Server Side configuration =============================================== # yum install nfs-utils nfs-utils-lib # yum install portmap #...

Server Side configuration
===============================================
# yum install nfs-utils nfs-utils-lib
# yum install portmap
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir /nfsshare
# vi /etc/exports
/nfsshare 10.25.214.10(rw,sync,no_root_squash) (Add this line)
=================================================
Client side configuration
==================================================
# yum install nfs-utils nfs-utils-lib
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock
# systemctl enable nfs-idmap
# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock
# systemctl start nfs-idmap
# mkdir -p /home/nfsshare
# mount -t nfs 10.25.214.127:/nfsshare /home/nfsshare
# touch /home/nfsshare/test
# mount | grep nfs
# vim /etc/fstab
10.25.214.127:/nfsshare                   /home/nfsshare          nfs     defaults        0 0 (Add This line)
=====================================================
Important commands for NFS
=====================================================
(1)showmount -e : Shows the available shares on your local machine
# showmount -e
Export list for gluster-server:
/nfsshare 10.25.214.10

(2)showmount -e <server-ip or hostname>: Lists the available shares at the remote server
# showmount -e 10.25.214.127
Export list for 10.25.214.127:
/nfsshare 10.25.214.10

(3)exportfs -v : Displays a list of shares files and options on a server
# exportfs -v
/nfsshare       10.25.214.10(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)

(4)exportfs -a : Exports all shares listed in /etc/exports, or given name
(5)exportfs -u : Unexports all shares listed in /etc/exports, or given name
(6)exportfs -r : Refresh the server’s list after modifying /etc/exports

=================================================================
NFS Options
=====================================
Some other options we can use in “/etc/exports” file for file sharing is as follows.
(1)ro: With the help of this option we can provide read only access to the shared files i.e client will only be able to read.
(2)rw: This option allows the client server to both read and write access within the shared directory.
(3)sync: Sync confirms requests to the shared directory only once the changes have been committed.
(4)no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger file system, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
(5)no_root_squash: This phrase allows root to connect to the designated directory.



========================================================================
How to Install and Configure FTP Server in CentOS 7 ((vsFTPd 3.0.2))
========================================================================
# yum install vsftpd ftp -y
# systemctl start vsftpd
# systemctl enable vsftpd
# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO (We’ll allow access to the FTP server only the local users, find the anonymous_enable and local_enable directives and verify your configuration match to lines below:)
local_enable=YES 
write_enable=YES  (Uncomment the write_enable setting to allow changes to the filesystem such as uploading and deleting files)
chroot_local_user=YES  (Uncomment tiis line for CHROOT Jailed Environment)
allow_writeable_chroot=YES (Add this line for CHROOT Jailed Environment)
==========================================================================
Create FTP users
useradd sk
passwd sk
==========================================================================
[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub
250 Directory successfully changed.
ftp> exit
221 Goodbye.

Login with sk user
=============================================================================
[root@gluster-server ~]# su - sk
[sk@gluster-server ~]$ ftp 110.25.214.127
^C[sk@gluster-server ~]$ ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:sk): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
250 Directory successfully changed.
ftp>
===================================================================================
CHROOT Jailed Environment
===================================================================================

[root@gluster-server ~]# ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub/
550 Failed to change directory.
ftp>
======================================================================================
Block the User to login in ftp server
======================================================================================
# vim /etc/vsftpd/ftpusers
ravi
# vim /etc/vsftpd/user_list
ravi
save and quit

[root@gluster-server ~]#  ftp 10.25.214.127
Connected to 10.25.214.127 (10.25.214.127).
220 (vsFTPd 3.0.2)
Name (10.25.214.127:root): pranchal
530 Permission denied.
Login failed.
ftp> exit
221 Goodbye.
=======================================================================================
Active FTP and Passive FTP
=======================================================================================
ftp> passive
Passive mode on.
ftp> passive
Passive mode off.
ftp>

(1) FTP stands for File Transfer protool
(2) FTP is TCP based, there is UDP involved with it
(3) FTP server listen on port 21 (Command and control port)
(4) Port 20 is called as the DATA prot for FTP
(5) There are two ways by which FTP works they are Active FTP and Passive FTP

Active File Transfer Protocal
=======================================
(1) Client connect to server on port 21
(2) client tells server the data port
(3) FTP server connect to the clients data port
(4) Client acknowledges

Passive File Transfer Protocol
========================================
(1) Client connect to server on port 21
(2) Server tells client the data port
(3) Client connect to the FTP server's data port
(4) server acknowledges

