IMP.

COMMANDS:
_____________

#!<number> -- it will repeat the given number command from 'history'.

# chkconfig --list <service>

# chkconfig --list telnet - it will show that 'telnet' service is 'on' or
'off'.

# chkconfig <service> on
# chkconfig telnet on - it will 'on' the 'telnet' service if 'off'.

# chkconfig --level 2345 <service> on - it will turn on the service on [2-5]

run levels.

# pidof <service name> --to know the pid of given service

# top --command used to manage the running processes.

# service <service> status

# pwd <filename> - to knwo the location of the file

# sestatus -command to know the 'selinux' status, enforcing or disabled.

# vi /etc/profile --if u enter some text as "HELLO WORLD" will be display

when logging.

# for i in 'seq 5'; do seq 10000 > file$i.txt; done - it will create 5 files
at a time named file1.txt to file5.txt
with 10000 nos. entries in each.
(this command not successfull running)

# seq -f "%04.0f" 10 | xargs -I "{}" touch file"{}".txt - it will create

'10' blank files (from 'file0001.txt to file00010.txt)

# rsync -av <source> <destination> (secure copy)

# rsync -av /home/temp 192.168.136.130:/home/james/temp -it will

copy/upload/send all 'temp' contents into remote host

[192.168.136.130:/home/james/temp] user location.

# rsync -av --delete <source> <destination> - to remove contents from given

destination (remote host location).

# rsync -av --delete 192.168.136.130:/home/james/temp (not working

sucessfully)

('rsync' package require at both end)

 # ps -ef | grep <service> -- to chk the current process status of given
service.

# netstat -ntl --to chk tcp/udp based services running status

# netstat -ntl | grep <service> --to chk tcp/udp ports for given service

[root@client1 ~]# ls -dl /projectx/ --to chk the permission of a directory.

drwxr-xr-x. 2 root root 4096 May 2 22:42 /projectx/

USER MANAGEMENT:
_______________

1- # system-config-user -command used for user config from gui mode.

2- # useradd <user name> or # adduser <user name> -command used for creating
user in text modebth

# /etc/password
# /etc/shadow > both files contain user related info.

3- # ssh username@localhost -used to login locally via ssh

4- # stat filename -command used display the statistics of the given
file (eg. size, block size, inode no, acces date
modification date,
UID, GID etc.)

# <command> --help -taking help regarding the given command

# gnome-calculator -to open calculator

5- # usermod -this command used to apply changes in '/etc/password' file's

entities. (#usermod --help)
6- # chage -this command used to apply changes in '/etc/shadow' file's
policies.

7- # chage -l <user name> -this command will display the password policies
of the given user (use #chage --help)
8- # chage <user name> -to set the passoword policy for given user
9- # groupadd <group name> - command used to create a new group.
10- # groupdel <group name> - command used to delete a group.
11- # groupmod <group name> - command used to modify a group . (#groupmod
--help)

SUDO USER:
__________

TASK:
Set an user as a 'sudo user' with authority of creating user with password.

Here 'james' is assigned as a 'sudo user'

1- #visudo -- edit this file

 #User Aliases

User_Alias U1 = james --assigning user

#Command Aliases

Cmnd_Alias C1 = /usr/sbin/useradd --assign command/permission on file

Cmnd_Alias C2 = /usr/bin/passwd

U1 ALL = C1
U1 ALL = C2

2- save the file

3- login with 'james'

4- sudo /usr/sbin/adduser <user name>

5- sudo /usr/bin/passwd <password for the user>

TASK:
1- create a new group.
2- add an existing user to the newly created group.
3- chk the task.
------------
(NB: here group1 is newly created group and user1 is an
existing user)

1- # groupadd group1
(# tail /etc/group) -to verify the created group

# id user1
(chk user1 group details before changing it)

2- # usermod -G group1 user1

3- # id user1 (for re chking, after changing)

(# tail /etc/group) -to re varify the changing in group file

NB. use '&&' to run 2 command at the same time (eg. # command1 &&
command2)

# /etc/login.def -this file contains user's account's policy settings

(v.imp file)

# nano <file name> -command used to see existing file in detail view.
(cat like command)

FILE MANAGEMENT:
_________________

NB. In linux/unix every thing is a file

# ls -l <file name>

black color -- standard/simple file

blue color -- a directory
red color -- comressed/zip file
green color -- executable file

NB. This color pattern may be change, so dont always rely on it.

