1

S.NO
.
TITLE
PAGE
1 Terminal Basics 3
2 Vim Basics
3 Shell Scripting
4 Finding & Processing Files
5 Process
6 Job Scheduling
!ser "uota
# Bac$up tools
% !ser &roup 'anagement
1( Special Permissions
11 So)t*are +,-.
12 /ogical Volume 'anager
13 'onitoring
14 0ncr1ption File S1stem
15 2!' Ser3er
16 45P Ser3er
1 4FS Ser3er
1# F5P Ser3er
1% .67P Ser3er
2( S,'B, Ser3er
21 .omain 4ame S1stem
22 4-S Ser3er
23 ,pache Ser3er
24 ',-/ Ser3er
25 S"!-. Pro81 Ser3er
26 ,770SS 7ontrol 957P :rappers && -P5,B/0S;
2 /.,P Ser3er
2# <0+B0+=S
2% P/!&&B/0 ,!56045-7,5-=4 '=.!/0
3( S0>/inu8
31 <ic$start & P?0 B==5 -nstallation
32 S7S- Ser3er
33 !.0V
34 7/!S50+-4&
35 P0+F=+',470 5!4-4&
36 ,dditional 5opics
=pen SS6@ 7r1ptograph1@ ?inetd Ser3ices
1
2
/,'P Ser3er
AA >B +epeats last commandC
Achar >B +epeats last command that start *ith charC
Anum >B +epeats a command b1 its number in histor1 outputC
ADabc >B +epeats last command that contains abcC
A>n >B +epeats a command entered n commands bac$C
EoldEne* >Bto repeat last command *ith old changes to ne*C
5o recall last argument )rom pre3ious command
o 0sc $e1 )ollo*ed b1 a period 9C;C
o 6old do*n the ,lt $e1 *hile pressing the dotC
o AF
7trl>a mo3es to beginning o) lineC
7trl>e mo3es to end o) lineC
7trl>u deletes to the beginning o) the lineC
7trl>$ deletes to the end o) the lineC
7trl>arro* mo3es le)t or right b1 *ordC
'o3e b1 characterG ,rro* <e1s@ h@ H@ $@ l
'o3e b1 *ordG *@ b
'o3e b1 sentenceG ;@ 9
'o3e b1 paragraphG I@ J
Jump to line 8G 8& or G8
Jump to the endG &
5he de)ault substitution delimiter is the K character@ 6o*e3er 3i
treats *hate3er character )ollo*s the LsM command as the delimiterC
Visual modeG
o 3 to start character oriented 3isual modeC
o V to start line oriented 3isual modeC
o 7trl>3 to start bloc$ oriented 3isual modeC
!sing multiple *indo*sG
o 7trl>*@ s splits the screen horiNontall1C
o 7trl>*@ 3 splits the screen 3erticall1C
o 7trl>*@ arro* mo3es bet*een *indo*sC
o 7trl>*@ O to increase the siNeC
o 7trl>*@ > to decrease the siNeC
2
3
FP >B holds all command line arguments
FQ >B holds number o) command line argumentsC
File 5estG
o >d true i) the )ile is director1
o >e true i) the )ile e8ists
o >) true i) )ile e8ists and is a regular )ile
o >h true i) )ile is a s1mbolic lin$
o >/ true i) )ile is a s1mbolic lin$
o >r true i) )ile e8ists and is readable b1 1ou
o >s true i) )ile e8ists and is not empt1
o >* true i) )ile e8ists and is *ritable b1 1ou
o >8 true i) )ile e8ists and is e8ecutable b1 1ou
o >= true i) )ile is e))ecti3el1 o*ned b1 1ou
o >& true i) )ile is e))ecti3el1 o*ned b1 1our group
)ind Rdir1ST RcriteriaST RactionST
>name
>iname
>group
>gid
>uid
>user
o >user Hoe Unot Ugroup Hoe
o >user Hoe Uo Ugroup Hoe
o >not V9 >user Hoe Uo Uuser root V;
>perm
o 55 >B matches i) mod is e8actl1 55
o O222 >B matches i) an1one can *rite
o >222 >B matches i) e3er1one can *rite
o >((2 >B matches i) other can *rite
>siNe
o 1(' >B 08actl1 1( megab1te
o O1(' >B File *ith a siNe o3er 1( megab1tesC
o >1(' >B File *ith a siNe less than 1( megab1teC
>atime
o 5 >B File *hose last accessed time stamp is e8actl1 5 da1sC
o O5 >B File *hose last accessed time stamp is more than 5 da1sC
o >5 >B File *hose last accessed time stamp is less than 5 da1sC
>mtime >B *hen data last changedC
>ctime >B *hen data or meta data last changedC
>amin
>cmin
>mmin
>ane*er
>cne*er
3
4
>ne*er
7ommand can be e8ecuted on )ound )iles
o 7ommand must be preceded *ith Ue8ec or Uo$C
>o$ prompts be)ore acting on each )ileC
o command must e8it *ith SP,70VW
o can use JI as a )ilename placeholderC
Vie* process in)ormation *ith psC
o Ue sho*s all processes
o Uu user sho*s all processes b1 user
o UF prints e8tra in)ormation
o U6 indents child processes
o Uo P+=P0+521@P+=P0+522 prints custom in)ormation
pid@comm@Xcpu@Xmem@state@tt1@euser@ruser@nice
4ice 3alues ma1 be alteredG
o :hen starting process
nice Un 5 command
o ,)ter starting
renice 5 P-.
