RHCSA Exam

preparation
Alias command
#alias k=’ls –l’
#k
total 12
-rw-r--r--. 1 root root 310 Nov 24 17:31 :
-rw-------. 1 root root 1274 Dec 1 23:50 anaconda-ks.cfg
-rw-r--r--. 1 root root 809 Dec 1 23:58 ks.cfg
-rw-r--r--. 1 root root 0 Nov 23 23:26 x.files

#which ls (it show where the source of the command is coming

from)
#type ls (it shows if the command internal bash or external
command)
#time ls (it shows the time took to execute the command)
#ls > /dev/null ( it will redirect the result to the null so you will
not see anything)
#ls ligh 2> /dev/null ( it will redirect error message to null device )
#ls –R ( Shows everything in the folder )

History file is located in home directory of user

.bash_ history
User banner messages can be dispyed from below files
/etc/issue
/etc/motdr
man have some sections. Most important sections are listed
below:
1 User commands
5 configuration file
7 different topics
8 sysadmin

1. Update man database

mandb
2. To search command by description
man –k lvcreate
#vcreate (8) - Create a logical volume
Another usefull command like man is info and pinfo
#pinfo ls
#info ls
Vim text editor
Start VIMcommand modeinsert mode(i, a, o or Ins buttom) back to command
mode(ESC) write and exit(:wq!)

To remove line in command mode: dd

To copy the line: yy

To paste the line: p

To undo the previous command: u

To go at the end of the page: G

Arrow key (mark the line or word) : V

To delete the block: d

To copy the block: y

History
Command is used to check history: history

Go to appropriate line on the history: !23

Search in history: Ctrl+r

Globing
Wildcard: ls host*

ls ?ost

ls [hm]ost

ls [!hm]ost

ls [0-9][0-9]script

find command
find / -user Kamran (finds files owened Kamran user)
find / -size +100M (finds files size more than 100Mb)

Links (hard links, soft links and inode)

Symbolic link is pointed to hardlink and hard link is pointed to
inode and inode pointed to file
ls –il (shows inode id) here 33646541 is inode id
33646541 -rw-r--r--. 1 root root 0 Sep 10 15:31 linked.txt
ln linked.txt main (linked.txt is linked to main )
[root@localhost Kamran]# ls -in
33646541 -rw-r--r--. 2 0 0 0 Sep 10 15:31 linked.txt
33646541 -rw-r--r--. 2 0 0 0 Sep 10 15:31 main
As you see inode id is the same
Now lets create symbolic link.

[root@localhost Kamran]# ln -s main symbmain

[root@localhost Kamran]# ls -il
total 0
33646541 -rw-r--r--. 2 root root 0 Sep 10 15:31 linked.txt
33646541 -rw-r--r--. 2 root root 0 Sep 10 15:31 main
33646536 lrwxrwxrwx. 1 root root 4 Sep 10 15:38 symbmain ->
main
[root@localhost Kamran]#

TAR
tar cvf ( c-create, v- verbose, f-file)
tar cvf Kamran.tar /home/Kamran
tar tvf (t- show inside the file, v-verbose, f-file)
tar tvf Kamran.tar
tar xvf (x-extract files form tar file, v-verbose, f-file)
tar xvf Kamran.tar (it will extract files to the current directory)
tar xvf Kamran.tar –C bkptar ( “C” will change the direction of
extracted files to the bkptar directory)
To compress the archived files need to ad “z” and the file
extension is tgz for compressed tar file. Its gzip
To compress in bzip2 need to add “j”
tar czvf Kamran.tgz ./Kamran.tar
tar cjvf Kamran.bz2 ./Kamran
tar –rvf Kamran.tar /etc (it used to add new files to the existing
tar file)
tar –uvf Kamran.tar /etc ( its used to update tar file with new
files )

Option Use
c Creates an archive.
v Shows verbose output while tar is working.
t Shows the contents of an archive.
z Compresses/decompresses the archive while
creating it, by using gzip.
j Compresses/decompresses the archive by using
bzip2.
x Extracts an archive.
u Updates an archive; only newer files will be written
to the archive.
C Changes the working directory before performing
the command.
r Appends files to an archive.

extraction will be the same as archived file

DD compressiong methot.
Its used to compress entire drive or partition.
dd if=/dev/zero/ of=/home/Kamran/ddcomp bs=1M count=1000

sudo dd if=/dev/sda of=/dev/sdb1 bs=64K conv=noerror,sync

if: input file

of: output file
bs: block size
count: entire size of compressed file
conv=noerror : Instructs dd to continue operation, ignoring all read
errors

status=progress: see the progress in real time

gzip and bzip2 compression method

gzip ddsda
#ls
#ddsda.gz
#gunzip ddsda.gz ( to uunzip the file )

bzip2 file.txt
#ls
#file.txt.bz2

Regular Expression
For more information visit “man 7 regex”
Text utilities
cat
tac (shows content of the file from bottom to up(opposite of cat))
head –n 10 (shows first 10 lines of file)
tail -n 10 (shows last 10 lines of file)

Switch between users

systemctl isolate multi-user.target (switches to the CLI mode
from graphical interface)
systemctl isolate graphical.target ( switches to the graphical
mode from CLI )
systemctl isolate rescue.target ( switches to emergency mode )
#systemctl start multi-user.target (starts multi user target as the
same with isolate)

systemctl list-units --type target --all

UNIT LOAD ACTIVE SUB DESCRIPTION
basic.target loaded active active Basic System
cryptsetup.target loaded active active Local Encrypted
Volumes
● dbus.target not-found inactive dead dbus.target
 emergency.target loaded inactive dead Emergency
Mode
final.target loaded inactive dead Final Step
getty-pre.target loaded active active Login Prompts (Pre)
getty.target loaded active active Login Prompts
graphical.target loaded active active Graphical Interface
local-fs-pre.target loaded active active Local File Systems
(Pre)
local-fs.target loaded active active Local File Systems
multi-user.target loaded active active Multi-User System
network-online.target loaded active active Network is
Online
network-pre.target loaded active active Network (Pre)
network.target loaded active active Network
nfs-client.target loaded active active NFS client services
nss-lookup.target loaded active active Host and Network
Name Lookups
nss-user-lookup.target loaded inactive dead User and Group
Name Lookups
paths.target loaded active active Paths
remote-fs-pre.target loaded active active Remote File
Systems (Pre)
remote-fs.target loaded active active Remote File
Systems
 rescue.target loaded inactive dead Rescue Mode
rpc_pipefs.target loaded active active rpc_pipefs.target
rpcbind.target loaded active active RPC Port Mapper
shutdown.target loaded inactive dead Shutdown
slices.target loaded active active Slices
sockets.target loaded active active Sockets
swap.target loaded active active Swap
sysinit.target loaded active active System Initialization
● syslog.target not-found inactive dead syslog.target
time-sync.target loaded inactive dead System Time
Synchronized
timers.target loaded active active Timers
umount.target loaded inactive dead Unmount All
Filesystems
virt-guest-shutdown.target loaded inactive dead Libvirt guests
shutdown

LOAD = Reflects whether the unit definition was properly loaded.

ACTIVE = The high-level unit activation state, i.e. generalization of
SUB.
SUB = The low-level unit activation state, values depend on unit
type.
33 loaded units listed.
To show all installed unit files use 'systemctl list-unit-files'.

SSH settings
systemctl status sshd (shows status of sshd)
to generate ssh key:
#ssh-keygen
To copy key from remote server so no need to enter password
everytime:
#ssh-copy-id 192.168.88.10
After this session public key will be stored in below directory
~/.ssh/
SSH configuration is in below file
#vi /etc/ssh/sshd_conf

When try to change the port its better change the port in SELinux
too by below command
#semanage port –a –t ssh_port_t –p tcp #PORTNUMBER
Ssh base another tool
#scp 192.168.1.1:/home/x /tmp
#rsync –a 192.168.1.1:/home/x /tmp ( it synchronize the files)
#rsync –a /home /tmp
To make working with passphrases a bit less complicated, the passphrase can be cached for a session. To
do this, you need the
ssh-agent and ssh-add commands. Assuming that the public/private key pair has already been created, this
is an easy three-step procedure:
1) #ssh-agent /bin/bash
2) #ssh-add
Users, groups and permisions
User default login criteria’s are stored in below directory
When user is defined options are applied based on below files

#vi /etc/login.defs
#useradd Kamran (add user Kamran)
/etc/skel/ (is a directory where some files or folders are created,
new file automatically creates on newly added user directory)
#more /etc/passwd (shows existing users on the system)
#usermod Kamran (is used to modify some parameters about the
user such as lock, unlock, change password, assign password etc.
for more info see usermod –help)
#usermod –p roor Kamran (example)
#useradd –s /sbin/nologin Kamran (Kamran user is a system user
and it has no login shell)
# userdel -rf (removes user )