'crw-rw----. 1 vcsa tty 7, 130 Feb 29 02:39 vcsa2'

'brw-rw----. 1 root disk 8, 0 Feb 29 02:38 /dev/sda'

Here 'c' denotes for charecheter device

if 'l' it denotes a symbolink file
if 'b' it denotes a block or storage file

NB: # head -n 3 <file name> -- will show top 3 lines of given file
# tail -n 3 <file name> -- will show bottom 3 lines of given file

FILE PERMISSIONS:
_________________

'-rw-r--r--. 1 root root 2238 Sep 16 21:30 ping.txt'

9 bit permission level

--- (1st 3 bits for Owner)

--- (2nd 3 bits for User)
--- (last 3 bits for Other)

Permission value:

'r' = '4' = 'read'

'W' = '2' = 'write'
'x' = '1' = 'execute'

1- # chmod <permissions> <file name> - command used to change the permission

levels of given file.

eg. # chmod 666 <file name> - this command will assign '4 (read)+ 2
(write)' permission to 'user+group+others
(ugo) on given file.

# chmod o+w <file name> - this command will assign write permission
to others on given file
# chmod o-w <file name> - this command will remove write permission
to others on given file
# chmod g+6 <file name> - this command will assign read(4)+write(2)
permission to grou on given filex
 TASK: Other users can edit the files created by user 'james'

1- login with root

#cd /home
#chmod o+rwx james

2- # chown <user name>:<file name> - this command is used to change the

ownership of the file.

eg. # chown james file1.txt - this command will assign ownership of

james for file file1.txt

[root@client1 home]# chown -R user1 newusr/ -this command will assign

ownership (-R,recursively) to james on all files/folder of 'newuser'

NB: # setfacl -m u:<username>:rwx <filename> -- this command will

assign rwx permission to given user on given file

NB: # id <user name> - this command will show the UID and GID etc. of
given user

SYMBOLIC LINKS:
_______________
(used to link two files togather)

1- 'symlink' -soft link, based on file name

2- 'hardlink' -hard link, inode based

# ln -s <source file> <targate file> - command used to create a soft link

# ln <source file> <targate file> - command used to create a hard link

QUOTA MANAGEMENT:
_________________

(used to limit storage consumption per user/group)

(based on disk block usage or inode usage)
(use 'ls -li' command to view inodes of user/files)
(used in 2 stages soft and hard limit)
(soft limit may be exceeded, but hard limit never)

1- # rpm -qa | grep quota - command to check quota package is installed or

not
2- # mount - command to chck mounted files/file systems

(quota applied in '/etc/fstab' file, usually on '/home' or any created 'lvm'

partition, mounted in fstab)

3- # vi /etc/fstab

(here add 'usrquota,grpquota' after defaults, in front of targate

partition or '/home')

output cut--
 (/dev/mylvm/lv1 /root/disk1 ext4
defaults,usrquota,grpquota 0 0)

4- # mount -o remount /root/disk1 - command to remount the selected quota

drive/partition

DISK PARTITIONING:
__________________

TOOLS (commands)
a- 'fdisk'
b- 'parted'
c- 'mke2fs' 'ext2,ext3,ext4' filesystems.
d- 'mkfs.ext4'

1- # fdisk -l - command to list the created partitions.

2- # parted -l - command to list the created partitions (but in details).
3- # df -h - command to list the created partitions with used/free
space.
4- # du -b <file name> - command to show the size of given file.
5- # lsblk -f - command to show partitions with file system type.