, particular tas$ automaticall1 per)orming at a speci)ic time is $no*n
as Job SchedulingC
Job Scheduling is maintained b1 7+=4. ser3iceC
.escription o) elements in crontab )ile
o 'inutes 9(>5%;
o 6ours 9(>23;
o .a1 o) 'onth 91>31;
o 'onth 91>12;
o :ee$ .a1s 9(>@ both ( & )or Sunda1;
Job Scheduling )rom root
Q ser3ice crond start
Q crontab Ue
Y'insB Y6rsB Y.o'B Y'onthB Y.o:B Y7mdB
For step siNe@ *e can use PKYstepB )ormat iCeC to run a)ter e3er1 2 hrs
*e can use PK2C
!ser Zuota limits the user in t*o *a1
4
5
o Bloc$ 9the space on hard dis$ is limited;
o -node 94o o) )ile creation is limited;
5o appl1 user Zuota on the desired partition must be mounted *ith
LusrZuotaM optionC
+un )ollo*ing commands
Q Zuotachec$ Ua3um
Q Zuotaon Khome
Q edZuota Uu pan$aH
F Zuota
Q reZuota Ua
Q edZuota Ut J )or global I
setZuota is 7ommand line Zuota editor
Q setZuota Uu Y!S0+[4,'0B 1(( 2(( 1( 15 Ua Kde3Ksda?
bloc$ & inode
bloc$s (
so)t 1((
hard 2((
inodes (
so)t 1(
hard 15
5,+G 7ompressing & decompressing tool )or director1 & )ilesC
Q tar Uc3) bac$upCtar Ketc
Q tar Uc3H) bac$upCtarCbN2 Ketc
Q tar Uc3N) bac$upCtarCgN Ketc
Q tar U7 K >83) bac$upCtar
Note: j-> Bzip ompression ! z-> "zip compression# -c-> create ! -->
Tar"et $irector%
+S247G +emote & local s1nchroniNation o) director1C
Q rs1nc Ua36 YsourceB YdestinationB
.!'PG Bac$up & restore e8t2K3K4 )iles1stemsC
Q dump >(u U) Kde3Knst1 Khome
o dump >(u) Hoe\s3rGKde3Knst( Khome@ per)orms a remote bac$up using
rmtC
Q restore Ur) Kde3Knst1
KetcKpass*d )ile contains )ields separated b1 colon
<user>:x:UID:GID:<Comment>:<Home_Directory>:<Login_Shell>
KetcKshado* )ile contains % )ields separated b1 colon
<user>:<encypted_passwd>:<o_o!_days_last_passwd_changed>:<"in_#a
sswd_$ge>:<"ax_#asswd_$ge>:<#asswd_%arning_#eriod>:<#asswd_Inacti
&ity_#eriod>:<$ccount_'xpiration_Date>:<(eser&ed_)ield>
KetcKgroup )ile contains 4 )ields separated b1 colon
5
6
<group_name>:<password>:<GID>:<user_list>
KetcKgshado* )ile contains 4 )iels separated b1 colon
<group_name>:<encripted_password>:<administrator>:<mem*ers >
KetcKde)aultKuseradd )ile contains
G(,U#-.//
H,"'-0home
I$C1I2'-3.
'4#I('-
SH'LL-0*in0*ash
S5'L-0etc0s6el
C('$1'_"$IL_S#,,L-yes
KetcKloginCde)s )ile contains
#$SS_"$4_D$7S 88888
#$SS_"I_D$7S /
#$SS_"I_L' 9
#$SS_%$(_$G' :
UID_"I 9//
UID_"$4 ;////
GID_"I 9//
GID_"$4 ;////
C('$1'_H,"' yes
U"$S5 /::
US'(G(,U#S_'$<S yes
'C(7#1_"'1H,D SH$9.=
7ommands to manage !sers & &roupsG
o chage >B 7hange user pass*ord e8piration in)ormationC
>d /,S5[.,2 sets last date o) pass*ord change
>0 0?P-+0[.,50 set account e8piration to 0?P-+0[.,50
>- -4,75-V0 set pass*ord inacti3e a)ter e8piration to
-4,75-V0
>l sho* account in)ormation
>m '-4[.,2S set minimum number o) da1s to pass*d
change to
>' ',?[.,2S set ma8imum no o) da1s be)ore pass*d
change to
>: :,+4[.,2S set e8piration *arning da1s to
o useradd >B
>4 .o not create group *ith the same name as the
user
>! 7reate group *ith the same name as the user
>c 7=''045 7omment
6
7
>b B,S0[.-+ Base director1 )or the home director1 o) the
ne* account
>. Print or change de)ault user con)iguration
>e 0?P-+0[.,50 08piration o) ne* account
>< S<0/[.-+ !se this alternati3e s$el director1
>< <02]V,/!0 =3erride KetcKloginCde)s de)aults
>m 7reate 6ome .irector1
>' .on^t create home director1
>o ,llo* users *ith duplicate !-.
>p P,SS:=+. 0ncr1pted pass*ord o) the ne* account
>r S1stem account
>s login shell o) the ne* account
o !sermod >B 5o modi)1 e8isting local user
>a ,ppend the user to supplemental groups
mentioned b1 the U& option *ithout
remo3ing himKher )rom other groupsC
>l 40:[/=&-4 4e* 3alue o) the login nameC
>/ /oc$ the user accountC
>m 'o3e content o) the home director1 to the ne*
locationC
o pass*d >B 5o change pass*ord or modi)1 users^ pass*ord detailsC
>S report pass*ord status )or the named account
>$ $eep non>e8pired authentication to$ens
>d delete the pass*ord )or the named account
>l loc$ the named account
>u unloc$ the named account
>8 ma8imum pass*ord li)etime
>n minimum pass*ord li)etime
>* noC o) da1s user recei3e *arning be)ore
pass*ord e8piration
>- noC o) da1s a)ter pass*ord e8piration *hen an
account becomes disabledC
Stic$1 Bit >B Stic$1 permission is applied on a director1 *here
modi)ication o) )ile b1 other members o) the speci)ied group has to be
restrictedC
Q chmod 1( Y.-+075+2[4,'0 B
=+
Q chmod oOt Y.-+075+2[4,'0B
S!-. >B S!-. is applied on an e8ecutable )iles that are needed to run
b1 local users to per)orm tas$ that reZuire some ser3ices to run *ith
admin pri3ilegeC
Q chmod 4( YF-/0[4,'0 B
=+
Q chmod uOs YF-/0[4,'0 B
