tag:blogger.com,1999:blog-51803430029734685562024-02-07T19:15:17.560-08:00RHCE/RHCSA Exam NotesThis is my personal notes on RHCSA/RHCE exam. Site still work in progress. For comments and suggestions email me at mctofferatgmaildotcompenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.comBlogger46125tag:blogger.com,1999:blog-5180343002973468556.post-46200824526737120372012-02-02T19:21:00.000-08:002012-02-02T19:52:01.745-08:00Sample BIND config/etc/named.conf<br />
<br />
<blockquote class="tr_bq">
options {<br />
listen-on port 53 { 127.0.0.1; 192.168.122.140; };<br />
listen-on-v6 port 53 { ::1; };<br />
directory "/var/named";<br />
dump-file "/var/named/data/cache_dump.db";<br />
statistics-file "/var/named/data/named_stats.txt";<br />
memstatistics-file "/var/named/data/named_mem_stats.txt";<br />
allow-query { localhost; };<br />
recursion yes;<br />
<br />
dnssec-enable yes;<br />
dnssec-validation yes;<br />
dnssec-lookaside auto;<br />
<br />
/* Path to ISC DLV key */<br />
bindkeys-file "/etc/named.iscdlv.key";<br />
};<br />
<br />
logging {<br />
channel default_debug {<br />
file "data/named.run";<br />
severity dynamic;<br />
};<br />
};<br />
<br />
zone "." IN {<br />
type hint;<br />
file "named.ca";<br />
};<br />
<br />
zone "penoycentral.net" {<br />
type master;<br />
file "penoycentral.net.zone";<br />
};<br />
<br />
zone "122.168.192.in-addr.arpa" IN {<br />
type master;<br />
file "192.168.122.zone";<br />
};<br />
<br />
include "/etc/named.rfc1912.zones";</blockquote>
<br />
<br />
/var/named/penoycentral.net.zone<br />
<br />
<blockquote class="tr_bq">
$TTL 1D<br />
penoycentral.net. IN SOA centos01.penoycentral.net. root.penoycentral.net (<br />
04 ; serial<br />
1D ; refresh<br />
1H ; retry<br />
1W ; expire<br />
3H ) ; minimum<br />
@ IN NS centos01<br />
centos01 IN A 192.168.122.140<br />
centos02 IN A 192.168.122.8<br />
rhel01 IN A 192.168.122.122<br />
rhel02 IN A 192.168.122.120</blockquote>
<br />
/var/named/192.168.122.zone<br />
<blockquote class="tr_bq">
$TTL 1D<br />
@ IN SOA centos01.penoycentral.net. root.penoycentral.net (<br />
2012020202 ; serial<br />
1D ; refresh<br />
1H ; retry<br />
1W ; expire<br />
3H ) ; minimum<br />
IN NS centos01.penoycentral.net.<br />
140 IN PTR centos01.penoycentral.net.<br />
8 IN PTR centos02.penoycentral.net.</blockquote>
To check zone config<br />
named-checkzone penoycentral.net penoycentral.net.zone<br />
named-checkzone penoycentral.net 192.168.122.zone<br />
named-checkconf /etc/named.confpenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com1tag:blogger.com,1999:blog-5180343002973468556.post-41706458113610038312011-08-26T03:52:00.000-07:002011-08-26T04:06:56.049-07:00Finally passed RHCEIt has been a long day for me.. RHCSA exam in the morning and RHCE exam in the afternoon. Finally after months of self study and 4 days on the rapid track course, i nailed both exam.<br />
Pretty much to say that i'm so proud on the cert. This is not the type of exam that you will just choose among the multiple choice or configure in a simulated environment. It will test your knowledge on how well you understood Redhat.<br />
On future takers, i advised you to know the exam objectives inside and out. SELinux looks like intimidating at first, but as soon as you understand how it works,it will be a piece of cake for you :)<br />
<b><br />
Materials/books used</b><br />
<br />
<b>RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press) -- Michael Jang</b><br />
Highly recommend!!! Comes with a CD with pdfs and labs exams at the end of every chapter. My fav source of info for the exam.<br />
<br />
<b>Hands-on Guide to the Red Hat® Exams: RHCSA™ and RHCE® Cert Guide and Lab Manual (Certification Guide) -- Damian Tommasino</b><br />
Lots of errors, but hey, as soon as you pointed the errors in the book, it just shows that you know your stuffs. Used to counter check configs and setup.<br />
<br />
<b>RH300 RHCE Rapid Track course</b><br />
Final review for the exam. It cost much but highly recommended also. It guides me and helps to fill in the gaps on what i have learned already on my home lab. Before taking the course, i advised that you first do your home work. Learn the exam objectives, build your own home lab, simulate the configs as advised on Michael and Damian's book. In this way when you attend the course, you can ask all the questions that you have on your instructor. This is fast-paced course so make full use of it.<br />