Default useradd settings are stored in below dorectory

#cat /etc/default/useradd

In the /etc/passwd file you can find username and its password
and other data
Kamran:x:1000:1000::/home/Kamran:/bin/bash
Kamran (user)
x (compatibility settings which used to store password in old
system)
1000 (first number indicates user id)
1000( second number indicates group id)
::/home/Kamran (indicates user home directory)
Other useful file shadow
/etc/shadow
Kamran1:$6$uXJx.qzv$t1icmw.Id5Uw/hFiLSDWrFGv6krnopK0jqM
GbY2WGVsa8raaDUrkfaBYvRu6nv26D3BzpdPeTsZUPm8qkzPNR0:
18070:0:99999:7:::
6$uXJx.qzv$t1icmw.Id5Uw/hFiLSDWrFGv6krnopK0jqMGbY2WGVs
a8raaDUrkfaBYvRu6nv26D3BzpdPeTsZUPm8qkzPNR0:18070:0:99
999:7::: ( is a encrypted user password)

bin:*:17834:0:99999:7::: ( the * means id does not support login

otion)
Sebine:!!:18161:0:99999:7::: ( two !! means password is
disabled )
18161 ( is the date of user created)
0 (start of date)
99999 (expiration days in day)
7 (user will get warning notification 7 days before expiration)

/etc/default/useradd ( user add parameters )

[root@localhost etc]# cat /etc/default/useradd

# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

/etc/login.defs (other useradd paramets. This file have higher

priority)
/etc/skel (common files for all users)
/etc/group ( shows user group)

Group
#groupadd people (group is added with the name of people)
#/etc/group ( shows user group and its id)
people:x:1004:
#groupmod ( used to modify user group )
vigr or vi /etc/group ( to add user to the gropu 1 method)
people:x:1005:PS ( in this case PS will be assigned to the people
group)
#useradd –G core CS (CS user is combined to core group)
#usermod –aG core IMS (IMS user is added to core group)
Id ( is used to see the user assigned group)
[root@localhost ~]# id IMS
uid=1006(IMS) gid=1008(IMS) groups=1008(IMS),1006(core)
Password for user
passwd –S IMS (shows status of password of IMS user( man
passwd))
[root@localhost ~]# passwd -S IMS
IMS PS 2019-09-22 0 99999 7 -1 (Password set, SHA512 crypt.)
To change password settings
[root@localhost ~]# chage Kamran
Changing the aging information for Kamran
Enter the new value, or press ENTER for the default

Minimum Password Age [0]:

Maximum Password Age [99999]:
Last Password Change (YYYY-MM-DD) [2019-09-22]:
Password Expiration Warning [7]:
Password Inactive [-1]:
Account Expiration Date (YYYY-MM-DD) [-1]:
[root@localhost ~]#

Permission
chown [OPTION]... [OWNER][:[GROUP]] FILE...
chown -R IMS:core /home/data/sales/
-R means recursive ( it will be applied to all directories and
subdirectories)
IMS- user
core- group

chgrp [OPTION]... GROUP FILE...

chgrp -R core /home/data/
changes group ownership of the file
core-group

file dir
read 4 open list
create,
write 2 modify delete
execute 1 run cd

chmod 776 sales (user has read, write and execute

permission7(4+2+1), group also has the same permission bit
others only write and write perminision have)

[root@localhost data]# chmod 776 sales/

[root@localhost data]# ll
total 0
drwxrwxrw-. 3 IMS wireless 33 Sep 30 14:06 sales
one more example: user and group have read and write
permission but others don’t have any permission

[root@localhost data]# chmod 440 sales/

[root@localhost data]# ll
total 0
dr--r-----. 3 IMS wireless 33 Sep 30 14:06 sales
[root@localhost data]#
METHOD 2:
In this example user have read, write and execute, goup adds read
and write, others don’t have permission at all
[root@localhost data]# chmod u=rwx,g+rw,o=- sales/
[root@localhost data]# ll
total 0
drwxrw----. 3 IMS wireless 33 Sep 30 14:06 sales
[root@localhost data]#
Example:
Command adds execute permission to everybody
[root@localhost data]# chmod +x sales/
[root@localhost data]# ll
total 0
drwxrwx--x. 3 IMS wireless 33 Sep 30 14:06 sales
[root@localhost data]#
Example:
Execute permission is deleted from everybody

[root@localhost data]# chmod -x sales/

[root@localhost data]# ll
total 0
drw-rw----. 3 IMS wireless 33 Sep 30 14:06 sales
[root@localhost data]#

UMASK
By default user and directory have below permission
User=666
Directory=777
By default umask is set 022. Its called wild mask
User=666 666-022 =644 (which means wr,r,r)
Directory=777 777-022=775 (which means wrx,wrx,rx)
Umask ID for root user is stored in the /etc/profile file
vi /etc/profile (search umask keyword)
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ];
then
umask 002
else
umask 022
fi
For other user its stored in the home directory of the user.
(.bash_profile)
[root@localhost Kamran]# ls -a
. .. .bash_logout .bash_profile .bashrc .cache .config file file1
home testfile tt .viminfo x
[root@localhost Kamran]#
And we add umask 000 value in that file

Special Permissions
SUID (4), u+s
GUID (2), g+s
Sticky bit (1), +t ( its used for shared folders and libraries)
chmod u+s game.sh ( in this case user will run this command as
the owner of the user. For example is owner is root, it will be
executed as root user)
chmod g+s oss ( when new file is generated, newly files will take
the folder ownership like shown in below example. Its user for
shared environment)

[user1@localhost oss]$ ll
total 0
-rw-rw-r--. 1 user1 user1 0 Oct 6 06:47 x
-rw-rw-r--. 1 user1 common 0 Oct 6 06:49 x2
[user1@localhost oss]$

Sticky bit +t
chmod +t oss (it will add the t bit to the folder so only owner of
the file can delete the files from this directory)

[user2@localhost oss]$ ll
total 0
-rw-rw-r--. 1 user1 user1 0 Oct 6 06:47 x
-rw-rw-r--. 1 user1 common 0 Oct 6 07:04 x2
[user2@localhost oss]$

[user2@localhost oss]$ su user2

Password:
[user2@localhost oss]$
[user2@localhost oss]$ rm x2
rm: cannot remove ‘x2’: Operation not permitted
[user2@localhost oss]$

Access control list (ACL)

ACL allows to give additional permission to other user or group

withoult changing primary group ownership
setfacl –R -m g:user3:rwx user4
setfacl -m d:g:user3:rwx user4
ACLs also allow you to take away permissions from users. For
instance, setfacl -m u:anna:-
/tmp/myfile would take away all permissions for user anna. This
also will overwrite any permissions
that the user may have obtained through the others entity.

[user3@localhost user4]$ touch x

touch: cannot touch ‘x’: Permission denied
[user3@localhost user4]$ cd ..
[user3@localhost data1]$ su
Password:
[root@localhost data1]# setfacl –R -m g:user3:rwx user4 ( in this
command group name user3 give wrx access to the user4
directory. –R is recursive which means will apply all existing files
on the dir, -m is modification, g is group)
[root@localhost data1]# ll
total 0
drwxrwsr-t. 2 root common 25 Oct 6 07:04 oss
drwxr-xr-x. 2 user1 user 6 Oct 6 06:41 user1
drwxr-xr-x. 2 user2 user 6 Oct 6 06:41 user2
drwxr-xr-x. 2 user3 user3 6 Oct 6 07:23 user3
drwxrwxr-x+ 2 user4 user4 6 Oct 6 07:24 user4
[root@localhost data1]# su user3
[user4@localhost data1]$ cd user4
[user3@localhost user4]$ touch x2
[user3@localhost user4]$ ll
total 0
-rw-rw-r--. 1 user4 user4 0 Oct 6 07:27 x
-rw-rw-r--. 1 user3 user3 0 Oct 6 07:29 x2 ( as you can see now
user3 created file in user4 directory)
[user3@localhost user4]$

[user3@localhost data1]$ getfacl user4 ( to get the acl

information )
# file: user4
# owner: user4
# group: user4
user::rwx
group::r-x
group:user3:rwx
mask::rwx
other::r-x

Another userful example is set default acl for the directory. In this
case all newly created files and directories will have the same
permission options

setfacl -m d:g:user3:rwx user4

[root@localhost data1]# setfacl -m d:g:user3:rwx user4

[root@localhost data1]# getfacl user4
# file: user4
# owner: user4
# group: user4
user::rwx
group::r-x
group:user3:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:user3:rwx
default:mask::rwx
default:other::r-x

[root@localhost data1]# su user3

[user3@localhost data1]$ cd user4
[user3@localhost user4]$ mkdir newdir
[user3@localhost user4]$ getfacl newdir/
# file: newdir/
# owner: user3
# group: user3
user::rwx
group::r-x
group:user3:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:user3:rwx
default:mask::rwx
default:other::r-x

[user3@localhost user4]$

[user3@localhost user4]$ touch x3

[user3@localhost user4]$ getfacl x3
# file: x3
# owner: user3
# group: user3
user::rw-
group::r-x #effective:r--
group:user3:rwx #effective:rw-
mask::rw-
other::r—
Managing Network
There are so many ip address commands
One of them is ip. For more info type ip –help
ip a (show ip config of system)
we can add runtime ip config by below command
#ifconfig (old command which is used to display ip connectivity)
#ip a
Or
#ip addr show (shows ip address)
#ip link show (Shows Link status)
#ip –s link (shows interface status and number of packages)

#ifup ens33
#ifdown ens33
#ip link set dev ens33 up
#ip link set dev ens33 down
#netstat
#ss (shows open and listening ports)

#systemctl status NetworkManager (shows network status)

NMCLI command
nmcli is used to configure network parameters persistently (qalici)
Basically network interface conf is stored in below directory
/etc/sysconfig/network-scripts
#nmcli general permissions ( is used to see if current user have
permission to change network settings)
#nmcli device status (is used to show existing network interface)
[root@localhost ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens32 ethernet connected ens32
virbr0 bridge connected virbr0
lo loopback unmanaged --
virbr0-nic tun unmanaged --
[root@localhost ~]#
By the help of nmcli command and tab completition, we can add
interface
#nmcli connection add ifname ens33 type ethernet ip4
192.168.128.100/24 gw4 192.168.128.1
Then need to activate connected interface
#nmcli conn up ens33
#nmcli con mod ens33 ipv4.dns 10.0.0.10.