7
8
S&-. >B S&-. permission is applied on a director1 *here later on )iles
created must be o*ned b1 the group speci)iedC
Q chmod 2( Y.-+075+2[4,'0B
=+
Q chmod gOs Y.-+075+2[4,'0B
,7/ >B ,7/ is applied to both director1 and )ileC -t is reZuired onl1
*hen administrator ha3e to gi3e di))erent permissions to indi3idual
users )or the speci)ic director1 o) )ileC
Q set)acl Um uGY!S0+[4,'0BGYPermission[-4[=75,/B YF-/0[4,'0B
Q get)acl YF-/0[4,'0B
Q set)acl Ud uG Y!S0+[4,'0B YF-/0[4,'0B
S!.= >B -t is used *hen a local user *ant to run administrati3e command
on behal) o) rootC -t^s con)iguration )ile is KetcKsudoerrsC
Cmnd_$lias $<C-0usr0*in0useradd
<US'(_$"'> $LL-$<C
76,55+ >B 7hange )ile attribute on a /inu8 )ile s1stem
Q chattr R>+V)T R>3 3ersionT RmodeT )ilesS
5he )ormat o) a S1mbolic 'ode is O>]RacdeiHstu,.S5T
,ppend onl1 9a;
7ompressed 9c;
4o dump 9d;
08tent )ormat 9e;
-mmutable 9i;
.ata Hournaling 9H;
Secure deletion 9s;
4o tail>merging 9t;
!ndeletable 9u;
4o atime updates 9,;
S1nchronous director1 updates 9.;
S1nchronous updates 9S;
5op o) director1 hierarch1 95;
'ultiple dis$s grouped together into arra1s to pro3ide better
per)ormance@ redundanc1 or bothC
m&a&m>pro3ides the administration inter)ace to so)t*are +,-.C
'an1 +,-. /,B0/S supported@ including +,-. '# (# ) and *C
+,-. de3ices are named@ +&e,+m&'# +&e,+m&( and so onC
T-e most commonl% .se& /AI$ t%pes:
/AI$ ' or stripin": 5*o or more dis$ used to create a large high
per)ormance 3olumeC Per)ormance is better i) dri3es o) eZual siNe are
usedC 4o redundanc1@ so chance o) )ailure is 3er1 highC ,rra1 siNe
eZuals the sum o) all dis$s in arra1C
/AI$ ( or 0irrorin": 5*o dis$s containing the same data updated
simultaneousl1C +edundanc1 o))ers good protection against dis$ )ailureC
8
9
7an slo* *rite per)ormance but tend to impro3e read per)ormanceC =nl1
+,-. t1pe that can place the K1oot partition onC 6ot spare dis$ can be
used to impro3e )ault toleranceC ,rra1 siNe eZuals the siNe o) the
smallest dis$ usedC
/AI$ ): 5hree or more dis$s *ith Nero or more hot sparesC , good
balance bet*een per)ormance and reliabilit1C +edundanc1 is achie3ed b1
splitting parit1 bet*een all dis$sC =ne dis$ can be lost *ithout arra1
)ailureC Both read and *rite speeds are usuall1 impro3ed@ but in
certain case *rite per)ormance is dramaticall1 decreasedC For this
reason +,-.5 is o)ten not a good choice to host databasesC
/AI$ * or Stripin" 2it- &.al &istri1.te& parit%: Similar to +,-.5
e8cept that it impro3es )ault tolerance b1 allo*ing the )ailure o) an1
t*o dri3es in the arra1C
So3t2are /AI$ on3i".ration:
4 mdadm >c Kde3Kmd( >>chunc$]64 >>le3el]5 >>raid>de3ices]3
Kde3KsdJb@c@dI1
5>>le3el or >l sets the +,-. le3el@ >>raid>de3ices or >n sets the number o)
+,-. dis$@ >>spare>de3ice or >8 optionall1 sets the number o) hot spare@ >a
1es instructs ude3 to create the md de3ice )ile i) it does not alread1
e8istC6
4 m$e2)s >H Kde3Kmd(
m&a&m allo*s to chec$ status o) 1our raid de3ices
4 m&a&m --&etail +&e,+m&'
m&monitor pro3ides noti)ication ser3ices on the statusC
5he con)iguration )ile +etc+m&a&m.con3 is utiliNed b1 the mdadm utilit1
*hen run in --monitor mode as done b1 the +etc+rc.&+init.&+m&monitor
startup scriptC
4 cat +etc+m&a&m.con3
"$IL$DD( myuser>mydomain?1LD
5he abo3e con)iguration *ill generate an email to m1user\m1domainC5/.
*hen an1 o) the arra1s )ail to start or )all into a degraded state@
letting us immediatel1 that a dis$ repair is neededC
Simulating &is7 3ail.res
4 m&a&m +&e,+m&' -3 +&e,+s&a(
+eco3ering )rom a So)t*are +,-. dis$ )alure
o +eplace the )ailed hard dri3e and po*eron
o +econstruct the partition on )ailed dri3e
4 m&a&m +&e,+m&' -a +&e,+s&a(
Lo" messa"es -> +,ar+lo"+messa"es
7hec$ status o) +,-. de3ices in +proc+m&stat
9
10
/ogical 3olumes & logical 3olume management ma$e it easier to manage
dis$ spaceC -) a )ile s1stem needs more space@ it can be allocated to
its logical 3olume )rom the )ree space in its 3olume group and the )ile
s1stem can be resiNedC
Ph1sical 3olumes are the )irst building bloc$ o) /V'C 5hese could be
partitions@ *hole dis$s@ +,-. sets or S,4 dis$sC
Volume &roups are storage pools made up o) one or more ph1sical
3olumesC
Ph1sical 08tents are small chun$s o) data stored on ph1sical 3olumes
that act as the bac$end o) /V' storageC
/ogical 08tents map to Ph1sical 08tent to ma$e up the )ront end o) /V'
storageC B1 de)ault each /ogical 08tent *ill map to one Ph1sical
08tentC
7+0,5-=4 =F /V' >B
Q )dis$ Kde3Ksda Jcreate partition as reZuired I
Q part8 Ua Kde3Ksda
Q p3create Kde3Ksda?
Q 3gcreate YV& [4,'0B Kde3Ksda?