Creating partition (method-2) using 'parted' command--

step1- # fdisk /dev/sda

step2- # press 'm' (for help list)
step3- # press 'n' (to create a new partition)
step4- # press 'enter key'
step5- # assign partition size eg '+1000M' for 1gb partition
step6- # press 'w' (to write the new partition on disk)

(# fdisk -l ' run this command to chck the created partition in list)

step7- # mkfs.ext4 /dev/sda4 (to format the partition using 'ext4 file
system, here /dev/sda4 'sda4'is newly created partition' it may be differ)
step8- # mkdir /home/disk4 (create a directory)
step9- # mount /dev/sda4 /home/disk4 (mount the partition on created
directory)
step10-# vi /etc/fstab (enter the details of created partition here)

[/dev/sda4 /home/disk4 defaults 0 0]

step11- # mount (to chck the created partition mounted or not)

Creating partition (method-2) using 'parted' command--

step1- # parted /dev/sda (here '/dev/sda' may be differ eg. /dev/sdb

or /dev/sdb1 or 2)
step2- # mkpart primary 1 2gb (to create a 2gb primary partition)
step3- # p (to print the partitioned table (optional))
step4- # quit
 (NB. 'parted' command creates default id 83 for partition)

step5- # mke2fs -t ext4 -j /dev/sda1 - command to format the created

partition with ext4 file system)
(here sdb1 stands lable 1)

step6- # mkdir /dir2 - create a directory

step7- # mount /dev/sdb1 /dir2 - mount the created partition

(# mount -to verify the mount position)

step8- 'enter the path in '/etc/fstab' file'

YUM REPOSITORY:
________________

(Creating Yum repository for local machine)

1- you need to install following packages--

a- yum
b- dialouge
c- createrepo

(NB. While installing 'createrepo' package it may ask following packages as

dependdencies that is
python-delta-------.rpm
delta--------------.rpm, in rhel-6)

2- rpm -ivh yum-------*.rpm

3- rpm -ivh dialouge------*.rpm
4- rpm -ivh createrepo-----*.rpm python-delta-----*.rpm delta------*.rpm
(install three packages togather)

5- mkdir /home/redhat (create a directory in /home)

6- copy 'Package' folder from mounted rhel iso or dvd into '/home/redhat'
folder.

7- vi /etc/yum.repos.d/server.repo (write in this file)

[redhat]
name=yum install (optional)
baseurl=file:///home/redhat (repository location)
gpgcheck=0

8- # createrepo -v /home/redhat (to create repository in given directory)

9- # yum install <package name> (to install a package using yum)

MAKING SWAP PARTITION:

_____________________

(# free - command to chek the memory (ram/swap))

1- # fdisk /dev/sda
2- # press 'n' (for new partition)
 3- # assign size here '+1G' if 1gb required
4- # press 't' (to assign partition id, for swap use '82')
5- # press 'p' (to print the partition table)
6- # press 'w' (to write the partition, reboot may also required)

7- # mkswap /dev/sda4 (sda4 may be differ, this overlap the swap partition
with existed one)

8- # vi /etc/fstab (here write the created swap partition)

[/dev/sda4 swap swap defaults 0 0]

9- # swapon -a (to activate the partirion)

10-# swapon -s (to check the current swap status)

11-# swapoff /dev/sda4 (to off/deactivate given swap partition)

12- # swapoff -a (deacitivate to all swaps)

13- # swapon -a (activate to all)

(Other methed of crreating swap file on any existing file system)

1- # dd if=/dev/zero of=swapfile1G bs=1024 count=1048576 (it will create a

1GB partition on '/' with name 'swapfile1G'
here 'bs' is byte size.
count=bs*bs eg. bs=1024, count=1024x1024=1048576)

2- # mkswap /swapfile1G (converting the partition into swap)

3- # swapon -v /swapfile1G
4- # swapon -s (to chk the current status. new swap should be
seen here)

