1) Create the "LVM" with the name "marvel" by using 21PE's from the volume group "stone". Consider the P...

1) Create the "LVM" with the name "marvel" by using 21PE's from the volume group "stone". Consider the PE size as "8MB". Mount it on /mnt/secret with filesystem vfat.

solution:

# fdisk -cu /dev/vda

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot Start End Blocks Id System
/dev/vda1 * 2048 526335 262144 83 Linux
/dev/vda2 526336 9914367 4694016 8e Linux LVM

Command (m for help): n
Command action
e extended
p primary partition (1-4)
e
Partition number (1-4): 3
First sector (9914368-12582911, default 9914368):
Using default value 9914368
Last sector, +sectors or +size{K,M,G} (9914368-12582911, default 12582911):
Using default value 12582911

Command (m for help): n
Command action
l logical (5 or over)
p primary partition (1-4)
l
First sector (9916416-12582911, default 9916416):
Using default value 9916416
Last sector, +sectors or +size{K,M,G} (9916416-12582911, default 12582911): +169M

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot Start End Blocks Id System
/dev/vda1 * 2048 526335 262144 83 Linux
/dev/vda2 526336 9914367 4694016 8e Linux LVM
/dev/vda3 9914368 12582911 1334272 5 Extended
/dev/vda5 9916416 10262527 173056 83 Linux

Command (m for help): t
Partition number (1-5): 5
Hex code (type L to list codes): 8e
Changed system type of partition 5 to 8e (Linux LVM)

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot Start End Blocks Id System
/dev/vda1 * 2048 526335 262144 83 Linux
/dev/vda2 526336 9914367 4694016 8e Linux LVM
/dev/vda3 9914368 12582911 1334272 5 Extended
/dev/vda5 9916416 10262527 173056 8e Linux LVM

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

# reboot

# pvcreate /dev/vda5
# vgcreate -s 8M stone /dev/vda5
# pvs
# vgs
# vgdisplay stone
# lvcreate -L +168M -n marvel stone
# lvs
# lvdisplay /dev/stone/marvel
# mkfs.vfat /dev/stone/marvel
# mkdir /mnt/secret
# vim /etc/fstab
--> append the following entry
/dev/stone/marvel /mnt/secret vfat defaults 0 0
--> save and exit
# mount -a
# df -Th

2) Create a group named "sysadmin"

A user curly and larry should belongs to "stooges" group as a secondary group . A user moe should not have access to interactive shell and he should not be a member of "stooges" group. passwd for all user created should be "jenny".

solution:

# groupadd sysadmin
# groupadd stooges
# useradd curly
# useradd larry
# useradd moe
# gpasswd -M curly,larry stooges
# usermod -s /sbin/nologin moe
# echo "jenny" | passwd --stdin curly
# echo "jenny" | passwd --stdin larry
# echo "jenny" | passwd --stdin moe

3) Create the Directory "/home/manager" with the following characteristics. Group ownership of "/home/manager" should go to "manager" group. The directory should be have full permission for all members off "manager" group but not to any other users accept "root". Files created under "/home/manager" should get the same group ownership is set to the "manager" group.

solution:

# mkdir /home/manager
# groupadd manager
# chgrp -R manager /home/manager
# chmod g+rwx /home/manager
# chmod g+s /home/manager
# touch /home/manager/file1
# ll /home/manager

4) Install the appropriate Kernel from ftp://instructor.example.com/updates. Your machine should boot with updated kernel.

solution:

# cd /etc/yum.repos.d/
# vim kernel123.repo
--> give the following entries
[kernel123]
name=kernel media
baseurl=ftp://instructor.example.com/updates
gpgcheck=0
--> save and exit
# cd
# yum clean all
# yum install kernel -y
# vim /etc/grub.conf
--> the "default" option should be set to "0" in order for the latest kernel to be the default kernel
-> save and exit
# reboot

5) The user sarah must configure a cron job that runs daily at 14:23. and executes "/bin/echo "hyer" and deny the user max for creating cronjob.