Another utility is nmtui which allows to add interface grapichaly.

#nmtui
All the network interface settings are stored in below path
/etc/sysconfig/network-scripts
After changing network config file, need to reboot the linux itself

We can configure ip address manualy from scripts

Ip routing
#ip route show (is used realtime routing info)
#ip route del default via 192.168.1.2 (to delete default route)
#ip route add default via 192.168.1.2 (do add default route )

To change configuration such as dns, gateway or so on we can use

below interactive mode
#nmcli conn edit ens38 (it will direct you to the nmcli interactive
mode)
<nmcli> print (to see current configuration)
<nmcli>set ipv4.gateway 10.0.0.200 (it will change gw
persistendly)
<nmcli>set ipv4.addresses 10.0.0.100/24 (it will change ip
address)
<nmcli>save (used to save configuration)
#nmcli conn up ens32 (after modification need to run this
command to update it)
Hostname can be configured in below file
#vi /etc/hosts
Or
#hostnamectl set-hostname Kamran.huawei.com (FQDN)

DNS

Use nmtui to set the DNS name servers. Figure 8-5 shows the
interface from which you can do this.
Set the DNS1 and DNS2 parameters in the ifcfg network
connection configuration file in /etc/sysconfig/network-scripts.
Use a DHCP server that is configured to hand out the address of
the DNS name server.
Use nmcli con mod <connection-id> [+]ipv4.dns <ip-of-dns>.

Notice that if your computer is configured to get the network

configuration from a DHCP server, the DNS server is also set via
the
DHCP server. If you do not want this to happen, you have two
options:
Edit the ifcfg configuration file to include the option PEERDNS=no.
Use nmcli con mod <con-name> ipv4.ignore-auto-dns yes.
Jobs and Processes
#sleep 700 & (To run the process on the background)
Or
#sleep 700
Ctrl+Z ( it temporarily stops the job )
#bg
# jobs (can show background running processes)
[root@localhost ~]# jobs
[1]- stopped sleep 700 &
[2]+ Running sleep 800 &

#fg 2 (foreground is used to run job on foreground and then it can

be stopped by ctrl+c)
Processes
#ps (shows all process current user account)
#ps aux (shows all running processes )
#ps aux | head
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME
COMMAND
root 1 0.1 0.3 128296 7068 ? Ss 14:12 0:02
/usr/lib/systemd/systemd --switched-root --system --deserialize
21
root 2 0.0 0.0 0 0? S 14:12 0:00 [kthreadd]
root 3 0.0 0.0 0 0? S 14:12 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0? S< 14:12 0:00 [kworker/0:0H]
root 7 0.0 0.0 0 0? S 14:12 0:00 [migration/0]
root 8 0.0 0.0 0 0? S 14:12 0:00 [rcu_bh]
root 9 0.0 0.0 0 0? R 14:12 0:00 [rcu_sched]
root 10 0.1 0.0 0 0? S 14:12 0:02 [watchdog/0]
root 12 0.0 0.0 0 0? S 14:12 0:00 [kdevtmpfs]
USER (shows under which suer its running)
PID (unique process id)
CPU and MEM ( they are CPU and memory utilization)
VSZ (reserved virtual memory in kb)
RSS (actual memory utilization from RAM)
STAT (status (s-sleep) )

#ps –ef | head ( shws the command which makes the process
run)
[root@localhost ~]# ps -ef | head ( addtionaly its show PPID
which means parent process id )
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 14:12 ? 00:00:02 /usr/lib/systemd/systemd -
-switched-root --system --deserialize 21
root 2 0 0 14:12 ? 00:00:00 [kthreadd]
root 3 2 0 14:12 ? 00:00:00 [ksoftirqd/0]
root 5 2 0 14:12 ? 00:00:00 [kworker/0:0H]
root 7 2 0 14:12 ? 00:00:00 [migration/0]
root 8 2 0 14:12 ? 00:00:00 [rcu_bh]
root 9 2 0 14:12 ? 00:00:00 [rcu_sched]
root 10 2 0 14:12 ? 00:00:02 [watchdog/0]
root 12 2 0 14:12 ? 00:00:00 [kdevtmpfs]
[root@localhost ~]#

#ps fax (shows relation with parent shell hierarchical)

1646 ? Ss 0:00 /usr/sbin/sshd -D
2218 ? Ss 0:00 \_ sshd: root@pts/0
2223 pts/0 Ss 0:00 \_ -bash
2656 pts/0 R+ 0:00 \_ ps fax

Memory usage
#free –m (shows RAM status)
[root@localhost ~]# free -m
total used free shared buff/cache available
Mem: 1839 249 1384 8 205 1411
Swap: 2047 0 2047
[root@localhost ~]#

Performance
#uptime (shows last 5, 10 and 15 minutes number of ran tasks on
cpu)
[root@localhost ~]# uptime
15:13:18 up 1:00, 2 users, load average: 0.02, 0.02, 0.05
[root@localhost ~]#
#top (is used to monitor the performance load)
After top command press f and select option to sort top result
We use kill command to kill process
#kill -9 2288 (it directly kill the process)
#kill -15 2288 ( it sends termination signal to kills process. In this
case it also cleans the system)
Process can be killed in the top command
#top
# then press “k”
#pkill cron (it kills the processes by its name )
#killall -9 dd (it’s the same with pkill and kills all processes. Efore
using it need to install psmisc”yum install psmisc”)

In RHEL 8 new topic has come. Its called tuned which used to
select desirable profile for system performance
#yum install tuned
#systemctl status tuned ( to see its status)
#systemctl enable –now tuned (to enable tuned )
#tuned-adm active (to see current activated profile)
#tuned-adm recommend ( to see recommended tuned profile)
#tuned-adm list (shows all listed profiles)
Changing priorities:

Default non-real time processes have priority 20

To change process priority type “top” then “r”
#top
#r
While calculating priority always the input priority need to be
calculated with default priority 20. For example if you want to give
priority 10 then like this
20(default) +(-10(input priority))=10
Negative priority is higher than others. -20 is the highest priority)
#nice -n 5 dd if=/dev/zero of=/dev/null & (before process is
started it sets its priority to 5)
# renice –n -20 2148 (with renice command priority can be
changed when the process has already been started)

Systemd Units
The major benefit of working with Systemd, as compared to
previous methods Red Hat used for
managing services, is that it provides a uniform interface to start
units. This interface is defined in the
unit file. Unit files can occur in three locations:
1. /usr/lib/systemd/system contains default unit files that have
been installed from RPM packages.
You should never edit these files directly.
2. /etc/systemd/system contains custom unit files. It may also
contain files that have been written
by an administrator or generated by the systemctl edit command.
3. /run/systemd/system contains unit files that have
automatically been generated.
If a unit file exists in more than one of these locations, units in the
/run directory have highest
precedence and will overwrite any settings that were defined
elsewhere. Units in /etc/systemd/system
have second highest precedence, and units in
/usr/lib/systemd/system come last.
Understanding Systemd

Managing software
Yum is very useful application for application downloading and
installation
#yum repolist (it shows repository list on the internet )

#mkdir /repo
#cd /repo
#yumdownloader q* (it will download all starting packages
which starts with q)
#createrepo /repo (it will create index for downloaded files so
you will have local repository)

Create Repository file

#cd /etc/yum.repos.d/
The best way to configure repository list is to check man page and
search example
#man yum.com (/example)
When creating repository the file extension should end with .repo
#touch mariaDB.repo
#vi mariaDB.repo (and add these lines there)
[mariadb]
name=mariaDB
baseurl=http://yum.mariadb.org/10.3/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

#yum repolsit (to check reposiroty )

