Embedded Files
Faruque Ahmed : MCP, MCSA, MCSE, MCTS, MCIT, CCNA, OCA, OCP, GCP
linux configure-1
linux configure-1
Redhat -1
Suchipattro
1. Primary DNS Server Configure d Page: 2
2. Secondary DNS Server Configure d Page: 5
3. DHCP Server Configure Page: 7
4. Mail Server Configure d Page: 8
4(i). Web Mail Server and Web Mail password Configure Page:
5. Yum Server Configure d Page: 9
6. FTP Server Configure d Page: 10
7. RAID and LVM Configure d Page: 11, 16
8. User Quota d Page: 17
9. Web Server Configure d Page: 18
10. Proxy Server Configure d Page: 19
11. Virtual Domain Server Configure d Page: 20
12. Virtual Web Server Configure d Page: 21
13. Linux Router Configure Page: 22
14. Linux Router RIP Configure Page: 23
15. MRTG (Multi Routing Traffic Grapher) Configure Page: 24, 25
16. Linux Firewall Configure Page: 26, 27, 28
17. NFS Server Configure d Page: 29
18. SAMBA Server Configure d Page: 30
19. NIS Domain Configure Page: 31
20. SSH Configure Page: 32
21. Telnet Configure
22. Transparent Proxy Configure
23. Linux Internet Sharing Configure
Red Hat Enterprise Linux Essential
The world's leading open source application platform
On one certified platform, Red Hat Enterprise Linux offers your choice of:
Applications - Thousands of certified ISV (independent software vendor) applications
Deployment - Including standalone or virtual servers, cloud computing, or software appliances
Hardware - Wide range of platforms from the world's leading hardware vendors
This gives IT department's unprecedented levels of operational flexibility. And it gives independent software vendor (ISV) s unprecedented market reaches when delivering applications. Certify once, deploy anywhere. All while providing world-class performance, security, and stability. And unbeatable value. An ISV (independent software vendor) makes and sells software products that run on one or more computer hardware
Open Source
Open source refers to a program or software in which the source code is available to the general public for use and/or modification from its original design free of charge.
What is Linux?
Linux is an operating system, a software program that controls your computer. Most vendors load an operating system onto the hard drive of a PC before delivering the PC, so, unless the hard drive of your PC has failed, you may not understand the function of an operating system.
How Linux is Different
Linux is distinguished from many popular operating systems in three important ways.
Linux is a cross-platform operating system that runs on many computer models. Only Unix, an ancestor of Linux, rivals Linux in this respect.
Linux is free, in two senses. First, you may pay nothing to obtain and use Linux. On the other hand, you may choose to purchase Linux from a vendor who bundles Linux with special documentation or applications, or who provides technical support.
The origins of Linux
Linux traces its ancestry back to a mainframe operating system known as Multics (Multiplexed Information and Computing Service). Begun in 1965, Multics was one of the first multi-user computer systems and remains in use today. Bell Telephone Labs participated in the development of Multics, along with the Massachusetts Institute of Technology and General Electric.
The Linux kernel
By the early 1990s, the FSF had obtained or written all the major components of the GNU operating system except for one: the kernel. About that time, Linus Torvalds, a Finnish computer science student, began work on a kernel for a Unix-like system.
The X Window System
Another important component of Linux is its graphical user interface, the X Window System. Unix was originally a mouseless, text-based system that used noisy teletype machines rather than modern CRT monitors. The Unix command interface is very sophisticated and, even today, some power users prefer it to a point-and-click graphical environment, using their CRT monitor as though it were a noiseless teletype. Consequently, some remain unaware that Unix long ago outgrew its text-based childhood, and now provides users a choice of graphical or command interfaces.
The X Window System (or simply X) was developed as part of the Massachusetts Institute of Technology's (MIT) Project Athena, which it began in 1984.
X is a unique graphical user interface in two major respects. First, X integrates with a computer network, letting users access local and remote applications. For example, X lets you open a window that represents an application running on a remote server: the remote server does the heavy-duty computing; all your computer need do is pass the server your input and display the server's output.
Second, X lets you configure its look and feel to an amazing degree.
Linux distributions
Because Linux can be freely redistributed, you can obtain it in a variety of ways. Various individuals and organizations package Linux, often combining it with free or proprietary applications. Such a package that includes all the software you need to install and run Linux is called a Linux distribution.
Table 1.3: Popular Linux Distributions and Their Web Home Pages
Distribution Home Page
Caldera OpenLinux http://www.caldera.com/
Debian Linux http://www.debian.org/
Slackware Linux http://www.cdrom.com/titles/os/slackwar.htm/
Red Hat Linux http://www.redhat.com/
SuSE. Linux http://www.suse.com/
Minimum Hardware Requirements
Linux supports a wide range of PC hardware; but not even Linux supports every known device and system. Your PC must meet certain minimum requirements in order to run Linux. The following sections present these minimum requirements.
Central Processing Unit (CPU)
Linux does not support the Intel 286 and earlier processors. However, it fully supports the Intel 80386, 80486, Pentium, Pentium Pro, Pentium II, and Pentium III processors. Nevertheless, some users feel that their 80386 Linux systems respond sluggishly, particularly when running X. So, if you want optimum performance, you should install Linux on a PC having an 80486 processor or better.
Linux also supports non-Intel processors such as the Cyrix 6x86 and the AMD K5 and K6. Most Linux users have systems that use Intel chips; if your system uses a non-Intel chip, you may find it more difficult to resolve possible problems.
Motherboard
Linux supports the standard ISA, EISA, PCI, and VESA (VLB) system buses used on most IBM-compatible PCs. Linux recently gained support for IBM's MCA bus, used in IBM's PS/2 series of computers. However, at the time of this writing, Debian GNU/Linux does not yet support the MCA bus. If you have an IBM PS/2, you may be unable to install Debian GNU/Linux (check the Debian Project web site for the latest available information on support for the MCA bus).
Drives
An anonymous wag once quipped that one can never be too thin, too rich, or have too much hard disk space. Fortunately, Linux is not too hungry for disk space. To install and use Linux, you should have at least 250 MB of free hard disk space. (The minimum is about 100 MB, but installing Linux on a system with so little disk space will compel you to omit many useful applications and will leave you with little room to work.)
Table 2.1: Configuration Information Needed to Install Linux
Device Information needed
Hard Drive(s) The number, size, and type of each hard drive.Which hard drive is first, second, and so onWhich adapter type (IDE or SCSI) is used by each drive?For each IDE drive, whether or not the BIOS is set for LBA mode
RAM memory The amount of installed RAM
CD-ROM Drive(s) Which adapter type (IDE, SCSI, or other) is used by each driveFor each drive using a non-IDE, non-SCSI adapter, the make and model of the drive
SCSI Adapter (if any) The make and model of the card
Network Adapter (if any) The make and model of the card
Mouse The type (serial, PS/2, or bus)The protocol (Microsoft, Logitech, MouseMan, etc.)The number of buttonsFor a serial mouse, the serial port to which it's connected
Video Adapter The make and model of the cardThe amount of video RAM
Table 2.1: Hard Disk Information
virtual consoles uses at Linux Install time
Console Keystroke Contents
1 ALT-F1 The installation dialog.
2 ALT-F2 A shell prompt, which lets you enter commands to be processed by Linux.
3 ALT-F3 The installation status log, containing termination messages of launched programs.
4 ALT-F4 The installation log, containing messages from the install program.
*********************************************************************************************************************
Show Linux Version
[a] uname - Print kernel and system information.
$ uname -r
$ uname -mrs
$ uname -a
[b] lsb_release - Print distribution-specific information.
