswd -a smbuser1
# smbpasswd -a smbuser2
# groupadd smbuser
# chown :smbuser /home1/samba_share
# usermod -G smbuser smauser1 smbuser2
# usermod -G smbuser smauser1
# usermod -G smbuser smbuser1
# usermod -G smbuser smbuser2
===================================================================
# cp /etc/samba/smb.conf.example /etc/samba/smb.conf
# vim /etc/samba/smb.conf
[samba_share]
comment = samba share
path = /home1/samba_share
browseable = yes
guest ok = no
writable = no
read only = no
create mask = 0755
======================================================================
# testparm
# systemctl restart smb
# systemctl enable smb
# chmod -R 777 /home1/samba_share/
# chown -R smbuser1 /home1/samba_share/
# chown -R smbuser1:smbuser /home1/samba_share/
# smbpasswd -a test=================For non privileged samba user
========================================================================
0 coment�rios:
Note: only a member of this blog may post a comment.