Q l3create >>siNe O2& Un Y/V [4,'0B YV&[4,'0B
Q m$)sCe8t4 Kde3KYV&[4,'0BKY/V[4,'0B
0?504.-4& /V >B
Q l3e8tend >>siNe YS-_0[+0"B Kde3KYV&[4,'0BKY/V[4,'0B
Q resiNe2)s U) Kde3KYV&[4,'0BKY/V[4,'0B J=nline FormatingI
0?504.-4& V& >B
Q 3ge8tend Kde3Ksda2
+0.!7-4& /V >B
Q umount Y/V[4,'0B
Q e2)sc$ U) Kde3KYV&[4,'0BKY/V[4,'0B Ji) error@ don^t resiNe data
ma1 be lostI
Q resiNe2)s U) Kde3KYV&[4,'0BKY/V[4,'0B YS-_0[+0"B
J.e)ragmentationI
Q l3reduce >>siNe YS-_0[+0"B Kde3KYV&[4,'0BKY/V[4,'0B
/V' S4,PS6=5 >B
10
11
Q l3create >>siNe YS-_0[+0"B >s Un YS4,P[4,'0B Kde3KYV&[4,'0BKY/V[4,'0B
7reating , S*ap File >B
Q dd i)]Kde3KNero o)]Ks*ap)ile bs]1(24 count]1((((
Q m$s*ap Ks*ap)ile
Q chmod (6(( Ks*ap)ile
KsbinKip is used to sho* or temporaril1 modi)1 de3ices@ routing@ polic1
routing@ and tunnelsC
Q ip addr sho* eth(
Q ip Us lin$ sho* eth(
Q ip route
6ostname +esolution
o 5he contents o) the )ile KetcKhosts are chec$ed )irstC
o -) entr1 is not )ound in that )ile the stub resol3er loo$s the
in)ormation )rom a .4S name ser3erC 5he KetcKresol3Ccon) )ile
controls ho* this Zuerr1 is doneC
nameser3erG 5he ip address o) the name ser3er to Zuerr1C
searchG , list o) domain name to search *ith a short host
nameC
o KetcKs1scon)igKnet*or$ is used to speci)1 the )ull1>Zuali)ied
hostname and ma1 speci)1 a static de)ault route i) dhcp is not
a3ailableC
7on)iguring 4et*or$
o KetcKs1scon)igKnet*or$>scriptsKi)c)g>YnameB
S5,5-7 -P 7=4F-&!+,5-=4 >B
<,,1#(,1,-static
I#$DD(-.8=?.;@?/?=9/
#(')I4-=A
G$1'%$7-.8=?.;@?/?=9A
DS.-.8=?.;@?/?=9A
.67P -P 7=4F-&!+,5-=4 >B
<,,1#(,1,-dhcp
,42 >B
D'2IC'-eth/
,<,,1-yes
H%$DD(-9=:9A://://://:)$
"_C,1(,LL'D-yes
o .e3ice >B Speci)ies the de3ice alias that the )ile describesC
o 6:,..+ >B ,ssociate the con)iguration *ith a speci)ic de3ice
identi)ied b1 a ',7 addressC
o B==5P+=5= >B :here ip settings should be retrie3ed )rom dhcp
or staticC
o -P,..+ and 405',S< >B Basic ip settingsC =nl1 necessar1 *hen
not using dhcpC
11
12
o &ate*a1 >B 5he -P address o) the s1stem or de3ice to send
message destined )or hosts on another net*or$C -t is the
responsibilit1 o) the gate*a1 ho* to contact the destination
hostC
o =4B==5 >B :hether to bring the de3ice up automaticall1 *hen the
s1stem bootsC
o !S0+75/ >B :hether t allo* non>root users to bring this de3ice
up or do*nC
o 52P0 >B Speci)ies the t1pe o) net*or$ inter)ace being usedC
7an be omitted *hen con)iguring ordinar1 0thernetC
&lobal settings in KetcKs1scon)igKnet*or$
o 405:=+<-4&]1es
o &,50:,2]1%2C16#C(C254
o 6=S54,'0]ser3er1((e8ampleCcom
'=4-5=+-4& >B
.etect /ocal Ser3ices >B
Q netstat Utupln
.etecting +emote Ser3ices >B
Q nmap U, Us5 ser3er1
4oteG >, enables os detection@ 3ersion detection@ script scanning
& traceroute
7apturing Pac$ets *ith tcpdump
Q tcpdump U. J/ist all a3ailable capture
inter)aceI
Q tcpdump Unn Ul Us 2((( U* pac$ets U- eth( `port 22^
>nn e3er1thing
>l do line bu))ering to the )ile
>s snap[len ma8 no o) b1tes per pac$et to output
>* )ilename )ile to *rite output to
>- inter)ace inter)ace to capture
)ilter $e1*ords and logical operators used to )ilter
pac$ets 9iCeC `host des$topCe8ampleCcom and port
25^;
-P ,/-,S0S >B
,ssigning multiple ip address to a single inter)ace is called ip
aliasingC
.67P does not support aliasesC
5here basic steps to adding an ip aliasG
o Persistentl1 disable 4et*or$ 'anagerC
o -nteracti3el1 add alias
Q ip addr add 1(C1C1C25(K24 de3 eth( lebel eth(G(
Q ip addr sho* eth(
o Persistentl1 add alias b1 creating
KetcKs1scon)igKnet*or$>scriptsKi)c)g>eth(G(
.0V-70]eth(G(
-P,..+]1(C1C1C25(
P+0F-?]24
12
13
=4P,+045]1es
o ,3oid using i)con)ig commandC -) s1stem has ne*>st1le secondar1
-P address set on an inter)ace that does not ha3e bac$*ard
compatibilit1 -P alias le3elC
5'P:,576 >B
7leans old )iles in speci)ic directories
<eeps Ktmp )rom )illing up
/=&+=5,50 >B
<eeps log )iles )rom getting to largeC
6ighl1 con)igurable in KetcKlogrotateCcon)
/=&:,576 >B
Pro3ides a summar1 about s1stem acti3it1C
+eports suspicious messages
7on)iguration )ileG KetcKlog*atchKcon)Klog*atchCcon)
'anaging Partitions >B
)dis$ > 'anaging Partitions
s)dis$ > non interacti3e
parted > 7reating@ remo3ing@ resiNing and cop1ing partitions
e2label > 7reating a label )or PartitionsC
0FS technolog1 pro3ides pass*ord o3er an1 ph1sical de3icesC
0FS *or$s on /!<S utilit1C
/!<S stands )or /inu8 !ni)ied <e1 SetupC
Pac$age >B cr1pto>utils
5ools >B cr1ptsetup
on3i".rin" E8S:
Q 1um U1 install cr1ptP
Q )dis$ Kde3Ksda J 7on)igure partition to encr1pt I
Q cr1ptsetup lu$sFormat Kde3KsdaY?B
Q cr1ptsetup lu$s=pen Kde3KsdaY?B Yname de3iceB
Q m$)sCe8t4 Kde3KmapperKYname de3iceB
Q m$dir Kcr1pt
13
14
Q mount Kde3KmapperKYname de3iceB Kcr1pt
Q dd i)]Kde3Kurandom o)]KrootKsecure
Q cr1ptsetup lu$s,dd<e1 Kde3KsdaY?B KrootKsecure bs]1(24 count]4
Q 3im KetcKcr1pttab
Yname de3iceB Kde3KsdaY?B KrootKsecure
Q 3im KetcK)stab
Q cr1ptsetup lu$sSuspend Kde3KmapperKYname de3iceB
Q cr1ptsetup lu$s+esume Kde3KmapperKYname de3iceB
Q cr1ptsetup lu$s7lose Kde3KmapperKYname de3iceB
Q cr1ptsetup lu$s+emo3e<e1 Kde3KsdaY?B KrootKsecure
T%pes o3 on3i".ration:
Ser3er
7lient
on3i".ration o3 lient:
Q 3im KetcK1umCreposCdKclientCrepo
BclientC
name-1his is Client?