=========================================================================
NTP installation and configuration
=========================================================================
Server Side configuration
=========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
==========================================================================
Add these line to ntp.conf
server 1.in.pool.ntp.org==================Sync time with ntp websites
server 0.asia.pool.ntp.org================Sync time with ntp websites
server 1.asia.pool.ntp.org================Sync time with ntp websites

server 127.127.1.0========================sync time with ntp local server
fudge 127.127.1.0 stratum 6===============sync time with ntp local server

For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# systemctl status ntpd
===========================================================================
Client Side configuration
===========================================================================
# yum install ntp
# systemctl status ntpd
# systemctl start ntpd
# systemctl enable ntpd
# vim /etc/ntp.conf
===========================================================================
Add these line to ntp.conf
server 10.25.214.127 (NTP server IP)

For log file
logfile /var/log/ntp.log
===========================================================================
# systemctl restart ntpd
# ntpdate -u 10.25.214.127===================Sync the Time with ntp server


Samba server installation and configuration
===============================================================
==================================================================
# yum install samba samba-client samba-common cifs-utils
# mkdir /home1/samba_share
# useradd smbuser1
# useradd smbuser2
# passwd smbuser1
# passwd smbuser2
# smbpasswd -a smbuser1
# smbpasswd -a smbuser2
# groupadd smbuser
# chown :smbuser /home1/samba_share
# usermod -G smbuser smauser1 smbuser2
# usermod -G smbuser smauser1
# usermod -G smbuser smbuser1
# usermod -G smbuser smbuser2
===================================================================
# cp /etc/samba/smb.conf.example /etc/samba/smb.conf

# vim /etc/samba/smb.conf
[samba_share]
comment = samba share
path = /home1/samba_share
browseable = yes
guest ok = no
writable = no
    read only = no
create mask = 0755
======================================================================
# testparm 
# systemctl restart smb
# systemctl enable smb
# chmod -R 777 /home1/samba_share/
# chown -R smbuser1 /home1/samba_share/
# chown -R smbuser1:smbuser /home1/samba_share/
# smbpasswd -a test=================For non privileged samba user
========================================================================

1)create a user without useradd command ============================================================================================ vim ...

1)create a user without useradd command
============================================================================================
vim /etc/paaswd
ravi:x:501:501:ravi:/home/ravi:/bin/bash (Add this line to paaswd file and save)
vim /etc/group
ravi:x:501 (Add this line and save the file)
change the user password paaswd ravi
create a home directory with /home/ravi
copy /etc/skel/.* folder to user home directory
=============================================================================================
(2) Default permission of user home directory is ===700
(3) Difference between .bash_profile and .bashrc
Every time you login to a Linux (Red Hat) machine .bash_profile file is executed and In case you are already logged in and you open a new terminal then .bashrc file is executed
(4) command to create a user with a pre defined uid, shell and home directory
useradd -m -d /path/to/home -s /bin/bash -u 550 deepak
(5) change primary group for any user?
usermod -g groupname  username
=======================================================================
User id 0 is the id of the root user
By default, a Linux user falls under same as userid (UPG)

=======================================================================
SETUID Permission on Executable Files:-
==============================
Whenever SETUID permission has set on executable files, anyone executing that command (file) will inherit the permissions of the owner of the file.
The SETUID permission displays as an “s” in the owners executable field.
For below example, the SETUID permission on the “passwd” command which provides the access to change the passwd for users.
# ls -ltr /usr/bin/su /usr/bin/passwd
# touch /var/tmp/unixrock_setuid
# chmod 4555 /var/tmp/unixrock_setuid
# ls -ltr /var/tmp/unixrock_setuid
===============================
SETGID Permission on Executable Files:-
===============================
SETGID permission is similar to the SETUID, except that the process's effective group ID (GID) is changed to the group owner of the file, and a user is granted access based on permissions assigned to that group.
# ls -ltr /usr/bin/mail /usr/bin/write
# touch /var/tmp/unixrock_setgid
# ls -ltr /var/tmp/unixrock_setgid
# chmod 2555 /var/tmp/unixrock_setgid
================================
Sticky Bit Permission on Public Directories :-
================================
If the directory permission have the sticky bit permission set, then the file can be deleted only by the owner of the file/directory or the root user.This special permission prevents to delete other user’s file from public directories.
# ls -ld /tmp
# mkdir -p /vat/rmp/unixrock_stickybit
# chmod 1777 /vat/rmp/unixrock_stickybit
# ls -ld /vat/rmp/unixrock_stickybit

=====================================================================================
Telnet configuraion RHEL-7
====================================================
yum install telnet-server
systemctl start telnet.socket
systemctl status telnet.socket
[root@gluster-02 ~]# telnet 10.25.214.11
Trying 10.25.214.11...
Connected to 10.25.214.11.
Escape character is '^]'.