NB. u can enter the details of new swap in fstab for permanent entry

5- # vi /ets/fstab

[ /swapfile1G swap swap 0 0 ]

6- # swapon -a
7- # swapon -s

LVM (LOGICAL VOLUME MANAGEMENT):

_______________________________

- first you need to create one or more partitions with label '8e'.
- create 'physical volume' from using created partitions.
- create 'volume groupe' it can have one or more partitions.
- create 'logical volume' from 'physical volume' as much size as you wish.
- format the 'logical volume' with ext4 filesystem.
- create a directory and mount it.
- enter the detalis in '/etc/fstab' file for permanent mounting.
 NB. (for example you have created two partitions '/dev/sdb2 nd
/dev/sdb3' with partition label '8e')

1- # pvcreate /dev/sdb2 /dev/sdb3 - creating 'physical volume'

# pvdisply - to chk the created 'physical volume'.

2- # vgcreate vg01 /dev/sdb2 /dev/sdb3 - creating 'volume group' with name

'vg01'.

# vgdisplay - to chk the created 'volume group'.

3- # lvcreate -L 200M -n lv01 vg01 - creating 'logical volume' of 200MB

with name 'lv01'.

# lvdisplay - to chk the created 'logical volume'.

4- # mke2fs -t ext4 -j /dev/vg01/lv01 - formating the 'logical volume'

with ext4 filesystem.

5- # mkdir /my-lvm - create a directory eg 'my-lvm'.

6- # mount /dev/vg01/lv01 /my-lvm - mount the 'logical volume' on created

directoy(my-lvm).

# mount - to chk the mount status.

# df -h - to chck and varify the mount folder and size etc.

7- # vi /etc/fstab (for parmanent mounting, enter the details in

'/etc/fstab' file)

[ /dev/vg01/lv01 /my-lvm ext4 defaults 1 2]

RESIZING/EXTENDING LVM:
_______________________

NB. before rsizing/extending 'logical volume' first chk it using,

'lvdisplay, nd 'df-h' command.

1- # lvextend -L +100M /dev/vg01/lv01 - to extend the 'logical volume'

size by 100MB'

# lvdisply - to chck the current 'logical

volume' size.

# df -h - it will show old 'logical volume'

size, as extended part (100MB) is not formatted yet.

2- # resize2fs /dev/vg01/lv01 - to format (ext4 filesystem) the

extended partition (100MB) only.

# df -h - to verify the format position of

'logical volume'.
 ADDING NEW PARTITION TO EXISTING LVM:
____________________________________

- create a new partition (eg. /dev/sdb4) with lvm lebel '8e'.

# pvcreate /dev/sdb4 (creating 'physical volume' with new partition)

# vgextend vg01 /dev/sdb4 (extending the 'volume group')

- now you can extend the size of 'logical volume' using 'lvextend'
command.

REMOVING LVM:
_____________
- delete or hide the 'lvm' entry from '/etc/fstab' file.
- umount the 'logical volume' from directory

# umount /dev/vg01/lv01 /my-lvm

- remove 'logical volume' first

# lvremove /dev/vg01/lv01
# lvdisplay

- remove 'volume group'.

# vgremove /dev/vg01
# vgdisplay

- remove 'physical volume'

# pvremove /dev/sdb2 /dev/sdb3

# pvdisplay

- now delete the used partitions (/dev/sdb2 nd /dev/sdb3) if you wish.

CONFIGURING RAID DEVICES:

_________________________
RAID-0:

(You need to create 2 partitions (one extended, then 2 logical) eg.