<br />
<a href="https://github.com/texastwister/OpenRHCE">texastwister/<em style="font-style: normal; font-weight: bold;">OpenRHCE</em> - GitHub</a> - This is a beast study guide. I used this as a last minute review before taking the exam. Reading the whole week while in the train :) Highly recommended also<br />
<br />
As always, we signed the Non-disclosure Agreement so i will not divulge anything specific about the exam. I might update this blog,but will not be on the RHCE exam specific anymore.<br />
Study!!! study!!!! study!!!!! lab!!!! lab!!!! lab!!!! simulate!!!! simulate!!!! and always follow the KISS principle..penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com16tag:blogger.com,1999:blog-5180343002973468556.post-91992922955064550472011-08-17T17:32:00.000-07:002011-08-17T17:32:00.333-07:00<br />
###NTP####<br />
<br />
<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">/etc/ntp.conf<br />
server <localipserver><br />
</localipserver></div></blockquote><br />
<br />
to sync time to the internet time server<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">service ntpd stop<br />
ntpdate 0.fedora.pool.ntp.org<br />
service ntpd start</div></blockquote><br />
to check ntp<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">ntpq -p</div></blockquote><br />
<br />
set iptables<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">iptables -I INPUT -m udp -p udp --dport 123 -j ACCEPT<br />
iptables -I INPUT -m tcp -p tcp --dport 123 -j ACCEPT</div></blockquote>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-74452824042112610632011-08-13T09:42:00.000-07:002011-08-13T09:42:43.760-07:00Setting up LDAP Server for AuthencationAlthough LDAP server is not part of the exam, we need to learn how to setup our server as a client. You can check out L<a href="http://www.salsaunited.net/blog/?p=42">aurent Domb OSS Blog</a> if you want to configure LDAP authentication server in your labs.penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-76841714773794592192011-08-13T04:32:00.000-07:002011-08-13T04:32:37.140-07:00Lab Postfix Sample configdovecot.conf<br />
[root@rhel01 dovecot]# grep -v ^# /etc/dovecot/dovecot.conf<br />
!include conf.d/*.conf<br />
protocols = imap pop3<br />
listen = 192.168.122.122<br />
dict {<br />
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext<br />
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext<br />
}<br />
<br />
/etc/postfix/main.cf<br />
[root@rhel01 postfix]# grep -v ^# main.cf<br />
queue_directory = /var/spool/postfix<br />
command_directory = /usr/sbin<br />
daemon_directory = /usr/libexec/postfix<br />
data_directory = /var/lib/postfix<br />
mail_owner = postfix<br />
myhostname = rhel01.penoycentral.net<br />
mydomain = penoycentral.net<br />
myorigin = $mydomain<br />
inet_interfaces = all<br />
inet_protocols = all<br />
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost, mail.penoycentral.net<br />
unknown_local_recipient_reject_code = 550<br />
mynetworks = 192.168.1.0/24, 192.168.122.0/24, 127.0.0.1/8<br />
alias_maps = hash:/etc/aliases<br />
alias_database = hash:/etc/aliases<br />
debug_peer_level = 2<br />
debugger_command =<br />
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin<br />
ddd $daemon_directory/$process_name $process_id & sleep 5<br />
sendmail_path = /usr/sbin/sendmail.postfix<br />
newaliases_path = /usr/bin/newaliases.postfix<br />
mailq_path = /usr/bin/mailq.postfix<br />
setgid_group = postdrop<br />
html_directory = no<br />
manpage_directory = /usr/share/man<br />
sample_directory = /usr/share/doc/postfix-2.6.6/samples<br />
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES<br />
<br />
<br />
<br />
DNS penoycentral.net zone config for the mailserver to work properly<br />
[root@wk named]# cat /var/named/penoycentral.net.zone <br />
$TTL 1D<br />
@ IN SOA penoycentral.net. root.penoycentral.net (<br />
2011091302 ; serial<br />
1D ; refresh<br />
1H ; retry<br />
1W ; expire<br />
3H ) ; minimum<br />