[root@localhost yum.repos.d]# yum repolist

Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.yer.az
* extras: mirror.yer.az
* updates: centos-mirror.rbc.ru
base
| 3.6 kB 00:00:00
extras
| 2.9 kB 00:00:00
local
| 2.9 kB 00:00:00
mariadb
| 2.9 kB 00:00:00
updates
| 2.9 kB 00:00:00
(1/2): updates/7/x86_64/primary_db
| 2.8 MB 00:00:00
(2/2): mariadb/primary_db
| 55 kB 00:00:00
repo id repo name
status
base/7/x86_64 CentOS-7 - Base
10,097
extras/7/x86_64 CentOS-7 - Extras
304
local Local repolist
682
mariadb mariaDB
96
updates/7/x86_64 CentOS-7 -
Updates 611
repolist: 11,790
[root@localhost yum.repos.d]#
As you can see there is already mariaDB repository so we can
download mariaDB with yumdownloader
[root@localhost yum.repos.d]# yumdownloader mariadb
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.yer.az
* extras: mirror.yer.az
* updates: centos-mirror.rbc.ru
mariadb-5.5.64-1.el7.x86_64.rpm
| 8.7 MB 00:00:01
[root@localhost yum.repos.d]#
One more example
In this example we will use local repository folder
[local]
name=Local repolist
baseurl=file:///repo/
gpgcheck=0

#yum search mariadb (you can search mariadb package before

downloading. It searchs packets based on packet description)
#yum remove nmap (removes software with dependencies)
#yum list (shows all available packages on the repository)
#yum provides */sepolicy ( yum provides command search
packet content )
#yum update kernel (it will update kernel if available)
#yum update ( it will update everything installed on the system)

Yum groups
Its used to install yum groups environment
#yum groups list (Shows available groups)
#yum groups list hidden (shows hidden groups)
#yum groups install “Basic Web Server" (it will install basic server
group environment)
#yum module enable perl:5.26 (its used to enable perl:5.26
version)
YUM modules
RHEL 8 supports yum modules
#yum module list
#yum module info perl:5.26 (gives detailed information about
module)
# yum module provides httpd ( gives information where belongs
the httpd module)

Fitsly lets check php profle

#yum module info --profile php 7.2
Last metadata expiration check: 0:05:38 ago on Mon 23 Dec 2019
02:11:50 PM EST.
Unable to resolve argument 7.2
Name : php:7.2:8000020190628155007:ad195792:x86_64
common : php-cli
: php-common
: php-fpm
: php-json
: php-mbstring
: php-xml
devel : libzip
: php-cli
: php-common
: php-devel
: php-fpm
: php-json
 : php-mbstring
: php-pear
: php-pecl-zip
: php-process
: php-xml
minimal : php-cli
: php-common

Switching module streams does not alter installed packages (see

'module enable' in dnf(8) for details)
[root@localhost ~]#
Then lets enable it under devel profile
#yum module install php:7.2/devel
To ensure that all dependent packages are updated as well, type
#yum distro-sync.

RPM quey
There three RPM query exist
Repository
It query packages from repository
#repoquery cacti
#repoquery –i cacti (gives you information about package)
#repoquery –l (gives you information about package list)

RPM database query

Queries installed packet and also query not installed packages but
more deeper
#rpm –q cacti
#rmp –qa (query all installed rpm packages)
#rpm –ql namp (shows the list of files which is come from
installed package)
#rpm –qf /etc/sos.conf (it shows which package the file belongs)
#rpm –qc openssh-server (it shows configuration file of package)
#rpm –qd openssh-server (it shows documentation of package)

Downloaded
Its used to query downloaded packages
#rpm –qp cacti
#rpm –qpl httpd (lists files from package)
#rpm –ql –scripts httpd-2.4.6 (it query script in the package)
#rpm –Uvh packagename (is used to install downloaded package)
#yum clean all (clears cache data for yum)

Virtualization
First we need to check if virtualization is supported
#lsmod | grep kvm
[root@localhost ~]# lsmod | grep kvm
Kvm_intel 183737 0
kvm 615914 1 kvm_intel
irqbypass 13503 1 kvm
if don’t have soft for virtualization need to install it from yum
groups
[root@localhost ~]# yum groups list | less
Repository 'downloads' is missing name in configuration, using id
Loading mirror speeds from cached hostfile
* base: mirror.yer.az
* epel: repos.del.extreme-ix.org
* extras: mirror.yer.az
* updates: mirror.yer.az
Installed Environment Groups:
Basic Web Server
Virtualization Host
Available Environment Groups:
Install virtualization host:
#yum groups install ‘Virtualization Host’
Or it can be installed by below command
#yum install libvirt virt-manager qemu-kvm
In addition we need virt-manager
Lets check if its exist
#rpm –qa | grep virt-manager
If does not installed lets install it
#yum search virt-manager
#yum install virt-manager
Then lets check the status of libvirtd

[root@localhost ~]# systemctl status libvirtd

● libvirtd.service - Virtualization daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service;
enabled; vendor preset: enabled)
Active: active (running) since Sun 2019-10-27 07:23:04 EDT;
8min ago
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 22874 (libvirtd)
Tasks: 19 (limit: 32768)
CGroup: /system.slice/libvirtd.service
├─ 5795 /usr/sbin/dnsmasq --conf-
file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-
script=/usr/libexec/libvirt_leaseshel...
├─ 5800 /usr/sbin/dnsmasq --conf-
file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-
script=/usr/libexec/libvirt_leaseshel...
└─22874 /usr/sbin/libvirtd

Oct 27 07:23:04 localhost.localdomain systemd[1]: Starting

Virtualization daemon...
Oct 27 07:23:04 localhost.localdomain systemd[1]: Started
Virtualization daemon.
Oct 27 07:23:04 localhost.localdomain dnsmasq[5795]: read
/etc/hosts - 2 addresses
Oct 27 07:23:04 localhost.localdomain dnsmasq[5795]: read
/var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Oct 27 07:23:04 localhost.localdomain dnsmasq-dhcp[5795]: read
/var/lib/libvirt/dnsmasq/default.hostsfile
[root@localhost ~]#
If its not active need to enable libvirtd
# systemctl enable libvirtd
# systemctl start libvirtd

Next step lets see if hardware (CPU) supports visualization. In this

case vmx is for intel svm is for amd

[root@localhost ~]# cat /proc/cpuinfo

processor :0
vendor_id : GenuineIntel
cpu family :6
model : 42
model name : Intel(R) Xeon(R) CPU E31240 @ 3.30GHz
stepping :7
microcode : 0x1b
cpu MHz : 3292.521
cache size : 8192 KB
physical id :0
siblings :1
core id :0
cpu cores :1
apicid :0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx
rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology
tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq vmx
ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer
xsave avx hypervisor lahf_lm epb tpr_shadow vnmi ept vpid
tsc_adjust dtherm ida arat pln pts
bogomips : 6585.04
clflush size : 64
cache_alignment : 64
address sizes : 42 bits physical, 48 bits virtual
power management:
[root@localhost ~]#

We should also have available disk space

#df-h
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 27G 4.8G 23G 18% /
devtmpfs 906M 0 906M 0% /dev
tmpfs 920M 0 920M 0% /dev/shm
tmpfs 920M 81M 839M 9% /run
tmpfs 920M 0 920M 0% /sys/fs/cgroup
/dev/sda1 1014M 201M 814M 20% /boot
tmpfs 184M 0 184M 0% /run/user/0
[root@localhost ~]#
#df –Th (can also be used to display mounted device size)
#findmnt (is used to see relationship betwwen mounted device)

To virtualization manager use below command and then start to

open vistualziaotion environment
#virt-manager

When you try to install images it will be stored in below folder

/var/lib/libvirt/images/
After installing virtual machine we can see number of active
virtual machines
#virsh list

[root@localhost images]# virsh list

Id Name State
----------------------------------------------------
1 CentOS8 running

[root@localhost images]#

All running and shutdowed virtuall machines can bee seen by

below command
#virsh list --all
[root@localhost images]# virsh list
Id Name State
----------------------------------------------------
1 CentOS8 running

[root@localhost images]# virsh list --all

Id Name State
----------------------------------------------------
1 CentOS8 running
[root@localhost images]#
If the virtual machine is in shutdown state we can enable it
#virsh start CentOS8

KVM Network
Once the virtual machine is created, its network configuration is
stored in below file
/etc/libvirt/qemu/networks/ default.xml
Instead of we should use below command to configure network
#virsh net-edit default
Set network type to default nat in the virtual host configuration

Import.vmdk (Wmvare) file to kvm

Lets assum that file is in the server and is .zip file. Need to extract
it
#unzip xxx.vdmk
Then we need to convert the Wmvare image format to KVM
format with quem-img command
#qemu-img conver -O qcow2 xxx.vdmk xxx.qcow2

After converting to the qcow2 format we need to import the

image to virtual machine
Crontab (Scheduling the task)
Crontab is used to schedule tasks.
Main configuration file is located below but its not usefull to add
any task in this file

[root@localhost cron.d]# vi /etc/crontab

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:

# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR
sun,mon,tue,wed,thu,fri,sat
#| | | | |
# * * * * * user-name command to be executed