$ lsb_release -a
[c] /proc/version file - Print running kernel information
$ cat /proc/version
$ cat /etc/*release
OR
$ lsb_release -a
[root@ns1 ~]# vim /etc/bashrc
# /etc/bashrc
alias c='clear'
alias p='poweroff -f'
alias r='reboot'
cal
:x
LAN IP SETTING
[root@ns1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.20.1
NETMASK=255.255.255.0
:x
WAN IP SETTING
[root@ns1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=static
IPADDR=203.190.33.206
NETMASK=255.255.255.248
GATEWAY=203.190.33.205
:x
-----------------------CentOS/Redhat 6+ ------------------------------------
LAN
[root@mail network-scripts]# vi ifcfg-eth0
DEVICE=eth0
HWADDR=6c:3b:e5:32:59:90
TYPE=Ethernet
UUID=32c5553f-07e0-4784-988a-9404813380a4
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
USERCTL=no
IPV6INIT=no
IPADDR=192.168.19.254
NETMASK=255.255.255.0
-------
WAN
DEVICE=eth1
HWADDR=cc:b2:55:ba:c0:66
TYPE=Ethernet
UUID=cd57fc3a-9623-49d5-8778-2c0f6b42c893
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPV6INIT=no
USERCTL=no
IPADDR=203.82.197.42
NETMASK=255.255.255.248
DNS2=202.22.200.44
GATEWAY=203.82.197.41
DNS1=202.22.192.9
--------------------------------------------------------------------------------
RPM INSTALL
# rpm -qa sendmail*
# rpm-qa netconfig
FOR vim
vim-common
vim-enhanced
vim-minimal
vim-X11
------------------------------
HOST NAME
#hostname ns1
crl+D
#vim /etc/sysconfig/network
network=yes
hostname=ns1.pcs.bd
#setup
Check and Configure the Network Card:
[root@ns1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
#Broadcom Corporation Net link BCM57875 Gigabyte Ethernet PCI Express
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0C:29: EB: B2: CA
ONBOOT=yes
TYPE=Ethernet
PEERDNS=no
USERCTL=no
IPV6INIT=no
IPADDR=192.168.20.1
NETMASK=255.255.255.0
NETWORK=192.168.20.0
BROADCAST=192.168.20.255
After changing you have to reload/restart the NIC(eth0) card by following command:
[root@ns1 ~]# ifdown eth0
[root@ns1 ~]# ifup eth0
[root@ns1 ~]# service network restart
After complete the NIC configure you have to change the host name by following this command:
[root@ns1 ~]# vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=ns1
Now Edit hosts file for host name resolution by following this command:
[root@ns1 ~]# vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
210.207.201.1 ns1.alphabd.net ns1
VIM-Text EDIT
set nu [ Line number ]
15 shift g: 15th line
1 shift g: 1st line
shift g: last line
Copy
yy = 1 Line copy
5yy = 5 line copied
p = past
u = undo
ctl+r = redo
Delete
dd = 1 line delete
3dd = 3 line delete
dw= 1 word delete
Search
/(key word)
/n = next
/N = previous
Replace
%s/world.bd/pcs.bd/g
TAR/ZIP
VMwareTools-9.9.0.2304977.tar.gz
$ cd ~/Desktop/
$ tar -xvf VMwareTools [TAB]
$ cd vmware-tools [TAB]
$ ls
$ ./vmware-install.pl
$ ls /mnt/hgfs
$ share folder [ show share folder]
$ ln -s /mnt/hgfs/share folder/ ~/Desktop/share folder [create Desktop shortcut]
oracle.ZIP
# unzip file name
# ls
# pwd [present directory]
# whoami [ show user]
# exit
$ cd /uo1/soft/database/
$ ./runinstaller
RPM install
# rpm -qa vsftpd
# cd /
# ls
# cd media/RHEL_6.0[TAB]\i386\Disk\1/Packages/
# ls | less [ page view]
# rpm -i vsftp [TAB]
# service vsftpd restart
# rpm -qa vsftpd
# rpm -qa | grep -i vsftpd [You should then find the exact package name]
# rpm - e vsftpd [ RPM remove]
CD Copy
# cp -ivr /media/RHEL_6.0[TAB]\i386\Disk\1/* /var/ftp/pub/
Mail ProbleM
#mailq [show Q mail]
#postsuper -d All [mail Q Delete]
#tail -f /var/log/maillog
#cat /var/log/maillog
Log
#tail -f /var/log/messages
Red hat Linux Essential Commands
Login process as a root user:
ns1 login: root
Passwd: redhat
[root@ns1~]#
Or Login process as a normal user:
ns1 login: u1
Passwd: redlinux
[u1@ns1~]$
[root@ns1~]# ls [Viewed file/folder]
[root@ns1~]# ls -l
[root@ns1~]# ls -la
[root@ns1~]# ls -l /home
[root@ns1~]# ls -ld /var/named/
[root@ns1~]# cd /var/named [Directory will change]
[root@ns1 named]#
[root@ns1 named]# cd ..
[root@ns1~]# cd /
[root@ns1 /]# cd
[root@ns1~]# cd - [To go previous working directory]
User Create & delete command:
[root@ns1 ~]# useradd u1
Or [root@ns1 ~]# adduser u2
[root@ns1 ~]# userdel -rf u1
Password Change command:
[root@ns1 ~]# passwd [for root user password change]
[root@ns1 ~]# passwd u1 [for normal user password change]
Mail user
add user -s /bin/false u1 [u1 only mail use
# system-configure-user
Linux Directory Structure
The Linux Filesystem Hierarchy/ Root|---root The home directory for the root user|---home Contains the user's home directories| |----ftp Users include many services as listed here| |----httpd| |----samba|---bin Commands needed during bootup that might be needed by normal users|---sbin Like bin but commands are not intended for normal users.|---proc This filesystem is not on a disk. |---usr Contains all commands, libraries, man pages, games and static files for normal | | operation.| |----bin Almost all user commands. some commands are in /bin or /usr/local/bin.| |----sbin System admin commands not needed on the root filesystem. | | programs.| |----include Header files for the C programming language. Should be below /user/lib for| | consistency.| |----lib Unchanging data files for programs and subsystems| |----local The place for locally installed software and other files.| |----man Manual pages| |----info Info documents| |----doc Documentation for various packages| |----tmp| |----X11R6 The X windows system files. There is a directory similar to usr| | directory.| |----X386 Like X11R6 but for X11 release 5|---boot Files used by the bootstrap loader, LILO. Kernel images are often kept here.|---lib Shared libraries needed by the programs on the root filesystem| |----modules Loadable kernel modules, especially those needed to boot the system after| disasters.|---dev Device files for devices such as disk drives, serial ports, etc.|---etc Configuration files specific to the machine.| |----skel When a home directory is created it is initialized with files from this directory| |----sysconfig Files that configure the linux system for networking, keyboard, time, and more.|---var Contains files that change for mail, news, printers log files, man pages, temp files| |----file| |----lib Files that change while the system is running normally| |----local Variable data for programs installed in /usr/local.| |----lock Lock files. Used by a program to indicate it is using a particular device or file| |----log Log files from programs such as login and syslog which logs all logins,| | logouts, and other system messages.| |----run Files that contain information about the system that is valid until the system is| | next booted| |----spool Directories for mail, printer spools, news and other spooled work.| |----tmp Temporary files that are large or need to exist for longer than they should in| | /tmp.| |----catman A cache for man pages that are formatted on demand|---mnt Mount points for temporary mounts by the system administrator.|---tmp Temporary files. Programs running after bootup should use /var/tmp.|----lost+found Remove file will store in here.|----Opt