/dev/sda5 & /dev/sda6)

1- # mdadm --create /dev/md0 --level=0 --raid-devices=2 /dev/sda5 /dev/sda6

(command to create RAID-0 )
 2- # mke2fs -t ext4 -j /dev/md0 (formatting the raid with ext4 fily
system)

3- # mkdir /raid0 (create a directory)

4- # mount /dev/md0 /raid0 (mount the raid partition into directroy)

5- # mount (to chk the mount status, it should be seen here)

NB. (write in '/etc/fstab' file for permanent mounting)

6- # mdadm --detail /dev/md0 (to chk the raid0 configuration)

7- # df-h or df-h /raid0 or df -h /dev/md0 (to chk the space used by raid0,
here both partitions will be one/combined)
(both partition will be merged, becoz
raid0 work like a LVM)

7- # cat /proc/mdstat (coomand to show the created raid status)

RAID-1 (MIRRORING):

(You need to create 2 partitions (one extended, then 2 logical) eg.

/dev/sda7 & /dev/sda8, each partition is 400MB)

1- # mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sda7 /dev/sda8

(command to create RAID-1 )

2- # mke2fs -t ext4 -j /dev/md1 (formatting the raid with ext4 fily

system)

3- # mkdir /raid0 (create a directory)

4- # mount /dev/md1 /raid1 (mount the raid partition into directroy)

5- # mount (to chk the mount status, it should be seen here)

NB. (write in '/etc/fstab' file for permanent mounting)

6- # mdadm --detail /dev/md1 (to chk the raid1 configuration)

7- # df-h or df-h /raid1 or df -h /dev/md1 (to chk the space used by raid1,
here half partition size will be seen)
(only single partition size will be seen,
becoz other partitios is used for
mirroring)

7- # cat /proc/mdstat (coomand to show the created raid status)

RAID-1 (STRIPPING WITH PARITY, minimum 3 partitions or disk reuired for

raid5):

1- # mdadm --create /dev/md5 --level=5 --raid-devices=3 /dev/sda5

/dev/sda6 /dev/sda7 (command to create RAID-5 )
 2- # mke2fs -t ext4 -j /dev/md5 (formatting the raid with ext4 fily
system)

3- # mkdir /raid5 (create a directory)

4- # mount /dev/md5 /raid5 (mount the raid partition into directroy)

5- # mount (to chk the mount status, it should be seen here)

NB. (write in '/etc/fstab' file for permanent mounting)

6- # mdadm --detail /dev/md5 (to chk the raid5 configuration)

[root@localhost ~]# df -h /raid[015] (command to show all 3

raid0, 1 nd 5, togather)

Filesystem Size Used Avail Use% Mounted on

/dev/md0 796M 17M 739M 3% /raid0 (shows combined space of
both partitions, each partition is 400MB)
/dev/md1 395M 11M 365M 3% /raid1 (shows single partition
space)
/dev/md5 790M 17M 733M 3% /raid5 (shows two
partitions(combined size), total 3 partition used here)

7- # cat /proc/mdstat (coomand to show the created raid status)

REMOVING RAID CONFIGURATIONS:

1- # cat /proc/mdstat (to varify the current status of raid

configured)

2- # mdadm --stop /dev/md0 (to stop the configured raid, here 'md0' for
raid 0, for raid1, used 'md1' and so on)

3- # mdadm --remove /dev/md0 (to remove raid0)

4- # mdadm --zero-superblock /dev/sda5 /dev/sda6 (to remove raid partitions,

here 'sda5, sda6' is for raid0)

5- # cat /proc/mdstat (to re-varify the status)

CRON (CRONTAB) AND AT JOB SCHEDULING TASK:

_________________________________________

AT- JOB SCHEDULING

# at <time>
# at 23:15 <press 'enter'>
at> cd /saif && touch at.txt - to create a blank file in '/saif'
direcctory with name 'at.txt' , at 23:15 (11:15)
at> <press 'ctrl+d'> - to save, and end the task

# atq or at -l - to list the scheduled job/task.

 # atrm <job id> - to remove the job

USING BATCH WITH AT

-- assigning multiple of jobs at a time.

-- no need to fix time.

# batch
at> mkdir atdir
at> touch pp.txt
at> cp pp.txt atdir

<press 'ctrl+d'>

-- here a directory named 'atdir' will create, a file named

'pp.txt' will create
and file 'pp.txt' will be copied into 'atdir' .