solution:

# useradd sarah
# useradd max
# crontab -e
--> In the VIM editor prompt give the following entry
23 14 * * * /bin/echo "hyer"
--> save and exit
# vim /etc/cron.deny
--> Give the entry as under:
max
--> save and exit

6) Resize the lvm "/dev/vgsrv/home" so that after reboot size should be in between 90MB to 160MB.

solution:

Note: Depending upon the existing size you need to determine whether to extend or reduce the volume. Here we have assumed that the existing size of the given volume is greater than the range given in the question due to which we are reducing it.

# df -Th --> to check the mount point
# lvs --> to check the existing size of the lvm
# vgdisplay vgsrv --> to determine the PE size. Here volume group is vol1
# umount /home --> assuming "/home" to be the mount point of the logical volume
# e2fsck -f /dev/vgsrv/lv1
# resize2fs /dev/vgsrv/home 160M
# lvreduce -L 160M /dev/vgsrv/home
# mount /home
# lvs
# df -Th

7) BIND THE "LDAP" FOR USER AUTHENTICATION:

Note the following:

BASE DN: dc=example,dc=com ldap path ldap://instructor.example.com/. Download the certificate from "ftp://instructor.example.com/pub/EXAMPLE-CA-CERT". ldapuserX should login into your system, where "X" is your system no.

solution:

# system-config-authentication
--> In the "User Account Database:" select "LDAP"
--> In the "LDAP Search Base DN:" type "dc=example,dc=com"(suffix in our classroom)
--> In the "LDAP Server:" type "ldap://instructor.example.com"
--> Select "Use TLS to encrypt connections"
--> Click on "Download CA Certificate" and in the appeared box type the URL "ftp://instructor.example.com/pub/EXAMPLE-CA-CERT"
--> Click on "OK"
--> In the "Authentication Method:" select "LDAP password"
--> Click on "Apply"
--> Then with the below command you should be able to view user's information

# getent passwd ldapuserX

8) Configure your system as "NTP" client for "instructor.example.com".

solution:

# system-config-date
--> In the appeared window, select "Synchronize the date and time over the network"
--> Remove all the NTP Servers from the list
--> Click on Add
--> In the appeared box, type "instructor.example.com"(NTP Server in our class)
--> Hit the "<tab>" key on the keyboard
--> Click on "Advanced Options"
--> Select "Speed up initial synchronization"
--> Click on "OK"

9) Automount the home directory for the ldapuser of your system

Note the following:

instructor.example.com(192.168.0.254) "Nfs exports" /home/guests to your system where "x" is your station ip. Ldapuser's home directory is instructor.example.com:/home/guests/ldapuserX. Ldapuser's home directory should be automounted locally beneath at /home/guests/ldapuserX. While login with any of the ldapuser then only home directory should accesible from your system that ldapuserX.

solution:

# vim /etc/auto.master
--> Append the following entry
/home/guests /etc/auto.guests
--> save and exit

--> Create the file for the slave map as specified in /etc/auto.master
# vim /etc/auto.guests
--> type the following line
ldapuserX instructor.example.com:/home/guests/ldapuserX
--> save and exit

# service autofs reload

# su - ldapuserX
Note: You should not get any home directory error

10) Copy the file /etc/fstab to /var/tmp and configure the "ACL" as mentioned. The file /var/tmp/fstab is owned by the "root". The file /var/tmp/fstab belongs to the group "root" The file /var/tmp/fstab should not be executable by other's. The user "sarah" should able to read and write to the file. The user "natasha" can neither read nor write to the file. other users (future and current) shuold be able to read /var/tmp/fstab.

solution:
Note: Before adding users check their existence

# cp /etc/fstab /var/tmp
# ls -l /var/tmp/fstab
# chmod o-x /var/tmp/fstab
# useradd sarah
# setfacl -m u:sarah:rw /var/tmp/fstab
# useradd natasha
# setfacl -m u:natasha:--- /var/tmp/fstab
# chmod o+r /var/tmp/fstab