For more information we can refer to man page

#man 5 crontab

EXAMPLE CRON FILE

# use /bin/sh to run commands, no matter what /etc/passwd
says
SHELL=/bin/sh
 # mail any output to `paul', no matter whose crontab this is
MAILTO=paul
#
CRON_TZ=Japan
# run five minutes after midnight, every day
50*** $HOME/bin/daily.job >> $HOME/tmp/out 2>&1
# run at 2:15pm on the first of every month -- output mailed
to paul
15 14 1 * * $HOME/bin/monthly
# run at 10 pm on weekdays, annoy Joe
0 22 * * 1-5 mail -s "It's 10pm" joe%Joe,%%Where are your
kids?%
23 0-23/2 * * * echo "run 23 minutes after midn, 2am, 4am ...,
everyday"
5 4 * * sun echo "run at 5 after 4 every sunday"
If we want to create crontab file need to create it in below path
#cd /etc/cron.d/
Besides that we can configure temporary cron task with below
command. In this case it will create temporary file
#crontab –e
59 23 * * * ls –h / >> /result.txt (it means that the command will
be executed every day at 23:59
( it will store the result every one minute )
After you edit the cron configuration, the temporary file is moved to its final location in the directory
/var/spool/cron. In
this directory, a file is created for each user. These files should never be edited directly! When the file
is saved by crontab -e, it is activated automatically. crontab -l command does list cron jobs, but only
for the current user account.
To start, Cron jobs can be started for specific users. To create a user-specific cron job, type crontab -e after
logging in as that user, or as root type crontab -e -u username. By default, all users can enter Cron jobs. It
is possible to limit which user is allowed to schedule cron jobs by using the /etc/cron.allow and
/etc/cron.deny configuration files. If the cron.allow file exists, a user must be listed in it to be allowed to
use Cron. If the /etc/cron.deny file exists, a user must not be listed in it to be allowed to set up Cron jobs.
Both files should not exist on the same system at the same time. Only root can use Cron if neither file
exists.

Each line in the /etc/crontab file represents a job and has the following format:
minute hour day month dayofweek command

 minute — any integer from 0 to 59

 hour — any integer from 0 to 23

 day — any integer from 1 to 31 (must be a valid day if a month is

specified)

 month — any integer from 1 to 12 (or the short name of the month such as
jan or feb)

 dayofweek — any integer from 0 to 7, where 0 or 7 represents Sunday (or

the short name of the week such as sun or mon)

 command — the command to execute (the command can either be a

command such as ls /proc >> /tmp/proc or the command to execute a
custom script)

For any of the above values, an asterisk (*) can be used to specify all valid
values. For example, an asterisk for the month value means execute the
command every month within the constraints of the other values. A hyphen (-)
between integers specifies a range of integers. For example, 1-4 means the
integers 1, 2, 3, and 4. A list of values separated by commas (,) specifies a
list. For example, 3, 4, 6, 8 indicates those four specific integers. The
forward slash (/) can be used to specify step values. The value of an integer
can be skipped within a range by following the range with /<integer>. For
example, 0-59/2 can be used to define every other minute in the minute field.
Step values can also be used with an asterisk. For instance, the
value */3 can be used in the month field to run the job every third month.
Anacrontab ( it executes the script daily hourly weekly or
monthly)
The main conf file is stored in below path
# vi /etc/anacrontab
# /etc/anacrontab: configuration file for anacron

# See anacron(8) and anacrontab(5) for details.

SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# the maximal random delay added to the base delay of the jobs
RANDOM_DELAY=45
# the jobs will be started during the following hours only
START_HOURS_RANGE=3-22

#period in days delay in minutes job-identifier command

1 5 cron.daily nice run-parts /etc/cron.daily
7 25 cron.weekly nice run-parts /etc/cron.weekly
@monthly 45 cron.monthly nice run-parts
/etc/cron.monthly
~
~
At ( One time job scheduling)
The batch command works like at, but it’s a bit more
sophisticated. When using batch, you can specify that a job is only
started when system performance parameters allow. Typically,
that is when system load is lower than 0.8. This value is a bit low
on modern multi-CPU systems, which is why the load value can be
specified manually when starting atd, using the -l command-line
option. Use, for instance, atd -l 3.0 to make sure that no batch job
is started when system load is higher than 3.0.
atd is responsible for one time job
#at 22:00
at>ls / >> /at.txt
ctrl+d
the job will be implemented at 22:00 at one time

#atq ( is used to query one time job)

Rsyslog and journaling

#systemctl status sshd –l ( gives short overview of specific
module)
#systemctl status rsyslog (check the status of syslog daemon )
Below file include if rsyslog receive journaling data
#vi /etc/rsyslog.conf
Most of the log messages are stored in below directory
#cd /var/log

#journalctl ( shows journaling log messages)

#journalctl –b (it shows log messages from boot)
#journalctl –since=yesterday (shows logs starts from yesterday)
#journalctl –u=cron (its shows log messages from unit such as
cron)
#journalctl –u=event (it shows event log messages)
If we want to save journal log files need to create journal folder
and restart the journald. By default journaling files are stored in
/run/log/journal directory

#mkdir /var/log/journal
systemctl restart systemd-journald
major journal configuration is stored in below file
#vi /etc/system/journald.conf
We can specify log rotate by below configuration
It will save log files evey month and 6 months all logs will be saved
#vi /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files monthly
monthly

# keep 6 ` months worth of backlogs

rotate 6
Partitions
In linux system there two type of post installation for PC. BIOS and
UEFI.
Bios support up to 2TB hard disk space.
UEFI does not have such limitation. It supports 128 partitions and
up to 8 ZiB( Zebabit byte)
fdisk utility is used for BIOS and partition type is MBR
gdisk is used for UEFI and partition type is GPT

Create Petition for MBR.

Firstly we need to know on which disk hard disk we are going to
work. To check this run below command to check it
#cat /proc/partitions
[root@localhost ~]# cat /proc/partitions
major minor #blocks name
2 0 4 fd0
11 0 4481024 sr0
8 0 31457280 sda
8 1 1048576 sda1
8 2 30407680 sda2
8 16 10485760 sdb
8 17 2097152 sdb1
8 18 1048576 sdb2
8 20 1 sdb4
8 21 1048576 sdb5
8 32 2097152 sdc
253 0 28303360 dm-0
253 1 2097152 dm-1
253 2 1044480 dm-2
253 3 1048576 dm-3
[root@localhost ~]#
In this case we will work on sdc.
Lets start configuration by sdc disk
#fdisk /dev/sdc
[root@localhost ~]# fdisk /dev/sdc
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write

them.
Be careful before using the write command.

Device does not contain a recognized partition table

Building a new DOS disklabel with disk identifier 0x2ed1d31f.

Command (m for help):

In fdisk command menu type m for menu.
Type n to create new partition.
Then select if its primary or secondary
At the end type p to print all partitions

Command (m for help): n

Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Partition number (1-4, default 1): 1
First sector (63-4194303, default 63):
Using default value 63
Last sector, +sectors or +size{K,M,G} (63-4194303, default
4194303): +100M
Partition 1 of type Linux and of size 100 MiB is set

Command (m for help): p

Disk /dev/sdc: 2147 MB, 2147483648 bytes, 4194304 sectors

255 heads, 63 sectors/track, 261 cylinders
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x2ed1d31f

Device Boot Start End Blocks Id System

/dev/sdc1 63 204863 102400+ 83 Linux
Partition 1 does not end on cylinder boundary.

Command (m for help):

We can create extended partition too but If we want to work on
extended partition we need to create logical partition within
extended partition
After logical partition is created we can press w to write changes
W

If we get error to updtate partition we can manually push to

write.
#partprobe

GPT Partition
Its not recmened to create MBR and GPT partition on the same
disk it will result lost data
To create GPT partition follow below command
#gdisk /dev/sdc
>n (create partition)
>p (print partition)
>w (write changes)

File system
Lets Create filesystem with mkfs
[root@localhost ~]# mkfs
mkfs mkfs.btrfs mkfs.cramfs mkfs.ext2 mkfs.ext3
mkfs.ext4 mkfs.fat mkfs.minix mkfs.msdos mkfs.vfat
mkfs.xfs
[root@localhost ~]# mkfs.xfs -L vol1 /dev/sdc1 ( it gives the
name label vol1)
meta-data=/dev/sdc1 isize=512 agcount=4, agsize=6400
blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=25600, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=855, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@localhost ~]#

#mount LABEL=vol1 /mnt (vol1 file disk is mounted to /mnt

directory (this is recommended way)
#mount /dev/sdc1 /mnt (its also used to mount the disk to the
directory)
#umount /dev/sdc1 (un mount )
#umount LABEL=vol1
#umount /mnt
This options is not persistent. It will be cleared after reboot. To
make it persistent need to add it to the fstab file
#vi /etc/fstab
/dev/sdc1 /mnt xfs defaults 00