*aseurl-!tp:00<ser&er_ip>0pu*0<path_to_repodata>
ena*led-.
gpgchec6-/
Q 1um install >1 Ypac$age>nameB
Ser,er on3i".ration:
7reating +epodata
o Q repocreate Ypath>to rpm>pac$agesB
7reating &roup +epodata
o Q repocreate Ug YgroupC8mlB Ypath>to>rpm>pac$agesB
9o2 to reate Gro.p 8ile:
14
15
Q 1um>group>manager >>name Y4ame>&roupB >>mandator1 Y4ame
multiple>Pac$ages>to>-nclude>in>this>groupB >>sa3e Y)ilenameC8mlB
>>description Y.iscription>)or>group>pac$ageB
/P0 Pac7a"e 0ana"ement:
Q rpm Ui3h YPac$age>4ame>:ith>08tensionB
Q rpm UZa >>last a tac
Q rpm UZd YPac$age>4ameB
Q rpm UZ) Y4ame>o)>con)iguration>)ileB
Q rpm UZi Y-nstalled>Pac$ageB
Q rpm Ue YPac$age>4ameB
Q rpm Ui3h YPac$age>4ame>:ith>08tensionB >>nodeps
Q rpm Uimport KetcKp$iKrpm>gpgK+P'>&P&><02>redhat>release
Q rpm UZa gpg>pub$e1
Q rpm Uchec$sig YP<&[4,'0B
4FS is mainl1 used )or )ile sharing o3er 4et*or$C
4FS supports onl1 /,4 4K:C
-5 supports -P Based Securit1C
Port 'ap Ser3ice connect client reZuest *ith 4FS Ser3er using +P7
Ser3ice
9+P7>B+emote Procedure 7all;
P/O8ILE:
Pac$age>B n)s>utils
.eamon>B n)s
7on)iguration>B KetcKe8ports
Port 4oC>B 111 )or Port'ap
2(4% )or 4FS
/og File>B K3arKlogKmessages
N8S on3i".ration:
Q 3im KetcKe8ports
15
16
0#roDect .8=?.;@?/?/0=AErwFsyncG
0#roDect9 HErwFsyncFno_root_sIuashG
Q ser3ice n)s restart
Q ser3ice portreser3e restart
0o.ntin" N8S S-ares At lient Si&e:
Q sho*mount >e YSer3er[-PB
mount Yser3er[ipBGKYshare[nameB YPath[to['ountingB
or
cd KnetKYser3er[ipB
4oteG> 5o distinguish root )rom nobod1 Lno[root[sZuashM $e1*ord is usedC
45P is mainl1 used )or time s1nchroniNation o) all client machineC
7'=S Batter1 should be properl1 *or$ingC
'inimum time inter3al )or time s1nchroniNation )rom 45P ser3er is 5 to
15 minsC
Area o3 NTP:
7rontab or Job SchedulingC
7,
<erberos
Ser,ice Pro3ile:
Pac$age>B 45P
.aemon>B ntpd
Port 4oC>B 125 9!.P;
7on)iguration File>B KetcKntpCcon)
/og File>B K3arKlogKmessages
on3i".ration:
Q 3im KetcKntpCcon)
dri!t!ile 0&ar0li*0ntp0dri!t
16
17
restrict de!ault 6od nomodi!y notrap nopeer noIuery
restrict .=:?/?/?.