Normal Command used in Linux-------------------------------------------------------------------
[root@ns1 ~]# date [Showing date & time]
[root@ns1 ~]# pwd [Showing present working directory]
[root@ns1 ~]# uname -r [Showing Linux Kernel Version]
[root@ns1 ~]# swichdesk kde [Switching to KDE Desktop if stay install]
Creating a Directory:
[root@ns1 ~]# mkdir soft [Create a directory into /root]
[root@ns1 ~]# mkdir /data [Create a directory into /]
[root@ns1 ~]# mkdir -p /Server/software/Data [Create a directory in between subdirectory]
Creating a file:
[root@ns1 ~]# touch f1 [Create a file into /root]
[root@ns1 ~]# touch /data/f2 [Create a file into /data/]
Remove file and directory:
[root@ns1 ~]# rm -rf soft [Remove file/folder]
[root@ns1 ~]# rm -rf /data/f2
Copy file and folder:
[root@ns1 ~]# cp /data/f2 /root/soft [Copy file/folder]
[root@ns1 ~]# cp /data/f2 /root/soft/f3 [Copy and Rename file/folder]
File/folder Moving and Renaming:
[root@ns1 ~]# mv f1 /data/f4 [Moving and Renaming]
[root@ns1 ~]# mv -r f1 /data/f4
User logout command:
[root@ns1 ~]# logout
[root@ns1 ~]# ctrl+d
[root@ns1 ~]# exit
Computer Shutdown Command:
[root@ns1 ~]# shutdown -h now
[root@ns1 ~]# init 0
[root@ns1 ~]# p [If staying alias]
Computer Reboot Command:
[root@ns1 ~]# reboot
[root@ns1 ~]# init 6
[root@ns1 ~]# r [If staying alias]
[root@ns1 ~]# ctrl+alt+del
User, Group and Permission--------------------------------------------------------------
[root@ns1 ~]# useradd u2 [User Create]
[root@ns1 ~]# passwd u2 [Password Change]
[root@ns1 ~]# groupadd arkgroup [Group Create]
[root@ns1 ~]# useradd u3 -G arkgroup [User Create and insert into a Group
[root@ns1 ~]# gpasswd -M u1,u2 arkgroup [Insert multi User into a Group]
[root@ns1 ~]# cat /etc/passwd [Showing User information]
u1:x:500:500::/home/u1:/bin/bash
/bin/nologon [ Logon inactive]
[root@ns1 ~]# cat /etc/group [Showing Group information]
arkgroup:x:506:u1,u2,u3
[root@ns1 ~]# ls -l
-rw- -wx -w- 1 root root 1468 25 Dec 3:42 soft
Type of Files:
d [Means Directory]
l [Means Link file]
b [Means Block devices]
c [Means Character devices]
- [Means Regular file]
Changing File/Directory Permission:
[root@ns1 ~]# ls -l
-rw------- 1 root root 971 Jul 9 03:39 anaconda-ks.cfg
drwxr-xr-x 3 root root 4096 Sep 20 18:22 Desktop
-rwxr-xr-x 1 root root 51 Sep 19 08:40 f2.sh
-rw-r--r-- 1 root root 58 Sep 19 08:45 f3.sh
-rw-r--r-- 1 u1 root 0 Jul 29 03:27 lintext
drwx------ 2 root root 4096 Oct 5 04:40 Mail
lrwxrwxrwx 1 root root 10 Oct 21 22:14 myfilelink.txt -> myfile.txt
-rw-r--r-- 2 root u1 10 Oct 21 22:11 myfile.txt
-rw-r--r2 u1 u1 10 Oct 21 22:11 myhardlink.txt
[root@ns1 ~]# ls -ld /data/
drwxr-xr-x 2 root root 4096 Dec 30 19:42 /data/
[root@ns1 ~]# chmod 766 /data
[root@ns1 ~]# ls -ld /data/
drwxrw-rw- 2 root root 4096 Dec 30 19:50 /data/
[root@ns1 ~]#
Permission Chart below:
Symbol Meaning
0 No Permission (rwx Deny)
1 x Permission (rw Deny)
2 w Permission (Usually not use) (xr Deny)
3 rw Permission (Usually not use) (x Deny)
4 r Permission (wx Deny)
5 rw Permission (Use for folder) (w Deny)
6 wr Permission (x Deny)
7 (All Permission)
user
[root@ns1 ~]# setfacl -m u:u1:rwx /var/test [Folder all permisson]
setfacl -m u:u1:--- /var/test [ No permisson]
setfacl -m u:u1:r-- /var/test [ Red permisson]
Group
[root@ns1 ~]# setfacl -m g:g1:rwx /var/test [Folder all permisson]
'' :--- /var/test [ No permisson]
[root@ns1 ~]# chmod 756 /data [Change Permission for /data folder]
[root@ns1 ~]# chmod 744 /data
[root@ns1 ~]# chmod 777 /data
[root@ns1 ~]# chown u1 /data [Change Owner for /data folder]
[root@ns1 ~]# chown root /data/f1
[root@ns1 ~]# chgrp root /data
[root@ns1 ~]# chgrp u1 /data [Change Group for /data folder]
[root@ns1 ~]# chgrp sysadmin /data/f1
*********************************************************************************************
How to Repair your Linux OS Grub------------------------------------------------------------
Steps: Insert CD Restart PC will come linux install mode Write (linux rescue) & Press Enter
OK OK (Message will show write it) Continue OK
[bash-3-0]# chroot /mnt/sysimage
[bash-3-0]# vim /etc/grub.conf
title Red Hat Enterprise Linux Server (2.6.18-8.el5)
root (hd0,6) [See this line and note it and go out from file without save]
kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/ dhaka rhgb quiet
initrd /initrd-2.6.18-8.el5.img
title Other
rootnoverify (hd0,0)
chainloader +1
:q!
[bash-3-0]# grub
grub> root (hd0,6)
grub> setup (hd0)
grub>quit
[bash-3-0]# exit
[bash-3-0]# exit [PC will restart and you will see your grub]
Mount temporary for Cd and############################################################### Pendrive----------------------------------------------------------------
[root@ns1 ~]# mount /dev/cdrom /mnt [Mounting command]
[root@ns1 ~]# ls -l /mnt/Server
[root@ns1 ~]# umount /mnt [Unmount]
[root@ns1 ~]# eject [Eject Cd tray]
[root@ns1 ~]# eject -t [Insert Cd tray]
[root@ns1 ~]# mount /dev/sdb1 /mnt [Pendrive mounting]
[root@ns1 ~]# ls -l /mnt
Auto Mounting for Cdrom and Pendrive
[root@ns1 ~]# vim /etc/fstab
/dev/sda6 /mnt auto defaults 0 0
/dev/sdb1 /media vfat defaults 0 0
:x
dump_freq: Level 0 dump frequency: 1=daily, 2=every other day, 0= neverdump
fsck_order: 0=ignore, 1=first (the root file system should have this value)
[root@ns1 ~]# mount -a [Refresh mount]
[root@ns1 ~]# ls -l /mnt
Setting UID, GUID and Sticky Bit
[root@ns1 ~]# mkdir /data [Create a directory]
[root@ns1 ~]# stat /data [Showing directory information]
[root@ns1 ~]# groupadd pcsgroup [Create pcsgroup]
[root@ns1 ~]# useradd john -G pcsgroup [Insert a user into group]
[root@ns1 ~]# useradd jane -G pcsgroup
[root@ns1 ~]# chgrp pcsgroup /data/ [Change group name]
[root@ns1 ~]# chmod 2070 /data/ [Apply group ID that can't change any user]
[root@ns1 ~]# su - u1 [User switch]
[u1@ns1 ~]$ cd /data/
[u1@ns1 ~]$ ls -l
[u1@ns1 ~]$ touch f1
[u1@ns1 ~]$ stat f1
Sticky Bit:
[root@ns1 ~]# mkdir /data [Create a directory]
[root@ns1 ~]# stat /data [Showing directory information]
[root@ns1 ~]# groupadd pcsgroup [Create pcsgroup]
[root@ns1 ~]# useradd john -G pcsgroup [Insert a user into group]
[root@ns1 ~]# useradd jane -G pcsgroup
[root@ns1 ~]# chgrp pcsgroup /data/ [Change group name]
[root@ns1 ~]# chmod 3070 /data/ [Apply sticky bit that can't delete any user]
[root@ns1 ~]# su - u1 [User switch]
[u1@ns1 ~]$ cd /data/
[u1@ns1 ~]$ ls -l
[u1@ns1 ~]$ touch f1
[u1@ns1 ~]$ stat f1
[u1@ns1 ~]$ rm -r f1 [file can't remove]
Switching User (SU):
[root@ns1 ~]# su - u1
[u1@ns1 ~]$ touch f1
[u1@ns1 ~]$ ls -ld f1
[u1@ns1 ~]$exit or ctrl+d [for logout user]
Introducing to String Proces:
head: Display first few lines (default: 10 lines) of the files
[root@ns1 ~]# head /etc/passwd
here we will see some files nearly 10 lines
[root@ns1 ~]# head -n 20 /etc/passwd
tail: Display last few lines (default: 10 lines) of the files
[root@ns1 ~]# tail -f /var/log/message
[root@ns1 ~]# tail -f -n /var/log/message
here we will see some files nearly 10 lines
sort: Sort is used to sort text data, this data can be in a file. Sort is often used with pipes as in the example below.