After that we can reboot the syatem or enter the mount –a

command to check fstb file
#mount –a
Driver can be mounted by the help of UUID too. To get UUID type
below command
#blkid
Then mount it with UUID
#mount UUID=ef79da24-a640-4f09-91de-27a2e8fad7d9 /mnt
Device can be mounted with label too.
Create Swap space
#fdisk /dev/sda1
#n
(allocate space)
#t (to change the file system to swap. To list supported file system
press L)
>82(MBR) 8200 (BPR)
W
#mkswap /dev/sda1
#swapon /dev/sda1
After activation swap space we can see that swap space is
increased
#free -m

To unmount swap memeaory use swapoff

#swapoff /dev/sda1
Then we can see the result in below command
#free –m
As you know this is temporarily and after reset it will be removed.
So let’s include it in fstab
/dev/sdc2 swap swap defaults 00
Adding Swap Files

If you do not have free disk space to create a swap partition and you do need to add swap space urgently,
you can use a swap file as well. From a performance perspective, it does not even make that much
difference if a swap file is used instead of a swap device such as a partition or a logical volume, and it may
help you fulfill an urgent need in a timely manner. To add a swap file, you need to create the file first. The
dd if=/dev/zero of=/ swapfile bs=1M count=100 command would add 100 blocks with a size of 1 MiB from
the /dev/zero device (which generates 0s) to the /swapfile file. The result is a 100-MiB file that can be
configured as swap. To do so, you can follow the same procedure as for swap partitions. First use mkswap
/swapfile to mark the file as a swap file, and then use swapon /swapfile to activate it.

LVM (Logical Volumes)

First lets create physical partition as we did before. In this
example we will use gdisk /dev/sdc
#gdisk /dev/sdc
>n
+100M
>t (to change the volume type to linux LVM)
>8e00
>w

1) Next step is to create physical volume creation

#pvcreate /dev/sdc5
#pvs (is used to query the number of PV result)
#pvdisplay
#lsblk ( is used to display detailed view)
2) Now need to create volume group and assign physical group to
this logical volume group
#vgcreate vgsdc5 /dev/sdc5
#vgs ( to query volume groups)
#vgdisplay
3) Now we need to create logical volume and assign virtual group
to it
Its better check available disk space by vgs and then input it to the
logical volume. Because in some sector metadata will be stored
and it will decrease the size
#lvcreate –n lvsdc5 –L 196M vgsdc5
L: is for volume
N: is for name
#lvs ( to query the result)
#lvdisplay
5) Now we can create file system and mount it temporarily
The logical path can be queried by lvdisplay
#mkfs.xfs /dev/vgsdc5/lvsdc5
Or we can give label during mounting line this
#mkfs.xfs –L group /dev/vgsdc5/lvsdc5

#mount /dev/vgsdc5/lvsdc5 /data1’

Or add into fstab
LABEL=group /group xfs defaults 00
Or
/dev/vgsdc5/lvsdc5 /group xfs defaults 00
We can see the result with mount command and df –h
#mount
/dev/mapper/vgsdc5-lvsdc5 on /data1 type xfs
(rw,relatime,seclabel,attr2,inode64,noquota)
#df –h
/dev/mapper/vgsdc5-lvsdc5 193M 11M 183M 6% /data1
Increase logical disk space
1) We need to create partition with gdisk or fdisk as before
#gdisk /dev/sdc
2) Need to create physical device but its option
#pvcreate /dev/sdc6
3) Need to create volume group
#vgextend vgsdc5 /dev/sdc6
4) Increase logical volume with synchronizing file system –r option
#lvextend –L +96M –r /dev/vgsdc5/lvsdc5
Reduce disk space
Xfs file system does not support disk shrinink. To perform
reduction we need to change file system to ext4 or btrfs. In most
cas ext4 is used. Als to change the file system we need to
unmount it and the perform below operation
#lvreduce –L -50M –r /dev/vgsdc5/lvsdc5
It will leave free disk space to the volume group

Working with Kernel Moduls

#udevadm momitor (it monitors hardware changes such as
plugging in and plugguing out. For example USB flash driver)
#lspci ( to see PCI module )
#lspci –k ( to see all supported PCI modules)
#lsmod (shows loaded modules )
#modprobe vfat (it loads vfat module manualy)
#modprobe –r vfat (removes vfat module manually)
#modinfo vfat (gives information about vfat module)
#modprob cdrom lockdoor=1 (it changes param setting in the
kernel module)
#dmesg (displays kernel or driver related logs)
This parameter can be changed in modprob.d direcorty
#cd /etc/modprobe.d
#touch cdrom.conf
Add below lines there so next time when the module is loaded, it
will take this configuration
options cdrom lockdoor=1
in below directory all moduls are located.
#cd /sys/modue/
By checking their configurations you can see the parameter took
effect or not

all the kernel modules are located on /proc directory

in the /proc/sys directory there located linux turnables
for example
#cd /proc/sys/net/ipv4
# cat icmp_echo_ignore_all
0
Lets change this result to 1 and try ping
#echo 1 > icmp_echo_ignore_all
Ping will be unreachable.
The changes directly effects the system
Another example
#cd /proc/sys/vm
#echo 20 > swappiness
Unfortunately this configuration is not persistent. To make it
persistent need to create file in /etc/sysctl follow below steps
#sysctl –a (shows all persistent kernel parameters)
#cd /etc/sysctl.d/
#touch 50-swap.conf ( 50 is the ordering number and lower
number is proceeded first)
#vi 50-swap.conf
vm.swappiness=60
after reboot the value will be persisitnet
for example in below directory we have kernel turnable file
/proc/sys/vm/swappiness
In /etc/sysctl.d/ directory we create the file and in the file we
specify last directory and file
vm.swappiness
after reboot we can check the result
sysctl -a | grep swap
vm.swappiness = 60
or the required parameter is described in sysctl –a output

Stratis Storage
Before start creating stratis need to download and install below
packages
1) #yum install stratis-cli stratisd
2) Need to enable this package
#systemctl enable --now stratisd
3) Create stratis pool to whole device
#stratis pool create mypool /dev/sdb
4) Create stratis file system
#stratis fs create mypool xfs

5) Need to create in fstab

/stratis/mypool/xfs /mnt1 xfs defaults 00
6) then need to take snapshot of filesystem
#stratis filesystem snapshot <poolname> filesystem-snapshot
filesystem
#stratis filesystem snapshot mypool xfs mypool-snap

VDO (virtual data optimization)

Type lsblk to verify the availability of the /dev/sde block device.
2. Type yum install -y vdo kmod-kvdo to install the required
packages.
3. Type vdo create --name=vdo1 --device=/dev/sde --
vdoLogicalSize=1T to create the
VDO device with a logical size of 1 TiB.
4. Use mkfs.xfs -K /dev/mapper/vdo1 to put an XFS file system on
top of the device.
5. Type mkdir /vdo1 to create a mount point where the VDO
device can be automatically
mounted.
6. Copy the example Systemd mount file for VDO to
/etc/systemd/system, using
#cp
/usr/share/doc/vdo/examples/systemd/VDO.mount.example
/etc/systemd/system/vdo1.mount
7. Edit the file to include the following lines:
Click here to view code image
what = /dev/mapper/vdo1
where = /vdo1
8. Type systemctl enable --now vdo1.mount to mount the new
block device.
9. Type vdostats --human-readable to monitor current statistics
about the VDO device.
10. Type df -h to verify the logical size of 1 GiB.
11. Reboot your server to ensure that after reboot the VDO device
is correctly mounted.

Boot procedure
Main conf file of boot grup is located in below file
#vi /etc/default/grup
GRUB_TIMEOUT=10
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-
release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos/root
rd.lvm.lv=centos/swap"
GRUB_DISABLE_RECOVERY="true"

Onece configuration is finished run below command to make it

permanent and update grub conf file
#grub2-mkconfig -o /boot/grub2/grub.cfg
While booting we can press the “e” button to make changes. In
this menu we can select target mode. Line emergency.target or
rescue.target.
After modification press ctrl+x to contionue booting. In this case it
will enter one of the troubleshooting mode
We can see systemctl services by using below command
#systemctl --type=service
Also we can use the status with below command
#systemctl list-unit-files
#systemctl -t help (it shows available unit types)
Available unit types:
service
socket
busname
target
snapshot
device
mount
automount
swap
timer
path
slice
scope
[root@localhost sysctl.d]#
Troubleshooting
If the system can not boot it means grub2 menu is damaged so to
fix this issue need to install new grub2 menu
For that install new centos disk and start booting form it
Then enter to this menu under troubleshooting menu then
Rescue a Red Hat Enterprise Linux System

Then press 1
Then type below command to change working enviromentnet
#chroot /mnt/sysimage
In the next step if you want to re-create initramfs type below
command
#dracut
Or
#dracut --force
If you want to install grub menu run below command
run grub2-install to install GRUB 2 to the desired installation
device. So if you are
in a KVM virtual machine, run grub2-install –f /dev/vda, and if
you are on a physical disk, run grub2-install –f /dev/sda.