11) Configure FTP access from your system. Clients within the local network should have anonomyous FTP access to your system.

solution:

# rpm -qa vsftpd
--> If the package is not installed then install it
# yum install vsftpd -y
# service vsftpd restart
# chkconfig vsftpd on
# cd /var/ftp
# ls
# echo "testing" >> /var/ftp/file1

12) Configure your system as "web server" for the site http://serverX.example.com. Download the web page from ftp://instructor.example.com/updates/station.html. Rename the the downloaded page as "index.html". Copy the "index.html" page to the "document root". Do not make any modifications to the content of index.html.

solution:

# rpm -qa httpd
--> If the package is not installed then install it
# yum install httpd -y
# service httpd restart
# chkconfig httpd on
# wget ftp://instructor.example.com/updates/station.html
# mv station.html index.html
# cp index.html /var/www/html

13) Create the user "dax" with uid 4223.

solution:

# useradd -u 4223 dax

14) Extend the SWAP space with "250" MB dont remove the existing swap.

solution:

# free -m--> to check the existing swap space

# fdisk -cu /dev/vda

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot Start End Blocks Id System
/dev/vda1 * 2048 526335 262144 83 Linux
/dev/vda2 526336 9914367 4694016 8e Linux LVM
/dev/vda3 9914368 12582911 1334272 5 Extended
/dev/vda5 9916416 10262527 173056 8e Linux LVM
/dev/vda6 10264576 11493375 614400 83 Linux

Command (m for help): n
Command action
l logical (5 or over)
p primary partition (1-4)
l
First sector (11495424-12582911, default 11495424):
Using default value 11495424
Last sector, +sectors or +size{K,M,G} (11495424-12582911, default 12582911): +250M

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot Start End Blocks Id System
/dev/vda1 * 2048 526335 262144 83 Linux
/dev/vda2 526336 9914367 4694016 8e Linux LVM
/dev/vda3 9914368 12582911 1334272 5 Extended
/dev/vda5 9916416 10262527 173056 8e Linux LVM
/dev/vda6 10264576 11493375 614400 83 Linux
/dev/vda7 11495424 12007423 256000 83 Linux

Command (m for help): t
Partition number (1-7): 7
Hex code (type L to list codes): 82
Changed system type of partition 7 to 82 (Linux swap / Solaris)

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot Start End Blocks Id System
/dev/vda1 * 2048 526335 262144 83 Linux
/dev/vda2 526336 9914367 4694016 8e Linux LVM
/dev/vda3 9914368 12582911 1334272 5 Extended
/dev/vda5 9916416 10262527 173056 8e Linux LVM
/dev/vda6 10264576 11493375 614400 83 Linux
/dev/vda7 11495424 12007423 256000 82 Linux swap / Solaris

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

# reboot

# mkswap /dev/vda7
# vim /etc/fstab
--> Append the following entry
/dev/vda7 swap swap defaults 0 0
--> save and exit

# swapon -a
# free -m
# swapon -s--> to check that the new device is enabled as swap space or not

15) locate the files of owner "julie" and copy to the directory /root/found directory

solution:

# mkdir /root/found
# find / -user julie -exec cp -pf {} /root/found/ \;

16) Download file from "http://192.168.0.254/exam/sample.txt". Search lines which contains alpha-numeric words( combination of alphabets and number) and copy those lines in sorted order to /root/samplelines (output should not contain any blank lines).

solution:

# wget http://192.168.0.254/exam/sample.txt
# cat sample.txt | sort >> /root/samplelines

17) List all lines which have string "enter" from "/tmp/file1" file and copy the lines in /root/word

# grep enter /tmp/file1 >> /root/word


Server Side configuration =============================================== # yum install nfs-utils nfs-utils-lib # yum install portmap #...