[root@ns1 ~]# grep bash /etc/passwd | sort
grep: grep (General Regular Expression Processor), display the lines in a file that match pattern.
[root@ns1 ~]# ps -aux | grep 'init'
[root@ns1 ~]# rpm -qa | grep bind
diff: Compares two files for difference
[root@ns1 ~]# diff /etc/passwd /etc/group
> Indicates line in first file
< Indicates line in second file
http://oreilly.com/catalog/debian/chapter/book/ch02_03.html
#####################################################################################
SUDO
#useradd info
#passwd info
#rpm -qa visudo
#yum install visudo
#visudo
Last line you will write
info ALL=/usr/sbin/useradd, /urs/bin/passwd, /sbin/shutdown
:x
#vim /home/info/.bash_profile
PATH=.:/usr/local/bin:/usr/sbin:/urs/bin:/sbin
:x
########################################################################
RAID Configure----------------------------------------------------------------------------
Step:1
#fdisk -l [Show partition]
#fdisk /dev/sda
press m for help:m
:n
:enter
:+500M
:p [show partition]
:l [showing partition id]
:t [t for system id type]
Partition number(1-11):10
:fd [for raid partition]
:t
Partition number(1-11):10
:fd [for raid partition]
:p [show partition]
:w [for save partition]
#partprob /dev/sda [for knowing to kernel]
Step-2:
#mdadm -C /dev/md0 -l 0 -n 2 /dev/hda{10, 11} [doing raid]
#mkfs.ext3 /dev/md0 [for formatting raid partition]
#cat /proc/mdstat [Showing Raid Partition]
#mdadm --detail /dev/md0 [Showing raid details]
#mount /dev/md0 /mnt [Mount]
#cd /mnt
#mkdir data
#touch /mnt/data/raidfile
Etc
LVM Configure
Step:1
#fdisk -l [Show partition]
#fdisk /dev/sda
press m for help:m
:n
:enter
:+500M
:t [t for system id type]
:11
:l [showing partition id]
:8e [LVM system id]
:p [show partition]
:w [save]
#partprobe /dev/sda
Step:2
#pvcreate /dev/sda{11,12} [create physical volume (PV)]
#pvdisplay [display pv]
#vgcreate vg0 /dev/sda{11,12} [create volume group (VG)]
#vgdisplay [display vg]
#lvcreate -L 800M -n lv0 vg0 [create logical volume (LV)]
#lvdisplay [display lv]
#mkfs.ext3 /dev/vg0/lv0
#mount /dev/vg0/lv0 /mnt
#mount -a
#df -h
Permanent Mount------------------------------------------------------------------------------
#vim /etc/fstab
device mount_ point fs_type options dump_freq fsck_order
/dev/vg0/lv0 /mnt ext3 defaults 0 0
:x
device-- The special device file name
mount_pint-- Path used to access the filesystem
fs_type-- Filesystem type
option-- mount option
dump_freq-- Level 0 dump frequency: 1=daily, 2=every otherday, 0=never dump
fsck_order -- 0=ignore, 1= fist (root file system should have the value), 2-9= second, third etc
Quota----------------------------------------------------------------------------------------
User use fix space is called Quota
#vim /etc/fstab
device mount_ point fs_type options dump_freq fsck_order
LEBLE=/home /home ext3 quota 0 0
:x
#touch /home/xyz
#mount o (I) remount /home
#quotacheck c /home
#quotaon /home
#edquota info [whose user will get quota]
filesystem block soft hard inodes soft hard
/dev/hda 92 30 60 11 0 0
:x
#logout [Then login again]
$dd if=/dev/zero of=aa bs=1M count=400 [should work file]
$dd if=/dev/zero of=aa bs=1M count=500 [warning user block quota exceeded]
$dd if=/dev/zero of=aa bs=1M count=1000 [write failed user block limit reached]
$vim dhaka
: x [Fail will show because file size exceeded]
Ok
############################################################################################
LVM
[root@ns2 ~]# fdisk /dev/hda
The number of cylinders for this disk is set to 4865.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Command (m for help): n
First cylinder (2325-4865, default 2325):
Using default value 2325
Last cylinder or +size or +sizeM or +sizeK (2325-4865, default 4865): +50M
Command (m for help): p
Command (m for help): l
Command (m for help): t
Partition number (1-8): 8
Hex code (type L to list codes): 8e
Command (m for help): w
#partprob /dev/hda
Raid Configure
Command (m for help): n
First cylinder (2325-4865, default 2325):
Using default value 2325
Last cylinder or +size or +sizeM or +sizeK (2325-4865, default 4865): +50M
Command (m for help): n
First cylinder (2332-4865, default 2332):
Using default value 2332
Last cylinder or +size or +sizeM or +sizeK (2332-4865, default 4865): +50M
Command (m for help): t
Partition number (1-10): 10
Hex code (type L to list codes): fd
Changed system type of partition 10 to fd (Linux raid autodetect)
Command (m for help): t
Partition number (1-10): 9
Hex code (type L to list codes): fd
Changed system type of partition 9 to fd (Linux raid autodetect)
Command (m for help): w
###########################################################################################
FTP Server Configure
#rpm -qa vsftpd*
#rpm -qa ftp
#vim /etc/vsftpd/vsftpd.conf
Here # will omitted by following line
Line No Changes
46 # erase
47 chown_username=daemon
117 anon_umask=YES
:x
#getsebool -a | grep ftp
Here allow_ftpd_full_access line 2 will copy then paste it bellows
#setsebool -P allow_ftpd_full_access on
#service vsftpd restart
#service vsftpd restart
#elinks
ftp://192.168.20.1
[check your ftp server is ok or not by text mode]
Here you will see incoming and pub folder, incoming used to upload and pub will used for download
NB: FTP server if want to get graphical mode please do that, do CNAME (Alias) ftp in forward zone
#vim /var/named/chroot/var/named/f.zone
ftp IN CNAME ns1
:x
#service named restart
#service vsftpd restart
#chkconfig vsftpd on
#chkconfig named on
Open Internet Explorer wirte ftp://ftp.world.net
###########################################################################################
Yum Server for Redhat Enterprise Linux 5
Server Side Configure
#rpm -qa vsftpd*
# rpm -qa httpd*
#rpm -qa createrepo*
#rpm -ivh vsftpd
#rpm -ivh createrepo
# cp all DVD/CD under /var/ftp/pub/Server
#createrepo -v /var/ftp/pub/Server
(i) Here Repodata and support need file will create which will need for YUM Installation
(ii) If give .olddata error message just delete it
(iii) Deleting Command #rm -rf /var/ftp/pub/Server/.olddata
YUM Server has complete
YUM Client PC Configure
#vim /etc/yum.repos.d/yumserver.repo
[client]
name= Yum Server
baseurl=ftp://172.24.0.254/pub/Server
enabled=1
gpgcheck=0
:x
YUM Installation
#yum install bind*
#yum install vsftpd*
#service vsftpd restart
#chkconfig vsftpd on
YUM Delete
#yum remove bind
Then press Y
#yum remove netconfig
#yum update dialog
yum groupremove group
yum remove @group
~]# yum groupremove "KDE Desktop" ~]# yum groupremove kde-desktop ~]# yum remove @kde-desktop
Note: If yum do problem properly configure your ftp server then yum server will work smoothly
##########################################################################################
DNS Configure for LINUX Enterprise 5
Step-1:
#rpm -qa |grep bind*
#rpm -qa |grep bind-utils
#rpm -qa |grep bind-chroot
#rpm -qa |grep caching-nameserver
#yum install bind*
#yum install bind-chroot
#yum install caching-nameserver
#cp /etc/named.caching-nameserver.conf /var/named/chroot/etc/named.conf
See the ownership#ll /var/named/chroot/etc/named.conf
Change Ownership#chgrp named /var/named/chroot/etc/named.conf
#vim /var/named/chroot/etc/named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.20.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { localhost; 192.168.20.0/24; };
};
//logging {
// channel default_debug {
// file "data/named.run";
// severity dynamic;
// };
//};
//view localhost_resolver {
// match-clients { localhost; };
// match-destinations { localhost; };
// recursion yes;
include "/etc/named.rfc1912.zones";
//};
NB:copy 2 Zone file from #vim /etc/named.rfc1952.zones open it different console
zone "world.net" IN {
type master;
file "f.zone";
allow-update { none; };
};
zone "20.168.192.in-addr.arpa" IN {
type master;
file "r.zone";
allow-update { none; };
};
:X
Step-2:
#cp /var/named/localhost.zone /var/named/chroot/var/named/f.zone
#cp /var/named/named.local /var/named/chroot/var/named/r.zone
See ownership #ll /var/named/chroot/var/named/f.zone
See ownership #ll /var/named/chroot/var/named/r.zone
Change Ownership #chgrp named /var/named/chroot/var/named/f.zone
Change Ownership #chgrp named /var/named/chroot/var/named/r.zone
#vim /var/named/chroot/var/named/f.zone
$TTL 86400
@ IN SOA ns1.world.net. root.world.net. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS ns1.world.net.