# batch
at> touch ping.txt
at> ping -c 4 192.168.136.128 >> ping.txt
at> cp ping.txt atdir

<press 'ctrl+d'>
-- here a blank file named 'ping.txt' will b created, system
will ping (4 times) to given IP add,
result will be redirected to 'ping.txt' file, and this file
will b copied into 'atidir' directory.

--Used to scheduling any job/command/process

# rpm -qa | grep cron - to verify that 'cron' packages are installed
or not.

# cat /etc/crontab - file contains some imp. info regarding cron

jobs.

1- # crontab -e -u <username> -- run as 'root' to edit user's job.

2- # crontab -l -u <username> -- run as 'root' to list user's job.

COMMON NETWORK UTILITIES:

________________________
 -Ping

# ping -c 4 192.168.10.2 (for 4 times/lines pingging)

# ping -c 4 192.168.10.2 -s 32 (for 4 times/lines pingging,

with each of 32 bytes packet size)

# ping -I <source ip> <destination ip> - chk pinging between

two hosts from any machine on network.

-Telnet

NB. (to login via telnet, u need to stop, iptables service (#

service iptables stop))

('root' login not allowd in telnet)

(telnet and xinetd packages to be installed)

# telnet <remote host ip > <port no.> (port no. is optional)

# telnet 192.168.10.2 23/22 (23 for telnet, 22 for ssh)

-SSH

# ssh <user>@<remote host ip>

# ssh [email protected]

-Traceroute

(tracing remote hop count distance)

# traceroute <ip remote host/router>

-Netstat
(used to reveals TCP/UDP sockets)

# netstat -a (list all tcp/udp sockets)

# netstat -i (kernal interface table)

# netstat -ntl (lists only tcp ports/sockets)

-arp

# arp -a (to show the arp table)

IP-V4 CONFIGURATIONS:
____________________
 - DHCP
- STATIC IP
- VIRTUAL/SUB INTERFACES

KEY DIRECTORIES--

' /etc/sysconfig/network' - its a file, used to changing

'hostname', 'gateway'.

' /etc/sysconfig/networking/ - its a directory, containing

subdirectories nd files.

- related to ip add, default-gateway,

dns, dhcp settings.

NB. don't try edit that files manually, use 'system-config-

network' tool to configure.

' /etc/sysconfig/network-script' - directory conatains various

files/directories relaated to network config.

' /etc/sysconfig/network-script/ifup-eth - file brings up all

eth0/eth1 interfaces.

' /etc/sysconfig/network-script/ifdown-eth - file brings down

all eth0/eth1 interfaces.

' /etc/sysconfig/network-script/ifcfg-lo - file controls

loopback interface configurations.

' /etc/hosts' - to change/enter host name, to resolve locally,

not on network/DNS.

1- # ifconfig - command to show all active interfaces details.

# ifconfig eth0 - it will show only interface 'eth0' config.

# ifconfig lo - it will show only interface 'loopback'

config.

--CREATING A SUB/VIRTUAL INTERFACE

# cd /etc/sysconfig/network-scripts/
2- # ifconfig eth0:1 10.10.10.1 netmask 255.255.255.0 - it will create
(temporarily) a sub-interface of eth0 'eth0:1'
with given ip add.

NB. (for creating a permanenet sub/virtual interface you need to

do this--)

3- # cd /etc/sysconfig/network-scripts/
 4- # cp -v /etc/sysconfig/network-scripts/ifcfg-eth0 ifcfg-eth0:1

(the contents of 'ifcfg-eth0' will be

copied into 'ifcfg-eth0:1' file)

5- # vi /etc/sysconfig/network-scripts/ifcfg-eth0:1

(make some required changing (interface name, ip,

gateway etc.) here, and save the file)

6- # ifcfg eth0:1 delete <ip add>/<mask bits> - to delete a

sub/virtual interface.