restrict .8=?.;@?/?/ mas6 =99?=99?=99?/ nomodi!y notrap
ser&er .=:?.=:?.?/
!udge .=:?.=:?.?/ stratum ./
J ser&ice ntpd restart
Jch6con!ig ntpd on
Q netstat Utupln a grep ntpd
7lient SideG
Q 3im KetcKntpCcon) J,dd )ollo*ing lineI
ser&er <ip3o!31#3ser&er> i*urst
Q ser3ice ntpd restart
Qch$con)ig ntpd on
Q ntpdate Ub Y45P>ser3er>ipB
4-S Ser3er basicall1 pro3ides user authenticationC
-t mainl1 stores three )iles related to user in)ormationG
KetcKpass*d
KetcKgroup
KetcKshado*
4-S is +P7 based ser3ice and *or$s on Port'ap Ser3iceC
-5 is used )or port mapping bet*een 7lient and Ser3erC
-5 *as de3eloped b1 Sun>'icro S1stemC
-5 is also called 2P>S0+V0+ 92ello* Page Ser3er;C
4-S ser3er onl1 supports local 4K: *ith same en3ironmentC
4-S is unsecured because user and pass*ord in)ormation shared in plain
te8tC
Ser,ice Pro3ile:
Pac$ages>B 1p>bind@ 1p>tools@ 1p>ser3er
.aemon>B 1pser3
Port 4oC>B 4o port no is a3ailable but con)igurableC
17
18
7on)iguration File>B KetcK1pCcon)@ KetcK1pser3Ccon)
on3i".ration:
7reate desired user *ith an1 pass*ordC
7reate 4-S .omain 4ameC
.e)ine 1our machine as a 'aster Ser3erC
!pdate databaseC
Share user^s home director1 *ith 4FSC
Q m$dir Krhome
Q useradd Ud KrhomeKnisuser1 nisuser1 && pass*d nisuser1
Q useradd Ud KrhomeKnisuser2 nisuser2 && pass*d nisuser2
Q useradd Ud KrhomeKnisuser3 nisuser3 && pass*d nisuser3
Q nisdomainname
Q nisdomainname Y4-S>.=',-4>4,'0B
Q 3im KetcKs1scon)igKnet*or$
ISD,"$I-<IS3D,"$I3$"'>
7#S'(2_$(GS-K3p @/@M
Q 1um U1 install 1pser3
Q ser3ice 1pser3 restart
Q ch$con)ig 1pser3 on
Q KusrKlib64K1pK1pinit Um
Q rpcin)o Up
Q cd K3arK1pK
Q ma$e
Q 3im KetcKe8ports
0rhome HErwFsyncG
Q ser3ice n)s restart
Q ch$con)ig n)s on
lient Si&e:
Q rpm UZa 1pP
18
19
Q 1um install U1 1pbindP 1p>tools
Q authcon)ig>tui
Chec6 > Use IS
Domain :- <IS3D,"$I3$"'>
IS Ser&er :- <IS3S'(2'(3I#>
Q getent pass*d
=+
Q 1pcat pass*d
Q 3im KetcKautoCmaster
0rhome 0etc0rhome?misc
Q 3im KetcKrhomeCmisc
H 3rwFso!tFintr <IS3S'(2'(3I#>:0rhome0L
Q ser3ice auto)s stop
Q ser3ice auto)s start
Q ch$con)ig auto)s on
F5P Ser3er is mainl1 used )or do*nloading and uploading o) )iles o3er
nK*C
F5P Ser3er supports di))erent en3ironmentsC
F5P Ser3er *or$s on both /,4 & :,4C
5*o 51pes o) F5P Ser3er@ ,cti3e F5P & Passi3e F5PC
5*o t1pes o) F5P !sersG
,non1mous 9&uest users;
F5P !sers 9.o*nload & !pload *ith user name & pass*ord;
.e)ault con)iguration allo*s ,non1mous !sers to do*nload )rom Ser3erC
.e)ault con)iguration allo*s F5P !sers both .o*nloading & !ploadingC
.ocument +oot o) F5PG K3arK)tpC
Ser,ice Pro3ile:
Pac$age >B 3s)tpd
.aemon >B 3s)tpd
19
20
7on)iguration File >B KetcK3s)tpdK3s)tpdCcon)
/og )ile >B K3arKlogK3s)tpdK8)erlog
Port 4oC >B 2( 9.ata 7onnection;
21 97ontrol 7onnection;
on3i".rin" Ser,er:
0nable uploading )or ,non1mous !sers
anon_upload_ena*le-7'S
anon_m6dir_write_ena*le-7'S
6ide F5P Banner
!tpd_*anner-%elcome to 5( etwor6?
/imit /ocal !sers to their home director1
chroot_local_user-7'S
/imit .o*nloading & uploading SpeedC
anon_maxrate-.////
local_max_rate-;////
/imit ma8imum clients & their simultaneous 7onnections
max_clients-.9
max_per_ip-M
7on)igure selinu8 to allo* F5P
J chcon N( Nt pu*lic_content_rw_t 0&ar0!tp0pu*
7on)igure selinu8 to allo* ,non1mous !ploading
J setse*ool N# allow_!tpd_anon_write on
7on)igure selinu8 to allo* F5P user^s 6ome .irector1
J setse*ool N# !tp_home_dir on
5o .isable an1 F5P user@ add their entr1 in
0etc0&s!tpd0user_list
0etc0&s!tpd0!ptusers
lient Si&e :ploa&in" ! $o2nloa&in" Tools:
)tp
l)tp >B 9Supports tab & interacti3e mode is o))@ de)ault login *ith
anon1mous user i) user name not pro3ided;
*get >B Supports direct do*nloading *ith !+/ pro3ided
s)tp >B Supports onl1 +==5 userC
-t basicall1 pro3ides -P to clientsC
.67P centraliNes man1 ser3ices li$e .4S@ 45P@ &ate*a1C
.67P supports e3er1 en3ironmentC
.67P *or$s on .=+, 9.isco3er1 =))er +eZuest ,c$no*ledgement; processC
Ser,ice Pro3ile:
20
21
Pac$age >B dhcp
.aemon >B dhcpd
7on)iguration File >B KetcKdhcpKdhcpdCcon)
/og File >B K3arKlogKmessages
Port 4oC >B 61
6#
/ease File >B K3arKlibKdhcpdKdhcpdCleases
on3i".rin" Ser,er:
Q 1um install U1 dhcp
Setup static -P to 1our ser3er
Q 3im KetcKdhcpKdhcpdCcon)
o Gedit KusrKshareKdocSCC
o 7op1 lines 4 to 55
subnet 1(C5C5C( netmas$ 255C255C255C224 J