ns1 IN A 192.168.20.40
mail IN A 192.168.20.40
@ IN MX 10 mail.world.net.
world.net. IN MX 10 mail.world.net.
www IN CNAME ns1
ftp IN CNAME ns1
:x
# named-checkzone world.net /var/named/chroot/var/named/f.zone
Here will show OK
Step-3:
#vim /var/named/chroot/var/named/r.zone
$TTL 86400
@ IN SOA ns1.world.net. root.world.net. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
@ IN NS ns1.world.net.
40 IN PTR ns1.world.net.
40 IN PTR mail.world.net.
40 IN PTR www.world.net.
:x
# named-checkzone world.net /var/named/chroot/var/named/r.zone
#vi /etc/resolve.conf
search world.net
nameserver 192.168.20.40
:x
#service network restart
#service named restart
#dig world.net
Here No ERROR will show.
#tail -f /var/log/message
Here Named Running will show
END
###########################################################################################
Secondary DNS Configure for LINUX Enterprise 5
#vim /var/named/chroot/etc/named.conf
options {
listen-on port 53 { 127.0.0.1; 192.168.20.40; 192.168.20.2; };
listen-on-v6 port 53 { ::1; };
Step-1: This configure will be server pc
zone "world.net" IN {
type master;
file "f.zone";
allow-update { 192.168.20.2; };
};
zone "20.168.192.in-addr.arpa" IN {
type master;
file "r.zone";
allow-update { 192.168.20.2; };
};
NB: This ip will be Secondary/client pcs ip
Step-2:
This configure will be secondary pcs
#vim /var/named/chroot/etc/named.conf
options {
listen-on port 53 { 127.0.0.1; 192.168.20.40; 192.168.20.2; };
listen-on-v6 port 53 { ::1; };
zone "world.net" IN {
type slave;
file "slaves/f.zone";
masters {192.168.20.1; };
//allow-update { none; };
};
zone "20.168.192.in-addr.arpa" IN {
type slave;
file " slaves/r.zone";
masters {192.168.20.1; };
//allow-update { none; };
};
:x
Step-3:
#vi /etc/resolve.conf
search world.net
nameserver 192.168.20.1
nameserver 192.168.20.2
:x
#service network restart
#killall named
#service named restart
Zone file Checking that zone file transferring or not on Secondary pcs
#cd /var/named/chroot/var/named/slave
#rm -rf *
#service named restart
#ls [here we will see that f.zone and r.zone file will come]
If Fail we will do Trouble Shoot
#chmod g+w /var/named/
#setup
[here firewall will do disable]
#service iptables stop
#service named restart
Secondary Zone do checking
#ifdown eth0
#ifup eth0
#service network restart
#vi /etc/resolve.conf
search world.net
nameserver 192.168.20.1
nameserver 192.168.20.2
:x
#service network restart
#service named restart
#ping 192.168.20.1
#dig world.net
[Here we will see NOERROR
#ping ns1.world.net
################################################################################################3
DHCP SERVER for Enterprise Linux 5
#rpm -qa dhcp*
#yum install dhcp*
#cp /usr/share/doc/dhcp-3.0.5/dhcpd.sample.conf /etc/dhcpd.conf
#vim /etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 192.168.20.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.20.1;
option subnet-mask 255.255.255.0;
option nis-domain "domain.org";
option domain-name "pcs.bd";
option domain-name-servers 192.168.20.1;
option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.20.1;
# option netbios-name-servers 192.168.20.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.20.10 192.168.20.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns1 {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
ost ns2 {
hardware ethernet 00:05:5D:4A:52:38;
fixed-address 192.168.20.200;
}
}
:x
#service dhcpd restart
Client Configure
#netconfig
[*] dhcp enables
#service dhdcpd restart
#############################################################################################
Mail Server Configure(Linux) with Sendmail
#rpm qa sendmail*
#vim /etc/mail/sendmail.mc
Here 116 number line will block by dnl befor DEMON_OPTION
:x
#m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
#vim /etc/mail/local-host-names
world.net
mail.world.net
192.168.20.40
:x
http://www.linuxweblog.com/sendmail-accessdb-example
#vim /etc/mail/access
world.net RELAY
mail.world.net RELAY
192.168.20.40 RELAY
info@adult.net RELAY
bdjobs.com REJECT
From:spammer@some.dom REJECT To:friend.domain RELAY Connect:friend.domain OK Connect:from.domain RELAY From:good@another.dom OK From:another.dom REJECT
:x
#makemap hash /etc/mail/access.db < /etc/mail/access
# service sendmail restart
---------------------------
#vim /etc/aliases
write it last line of the file
alice: acctmgr itmgr
:x
NB: Those who want to copied a mail only for his
-----------------------------
#newaliases
postfix
yum install postfix*
#cd /etc/postfix
#touch test
# cp test main.cf
#vim /etc/postfix/main.cf
inet_interfaces=all
myhostname=ns1.pcs.com
mydomain=pcs.com
myorigin=pcs.com
mydestination=$myhostname, $myorigin, $mydomain
mynetworks=192.168.20.0/24, 127.0.0.0/8
:x
# /etc/init.d/postfix restart
#chkconfig postfix on
dovecot
#rpm qa dovecot*
#yum install dovecot*
#vim /etc/dovecot.conf
protocols= imap imaps pop3 pop3s [ 17 line remove #]
listen = * [ 28 line remove #]
login_greeting= MAIL [ 164 line remove #]
:x
#service named restart
#service sendmail restart
#service dovecot restart
#dig world.net mx | grep "MX"
#chkconfig sendmail on
#chkconfig dovecot on
For Sending mail from root user
#mail -v info@world.net
Subject: Test mail
This is test mail only. cc: just press enter mail will go
check mail
yum install telnet
xinetd
#telnet 192.168.0.1 110
'' mail.world.bd 110
user
password
OR
yum install mutt*
#mutt u1@ns1.pcs.com
y
enter
subject then :x
y
su - u1
mutt
y
q
#mutt -f {u1@192.168.0.1}
Mail Reading from Client PC
#telnet mail.world.net 110 user info
pass Open123 list
top 2 5
Here you can read 2 number message and before 5 number line
and also see the mail from Outlook Express or Eudora Software
OR#yum install mutt
#mutt -f {info@192.168.10.1}
Select and enter to read
#########################################################################################
Web mail Configure for Enterprise Linux 5
Installing Squirrelmail
#rpm -qa |grep squirrelmail
#rpm -ivh squirrelmail
Or #yum install squirrelmail
Now you need to make a symbolic link between you document root and Squirrelmail file. Squirrelmail stays in /usr/share/squirrelmail after install. Make a symbolic link of the /usr/share/squirrelmail to /var/www/html/webmail
#ln -s /usr/share/squirrelmail /var/www/html/webmail
#cd /var/www/html/webmail/config/
#./conf.pl
Passwd: redhat Accept press o
Configure Squirrelmail: Make your virtual host in httpd server. You need to host you webmail into your web server.