Kernel 3.10.0-693.el7.x86_64 on an x86_64
gluster-02 login: ravi
Password:
Last login: Sun Jan 13 22:39:23 on pts/0
[ravi@gluster-02 ~]$
====================================================
The default port for SSH client connections is 22; to change this default, enter a port number between 1024 and 32,767.
The default port for Telnet client connections is 23; to change this default, enter a port number between 1024 and 32,767.
====================================================
change Default ssh prot
====================================================
vim /etc/ssh/sshd_config

#Port 22
Port 9999
=====================================================
Disable Root login
===========================
vim /etc/ssh/sshd_config
#PermitRootLogin yes
PermitRootLogin no
=====================================================

==============================================================================================
Maximum number of partitions
=========================================
Its 4. It is a limitation of MBR.
If you want more partitions, you can create three primary and one extended partition.
Inside extended partition, you can create as many logical partitions.

There are two limits. On is the support in Linux, the other is the maximum count in the used partition table scheme: It depends if you use the legacy MBR or the newer GPT .
MBR supports four primary partition. One of them could be a extend partition which can contain an arbitrary number of logical partitions limited only by your disk space.
GPT supports up to 128 "primary" partitions.
In the old days, Linux supported only up to 63 partitions on IDE and 15 on SCSI disks because of limited device numbers. Today the kernel can allocate device numbers dynamically (udev is the keyword) so this limits should not be longer valid.
=========================================================================================================================
Prevent File/Directory Modification, Deletion and Renaming in Linux
====================================================================
# touch no-edit.txt
# lsattr no-edit.txt
# echo test >> no-edit.txt
# chattr +i no-edit.txt (+i add flag)
# lsattr no-edit.txt
# echo more-test >> no-edit.txt
# chattr -i no-edit.txt (-i remove flag)
=====================================================================
How to check hardwate details of any server
=====================================================
# dmesg
# lscpu======check CPU
# lspci======check network device
# lsscsi=====check scsi/sata
# lsusb -v ======check USB controllers
# dmidecode -t processor (To print hardware info from DMI table)
# dmidecode -t memory
# dmidecode -t bios
========================================================================

Q:-Difference between yum update vs yum install ?
Ans:- (1)The major differences between YUM and RPM are that yum knows how to resolve dependencies and can source these additional packages when doing its work. Though rpm can alert you to these dependencies, it is unable to source additional packages.
(2)RPM is a package manager while YUM is a frontend that can be used with RPM.
(3)The RPM package manager is unable to track dependencies while YUM can.

=============================================================
Perform SSH Login Without Password Using ssh-keygen & ssh-copy-id(10.25.214.11)
=====================================================================================
ssh-keygen -t rsa
ssh-copy-id -i .ssh/id_rsa.pub root@10.25.214.127

#  yum install device-mapper-multipath #  multipath -ll # /sbin/mpathconf --enable # multipath -ll # systemctl status multipathd # sys...

#  yum install device-mapper-multipath
#  multipath -ll
# /sbin/mpathconf --enable
# multipath -ll
# systemctl status multipathd
# systemctl start multipathd
# systemctl status multipathd
# yum install fcoe-utils
# yum install lldpad
#  cp /etc/fcoe/cfg-ethx   /etc/fcoe/cfg-eno51
#  cp /etc/fcoe/cfg-ethx   /etc/fcoe/cfg-eno52

Change "DCB_REQUIRED="no"" in below files:-

# vi cfg-eno51
# vi cfg-eno52


# systemctl status lldpad
# systemctl start lldpad
# systemctl status fcoe
# systemctl start fcoe
# systemctl status fcoe
# multipath -ll

# systemctl start multipathd
# systemctl status multipathid
# systemctl status multipathd

# cat /sys/class/fc_host/host*/port_name


echo "- - -" > /sys/class/scsi_host/host2/scan
echo "1" > /sys/class/fc_host/host1/issue_lip
echo "1" > /sys/class/fc_host/host2/issue_lip
================================================================================
multipath/iscsi
==============================================================================
===================================
server side configuration
===================================
# yum install targetcli
/> ls
/> /backstores/block create testlun1 /dev/sde============= cerate a test LUN
/> /iscsi create
/> iscsi/iqn.2003-01.org.linux-iscsi.gluster-02.x8664:sn.2d87862c9a72/tpg1/luns(iqn no of tartget server ) create /backstores/block/testlun1
/> iscsi/iqn.2003-01.org.linux-iscsi.gluster-02.x8664:sn.2d87862c9a72/tpg1/acls(iqn no of target server ) create iqn.1994-05.com.redhat:ab36ed2159e (iqn no of client server)
==============================================================
Client side configuration
===========================
# iscsiadm -m discovery -t sendtargets -p 10.25.214.11 (Discover a targer iscsi)
# iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.gluster-02.x8664:sn.2d87862c9a72 -p 10.25.214.11 -l (longin to targer iscsi)
======================================
iqn no file in server and client side
======================================
cat /etc/iscsi/initiatorname.iscsi