IN NS wk.penoycentral.net.<br />
wk IN A 192.168.1.70<br />
@ IN MX 10 mail.penoycentral.net.<br />
rhel01 IN A 192.168.122.122<br />
rhel02 IN A 192.168.122.120<br />
mail IN CNAME rhel01<br />
<br />
To check if MX records setup properly in the domain<br />
[root@rhel02 /]# nslookup<br />
> set type=mx<br />
> penoycentral.net<br />
Server: 192.168.1.70<br />
Address: 192.168.1.70#53<br />
<br />
penoycentral.net mail exchanger = 10 mail.penoycentral.net.<br />
<br />
<br />
#### postfix usefull commands #####<br />
<br />
delete mailq<br />
#postsuper -d <mailid><br />
penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-26468385677736425692011-08-13T04:18:00.000-07:002011-08-13T04:18:07.748-07:00Creating Simple RPM Part 2<br />
Needed packages<br />
1. rpm-build<br />
2. rpmdevtools<br />
<br />
<br />
Create RPM Howto<br />
* run rpmdev-setuptree creates rpmbuild directories<br />
1. create directory and the file inside the created dir<br />
<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;"> mkdir ~/Hello-1.0<br />
touch ~/Hello-1.0/hello<br />
chmod +x ~/Hello-1.0/hello<br />
</directory></div></blockquote><br />
2. create the gzip-compressed tar and copy to the SOURCE dir<br />
<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;"> tar cvzf Hello-1.0.tar.gz ~/Hello-1.0<br />
cp Hello-1.0.tar.gz ~/rpmbuild/SOURCES<br />
</directory></div></blockqoute><br />
<br />
3. create the spec file<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;"> rpmdev-newspec<br />
</directory></div></blockquote><br />
4. copy the sample spec file to the package spec<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">cp newpackage.spec hello.spec<br />
</directory></div></blockquote><br />
5. Edit hello.spec <br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">Name: Hello <br />
Version: 1.0 <br />
Release: 1%{?dist}<br />
Summary: Hellow RPM <br />
<br />
Group: Miscellaneous<br />
License: GPL<br />
URL: www.penoycentral.net<br />
Source0: Hello-1.0.tar.gz<br />
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)<br />
<br />
%description<br />
A sample RPM for RHCE exam<br />
<br />
%prep<br />
%setup -q<br />
<br />
<br />
%build<br />
<br />
<br />
%install<br />
rm -rf $RPM_BUILD_ROOT<br />
install -d -m 0755 $RPM_BUILD_ROOT/opt/Hello-1.0<br />
install -m 0755 hello $RPM_BUILD_ROOT/opt/Hello-1.0/hello<br />
<br />
%clean<br />
rm -rf $RPM_BUILD_ROOT<br />
<br />
<br />
%files<br />
%dir /opt/Hello-1.0<br />
%defattr(-,root,root,-)<br />
/opt/Hello-1.0/hello<br />
<br />
</directory></div></blockquote><br />
6. Build the source rpm<br />
rpmbuild -ba ~/rpmbuild/SPECS/hello.spec<br />
<br />
7. RPM package can now be found in ~/rpmbuild/RPMS/x86_64/Hello-1.0.rpm<br />
penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com1tag:blogger.com,1999:blog-5180343002973468556.post-61290393479142328262011-07-28T18:43:00.000-07:002011-07-28T18:43:11.637-07:00System Messagesfacility.level<br />
<br />
<br />
###<br />
facility<br />
###<br />
user - messages generated by user processes. Default facility<br />
kern - kernel messages<br />
daemon - system daemons<br />
auth - authorization system(login,su,getty)<br />
lpr - generates messages from the line printer spoooling systemlpr and lpc<br />
news - reserved for the usenet network news system<br />
uucp - uucp system does not currently used<br />
audit - audit facility<br />
local0-7 - reserved for local use<br />
mark - timestamp messages<br />
* - indicates all facilities except mark<br />
<br />
<br />
###<br />
level<br />
###<br />
emerg - panic conditions that would normally be broadcast to all users<br />
alert - conditions need to be corrected immediately such as corrupted database<br />
crit - warnings about critical conditions, such as disk errors<br />
err - other errors<br />
warning -warning messages<br />
notice - not error conditions but need handling such failed login<br />
info - informational messages<br />
debug - normally used when debugging programs<br />
none - does not send messagespenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-6192918853166014702011-07-18T19:58:00.000-07:002011-07-18T19:58:51.148-07:00Archive and compressionstar will retain the SELinux permission<br />
example:<br />