Server Side configuration
===============================================
# yum install nfs-utils nfs-utils-lib
# yum install portmap
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir /nfsshare
# vi /etc/exports
/nfsshare 10.25.214.10(rw,sync,no_root_squash) (Add this line)
=================================================
Client side configuration
==================================================
# yum install nfs-utils nfs-utils-lib
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir -p /home/nfsshare
# mount -t nfs 10.25.214.127:/nfsshare /home/nfsshare
# touch /home/nfsshare/test
# mount | grep nfs
# vim /etc/fstab
10.25.214.127:/nfsshare                   /home/nfsshare          nfs     defaults        0 0 (Add This line)
=====================================================
Important commands for NFS
=====================================================
(1)showmount -e : Shows the available shares on your local machine
# showmount -e
Export list for gluster-server:
/nfsshare 10.25.214.10

(2)showmount -e <server-ip or hostname>: Lists the available shares at the remote server
# showmount -e 10.25.214.127
Export list for 10.25.214.127:
/nfsshare 10.25.214.10

(3)exportfs -v : Displays a list of shares files and options on a server
# exportfs -v
/nfsshare       10.25.214.10(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)

(4)exportfs -a : Exports all shares listed in /etc/exports, or given name
(5)exportfs -u : Unexports all shares listed in /etc/exports, or given name
(6)exportfs -r : Refresh the server’s list after modifying /etc/exports

=================================================================
NFS Options
=====================================
Some other options we can use in “/etc/exports” file for file sharing is as follows.
(1)ro: With the help of this option we can provide read only access to the shared files i.e client will only be able to read.
(2)rw: This option allows the client server to both read and write access within the shared directory.
(3)sync: Sync confirms requests to the shared directory only once the changes have been committed.
(4)no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger file system, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
(5)no_root_squash: This phrase allows root to connect to the designated directory.



========================================================================
How to Install and Configure FTP Server in CentOS 7 ((vsFTPd 3.0.2))
========================================================================
# yum install vsftpd ftp -y
# systemctl start vsftpd
# systemctl enable vsftpd
# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO (We’ll allow access to the FTP server only the local users, find the anonymous_enable and local_enable directives and verify your configuration match to lines below:)
local_enable=YES 
write_enable=YES  (Uncomment the write_enable setting to allow changes to the filesystem such as uploading and deleting files)
chroot_local_user=YES  (Uncomment tiis line for CHROOT Jailed Environment)
allow_writeable_chroot=YES (Add this line for CHROOT Jailed Environment)
==========================================================================
Create FTP users
useradd sk
passwd sk
==========================================================================
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub
250 Directory successfully changed.
ftp> exit
221 Goodbye.

Login with sk user
=============================================================================
[root@gluster-server ~]# su - sk
[sk@gluster-server ~]$ ftp 110.25.214.127
^C[sk@gluster-server ~]$ ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:sk): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
250 Directory successfully changed.
ftp>
===================================================================================
CHROOT Jailed Environment
===================================================================================

[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
550 Failed to change directory.
ftp>
======================================================================================
Block the User to login in ftp server
======================================================================================
# vim /etc/vsftpd/ftpusers
ravi
# vim /etc/vsftpd/user_list
ravi
save and quit

[root@gluster-server ~]#  ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): pranchal
530 Permission denied.
Login failed.
ftp> exit
221 Goodbye.
=======================================================================================
Active FTP and Passive FTP
=======================================================================================
ftp> passive
Passive mode on.
ftp> passive
Passive mode off.
ftp>

(1) FTP stands for File Transfer protool
(2) FTP is TCP based, there is UDP involved with it
(3) FTP server listen on port 21 (Command and control port)
(4) Port 20 is called as the DATA prot for FTP
(5) There are two ways by which FTP works they are Active FTP and Passive FTP

Active File Transfer Protocal
=======================================
(1) Client connect to server on port 21
(2) client tells server the data port
(3) FTP server connect to the clients data port
(4) Client acknowledges

Passive File Transfer Protocol
========================================
(1) Client connect to server on port 21
(2) Server tells client the data port
(3) Client connect to the FTP server's data port
(4) server acknowledges