range 1(C5C5C26 1(C5C5C3(W
option domain>name>ser3ers ns1CinternalCe8ampleCcomW
option domain>name LinternalCe8ampleCorgMW
option routers 1(C5C5C1W
option broadcast>address 1(C5C5C31W
de)ault>lease>time 6((W
ma8>lease>time 2((W
I
o Gedit KetcKdhcpKdhcpdCcon)
o Paste
on3i".rin" lient:
Setup net*or$ to use .67PC
Q ser3ice net*or$ restart
Q ch$con)ig net*or$ on
21
22
Q cat KetcKresol3Ccon)
Q ip route
Q tail >1 KetcKntpCcon)
Ser,er Si&e:
Q cat K3arKlibKdhcpdKdhcpdCleases
+eser3ing Particular -P to a Speci)ic ',7 ,ddress 9',7 B-.-4&;
Q 3im KetcKdhcpKdhcpdCcon)
o Gedit KusrKshareKdocKdhcpPKdhcpdCcon)KsampleP
o 7op1 lines 5 to #
host !antasia O
hardware 'thernet /@://:/::=;:c/:a9
!ixed3address !antasia?!ugue?comP
Q
o Paste
S,'B, ser3er is mainl1 used )or )ile sharing o3er nK*C
S,'B, supports both /,4 & :,4C
S,'B, pro3ides user authentication and -P based securit1C
S,'B, *or$s on S'B 9ser3er message bloc$; protocolC
8eat.res o3 SA0BA:
File sharing
Supports di))erent en3ironment
!ser authentication based sharing
-P based sharing
Bro*sing
-t supports get and put operation li$e )tpC
Printer sharing
Pro3ile:
Pac$age >B samba
.aemon >B smb
Port 4oC >B 13%@ 445 9tcp;
7on)iguration File >B KetcKsambaKsmbCcon)
/og )ile >B K3arKlogKsambaKlogCsmbd
Ser,er Si&e:
22
23
Q m$dir Kpublic Kpri3ate
Q useradd amit
Q pass*d amit
Q 3im KetcKsambaKsmbCcon)
o G4
*or$group ] )edora
hosts allo* ] 12C 1%C16#C(C
o &o to bottom
o G2#3
RpublicT
comment ] 5his is a public FolderC
path ] Kpublic
public ] 1es
*ritable ] 1es
printable ] no
bro*seable ] 1es
Rpri3ateT
path ] Kpri3ate
public ] no
*ritable ] 1es
printable ] no
*ritelist ] Osta))
3alid users ] amit
Q chcon U+ Ut samba[share[t KJpublic@pri3ateI
Q ser3ice smb restart
Q smbpass*d Ua amit
Q ser3ice iptables stop
Q getsebool Ua a grep samba
Q smbclient U/ KK1%2C16#C(C
Accessin" SA0BA:
T%pe(
Q smbclient KK1%2C16#C(CKpublic
Q smbclient KK1%2C16#C(CKpri3ate U! amit
T%pe;
Q mount Ut ci)s Uo username]amit KK1%2C16#C(CKpri3ate Kmnt
Q 3im KetcK)stab
23
24
KK1%2C16#C(CKpri3ate Kmnt ci)s
de)aults@username]amit@pass]redhat ( (
=+
KK1%2C16#C(CKpri3ate Kmnt ci)s
de)aults@user]amit@credential]Ypass[)ileB ( (
Printer S-arin":
Q
24
25
.4S is mainl1 used to resol3e Zuer1 )rom name to -P and 3ice 3ersaC
$NS <ONES:
For*ard _one >B -t maps all Zuer1 )rom name to -PC
+e3erse _one >B -t maps all Zuer1 )rom -P to nameC
$NS /ecor&s:
, >B 6ost ,ddress 9'aps 4ame to -P;
P5+ >B Pointer 9'aps -P to 4ame;
S=, >B Start o) ,uthorit1 9-n both _ones;
4S >B 4ame Ser3er 9-n both _ones;
74,'0 >B 7anonical 4ame 9 pro3ides duplicate name )or a site & is
a3ailable in For*ard None;
'? >B mail e8change 9,3ailable in For*ard _one;
Pro3ile:
Pac$age >B bind 9)or rhel6;
bind@ caching>nameser3er 9)or rhel5;
.aemon >B named
Port 4o >B 53 9!.P;
/og )ile >B K3arKlogKmessages
7on)iguration File >B K3arKnamedKchrootKetcKnamedCcon)
T%pes o3 $NS Ser,er:
'aster .4S
Sla3e .4S
7hasing .4S Ser3er
Stealth .4S Ser3er
For*arding .4S Ser3er
Ser,er Si&e:
Q 1um install U1 bindP
Q
25
26
/.,P is a ser3er client communication protocolC
-t basicall1 pro3ides user authentication techniZueC
B1 the help o) /.,P *e can centraliNe all emplo1ees^ recordsC
.,P 9.irector1 ,ccess Protocol; is also )or authentication@ but it is
slo* compare to /.,PC
.,P *or$s on =S- la1ersC
/.,P *or$s on 57PK-P modelC
$i33erence B+= NIS ! L$AP
4-S is unsecure@ data and username pass*ords are trans)erred in plain
te8tC :hile /.,P is secureC
4-S cannot be used *ith 7,@ *hile /.,P can beC
4-S is uid & gid based@ *hile /.,P is domain basedC
4-S don^t ha3e particular port but it is con)igurable@ *hile /.,P has
t*o port reser3ed 3#% 9)or /.,P; & 636 9)or S/.,P;C
4-S *or$s on local nK* onl1 *hile /.,P *or$s on both /,4 & :,4 nK*C
4-S *or$s on same en3ironment *hile /.,P can *or$ on di))erent nK*C
Ser,ice Pro3ile:
Pac$age >B openldap>ser3ers
openldap>clients
.aemon >B ldap
7on)iguration File >B KetcKldapCcon)
KetcKldapKopenldapCcon)
Port 4oC >B 3#% 9/.,P;
636 9S/.,P;
on3i".rin" lient:
.omain 4ame >B e8ampleCcom
Ser3er 4ame >B instructorCe8ampleCcom
!sers 4ame >B ldapuser?
!sers Pass*ord >B pass*ord
26
27
7, Path >B httpGKKinstructorCe8ampleCcomKpubK0?,'P/0>7,>70+5
6ome .irector1 >B KhomeKguestsK
'ount Point >B instructorCe8ampleCcomGKhomeKguestsKldapuser?