pack chris directory<br />
star -xattr -H=exustar -f=chris.star chris/<br />
<br />
unpack chris directory<br />
star -x -f=chris.starpenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-42762693897233185202011-07-10T16:22:00.000-07:002011-07-10T16:22:26.061-07:00Centos 6 officially releasedread the release notes at http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-49097581112993168192011-07-10T06:19:00.000-07:002011-07-10T06:19:44.086-07:00CentOS 6 ReleasedCentOS 6 was finally released and asking help to seed their torrent.<br />
<br />
<blockquote>@CentOS: Help seed the CentOS-6.0/x86_64 ISOS via torrent : http://t.co/VP45uYA</blockquote><br />
Available for i386 and x86_64penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-61667898966258971902011-07-08T08:11:00.000-07:002011-07-08T08:11:24.216-07:00Virtual Machines using KVMTo install with prompt<br />
#virt-install --prompt<br />
<br />
List virtual machine<br />
#virsh list<br />
<br />
Stop virtual machine<br />
#virsh destroy <vm name><br />
<br />
Configure VM autostart<br />
#virsh autostart <vm name><br />
<br />
Unconfigure VM autostart<br />
#virsh autostart --disable <vm name><br />
<br />
To install<br />
#virt-install --name=rhel03.localdomain -r 768 --disk path=/var/lib/libvirt/images/rhel03.localdomain.img,size=8 -l http://192.168.122.1/pub/inst -x "ks=http://192.168.122.1/pub/ks/rhel03.cfg"penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-13447247009711226932011-07-06T08:33:00.000-07:002011-07-06T08:34:02.641-07:00Scientific Linux 6Freshly installed Scientific Linux 6 on my laptop. Decided to use KVM for my labs as opposed of using Virtualbox to keep inline with the Redhat exam objectives of configuring virtual machines using KVM.<br />
<br />
I already got Michael Jang's 6th edition book and all i can say that it was well written. Quite addicted to it actually.<br />
<br />
Still trying to enroll for RH300 to speed things up but the local training center cancelled the schedule 2 months in a row. They say that they might have the class in August. Not sure if i still need the class by that time.<br />
<br />
Oh well, halted for almost a month now.. need to pump up and get back to the labs...penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-67969415683031827052011-06-22T00:41:00.000-07:002011-07-15T10:02:31.409-07:00Encrypted Filesystem using LuksThis is a simple demostration of encrypting filesystem using luks<br />
<br />
1. cryptsetup luksFormat /dev/sdb1<br />
<br />
2. cryptsetup luksOpen /dev/sdb1 lukstest<br />
this will create /dev/mapper/lukstest<br />
<br />
3.edit /etc/crypttab<br />
lukstest /dev/sdb1 none luks<br />
Note: in Michael Jang's 6th edition book, it was not mentioned in chapter 6 to create /etc/crypttab file but it was included in the Lab exam answers. Without this file, system will not ask password when rebooted.<br />
<br />
4. mkfs.ext4 /dev/mapper/lukstest<br />
<br />
5. add an entry in /etc/fstab<br />
/dev/mapper/lukstest /mnt/lukstest ext4 defaults 0 0<br />
<br />
6. reboot the system, it should prompt for password to mount /mnt/lukstestpenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-88461469170689812342011-06-21T18:00:00.001-07:002011-06-21T18:00:57.249-07:00Accounts Managementuseradd <options> <username><br />
-b home dir<br />
-c comment<br />
-e expire date yyyy-mm-dd<br />
-m creates home dir for new user<br />
-r system account<br />
-s shell<br />
-u UID<br />
<br />
usermod <options> <username><br />
-c comment<br />
-d home dir<br />
-g primary group<br />
-G secondary group<br />
-l new login name<br />
-L locks user<br />
-s shell<br />
-u uid<br />
-U unlock user<br />
<br />
passwd <options> <username><br />
-L locks user<br />
-U unlock user<br />
-S status of passwrd<br />
<br />
chage <options><username><br />
-d indicates day password was changed<br />
-E expiration date yyyy-mm-dd<br />
-I change password inactive after password expires before account is locked<br />
-l show aging info<br />
-m min days<br />
-M max days<br />
-W warn days<br />
<br />
Note:<br />
account is locked when you see ! character at the start of the password in /etc/shadow<br />
<br />
groupadd <group name><br />
-r creates a system group<br />