=========================================================================
NTP installation and configuration
=========================================================================
Server Side configuration
=========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
==========================================================================
Add these line to ntp.conf
server 1.in.pool.ntp.org==================Sync time with ntp websites
server 0.asia.pool.ntp.org================Sync time with ntp websites
server 1.asia.pool.ntp.org================Sync time with ntp websites

server 127.127.1.0========================sync time with ntp local server
fudge 127.127.1.0 stratum 6===============sync time with ntp local server

For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# systemctl status ntpd
===========================================================================
Client Side configuration
===========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
===========================================================================
Add these line to ntp.conf
server 10.25.214.127 (NTP server IP)

For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# ntpdate -u 10.25.214.127===================Sync the Time with ntp server


Samba server installation and configuration
===============================================================
==================================================================
# yum install samba samba-client samba-common cifs-utils
# mkdir /home1/samba_share
# useradd smbuser1
# useradd smbuser2
# passwd smbuser1
# passwd smbuser2
# smbpasswd -a smbuser1
# smbpasswd -a smbuser2
# groupadd smbuser
# chown :smbuser /home1/samba_share
# usermod -G smbuser smauser1 smbuser2
# usermod -G smbuser smauser1
# usermod -G smbuser smbuser1
# usermod -G smbuser smbuser2
===================================================================
# cp /etc/samba/smb.conf.example /etc/samba/smb.conf

# vim /etc/samba/smb.conf
[samba_share]
comment = samba share
path = /home1/samba_share
browseable = yes
guest ok = no
writable = no
    read only = no
create mask = 0755
======================================================================
# testparm 
# systemctl restart smb
# systemctl enable smb
# chmod -R 777 /home1/samba_share/
# chown -R smbuser1 /home1/samba_share/
# chown -R smbuser1:smbuser /home1/samba_share/
# smbpasswd -a test=================For non privileged samba user
========================================================================

1)create a user without useradd command ============================================================================================ vim ...

1)create a user without useradd command
============================================================================================
vim /etc/paaswd
ravi:x:501:501:ravi:/home/ravi:/bin/bash (Add this line to paaswd file and save)
vim /etc/group
ravi:x:501 (Add this line and save the file)
change the user password paaswd ravi
create a home directory with /home/ravi
copy /etc/skel/.* folder to user home directory
=============================================================================================
(2) Default permission of user home directory is ===700
(3) Difference between .bash_profile and .bashrc
Every time you login to a Linux (Red Hat) machine .bash_profile file is executed and In case you are already logged in and you open a new terminal then .bashrc file is executed
(4) command to create a user with a pre defined uid, shell and home directory
useradd -m -d /path/to/home -s /bin/bash -u 550 deepak
(5) change primary group for any user?
usermod -g groupname  username
=======================================================================
User id 0 is the id of the root user
By default, a Linux user falls under same as userid (UPG)

=======================================================================
SETUID Permission on Executable Files:-
==============================
Whenever SETUID permission has set on executable files, anyone executing that command (file) will inherit the permissions of the owner of the file.
The SETUID permission displays as an “s” in the owners executable field.
For below example, the SETUID permission on the “passwd” command which provides the access to change the passwd for users.
# ls -ltr /usr/bin/su /usr/bin/passwd
# touch /var/tmp/unixrock_setuid
# chmod 4555 /var/tmp/unixrock_setuid
# ls -ltr /var/tmp/unixrock_setuid
===============================
SETGID Permission on Executable Files:-
===============================
SETGID permission is similar to the SETUID, except that the process's effective group ID (GID) is changed to the group owner of the file, and a user is granted access based on permissions assigned to that group.
# ls -ltr /usr/bin/mail /usr/bin/write
# touch /var/tmp/unixrock_setgid
# ls -ltr /var/tmp/unixrock_setgid
# chmod 2555 /var/tmp/unixrock_setgid
================================
Sticky Bit Permission on Public Directories :-
================================
If the directory permission have the sticky bit permission set, then the file can be deleted only by the owner of the file/directory or the root user.This special permission prevents to delete other user’s file from public directories.
# ls -ld /tmp
# mkdir -p /vat/rmp/unixrock_stickybit
# chmod 1777 /vat/rmp/unixrock_stickybit
# ls -ld /vat/rmp/unixrock_stickybit