# ifcfg eth0:1 detele 10.10.10.2/24

# ifconfig eth0:1 del 10.10.10.2 - it also delete the

sub/virtual interface.

7- # ifconfig -a - shows all active interfaces.

8- # ethtool <interfacae>
# ethtool eth0 -- show imp. info regarding interface eg. duplex,
speed, port type etc.

IPV6 COMFIGURATION:
__________________

-Self-configuration.
-Can be configure via 'neighbor discovery auto-config by a
router, via DHcpv6, or manually.

' /etc/sysconfig/network-scripts/ifup-ipv6' -file contains 'ip-

v6' configurations.

FILE TRANSFER PROTOCOL (FTP):

____________________________

-VSFTPD (Very Secure FTP Daemon)

- It doesn't permit 'root' access by default.

- Install 'vsftpd' package.

- start vsfdtp service

NB. - stop 'iptables' services, to login via 'ftp/lftp/telnet'

remotely. (but not need to stop, when login locally)

# service iptables stop

# service vsftpd status

# chkconfig vsftpd on
# service vsftpd start
 # netstat -ntlp - it will show port no. and service of
vsftpd, if running.

[root@server Desktop]# netstat -ntlp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name

tcp 0 0 0.0.0.0:21 0.0.0.0:*

LISTEN 2665/vsftpd

'/etc/vsftpd/' - directory containing 'ftp' config files.

1- # cat /etc/vsftpd/ftpusres - here u find 'user's' list, not

allowed to 'ftp' access, 'root' is also listed here.

2- # cat /etc/vsftpd/user-list - check this file too, it also has

same list, but with some instructions.

3- # cat /etc/vsftpd/vsftpd.conf - check this file too, having very

important config regarding allow or denials.

NB. after installation of 'vsftpd' and starting the service, try to

login locally.

- on web browser, enter 'ftp://<username>@localhost/'

- it will be asked for password of given user, but not access

sucessfuly.

- now install 'ftp' package

# yum install ftp

(after installing 'ftp' u can acsess 'ftp' login via

'anonymous' user or any local 'user')

4- # ftp localhost (see below 'output cut')

[saif@server ~]$ ftp localhost

Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:saif): anonymous - type here 'anonymous'

331 Please specify the password.

Password: <saif password> - type 'anonymous' as 'password' here or
left blank.
 230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

NB. (You can also login via any 'user' except 'root', login process is
same as above, use '<user name>'
and its 'password')

- after login sucessfully, u can 'download' any file, stored in

'/etc/var/ft/pub/' directory.

- use 'help' command to see listed commands allowd to run here.

- use 'get or mget' to download, 'put or mput' to upload files,

from '/pub' nd into '/pub' directory.

- use '!<command>' to view login user files/directories

details....

ftp> !pwd
ftp> !ls -l

NB. by default 'anonymous' user can download (get/mget) from

'/pub' not upload (put/mput)
only 'root' has write/upload (put/mput) permission in '/pub/
directory, but 'root' is disabled
to login via FTP, bydefault (security reasons).

NB. (You can block 'anonymous' login by editing this file--)

# vi /etc/vsftpd/vsftpd.conf

anonymous_enable=YES -- set it to 'NO'

anonymous_upload_enable=YES ---set it to 'NO'

-save the file

-restart the vsftpd service

-now 'anonymous login will be denied, but local 'user' login is enables (by
default), login via 'local users' only.

NB. While uploading using 'mput/put' command, and downloading using

'get/mget',it fails.

(but u should b login via 'local user' not 'anonymous')

-chk 'selinex' setting to solve the issue for 'ftp home dir'.
# sestatus -command to know the 'selinux' status, enforcing or disabled.

[root@server ~]# getsebool -a | grep ftp

allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
ftp_home_dir --> off -------------------- turn it 'on'
ftpd_connect_db --> off
ftpd_use_fusefs --> off

[root@server ~]# setsebool -P ftp_home_dir on -- command to turn it 'on'

[root@server ~]# getsebool -a | grep ftp

allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
ftp_home_dir --> on ----------------------turned 'on'
ftpd_connect_db --> off

LFTP:
____
(lftp package need to download)

- LFTP is a FTP client.