-g GID<br />
<div><br />
</div>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-9869463165362850662011-06-19T21:15:00.001-07:002011-06-19T21:15:41.880-07:00File and directory permissionr 4<br />
w 2<br />
x 1<br />
<br />
extended attributes<br />
SUID 4<br />
SGID 2<br />
Stickybit 1<br />
<br />
to set suid<br />
chmod 4664 test<br />
<br />
to set sgid<br />
chmod 2664 test<br />
<br />
to set sticky bit<br />
chmod 1664 testr 4<br />
w 2<br />
x 1<br />
<br />
extended attributes<br />
SUID 4<br />
SGID 2<br />
Stickybit 1<br />
<br />
to set suid<br />
chmod 4664 test<br />
<br />
to set sgid<br />
chmod 2664 test<br />
<br />
to set sticky bit<br />
chmod 1664 testpenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-34311460354150573392011-06-17T23:57:00.000-07:002011-06-17T23:57:11.120-07:00CGI script in Apache/etc/httpd/conf/httpd.conf cgi config file can be found under ScriptAlias.<br />
<br />
<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: #efeff7; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: black; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"<br />
<br />
#<br />
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased<br />
# CGI directory exists, if you have that configured.<br />
#<br />
<directory "="" cgi-bin"="" var="" www=""><br />
AllowOverride None<br />
Options None<br />
Order allow,deny<br />
Allow from all<br />
</directory></div></blockquote><br />
We can create a simple cgi script by following this site : http://www.elated.com/articles/your-first-cgi-script/ and upload the script in /var/www/cgi-bin<br />
<br />
/var/www/cgi-bin/hello.cgi<br />
<br />
<br />
<blockquote>#!/usr/bin/perl<br />
print "Content-type: text/html\n\n";<br />
print <<END_HTML;<br />
<html><br />
<head></head><br />
<body>Hello, World!</body><br />
</html><br />
END_HTML</blockquote><br />
Add an execution permission on hello.cgi<br />
#chmod ugo+x /var/www/cgi-bin/hello.cgi<br />
<br />
Test the cgi script<br />
http://rhel02/cgi-bin/hello.cgipenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-67543176267114517032011-06-17T22:41:00.001-07:002011-06-17T22:41:20.639-07:00Ports to remember#########<br />
Ports to remember<br />
#########<br />
TCP<br />
80 http<br />
443 https<br />
22 ssh<br />
20 ftp-data<br />
21 ftp<br />
53 domain<br />
5901 vnc (depends on the settings of /etc/sysconfig/vncservers)<br />
<br />
UDP<br />
53 domainpenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-15503532254876486882011-06-16T18:37:00.001-07:002011-08-05T08:56:25.058-07:00Manage Security thru SelinuxCommands to remember<br />
<br />
sestatus show selinux status<br />
getenforce show enforcing status of selinux<br />
setenforce enforcing|permissive set status of selinux<br />
getsebool -a show the boolean value of the service<br />
setsebool -P set the the boolean value<br />
chcon - u(user) -r (role) -t (type) change context of a file<br />
chcon --reference=<dir> <dir_to_change_context> copy the context of the dir as referrence<br />
restorecon -F myfile restore file default file context<br />
<br />
User<br />
unconfined_u unprotected user<br />
system_u system user<br />
user_u normal user<br />
<br />
Role<br />
object_r file<br />
system_r users processes<br />
<br />
domain<br />
unconfined_r unprotected file or process<br />
<br />
Set enforcing and permissive modes for SELinux<br />
-thru configfile edit /etc/sysconfig/selinux<br />
-or use the command setenforce<br />
#setenforce Enforcing|Permissive<br />
<br />
List and identify SELinux file and process context<br />
- File<br />
ls -lZ<br />
<br />
-Process<br />
ps -eZ|grep <process name><br />
<br />
Restore default file contexts<br />
restorecon -F myfile<br />
chcon - u(user) -r (role) -t (type) change context of a file<br />
chcon --reference=<dir> <dir_to_change_context> copy the context of the dir as referrence<br />
<br />
Use boolean settings to modify system SELinux settings<br />
getsebool -a show the boolean value of the service<br />
setsebool -P <boolean>=1/0 set the the boolean value<br />
<br />
Diagnose and address routine SELinux policy violations<br />
<br />
To get man pages for a certain commands<br />
man -k _selinux <commands><br />
<br />