=====================================================================================
Telnet configuraion RHEL-7
====================================================
yum install telnet-server
systemctl start telnet.socket
systemctl status telnet.socket
[root@gluster-02 ~]# telnet 10.25.214.11
Trying 10.25.214.11...
Connected to 10.25.214.11.
Escape character is '^]'.

Kernel 3.10.0-693.el7.x86_64 on an x86_64
gluster-02 login: ravi
Password:
Last login: Sun Jan 13 22:39:23 on pts/0
[ravi@gluster-02 ~]$
====================================================
The default port for SSH client connections is 22; to change this default, enter a port number between 1024 and 32,767.
The default port for Telnet client connections is 23; to change this default, enter a port number between 1024 and 32,767.
====================================================
change Default ssh prot
====================================================
vim /etc/ssh/sshd_config

#Port 22
Port 9999
=====================================================
Disable Root login
===========================
vim /etc/ssh/sshd_config
#PermitRootLogin yes
PermitRootLogin no
=====================================================

==============================================================================================
Maximum number of partitions
=========================================
Its 4. It is a limitation of MBR.
If you want more partitions, you can create three primary and one extended partition.
Inside extended partition, you can create as many logical partitions.

There are two limits. On is the support in Linux, the other is the maximum count in the used partition table scheme: It depends if you use the legacy MBR or the newer GPT .
MBR supports four primary partition. One of them could be a extend partition which can contain an arbitrary number of logical partitions limited only by your disk space.
GPT supports up to 128 "primary" partitions.
In the old days, Linux supported only up to 63 partitions on IDE and 15 on SCSI disks because of limited device numbers. Today the kernel can allocate device numbers dynamically (udev is the keyword) so this limits should not be longer valid.
=========================================================================================================================
Prevent File/Directory Modification, Deletion and Renaming in Linux
====================================================================
# touch no-edit.txt
# lsattr no-edit.txt
# echo test >> no-edit.txt
# chattr +i no-edit.txt (+i add flag)
# lsattr no-edit.txt
# echo more-test >> no-edit.txt
# chattr -i no-edit.txt (-i remove flag)
=====================================================================
How to check hardwate details of any server
=====================================================
# dmesg
# lscpu======check CPU
# lspci======check network device
# lsscsi=====check scsi/sata
# lsusb -v ======check USB controllers
# dmidecode -t processor (To print hardware info from DMI table)
# dmidecode -t memory
# dmidecode -t bios
========================================================================

Q:-Difference between yum update vs yum install ?
Ans:- (1)The major differences between YUM and RPM are that yum knows how to resolve dependencies and can source these additional packages when doing its work. Though rpm can alert you to these dependencies, it is unable to source additional packages.
(2)RPM is a package manager while YUM is a frontend that can be used with RPM.
(3)The RPM package manager is unable to track dependencies while YUM can.

=============================================================
Perform SSH Login Without Password Using ssh-keygen & ssh-copy-id(10.25.214.11)
=====================================================================================
ssh-keygen -t rsa
ssh-copy-id -i .ssh/id_rsa.pub root@10.25.214.127

#  yum install device-mapper-multipath #  multipath -ll # /sbin/mpathconf --enable # multipath -ll # systemctl status multipathd # sys...