================================================= LVM Creation =============== # pvcreate /dev/sdb # vgcreate vg01 /dev/sdb # lvcreate...

=================================================
LVM Creation
===============
# pvcreate /dev/sdb
# vgcreate vg01 /dev/sdb
# lvcreate -L 2G -n lv01 vg01
# mkfs.xfs /dev/vg01/lv01
# mkdir /home1
# mount /dev/vg01/lv01 /home1
# df -h
# vim /etc/fstab
# mount -a
# df -h
==================================================
LVM Extend (Part-1)
===================
# lvextend -L +2G /dev/vg01/lv01
# xfs_growfs /dev/vg01/lv01
# df -h
===================================================
LVM Extend (Part-2)
====================
# pvcreate /dev/sdc2
# vgextend vg1 /dev/sdc2
# lvextend -L +1G /dev/mapper/vg1-lv1
# xfs_growfs  /dev/mapper/vg1-lv1
# df -h
====================================================
GFS LVM Extend
=======================
# pvcreate /dev/sdc2
# vgextend vg1 /dev/sdc2
# lvextend -l +100%FREE /dev/mapper/vg1-lv1
# gfs2_grow /home6
====================================================
cluster LVM
===============
# vgchange -cn cluster_vg
# vgchange -cn cluster_vg --config 'global {locking_type = 0}'
# vgchange -ay cluster_vg
# vgchange -ay cluster_vg --config 'global { locking_type = 0 }'
=====================================================

[root@backupserver8-LogServer36 ~]# lvcreate -n lv9 -l  100%FREE bak9GepEMC

[root@backupserver8-LogServer36 ~]# pvscan
[root@backupserver8-LogServer36 ~]# vgscan
[root@backupserver8-LogServer36 ~]# lvscan
[root@backupserver8-LogServer36 ~]# vgimport bak8GepEMC
[root@backupserver8-LogServer36 ~]# vi /etc/fstab
[root@backupserver8-LogServer36 ~]# mount -a
[root@backupserver8-LogServer36 ~]# lvdisplay
[root@backupserver8-LogServer36 ~]# lvchange -a y /dev/bak8GepEMC/lv1

Linux Boot Process:- Linux boot process have six step these steps are mentioned below Step1:- BIOS Step2:- MBR Step3:- Grub Ste...


Linux Boot Process:-
Linux boot process have six step these steps are mentioned below
Step1:- BIOS
Step2:- MBR
Step3:- Grub
Step4:- kernel
Step5:- init programs
Step6:- Run levels
(1)    BIOS:- Bios stands for basic input/output system, when we have power on any Linux machine it check some system integrity on self-test, it search, load and execute boot loader program. Once boot loader program detected  and loaded into memory, BIOS gives the control to it
(2)    MBR:- MBR stands for Master Boot Record, MBR size less than 512 Bytes and it has three partition, first partition size have 446 bytes and has master boot records info, second partition size have 64 bytes and has partition table info and third partition size has 2 bytes and has validation check. It has information about GRUB, so we can say MBR execute GRUB boot loader.
(3)    GRUB:- GRUB stands for Grand Unified Boot Loader, if we have install multiple kernel image installed in Linux system, we can choose which one to be executed. GRUB display a splash screen, wait for few seconds, if you don’t enter anyting, it loads default kernel image as specified in grub configuration file. Grub configuration file is /boot/grub/grub.conf it contains kernel and initrd image.
(4)    KERNEL:- Mount the root file system as specified in the “root=” in grub.conf, kernel executes the /sbin/init program, Since init is a first program to be executed by kernel, it has the process id of 1, initrd stands for Initial RAM Disk.
(5)    INIT:- Looks at /etc/inittab file to decide the Linux run level.
(6)    Runlevel Program:-  When the Linux system is booting up, you might see various service getting started for example it might say “starting sendmail ….ok” Those are run level directory as defined by your run level.

                                                           
Subscribe to: Posts (Atom)