Description of the boolean<br />
semanage boolean -l #provided by the policycoreutils-python<br />
<br />
To survive a SELinux relabel<br />
ex: #semanage fcontext -a -s system_u -t httpd_sys_script_exec_t /var/www/cgi-binpenoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com2tag:blogger.com,1999:blog-5180343002973468556.post-43710323383837077742011-06-14T10:33:00.000-07:002011-06-14T10:33:42.204-07:00Using e2labelTo label a device<br />
e2label /dev/mapper/vg_mp3-lv_mp3 MP3Data<br />
<br />
To show the label<br />
blkid<br />
findfs LABEL=MP3Data<br />
e2label /dev/mapper/vg_mp3-lv<br />
<br />
To mount a labeled device<br />
mount -t ext4 LABEL=MP3Data /mp3_data<br />
<br />
On fstab<br />
<br />
LABEL=MP3Data /mp3_data ext4 defaults 0 0<br />
<div><br />
</div>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-78912358557561625192011-06-13T20:01:00.000-07:002011-06-13T20:01:12.935-07:00Fixing broken mbr in grubgrub > find /grub/grub.conf or grub> root<br />
grub> setup (hd0)penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-40951670427956965552011-06-11T01:30:00.000-07:002011-06-11T01:30:12.495-07:00Creating a Simple RPMCreate your simple script<br />
mkdir testrpm-1.0<br />
vi ~/testrpm-1.0/testrpm.sh<br />
<br />
<br />
#!/bin/bash<br />
#hello.sh<br />
echo 'this is a test rpm'<br />
exit 0<br />
<div><br />
</div><div>Install rpm build tools</div><div>yum install -y rpmlint rpmdevtools rpm-build</div><div><br />
</div><div>Create the rpmbuild directories as regular user</div><div>rpmdev-setuptree</div><div>This command will automatically create~/rpmbuild/{BUILD BUILDROOT RPMS SOURCES SPECS SRPMS} directories</div><div><br />
</div><div>Create the skeletal spec file </div><div>rpmdev-newspec -o testrpm.spec</div><div><br />
</div><div>edit testrpm.spec</div><div><div>Name: testrpm</div><div>Version: 1.0</div><div>Release: 1%{?dist}</div><div>Summary: testrpm</div><div><br />
</div><div>Group: Development/Tools</div><div>License: GPL</div><div>Source0: testrpm-1.0.tar.gz</div><div>BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}</div><div><br />
</div><div>%description</div><div>this is a test rpmpackage</div><div>%prep</div><div>%setup -q</div><div><br />
</div><div><br />
</div><div>%install</div><div>rm -rf $RPM_BUILD_ROOT</div><div>install -D testrpm.sh $RPM_BUILD_ROOT/opt/testrpm.sh</div><div><br />
</div><div>%clean</div><div>rm -rf $RPM_BUILD_ROOT</div><div><br />
</div><div><br />
</div><div>%files</div><div>%attr (770,root,root) /opt</div><div><br />
</div><div><br />
</div><div>%changelog</div></div><div><br />
</div><div>Build your rpm</div><div>rpmbuild -v -bb ~/SPECS/testrpm.spec</div><div><br />
</div><div>RPM package can be located under ~/rpmbuild/RPMS</div><div><br />
</div><div><br />
</div><div><br />
</div>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-26547875213293685842011-06-08T17:57:00.000-07:002011-06-08T17:58:05.840-07:00Creating SwapCreating swap thru disk partition<br />
<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# free -m<br />
total used free shared buffers cached<br />
Mem: 997 254 743 0 2 114<br />
-/+ buffers/cache: 137 859<br />
Swap: 2015 0 2015</div></blockquote><br />
Create the disk partition<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# parted /dev/sdb<br />
GNU Parted 2.1<br />
Using /dev/sdb<br />
Welcome to GNU Parted! Type 'help' to view a list of commands.<br />
(parted) mkpart<br />
Partition type? primary/extended? primary<br />
File system type? [ext2]? linux-swap<br />
Start? 0<br />
End? 200<br />
Warning: The resulting partition is not properly aligned for best performance.<br />
Ignore/Cancel? Ignore<br />
(parted) pr<br />
Model: VBOX HARDDISK (scsi)<br />
Disk /dev/sdb: 524MB<br />
Sector size (logical/physical): 512B/512B<br />
Partition Table: msdos<br />
<br />
Number Start End Size Type File system Flags<br />
1 512B 200MB 200MB primary linux-swap(v1)</div></blockquote><br />
Initialize the disk partion<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# mkswap /dev/sdb1<br />
Setting up swapspace version 1, size = 195308 KiB<br />
no label, UUID=364ca39e-dc67-4f8d-9790-e2715425d248</div></blockquote><br />
<br />
Add the newly created swap<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# swapon /dev/sdb1<br />