#vim /etc/httpd/conf/httpd.conf
In last line add this line
#Virtual for Webmail
<virtualhost webmail.world.net:80>
ServerAdmin info@world.net
DocumentRoot /var/www/html/webmail/
ServerName webmail.world.net
#ErrorLog logs/webmail.pcs.net_log
#TransferLog logs/webmail.pcs.net.access
</virtualhost>
:x
*-*
[root@ns1 ~]# setsebool httpd_can_network_connect=1
[root@ns1 ~]# getsebool httpd_can_network_connect
######################################################################################
Proxy Server for Enterprise Linux 5
Step-1:
#rpm -qa | grep squid*
#rpm -ivh squid*
#vim /etc/squid/squid.conf
NB: Change the following line and commands
Line no Changes
73 3128
738 32
993 100 16 256
2395 acl ourlan src 192.168.20.0/24
2396 acl pc1 src 192.168.20.50
2397 acl pc2 src 192.168.20.52
2398 acl business_hours time S M T W T F 9:00-17:00
2533 http_access allow ourlan
2534 http_access allow business_hours
2537 http_access deny pc1
2538 http_access deny pc2
2847 visible_host proxy.world.net
#service squid restart
#mii-tool [To see your network]
#mii-diag
#squid -z [for making cache directory]
#ls /var/spool/squid/
00 01 02 03 - - -- - -- - FD
#ls /var/spool/squid/00 [we can see cache sub directory has created or not]
00 01 02 03 - - - - 256 [show if cache directory has created]
#tail -f /var/log/squid/access.log [showing who is browsing which]
Client Configure:
Step-1:
Right click on Internet Explorer>propertise>Connection>LanSetting>proxy server port
Ok>Ok
www.world.com
Ok
Transparent proxy
#vim /etc/squid/squid.conf---------------------------------------------------
Adding lines in the last line
http_accel_host virtual
http_accel_port 80
http_accel_with_proxy on
http_accel_uses_host_header on
:x
#service squid reload
#service squid restart
#iptables -F
#iptables t nat A PREROUTING i eth1 p tcp - -dport 80 j REDIRECT - -to-ports 8080
#iptables A OUTPUT j ACCEPT m state - -state NEW o eth0 p tcp - -dport 80
#service iptables save
#service squid restart
FINISH
###########################################################################################
Web Server for Enterprise Linux 5
Step-1:
#rpm -qa | grep http*
#rpm -qa | grep php*
#rpm -ivh http*
#rpm -ivh php*
#vim /etc/httpd/conf/httpd.conf
NB: Change the following line and commands and alias to www into forward zone (www IN CNAME ns1)
Line no Changes
250 ServerAdmin root@ world.net
264 ServerName www. world.net
390 index.php
:x
#service httpd restart
#service named reatart
Step-2:
#cd /var/www/html
#touch index.php
#vim index.php
<?
phpinfo();
?>
:x
#service httpd retart
#service named restart
#chkconfig httpd on
# elinks
www.world.net
or Browse www.world.net
############################################################################################################
Virtual WEB Server
Virtual Domain------------------------------------------------------------------
[root@ns1 ~]# vim /var/named/chroot/etc/named.conf
zone "pcs1.com" IN { (copy dns first zone }
type master;
file "f.zone";
allow-update { none; };
};
:x
#cp /var/named/chroot/var/named/f.zone /var/named/chroot/var/named/v.zone
[root@ns1 ~]# vim /var/named/chroot/var/named/v.zone
$TTL 86400
@ IN SOA ns1.pcs1.com. root.pcs1.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS ns1.pcs1.com.
ns1 IN A 192.168.20.1
mail IN A 192.168.20.1
@ IN MX 10 192.168.20.1
pcs1.com. IN MX 10 192.168.20.1
www IN CNAME ns1
ftp IN CNAME ns1
:x
[root@ns1 ~]# vim /etc/hosts
127.0.0.1 ns1 localhost.localdomain localhost
192.168.20.1 pcs.bd ns1
192.168.20.1 pcs1.com ns1
:x
[root@ns1 ~]# vim /etc/resolv.conf
search pcs.bd
search pcs1.com
nameserver 192.168.20.1
:x
#service network restart
#service named restart
#dig pcs.bd
#dig pcs1.com
Virtual Web Server----------------------------------------------------------------------------
[root@ns1 ~]# vim /etc/httpd/conf/httpd.conf
NameVirtualHost 192.168.20.1:80 line:998 change
#
<VirtualHost 192.168.20.1:80>
ServerAdmin webmaster@pcs.bd
DocumentRoot /var/www/html
ServerName www.pcs.bd
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
<VirtualHost 192.168.20.1:80>
ServerAdmin webmaster@pcs1.com
DocumentRoot /var/www/html/virtual
ServerName www.pcs1.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
[root@ns1 ~]# mkdir -p /var/www/html/virtual
Here create index.html file
#############################################################################################3
RAID Partition
Before you can create a RAID device, you must first create RAID partitions, using the following step-by-step instructions:
1. On the Disk Partitioning Setup screen, select Manually partition with Disk Druid.
2. In Disk Druid, choose New to create a new partition.
3. You will not be able to enter a mount point (you will be able to do that once you have created your RAID device).
4. Choose software RAID from the File System Type pulldown menu as shown in Figure 10-1.
Figure 10-1. Creating a New RAID Partition
5. For Allowable Drives, select the drive(s) on which RAID will be created. If you have multiple drives, all drives will be selected here and you must deselect those drives which will not have the RAID array on them.
6. Enter the size that you want the partition to be.
7. Select Fixed size to make the partition the specified size, select Fill all space up to (MB) and enter a size in MBs to give range for the partition size, or select Fill to maximum allowable size to make it grow to fill all available space on the hard disk. If you make more than one partition growable, they will share the available free space on the disk.
8. Select Force to be a primary partition if you want the partition to be a primary partition.
9. Select Check for bad blocks if you want the installation program to check for bad blocks on the hard drive before formatting it.
10. Click OK to return to the main screen.
Repeat these steps to create as many partitions as needed for your RAID setup. Notice that all the partitions do not have to be RAID partitions. For example, you can configure only the /home partition as a software RAID device.
Once you have all of your partitions created as software RAID partitions, follow these steps:
1. Select the RAID button on the Disk Druid main partitioning screen (see Figure 10-3).
2. Next, Figure 10-2 will appear, where you can make a RAID device.
Figure 10-2. Making a RAID Device
3. Enter a mount point.
4. Choose the file system type for the partition.
5. Select a device name such as md0 for the RAID device.
6. Choose your RAID level. You can choose from RAID 0, RAID 1, and RAID 5.
7. The RAID partitions you just created appear in the RAID Members list. Select which partitions of these partitions should be used to create the RAID device.
8. If configuring RAID 1 or RAID 5, specify the number of spare partitions. If a software RAID partition fails, the spare will automatically be used as a replacement. For each spare you want to specify, you must create an additional software RAID partition (in addition to the partitions for the RAID device). In the previous step, select the partitions for the RAID device and the partition(s) for the spare(s).