Onece you have entered to emergency or rescue target before

make any modification run below command. It will give you
access to edit files
#mount -o remount,rw /

Target
System have 2 tyoes of target:
Just a group
State of system:
State of system target define the state of the system. Some of
them are listed below
Emergency
Rescue
Multi-user
Graphical
------------------------------------------------------------------------

All units have dependency target. We can see it by below

command
#systemctl list-dependencies

When service is installed it will be loaded to the below directory

#yum install vsftpd
#ls /usr/lib/system/system
When its enabled it will be loaded in next boot and in this case it
will be loaded in below directory
#systemctl enable - - now vsftpd
#/etc/systemd/system/multi-user.target.wants/vfsftpd.service

Below table shows systemctl status vsftpd service as an eaxmle

but all of them are the same
We can change any option with systemctl command
For it we need specify argument in below opened directory
#systemctl edit httpd
In this case new file will be saved in below location
/etc/systemd/system/httpd.service.d/override.conf

Target files are located in below directory

cd /usr/lib/systemd/system
#ls *.target

Target itself does not know which service is required to start. But
in service configuration file have required target. Let check
#grep multi-user -- *
#vi tcsd.service

In below directory we can see which target have which service

cd /etc/systemd/system
#ls

Lets dive into the multi user target and see what services are
listed there
#cd /etc/systemd/system/multi-user.target.wants
#ls
When we disable oen service with systemctl this service will
disappear from this directory
#ststemctl disable vsftpd
So it will be removed from this directory
We can query currently running target with below command
#systemctl get-default

[root@localhost multi-user.target.wants]# systemctl get-default

multi-user.target
[root@localhost multi-user.target.wants]#
Actually system runs default.target but it creates symbolink link to
the actual target. We can se default target like shown below
# systemctl set-default multi-user.target

[root@localhost multi-user.target.wants]# systemctl set-default

multi-user.target
Removed symlink /etc/systemd/system/default.target.
Created symlink from /etc/systemd/system/default.target to
/usr/lib/systemd/system/multi-user.target.
[root@localhost multi-user.target.wants]#

Not only during the reboot we can set target but also can be done
when system is in operation with isolate command
#systemctl isolate rescue.target
systemctl list-units --type target ( See the list of targets)

Reset Root password in red hat 7

1) need to access grub2 menu and add rd.break to enter early
linux shell and press ctrl+x to contionu booting
 2) then enter below command on linux shell
#mount –o remount,rw /sysroot
3) Then we need to make sysroot actual root directory
#chroot /sysroot
4) Then we can type passwd to change the root password
#passwd
5) Then we need to create .autolabel file so security system of
linix will accespt new password
#touch .autorelabel
Press ctrl+D to exit the menu

Apache web server

#yum install httpd (Install apache server)
All configuration files are located in below directory
#cd /etc/httpd
Main conf file is below descriebd
#vi /etc/httpd/conf/httpd.conf
In this file one parameter is important
DocumentRoot "/var/www/html" (in this path index.html is
served)
Apache server is modular server and all extra modules will be
installed in below directory
/etc/httpd/modules
SELinux
SE linux is the security environment of the linux system. It has
three states
enforcing (full operational and protects whole system)
permissive (permits everything but saves logs, its usefull for
troubleshooting)
disabled (security is shutdowned and is not operational)

#getenforce (it query the operational mode of Security

environment)
Enofrocing
#setenforce Permissive (sets to permissive mode or setenforce 0
(1 is Enforcing mode))
#setenforce disabled (To change to disabled mode we need to
restart the system)
We can set to disabled mode by changing in below configuration
to disabled and then reboot the system.
#vi /etc/selinux/config"
SELINUX=disabled
#sestatus –v ( to see status of SElinux policy)

SE Linux Policy and Rules

In SE linux in Enforcing mode there is two type of object
Source and target
 Enforcing
Source Target
- Process -File
- User -Port
To get permission source object and target object have to match
each other. They are called label
#ls –Z ( shows SE linux label)
[root@localhost ~]# ls -Z
-rw-------. root root system_u:object_r:admin_home_t:s0
anaconda-ks.cfg
drwxr-xr-x. root root unconfined_u:object_r:admin_home_t:s0
this
[root@localhost ~]#
In this exam we will cover the yellow marked part.
admin_home_t. It means context type

We can see the process context type by ps Zaux

#ps Zaux
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root
6920 0.0 0.1 115436 2016 tty1 Ss+ 14:10 0:00 -bash
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root
6956 0.0 0.3 159092 5924 ? Ds 14:11 0:00 sshd: root@pts/0
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root
6960 0.0 0.2 158764 5488 ? Ss 14:11 0:00 sshd: root@notty
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root
6964 0.0 0.1 72092 2848 ? Ss 14:11 0:00
/usr/libexec/openssh/sftp-server
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root
6969 0.0 0.1 115440 2128 pts/0 Ss 14:11 0:00 -bash
system_u:system_r:kernel_t:s0 root 7085 0.0 0.0 0 0?
S 14:22 0:00 [kworker/0:2]
system_u:system_r:kernel_t:s0 root 7094 0.0 0.0 0 0?
S 14:22 0:00 [kworker/1:1]
system_u:system_r:kernel_t:s0 root 7143 0.0 0.0 0 0?
S 14:27 0:00 [kworker/0:0]
system_u:system_r:kernel_t:s0 root 7145 0.1 0.0 0 0?
R 14:28 0:00 [kworker/1:0]
system_u:system_r:ksmtuned_t:s0 root 7153 0.0 0.0 107952
360 ? S 14:28 0:00 sleep 60
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root
7154 0.0 0.1 155360 1912 pts/0 R+ 14:29 0:00 ps Zaux
[root@localhost etc]#

unconfined_t: Means its end user context type

ports also have labels. It can be seen by typing below command
#netstat –Ztulpan

[root@localhost selinux]# netstat -tulpan

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
1204/master
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
1/systemd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
1051/sshd
tcp 0 0 192.168.1.104:22 192.168.1.103:50375
ESTABLISHED 1393/sshd: root@pts
tcp6 0 0 ::1:25 :::* LISTEN
1204/master
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::22 :::* LISTEN 1051/sshd
udp 0 0 0.0.0.0:68 0.0.0.0:*
1330/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:*
1/systemd
udp 0 0 127.0.0.1:323 0.0.0.0:*
735/chronyd
udp6 0 0 :::111 :::* 1/systemd
udp6 0 0 ::1:323 :::* 735/chronyd
[root@localhost selinux]#

Or
#netstat –Z

When we copy file it inherits its context id. For example if I copy
file it will be changed based on user
For example.
#ls –Z /etc/hosts
-rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/hosts
#cp /etc/hosts /root
#ls –Z /root
-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0
hosts

When one system file is removed by mistakenly, we can restore it

back but the context label will be different. So we can fix it with
more eascy way. SE linix knows which context label belongs to
which file
#restorecon-v /etc/hsts (restores context leabel)
When new directory is created and SELinux does not know which
label need to be assigned, it adds default label

drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 www

Now we can change SELinux context type. For this semanage is
used.
For this follow below 2 steps
1) # semanage fcontext -a -t net_conf_t "/www(/.*)?"
-a is for add context type
-t is for context type
"/www(/.*)?" is everything in the www directory and itself
2) Then need to type restorecon to update SELinux
 #restorecon –Rv /www
NOTE: if the SE policy content type has already been added we
can modify it by –m instead of –a
#semanage –m –t httpd_sys_content_t “/myweb(/.*)?”
#restorecon -Rv

There is other command to manage semanage but after reboot it

will be removed if touch /.autorelabel file is creted
#chcon –t httpd_sys_content_t /srv/web

SELinux Booleans
Booleans allow parts of SELinux policy to be changed at runtime, without any knowledge
of SELinux policy writing. This allows changes, such as allowing services access to NFS
volumes, without reloading or recompiling SELinux policy.

#getbool –a ( to get the Boolean state)

For example if the Boolean is turend of it means its not allowed.

[root@localhost tmp]# getsebool -a | grep ftp

ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
for example its not allowed to access to db over ftp
Lets turn it on.
In this example I will turn on ftpd_anon_write to on but it will be
turned to default value after restart.
# setsebool ftpd_anon_write on ( it will open Boolean to on)
We can query acutual and persistent state of Boolean.
[root@localhost ~]# semanage boolean -l | grep ftp
ftpd_use_cifs (off , off) Allow ftpd to use cifs
ftpd_connect_db (off , off) Allow ftpd to connect db
ftpd_use_fusefs (off , off) Allow ftpd to use fusefs
ftpd_full_access (off , off) Allow ftpd to full access
tftp_anon_write (off , off) Allow tftp to anon write
tftp_home_dir (off , off) Allow tftp to home dir
httpd_can_connect_ftp (off , off) Allow httpd to can
connect ftp
ftpd_use_passive_mode (off , off) Allow ftpd to use passive
mode
ftpd_use_nfs (off , off) Allow ftpd to use nfs
ftpd_connect_all_unreserved (off , off) Allow ftpd to connect
all unreserved
ftpd_anon_write (on , off) Allow ftpd to anon write
httpd_enable_ftp_server (off , off) Allow httpd to enable ftp
server

ftpd_anon_write current state is on but persistently its

off, for example it will be turned off after reboot
to make it persistent run below commad.
#setsebool –P ftp_anon_write on (just need to add P option to
make it persistent)

SELinux log messages are stored in below file.