[root@rhel02 ~]# swapon -s<br />
Filename Type Size Used Priority<br />
/dev/dm-1 partition 2064376 0 -1<br />
/dev/sdb1 partition 195304 0 -2<br />
[root@rhel02 ~]# free -m<br />
total used free shared buffers cached<br />
Mem: 997 262 735 0 6 115<br />
-/+ buffers/cache: 140 856<br />
Swap: 2206 0 2206</div></blockquote><br />
<br />
Creating swap thru a swapfile(example 200mb of swapfile)<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# dd if=/dev/zero of=/tmp_swap/swapfile bs=1024 count=204800<br />
204800+0 records in<br />
204800+0 records out<br />
209715200 bytes (210 MB) copied, 29.5354 s, 7.1 MB/sd</div></blockquote><br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# mkswap /tmp_swap/swapfile<br />
mkswap: /tmp_swap/swapfile: warning: don't erase bootbits sectors<br />
on whole disk. Use -f to force.<br />
Setting up swapspace version 1, size = 204796 KiB<br />
no label, UUID=5d77de02-b28f-43a1-9410-fed6d05172c4d</div></blockquote><br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# swapon /tmp_swap/swapfile<br />
[root@rhel02 ~]# swapon -s<br />
Filename Type Size Used Priority<br />
/dev/dm-1 partition 2064376 0 -1<br />
/dev/sdb1 partition 195304 0 -2<br />
/tmp_swap/swapfile file 202288 0 -3<br />
[root@rhel02 ~]# free -m<br />
total used free shared buffers cached<br />
Mem: 997 491 505 0 11 315<br />
-/+ buffers/cache: 164 833<br />
Swap: 2404 0 2404</div></blockquote><br />
Remove swap<br />
<blockquote style="background-attachment: initial; background-clip: initial; background-color: black; background-image: initial; background-origin: initial; border-bottom-color: rgb(128, 176, 207); border-bottom-style: solid; border-bottom-width: 1px; border-top-color: rgb(128, 176, 207); border-top-style: solid; border-top-width: 1px; font-family: Courier, sans-serif; font-size: 12px; margin-bottom: 20px; margin-left: 15px; margin-right: 0px; margin-top: 12px; padding-bottom: 0px; padding-left: 10px; padding-right: 10px; padding-top: 10px; width: 600px;"><div style="color: white; letter-spacing: 0.04em; line-height: 15px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 15px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">[root@rhel02 ~]# swapoff /tmp_swap/swapfile<br />
[root@rhel02 ~]# swapoff /dev/sdb1<br />
[root@rhel02 ~]# swapon -s<br />
Filename Type Size Used Priority<br />
/dev/dm-1 partition 2064376 0 -</div></blockquote>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-58946100141068170862011-06-07T12:27:00.000-07:002011-06-08T18:30:10.480-07:00Creating and mounting filesystem ext2 ext3 ext4[root@rhel02 ~]# parted /dev/sdb<br />
GNU Parted 2.1<br />
Using /dev/sdb<br />
Welcome to GNU Parted! Type 'help' to view a list of commands.<br />
(parted) help<br />
align-check TYPE N check partition N for TYPE(min|opt) alignment<br />
check NUMBER do a simple check on the file system<br />
cp [FROM-DEVICE] FROM-NUMBER TO-NUMBER copy file system to another partition<br />
help [COMMAND] print general help, or help on COMMAND<br />
mklabel,mktable LABEL-TYPE create a new disklabel (partition table)<br />
mkfs NUMBER FS-TYPE make a FS-TYPE file system on partition NUMBER<br />
mkpart PART-TYPE [FS-TYPE] START END make a partition<br />
mkpartfs PART-TYPE FS-TYPE START END make a partition with a file system<br />
move NUMBER START END move partition NUMBER<br />
name NUMBER NAME name partition NUMBER as NAME<br />
print [devices|free|list,all|NUMBER] display the partition table, available devices, free space, all found partitions, or a particular partition<br />
quit exit program<br />
rescue START END rescue a lost partition near START and END<br />
resize NUMBER START END resize partition NUMBER and its file system<br />
rm NUMBER delete partition NUMBER<br />
select DEVICE choose the device to edit<br />
set NUMBER FLAG STATE change the FLAG on partition NUMBER<br />
toggle [NUMBER [FLAG]] toggle the state of FLAG on partition NUMBER<br />
unit UNIT set the default unit to UNIT<br />
version display the version number and copyright information of GNU Parted<br />
(parted) mkpart<br />
Partition type? primary/extended? primary<br />
File system type? [ext2]? ext2<br />
Start? 0<br />
End? 100<br />