#  yum install device-mapper-multipath
#  multipath -ll
# /sbin/mpathconf --enable
# multipath -ll
# systemctl status multipathd
# systemctl start multipathd
# systemctl status multipathd
# yum install fcoe-utils
# yum install lldpad
#  cp /etc/fcoe/cfg-ethx   /etc/fcoe/cfg-eno51
#  cp /etc/fcoe/cfg-ethx   /etc/fcoe/cfg-eno52

Change "DCB_REQUIRED="no"" in below files:-

# vi cfg-eno51
# vi cfg-eno52


# systemctl status lldpad
# systemctl start lldpad
# systemctl status fcoe
# systemctl start fcoe
# systemctl status fcoe
# multipath -ll

# systemctl start multipathd
# systemctl status multipathid
# systemctl status multipathd

# cat /sys/class/fc_host/host*/port_name


echo "- - -" > /sys/class/scsi_host/host2/scan
echo "1" > /sys/class/fc_host/host1/issue_lip
echo "1" > /sys/class/fc_host/host2/issue_lip
================================================================================
multipath/iscsi
==============================================================================
===================================
server side configuration
===================================
# yum install targetcli
/> ls
/> /backstores/block create testlun1 /dev/sde============= cerate a test LUN
/> /iscsi create
/> iscsi/iqn.2003-01.org.linux-iscsi.gluster-02.x8664:sn.2d87862c9a72/tpg1/luns(iqn no of tartget server ) create /backstores/block/testlun1
/> iscsi/iqn.2003-01.org.linux-iscsi.gluster-02.x8664:sn.2d87862c9a72/tpg1/acls(iqn no of target server ) create iqn.1994-05.com.redhat:ab36ed2159e (iqn no of client server)
==============================================================
Client side configuration
===========================
# iscsiadm -m discovery -t sendtargets -p 10.25.214.11 (Discover a targer iscsi)
# iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.gluster-02.x8664:sn.2d87862c9a72 -p 10.25.214.11 -l (longin to targer iscsi)
======================================
iqn no file in server and client side
======================================
cat /etc/iscsi/initiatorname.iscsi

================================================= LVM Creation =============== # pvcreate /dev/sdb # vgcreate vg01 /dev/sdb # lvcreate...

=================================================
LVM Creation
===============
# pvcreate /dev/sdb
# vgcreate vg01 /dev/sdb
# lvcreate -L 2G -n lv01 vg01
# mkfs.xfs /dev/vg01/lv01
# mkdir /home1
# mount /dev/vg01/lv01 /home1
# df -h
# vim /etc/fstab
# mount -a
# df -h
==================================================
LVM Extend (Part-1)
===================
# lvextend -L +2G /dev/vg01/lv01
# xfs_growfs /dev/vg01/lv01
# df -h
===================================================
LVM Extend (Part-2)
====================
# pvcreate /dev/sdc2
# vgextend vg1 /dev/sdc2
# lvextend -L +1G /dev/mapper/vg1-lv1
# xfs_growfs  /dev/mapper/vg1-lv1
# df -h
====================================================
GFS LVM Extend
=======================
# pvcreate /dev/sdc2
# vgextend vg1 /dev/sdc2
# lvextend -l +100%FREE /dev/mapper/vg1-lv1
# gfs2_grow /home6
====================================================
cluster LVM
===============
# vgchange -cn cluster_vg
# vgchange -cn cluster_vg --config 'global {locking_type = 0}'
# vgchange -ay cluster_vg
# vgchange -ay cluster_vg --config 'global { locking_type = 0 }'
=====================================================

[root@backupserver8-LogServer36 ~]# lvcreate -n lv9 -l  100%FREE bak9GepEMC

[root@backupserver8-LogServer36 ~]# pvscan
[root@backupserver8-LogServer36 ~]# vgscan
[root@backupserver8-LogServer36 ~]# lvscan
[root@backupserver8-LogServer36 ~]# vgimport bak8GepEMC
[root@backupserver8-LogServer36 ~]# vi /etc/fstab
[root@backupserver8-LogServer36 ~]# mount -a
[root@backupserver8-LogServer36 ~]# lvdisplay
[root@backupserver8-LogServer36 ~]# lvchange -a y /dev/bak8GepEMC/lv1
Subscribe to: Posts (Atom)