9. After clicking OK, the RAID device will appear in the Drive Summary list as shown in Figure 10-3. At this point, you can continue with your installation process. Refer to the Red Hat Linux Installation Guide for further instructions
LVM Configuration
To create a logical volume group with logical volumes during the Red Hat Linux installation:
1. On the Disk Partitioning Setup screen, select Manually partition with Disk Druid.
2. Select New.
3. You will not be able to enter a mount point (you will be able to do that once you have created your volume group).
4. Select physical volume (LVM) from the Filesystem Type pulldown menu as shown in Figure 11-1.
Figure 11-1. Creating a Physical Volume
5. A physical volume must be constrained to one drive. For Allowable Drives, select the drive on which the physical volume will be created. If you have multiple drives, all drives will be selected here, and you must deselect all but one drive.
6. Enter the size that you want the physical volume to be.
7. Select Fixed size to make the physical volume the specified size, select Fill all space up to (MB) and enter a size in MBs to give range for the physical volume size, or select Fill to maximum allowable size to make it grow to fill all available space on the hard disk. If you make more than one growable, they will share the available free space on the disk.
8. Select Force to be a primary partition if you want the partition to be a primary partition.
9. Select Check for bad blocks if you want the installation program to check for bad blocks on the hard drive before formatting it.
10. Click OK to return to the main screen.
Repeat these step to create as many physical volumes as needed for your LVM setup. For example, if you want the volume group to span over more than one drive, create a physical volume on each of the drives.
Once all the physical volumes are created, follow these steps:
1. Click the LVM button to collect the physical volumes into volume groups. A volume group is basically a collection of physical volumes. You can have multiple logical volume groups, but a physical volume can only be in one volume group.
2.
3. Figure 11-2. Creating an LVM Device
4. Change the Volume Group Name if desired.
5. All logical volumes inside the volume group must be allocated in physical extent units. By default, the physical extent is set to 4 MB; thus, logical volume sizes must be divisible by 4 MBs. If you enter a size that is not a unit of 4 MBs, the installation program will automatically select the closest size in units of 4 MBs. It is not recommended that you change this setting.
6. Select which physical volumes to use for the volume group.
7. Create logical volumes with mount points such as /home. Remember that /boot can not be a logical volume. To add a logical volume, click the Add button in the Logical Volumes section. A dialog window as shown in Figure 11-3 will appear.
Figure 11-3. Creating a Logical Volume
Repeat these steps for each volume group you want to create.
###########################################################################################
Linux Router Configure
#rpm -qa |grep quagga
#rpm -ivh /mnt/Server/quagga
#cd /etc/quagga
#ls
#vim zebra.conf
hostname ns1 [Router hostname]
password nopassword [Password]
enable password nothing [Password enable]
:x
#vim /etc/service
zebra port 2601
:x
#netstat -na | less [Use to show port number]
#service zebra restart
#telnet 127.0.0.1 2601
Password: nopassword
Router>enable
Router#hostname pcs
Pcs#? [For help]
Pcs#who [Which terminal we use to see]
Pcs#show history
Pcs#show running-configure
Pcs#show ?
Pcs#show version
Pcs#show ip route
Pcs#disable
>enter
Pcs>enable
Password nothing
Pcs#configure terminal
Conf#?
Conf#banner motd file /etc/quagga/Welcome
Conf#ctrl+z
Pcs#write
Pcs#configure terminal
Conf#show running-configure
Conf#interface eth0
Conf#ip address 192.168.0.254/24 [Setting IP]
Conf# interface eth1
Conf#ip address 192.168.0.1/24
Conf#ip route 192.168.0.1 255.255.255.0 203.190.32.15 [ip route]
Conf#write
Conf#no shutdown
Conf#ip route 172.16.0.0/16 202.12.32.5 [ip route]
Conf#no shutdown
Conf#write
Conf#no ip route 192.168.0.1/24 203.190.32.15 [route erase]
#write
Router RIP
#cp /etc/quagga/ripd.conf.sample /etc/quagga/ripd.conf
#vim /etc/quagga/ripd.conf
#service ripd restart
#netstat -na | less
#telnet 127.0.01 ripd or 2602
Ripd>enable
Ripd#configure terminal
Ripd-conf#router rip
Ripd-conf-router#varsion
Ripd-conf-router#route 192.168.0.0/24
Ripd-conf-router#write
Ripd-conf-router#exit
Ripd-conf#line vty [Line configure mode]
Ripd-conf-line#exec-timeout 1
Ripd-conf-line#write
Ripd-conf-line#ctrl+z
End
MRTG (Multi Routing Table Grapher)
# rpm -qa | grep snmp
# yum install net-snmp*
# ps -aux | grep snmp [determine snmp server running or not]
root 5512 0.0 2.3 5872 3012 pts/0 S 22:04 0:00 /usr/sbin/snmpd
or # lsof -i :199
snmpd 5512 root 4u IPv4 34432 TCP *:smux (LISTEN)
or netstat -natv | grep ':199'
tcp 0 0 0.0.0.0:199 0.0.0.0:* LISTEN
# service snmpd start
Make sure snmpd service starts automatically
# chkconfig --add snmpd
##############################################################################################
Configure SNMP
#vim //etc/snmp/snmpd.conf
Change/Modify line(s) as follows:
Find following Line:
com2sec notConfigUser default public
Replace with (make sure you replace 192.168.0.0/24 replace with your network IPs) following lines:
com2sec local localhost public
com2sec mynetwork 192.168.0.0/24 public
rocommunity pcs
Find Lines:
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
Replace with:
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
Find line:
view systemview included system
Replace with:
view all included .1 80
:x
#service snmp restart
#netstat -na | less [snmp port 161]
# chkconfig snmpd on
# service snmpd start
# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex [Test your snmp server]
Configure MRTG
#rpm -qa | grep mrtg
# yum install mrtg*
# up2date -v -i mrtg [If install do update]
#mkdir -p /var/www/html/traffic
#cfgmaker --output=/etc/mrtg/pcst.cfg --global workdir:/var/www/html/traffic --global options[_]:growright,bits pcs@192.168.0.1
or
#cfgmaker --global 'WorkDir: /home/httpd/ \
--global 'Options[_]: bits,growright' \
--output /home/mrtg/cfg/mrtg.cfg \
community@abc.com
#LANG=C
#export LANG
#cd /var/www/html
#ls
#cd /traffic
#ls
pcst.cfg [has created or not will see here]
#vim /etc/mrtg/pcst.cfg
#mrtg /etc/mrtg/pcst.cfg [Run this command 3 times]
#mrtg /etc/mrtg/pcst.cfg
#mrtg /etc/mrtg/pcst.cfg
#ls /etc/mrtg
pcst.ok [file will viewed]
#cd /var/www/html/traffic
#ls
#indexmaker --output=/var/www/html/traffic/index/html /etc/mrtg/pcst.cfg [First test run of mrtg]
#cd /var/www/html/traffic
#ls
index.html [file will create]
Create crontab entry so that mrtg graph
(a) Login as a root user or login as a mrtg user and type following command:
# crontab -e
0-59/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg.cfg --logging /var/log/mrtg.log
Go to the graphical mode
Open mozilla http://192.168.0.1/traffic
Or www.linuxcolor.net/192..168.0.1.html
Block ports 161 & 162 at firewall
SERVER="xxx.xxx.xxx.xxx"
iptables -A OUTPUT -p udp -s $SERVER --sport 1024:65535 -d 0/0 --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -s 0/0 --sport 161:162 -d $SERVER --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Firewal------------------------------------------------------------------------------------
Rules to write IPTABLE
#iptables -t filter -A INPUT i eth0 -s 192.168.0.10 -d 192.168.0.1 -j DROP
#iptables -A INPUT i lo -j ACCEPT
Step 1:
#rpm qa | grep iptables
#service iptables start
#ntsysv
set iptables for automatically start during system boot
Step 2:
Make a file named "testfirewall" in opt directory
#cd /opt
#touch firewalltest
Step 3:
Now it is high time to create a simple firewall script by using linux
iptables service
#vi /opt/testfirewall
#!/bin/sh
iptables -nL
iptables -t nat -nL
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
Step 4:
Enable IP forwarding in your linux Box
echo "1" > /proc/sys/net/ipv4/ip_forward
Step 5:
Basic application of iptables in "filter" table
iptables -A INPUT -s 192.168.10.0/24 -j DROP
or
iptables -t filter -A INPUT -s 192.168.10.0/24 -j DROP
iptables -A INPUT -i eth1 -s 192.168.10.0/24 -j DROP
iptables -A INPUT -p tcp -m tcp -i eth1 -s 192.168.10.0/24 --dport 80 -j DROP
iptables -A INPUT -p tcp -m tcp -i eth1 -s 192.168.10.9 --dport 80 -j DROP
Step 6:
SNAT application (private ip rapping by real ip), SNAT is applicable in "nat" table
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 203.190.32.3
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j SNAT --to 203.190.32.3
iptables -t nat -A POSTROUTING -s 192.168.10.10 -o eth0 -j SNAT --to 203.190.32.3
MASQUERADE application (private ip rapping by real ip), MASQUERADE is applicable in "nat" table
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 203.190.32.3
iptables -t nat -A POSTROUTING -s 192.168.10.10 -o eth0 -j MASQUERADE
Note: Basically SNAT is used for statically received ip and MASQUERADE is user for dynamically received ip
Note: Run in windows Machine >ipconfig /renew "Con; if problem occurred
Step 7:
DNAT application (port/ip redirecting), DNAT is applicable in "nat" table
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 190.168.10.1:8080
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
Thanks with good luck
#############################################################################################
NFS Server Configure for Redhat Linux 5
Server Pc
#vim /etc/exports
/Shared *(rw,sync) NB: * means all network will get this sheare
/var/ftp/pub 192.168.20.1(ro,sync)
:x
#chkconfig nfs on
#service nfs restart
#showmount -e localhost [will show all shared named]
Client PC---------------------------------------------------------------------
#mkdir /home/Data
# mount -t nfs 192.168.1.10:/mnt/storage /home/Data
Configure: /etc/hosts.allow and /etc/hosts.deny
These two files specify which computers on the network can use services on your machine. Each line of the file contains a single entry listing a service and a set of machines. When the server gets a request from a machine, it does the following:
It first checks hosts.allow to see if the machine matches a description listed in there. If it does, then the machine is allowed access. If the machine does not match an entry in hosts.allow, the server then checks hosts.deny to see if the client matches a listing in there. If it does then the machine is denied access. If the client matches no listings in either file, then it is allowed access.