Warning: The resulting partition is not properly aligned for best performance.<br />
Ignore/Cancel? Ignore<br />
(parted) pri<br />
Model: VBOX HARDDISK (scsi)<br />
Disk /dev/sdb: 524MB<br />
Sector size (logical/physical): 512B/512B<br />
Partition Table: msdos<br />
<br />
Number Start End Size Type File system Flags<br />
1 512B 100MB 100MB primary ext2<br />
<br />
(parted) quit<br />
Information: You may need to update /etc/fstab.<br />
<br />
[root@rhel02 ~]# partprobe /dev/sdb<br />
<div><br />
</div><div><br />
</div><div>Create the same way for /dev/sdc (ext3) and /dev/sdd (ext4)</div><div><br />
</div><div>To show the filesystem created</div><div><div>[root@rhel02 ~]# parted /dev/sdb print</div><div>Model: VBOX HARDDISK (scsi)</div><div>Disk /dev/sdb: 524MB</div><div>Sector size (logical/physical): 512B/512B</div><div>Partition Table: msdos</div><div><br />
</div><div>Number Start End Size Type File system Flags</div><div> 1 512B 100MB 100MB primary ext2</div><div><br />
</div><div>[root@rhel02 ~]# parted /dev/sdc print</div><div>Model: VBOX HARDDISK (scsi)</div><div>Disk /dev/sdc: 524MB</div><div>Sector size (logical/physical): 512B/512B</div><div>Partition Table: msdos</div><div><br />
</div><div>Number Start End Size Type File system Flags</div><div> 1 512B 100MB 100MB primary ext3</div><div><br />
</div><div>[root@rhel02 ~]# parted /dev/sdd print</div><div>Model: VBOX HARDDISK (scsi)</div><div>Disk /dev/sdd: 524MB</div><div>Sector size (logical/physical): 512B/512B</div><div>Partition Table: msdos</div><div><br />
</div><div>Number Start End Size Type File system Flags</div><div> 1 512B 100MB 100MB primary ext4</div></div><div><br />
</div><div><br />
</div><div>Alternative commands</div><div>mkfs.ext2 /dev/sdb1</div><div>mkfs.ext3 /dev/sdc1</div><div>mkfs.ext4 /dev/sdd1</div><div><br />
</div><div>Mounting</div><div>mount /dev/sdb1 /mnt</div><div>mount /dev/sdc1 /mnt2</div><div>mount /dev/sdd1 /mnt3</div><div><br />
</div><div>Creating partition using one liner<br />
<br />
[root@rhel02 ~]# parted /dev/sdc mkpart primary ext4 0 500<br />
<div><br />
</div></div>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-20103796340290900992011-06-07T11:53:00.000-07:002011-06-07T12:16:32.822-07:00RAIDParted<br />
<br />
<br />
To list disk<br />
<blockquote>parted -l |grep sd #sd-scsi disks</blockquote><br />
Use in command line<br />
<blockquote>parted <device> <command><br />
parted /dev/sdb print</blockquote><br />
<br />
Creating a raid5<br />
<br />
<blockquote>mdadm -Cv /dev/md0 --level=5 -n3 /dev/sdb1 /dev/sdc1 /dev/sdd1<br />
mdadm --detail /dev/md0</blockquote><br />
Use the command below to create a copy of the partition of an existing disk then format then use mdadm --add to the array.<br />
<blockquote>sfdisk -d /dev/<origin-disk> |sfdisk /dev/<destination-disk></blockquote>Example:<br />
<blockquote>sfdisk -d /dev/sda | sfdisk /dev/sdb</blockquote><br />
Fail a disk<br />
<blockquote>mdadm /dev/md0 -f /dev/sdb1</blockquote><br />
Remove a disk<br />
<blockquote>mdadm /dev/md0 -r /dev/sdb1</blockquote><br />
Add a disk<br />
<blockquote>mdadm /dev/md0 -a /dev/sdb1</blockquote><br />
Start md<br />
<blockquote>mdadm --assemble --scan</blockquote><br />
Saving mdadm config<br />
<blockquote>echo 'DEVICE /dev/sd*' > /etc/mdadm.conf<br />
mdadm --detail --scan >> /etc/mdadm.conf</blockquote><br />
Removing array<br />
<blockquote>mdadm -S /dev/md0 >> stop md<br />
mdadm --zero-superblock /dev/sdb1<br />
mdadm --zero-superblock /dev/sdc1<br />
mdadm --zero-superblock /dev/sdd1</blockquote>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0tag:blogger.com,1999:blog-5180343002973468556.post-42578801501795572252011-05-16T02:29:00.000-07:002011-07-08T19:38:55.982-07:00ACLrequired package:<br />
<blockquote>acl-2.2.49-4.el6.x86_64</blockquote><br />
Mount a filesystem to use ACL<br />
<blockquote>mount -t ext4 -o acl /dev/mapper/myvg-lvhome /home</blockquote><br />
Set the ACL<br />
<blockquote>setfacl -m u:chris:rwx /home/file1</blockquote><br />
Check ACL<br />
<blockquote>getfacl /home/file1</blockquote><br />
Remove ACL <br />
<blockquote>setfacl -x u:chris file1</blockquote>penoihttp://www.blogger.com/profile/12173802170831574471noreply@blogger.com0