/ var/log/audit/audit.log
Let’s see what’s happening there
#grep AVC /var/log/audit/audit.log (SELinux log messages are labeled with the
"AVC" keyword so that they might be easily filtered from other messages, as with grep.)

In addition, log information is can be found in below directory

# /var/log/messages
In this example lets configure APACHE server.
To analyze the logs more easly its better to install below package.
After installation its better to reboot the system in order to take
effect. After that all logs will be installed on /var/log/messages
too. Then we can use sealer comand
#yum -y install setroubleshoot-server

#sealert

Lets change the configuration file of httpd to get document root

from /web directory
#vi /etc/httpd/conf/httpd.conf

DocumentRoot "/web"
<Directory "/web">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
#systemctl restart httpd
#elinks http://localhost ( in this calse we can see that its not
opening)
To analyze the issue lets check audit.log and /var/log/messages
#grep AVC /var/log/audit/audit.log
type=AVC msg=audit(1574610181.429:207): avc: denied
{ getattr } for pid=2816 comm="httpd" path="/web/index.html"
dev="dm-0" ino=17058779
scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:default_t:s0 tclass=file
permissive=0
type=AVC msg=audit(1574610181.430:208): avc: denied
{ getattr } for pid=2816 comm="httpd" path="/web/index.html"
dev="dm-0" ino=17058779
scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:default_t:s0 tclass=file
permissive=0
[root@localhost web]

As we can see from this menu comm=httpd is trying to access to

/web/index.html
The same log is stored in /var/log/messages too.
Port context type and file context types can be queried as below
#semanage port –l
#semanage fcontext –l
If some SELinux software is not installed they can be installed like
below
#yum install selinux-policy
#yum install setroubleshoot
# yum install setroubleshoot setools

Firewall
[root@localhost services]# firewall-cmd --list-all ( it lists firewall
services)
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

[root@localhost services]#
Firewall system default service files are located in below directory
and they should not be modified. They are default services
/usr/lib/firewalld/services
#firewall-cmd --get-services (see currently available services)
#firewall-cmd --list-servies (see currently applied services)
Its better to create own service file in below directory
#cd /etc/firewalld/services/
Lets test creating customized firewall file. For that its better to
copy one xml file from /usr/lib/firewalld/services/ and paste to
/etc/firewalld/services and then modify as required
1) #vi kamran.xml

<?xml version="1.0" encoding="utf-8"?>

<service>
<short>Kamran FIrewall test</short>
<description>Customized xml file.</description>
<port protocol="tcp" port="2233"/>
</service>

2) Then need to reload firewall deamon

#firewall-cmd --reload
3) Then it can be seen in available firewall service list
#forewall-cmd --get-services
4) Then lets add the Kamran service as a firewall service
5) lets add this service to firewall running service and permanenet
services
#firewall-cmd –add-service kamran
#firewall-cmd --add-service kamran --permanent
6) #firewall-cmd –reload
7) Then we can see that this service is added to firewall service
[root@localhost services]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: dhcpv6-client kamran ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
lets add port to forewall
firewall-cmd --add-port=1234/tcp –permanent

Now lets check firewall graphical interface. If graphical interface

does not start use below command to install x11

#yum install "@X Window System" xorg-x11-xauth xorg-x11-fonts-

* xorg-x11-utils –y
Then run below command
#firewall-config
Time in RedHat
since January 1, 1970, in UTC. In some logs (such as
/var/log/audit/audit.log), you’ll find time stamps in epoch time
and not in human time. To convert such an epoch time stamp to
human time, you can use the --date option, followed by the epoch
string, starting with an @:
#date --date '@1420987251'

#date (shows current system time)

#hwclock (Shows hardware clock)
#hwclock –systohc (synchronizes system time and hardware
time)
#timedatectl status (shwows different time option and status)
By the help of man and –help page lets change time zone to
Asia/Baku
#timedatectl set-timezone Asia/Baku

NTP server address is added to chronyd service. Lets add it

#vi /etc/chrony.conf
server labipa.example.com
#systemctl status chronyd
#timedatectl set-ntp 0 (it means ntp is disabled with Boolean)
#timedatectl set-ntp 1 (ntp is enabled)

#tzselect ( it can be used to select time zone)

On server1, open a root shell.
2. Disable the line pool 2.rhel.pool.ntp.org by putting a # sign in front of it.
3. Include the line allow 192.168.0.0/16 to allow access from all clients that use a local
IP
address starting with 192.168.
4. Also include the line stratum 8. This ensures that the local time server is going to
advertise itself with a stratum of 8, which means it will be used by clients, but only if no
Internet time servers are available. Next, close the configuration file.
5. Use systemctl restart chronyd to restart the chrony process with the new settings.
6. Still on server1, type firewall-cmd --add-service ntp --permanent, followed by
firewall-cmd reload. This opens the firewall for time services.
7. Open a root shell on server2.
8. On server2, open the configuration file /etc/chrony.conf and disable the line pool
2.rhel.pool.ntp.org.
9. Add the line server server1.example.com. Make sure that name resolution to
server1.example.com is configured, and if not, use the IP address of server1 instead.
10. Type systemctl restart chronyd to restart the chrony service with the new settings.
11. On server2, type the command chronyc sources. It should show the name or IP
address of server1, the stratum of 8 that is advertised, and a synchronization status
indicating that server2 has successfully synchronized its time.
12. In our case we will use the ntpdate command to sync which our Chrony NTP server
locate on 192.168.1.150 IP address:
ntpdate 192.168.1.150
https://linuxconfig.org/redhat-8-configure-ntp-server

NFS (Network File System)

If nfs tools are not installed on server, it can be installed and
activated by below command
#yum install nfs-utils
#systemctl start nfs
Then we can check nfs server if it has shared folder
#showmount –e 192.168.1.100
Export list for 192.168.1.100:
/home *
/DIsk_1/Qbittorrent 127.0.0.1

Lets moutn it to the /mnt directory

#mount 192.168.1.100:/home /mnt ( it will be mounted
temporarly)

To make it permanent need to add below command in fstab file

#vi /etc/fstab
192.168.1.100:/home /nfs nfs _netdev 00
Yellow marked string means
nfs – file sysyem
_netdev - indicates its network file system
To make sure its better reboot system and check

Samba Integration
Before installation of samba we need to install samba related
packages and cifs protocol utils. Samba use cifs protocol which is
developed by windows system
#yum install cifs-utils samba-client
SMB service is activated on my NAS server so from linix we can
explore what its offering
#smbclient -L 192.168.1.100 (it shows SAMBA shared directories)
smbclient -L 192.168.1.100
Enter SAMBA\root's password:

Sharename Type Comment

--------- ---- -------
Qbittorrent Disk
IPC$ IPC IPC Service ("Kamran")
Reconnecting with SMB1 for workgroup listing.

Server Comment
--------- -------

Workgroup Master
--------- -------
CHINA K80044720
WORKGROUP KAMRAN
So we will connect Qbittorrent Disk from RH
Lets temorarly mount samba to the root /smb directory
#mount –o username=admin //192.168.1.100/ Qbittorrent /smb
Or
#mount –t cifs –o username=admin //192.168.1.100/ Qbittorrent /smb (it
tells to use cifs protocol to mount but mount command is enough smart to
discovery mounting type)
#mount –a
#mount
#df –h

[root@localhost /]# df -h

Filesystem Size Used Avail Use% Mounted on

devtmpfs 739M 0 739M 0% /dev
tmpfs 750M 0 750M 0% /dev/shm
tmpfs 750M 9.5M 741M 2% /run
tmpfs 750M 0 750M 0% /sys/fs/cgroup
/dev/mapper/cl-root 13G 3.0G 9.6G 24% /
/dev/sda1 1014M 172M 843M 17% /boot
192.168.1.100:/home 145G 85G 59G 60% /nfs
tmpfs 150M 0 150M 0% /run/user/0
//192.168.1.100/Qbittorrent 145G 87G 59G 60% /smb
Lets mount it permanently in fstab menu
#vi /etc/fstab
//192.168.1.100/Qbittorrent /smb cifs
_netdev,username=admin,password=password 00
//192.168.1.100/Qbittorrent ( is samba server access method)
/smb (it will be mounted in the client /smb)
_netdev,username=admin,password=password (_netdev
means network module for communication with smb and others
authentication credentials)

Kisckstart menu
Before starting lets install kickstat package
Kickstatr configuration file is located in root directory
# vi /root/anaconda-ks.cfg
#yum install system-config-kickstart.noarch
Its graphical configuration utility. By running below command we
can start graphical configuration windows
#system-config-kickstart
After configuration we can save it from file menu on the top
While installation, we can specify installation URL by typing
ks=ftp://192.168.1.100/kickstart.cfg