#/etc/hosts.deny
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL
:x
#/etc/hosts.allow
portmap: 192.168.0.1 , 192.168.0.2
lockd: 192.168.0.1 , 192.168.0.2
rquotad: 192.168.0.1 , 192.168.0.2
mountd: 192.168.0.1 , 192.168.0.2
statd: 192.168.0.1 , 192.168.0.2
:x
#############################################################################################
Samba Server for Enterprise Linux 5
#rpm -qa samba*
#rpm -ivh samba*
#vim /etc/samba/smb.conf
Line no changes
26 workgroup = ARKGROUP
29 server string = Samba Server
34 security = user
41 hosts allow = 192.168.236.0/24
45 load printers = yes
Copy Last [myshare] and paste if below & change it
[share]
comment = Mary's and Fred's stuff
path = /var/ftp/pub/Server
valid users = info john jane eric u1
public = no
writable = yes
printable = no
create mask = 0765
:x
#service smb restart
For Samba Client ---------------------------------------------------------
#smbpasswd -a kamal
New SMB password:Open123
Retype new SMB password:Open123
For Samba Web administration use samba-swat
#rpm -qa samba-swat*
#rpm -ivh samba-swat*
#vim /etc/xinetd.d/swat
service swat
{
port = 901
socket_type = stream
wait = no
only_from = 192.168.10.0/24
user = root
server = /usr/sbin/swat
log_on_failure += USERID
disable = no
#service xinetd restart
#service httpd restart
#service smb restart
From Linux pc to window pc browse in your browser
http://localhost:901
From window pc to Linux pc browse in your browser
http://192.168.10.1:901
##############################################################################################
NIS SERVER
Use like Domain Controller and Serve Service for Client PC. We need following package ypserv, yptools, ypbind and authconfig rpm
#rpm -ivh ypserv*
#rpm -ivh ypbind*
#rpm -ivh yptools*
#rpm -ivh authconfig*
#vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=ns1
NISDOMAIN=linux.com
:x
#domainname linux.com
#service network restart
#vim /var/yp/Makefile
all: passwd group [line no 113]
:x
#service ypserv restart
#service portmap restart
#/usr/lib/yp/ypinit -m
a quiry will come just press ctrl+d then press y
#cd /var/yp
#make
[yp database will update for new user to give NIS facialities]
NIS CLIENT
#authconfig-tui
Select [*] Use NIS then
next
Domain: linux.com
Server: 192.168.10.1
#service ypbind restart
#ypcat passwd
#ypmatch nisuser passwd
OK End
SSH-Secure Shell
SSH used for remotly administration
a) # chkconfig --list sshd
sshd 0:on 1:on 2:on 3:on 4:on 5:on 6:on
Or #chkconfig --level 0123456 sshd on/off
#Service sshd restart
#ssh 192.168.236.3 [Used to connect root user]
root@192.168.236.3's password:
# ssh -l info 192.168.236.3 [Used to connect normal user]
info@192.168.236.3's password:
Last login: Tue Jul 29 03:38:37 2008
[info@ns1 ~]$
NB: ssh is more essensial remote administraton thats why we will chage defaults port number
b) #netstat -an |grep 435
No response allows us to proceed.
#vim /etc/ssh/sshd_config
Port 345/22 [line 35 change 435 if you want]
# Protocol 2,1
# Cipher 3des
:x
#service sshd restart
c) Check to ensure SSH is runing on new port
#netstat pant |grep 435
Using SSH to Login a Remote Machine
#ssh 192.168.236.3 [Used to connect root user]
# ssh -l info 192.168.236.3 [Used to connect normal user]
###########################################################################################
Internet Sharing
Configure your LAN eth0
#vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=203.190.33.206
NETMASK=255.255.255.248
GATEWAY=203.190.33.205
:x
Configure your LAN eth1
#vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.20.1
NETMASK=255.255.255.0
:x
#chkconfig network on
#service network restart
IP Forwarding------------------------------------------------------------------------------
#vim /etc/sysctl.conf
# Controls IP packet forwarding
net.ipv4.ip_forward = 1 line 7[Here you will erase=0 and will put=1 value]
:x
#sysctl -p [Viewing the IP forwarding = 1]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
#setup
[*] firewall enable
OK
#service iptables restart
MASQUERADE-----------------------------------------------------------------------------------
#iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -j MASQUERADE
#service iptables save
#iptables -L [Checking Masquerade]
#iptables -t nat -L [Showing MASQUERADE all --192.168.20.0 anywhere]
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.20.0/24 anywhere
#service network restart
#service iptables restart
Virtual LAN Create------------------------------------------------------------------------------
#cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:1
#/etc/sysconfig/network-scripts/ifcfg-eth0:1
DEVICE=eth0:1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.20.2
NETMASK=255.255.255.0
:x
#service network restart
###############################**************************#####################################
Proxy Server
#yum install squid
#vim /etc/squid/squid.conf
# Squid normally listens to port 3128
http_port 8080 line 70
#Default:
cache_mem 8 MB line 737
#Default:
cache_dir ufs /var/spool/squid 100 16 256 line 993
# To log the request via syslog specify a filepath of "syslog"
access_log /var/log/squid/access.log squid line 1083
#Default:
cache_log /var/log/squid/cache.log line 1087
#Default:
cache_store_log /var/log/squid/store.log line 1099
# be allowed
acl our_networks src 192.168.1.0/24 line 2522
http_access allow our_networks line 2527
visible_hostname www.pcs.bd (write this) line 2837
:X
#squid -z
#chkconfig squid on
#service squid restart
#mii-tools to see network connectivity
#mii-diag
Page updated
Google Sites
Report abuse