Terminolo"% O8 L$AP:
Entr% ->
$N -> .istinguished 4ame
/$N -> +elati3e .istinguished 4ame
e>ample.com -> dc]e8ample@dc]com
o uid]ra3i@dc]e8ample@dc]com
o uid]amit@ou]sales@dc]e8ample@dc]com
rdn in abo3e e8amples
o uid]ra3i
o uid]amit@ou]sales
S7S- basicall1 pro3ides interconnecti3it1 techniZue to one or more
net*or$ machine *ith a single centraliNed net*or$ de3iceC
-t is also called centraliNed dis$ storage techniZueC
-S7S- stands )or -nitiator Small 7omputer S1stem -nterconnectC
5*o t1pes o) S7S-G So)t*are based & hard*are basedC
Ser,ice Pro3ile:
Pac7a"e -> scsi>target>utils 9Ser3er side;
-scsi>initiator>utils 97lient side;
$aemon -> tgtd 9Ser3er Side;
-ssid 97lient side;
27
28
on3i".ration 8ile -> KetcKtgtKtargetsCcon)
Lo" 8ile-> K3arKlogKmessages
Port No.-> 326(
reatin" a Tar"et 0an.all%
5o create a target in memor1 ma$e sure that tgtd daemon is running on
1our s1stemC
4 t"ta&m --ll& iscsi --mo&e target --op ne* --ti& 1 --tar"etname
iZnC2(12>(4CcomCe8mpleGe8ampletarget
--ll& option selects that *e *ant to use iS7S-C
--mo&e option selects that *e *ant to operate on a targetC
--op speci)ies that *e *ant to create a ne* targetC
--ti& speci)ies *hich target -. *e *ant to useC
--tar"etname speci)ies the -"4 *e *ant to use )or this
targetC
:e no* ha3e a ne* target and running t"t-a&min -s con)irms this@ but i)
1ou loo$ closel1 at output 1ou *ill see that there is onl1 a L:N 'C
5o add a /!4 *ith a bac$ing store to our target *e can issue
4 t"ta&m --ll& iscsi --mo&e logicalunit --op ne* --ti& 1 --l.n 1
--1ac7in"-store Kde3K3gsr3Ke8ample
--1ac7in"-store speci)ies *hich )ileKbloc$ *e *ant to actuall1
use as the bac$ing storeC
5he de)ault *hen setting up target using t"ta&m is to allo* nobod1
access i) no ,7/s ha3e been setC
4 t"ta&m --ll& iscsi --mo&e target --op bind --ti& 1
--initiator-a&&ress 12C16#C8C1
--initiator-a&&ress speci)ies an -P based +estrictionC
on3i".rin" Ser,er:
4 %.m ?% install scsiP
4 ,im KetcKtgtKtargetsCcon)
<target <IR_$"'>>
<*ac6ing3store 0de&0sda9>
&endor_id 'xampleF Inc?
scsi_id targetdis6
scsi_sn serial/.
<0*ac6ing3store>
initiator3address .8=?.;@?/?./
<0target>
4 ser,ice tgtd restart
28
29
4 c-7con3i" tgtd on
5o update a running target )rom the con)iguration )ile
4 t"t-&min -. YtargetB
*here target can be either a -"4 or the *ildcard ALL
on3i".rin" lient:
Q %.m ?% install iscsiP
4 iscsia&m ?m disco3er1 ?t st ?P YS7S->S0+V0+>-PB
Q c-7con3i" iscsid on
Q iscsia&m ?m node ?T Y-"4B -P YS7S->S0+V0+>-PB -l
NOTE:-
-l >B login
-. >B logout
-o &elete >B For deleting de3iceC
/e@.estin" In3ormation 3rom Tar"ets:
iscsia&m -m disco3er1 A-P 'B(C: Sho*s in)ormation about disco3ered
targetsC
iscsia&m -m node A-P 'B(C: Sho*s in)ormation about $no*n
targets
iscia&m -m session A-P 'B(B;B3C: Sho*s in)ormation about acti3e
sessionsC
Pro3ilin" Tools
,mstat: Dirt.al 0emor% Statistics
o pac7a"e -> procps
o includes 3ree and top
o 5he memor1 statics are reported in <iB b1 de)aultC 5he >S option
allo*s 1ou to change this report in $B@ 'B@ or 'iB *ith -S 7# -S
m@ and -S 0 respecti3el1C
ate"or% Static $e3inition
29
30
Procs:
Process related
r 5he number o) process *aiting )or run time
1 5h no o) process in uninterruptible sleep
ate"or% Static $e3inition
memor%
s2p& 5he amount o) memor1 currentl1 used in s*ap
3ree 5he amount o) idle memor1C
1.33 5he amount o) memor1 used as bu))ers
cac-e 5he amount o) memor1 used as cache
s2ap: paging
statistics
si Pages o) memor1 s*apped in per second
so Pages o) memor1 s*apped per second
io:bloc$ -K=
statistics
1i Bloc$s per recei3ed )rom bloc$ de3ices
1o Bloc$s per second sent to bloc$ de3ices
s%stem in -nterrupts raised per seconds
cs 7onte8t s*itches per second
cp.: ho* 7P!
time is used
.s Percentage o) time spent running user space
code
s% Percentage o) time spent running $ernel code
i& Percentage o) time spent idle
2a Percentage o) time spent bloc$ed *hile
*aiting )or iKo to complete
st Percentage o) time *here the cpu had a
process read1 to run@ but 7P! time *as stolen
b1 h1per3isor supporting this 3irtual
machineC
sar: S%stem Acti,it% /eporter
o multipurpose anal1sis tool *hich is part o) the s%sstat pac$age
iostat: reports 7P! and -K= statics )or de3ices@ partitions and 4FSC
mpstat: reports 7P!>related statisticsC /i$e sar 1ou ma1 need to
con)igure the /,4& )or 24>hour timeC
:sin" A=E to 8ormat $ata
Basic A=E S%nta>:
BEGIN J cmdW CCC cmdW I Q .o be)ore -nput
J cmdW CCC cmdW I Q .o on 0V0+2 /ine
S
Kre"e>K J cmdW CCC cmdW I Q .o onl1 on lines *here rege8 matches
S
EN$ J cmdW CCC cmdW I Q .o ,F50+ /ast -nput
=ne o) the most use)ul commands in a27 is the print commandC Print can
be used to print out certain )ieldsC F( is the )irst )ield@ F; is the
second )ield@ 5he last )ield is represented b1 FN8# F5N8-(6 is the
second last )ieldC F' *ould print the entire lineC
30
31
5he de)ault )ield separator that a27 uses is *hite spaceC 5o change the
)ield separator@ use the -8 optionC For instance@ 1ou are probabl1 3er1
)amiliar *ith the +etc+pass2& )ile 9-8:6.
Searc- 2it- A27 an& /e".lar E>pressions
31