- can be used to upload/download files.locally and remotely.

LFTP LOGIN LOCALLY:

1- # lftp -u <user> <localhost/ip>

# lftp -u james localhost --command to login with 'lftp' locally.

or

[saif@server ~]$ lftp localhost

lftp localhost:~> open -u saif localhost - login locally via 'user saif'.

LFTP LOGIN REMOTELY:

2- # lftp james@<romote ip>

or
[saif@server ~]$ lftp <remote ip>
lftp 192.168.136.130:~> open -u <remote user> 192.168.136.130

[root@server Desktop]# netstat -ant | grep 21

tcp 0 0 0.0.0.0:21 0.0.0.0:*

LISTEN
 tcp 0 0 192.168.136.128:48552 192.168.136.128:21
ESTABLISHED
tcp 0 0 192.168.136.128:21 192.168.136.128:48552
ESTABLISHED

NB.(if connection established sucessfully, this obove output will get, when
running 'netstat -ant | grep ftp or 21')

(here, it showing connection is eshtablshed locally between

'192.168.136.128 to 192.168.136.128')

[root@server Desktop]# netstat -ant | grep 21

tcp 0 0 0.0.0.0:21 0.0.0.0:*

LISTEN
tcp 0 0 192.168.136.128:49914 192.168.136.130:21
ESTABLISHED

(here, it showing connection is eshtablshed remotely between

'192.168.136.128 to 192.168.136.130')

TASK-1: You want that a user named 'ftpuser01' (created on ftp server), is
only user to login via ftp/lftp locally/remotely.

rest all users (including 'root') not allowed to login via ftp/lftp
locally or remotely.

For this u need to set 'userlist_enable=NO' in '/etc/vsftpd/vsftpd.conf'

file, and enter 'ftpuser01'

in '/etc/vsftpd/user-list' file, and enter rest users in

'etc/vsftpd/ftpusers' file.

-The user listed in '/etc/vsftpd/user-list' file will be allowed to

login.

-The user listed in '/etc/vsftpd/ftpusers' file will not be allowed to

login.

- restart the 'vsftpd' service, after alteration

# service vsftpd restart

[root@server ~]# ftp localhost

Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): saif -- user 'saif' not allowed lo login, as this
user is listed in '/etc/vsftpd/ftpusers' file.
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> quit
221 Goodbye.

[root@server ~]# ftp localhost (ftpuser01 paswd: admin)

Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): ftpuser01 -- user 'ftpuser01' allowed lo login, as
this user is listed in '/etc/vsftpd/user_list' file.
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

REMOTE DESK TOP:

________________

# rdesktop -a 16 -f <remote host ip> (not sucessfull)

packages required for remote desktop----

Installing : pcsc-lite-libs-1.5.2-13.el6_4.i686 1/6

Installing : ctapi-common-1.1-6.1.el6.i686 2/6
Installing : openct-0.6.19-4.el6.i686 3/6
Installing : pcsc-lite-1.5.2-13.el6_4.i686 4/6
Installing : pcsc-lite-openct-0.6.19-4.el6.i686 5/6
Installing : rdesktop-1.7.1-1.el6.i686 6/6

DNS SERVER CONFIGURATION:

________________________

PRIMARY DNS SERVER:

Primary DNS server tend to have writable copies of zones, whereas

secondary DNS server tend to have
read-only copies of zones due to replication of zones from
primary server.

TASK:
Define primary zone for: 'example.com' FQDN is 'server1.example.com'
IP DNS server is: 192.168.10.100

'/etc/named.conf' -define zone here.

'/var/named/example.com -create zone file with record here.

' service named restart/reload'

' dig @localhost www.example.com' or 'dig @localhost

server1.example.com'

-- do entries in following file first....

# system-config-network

--dns configuration

--hostname: server1.example.com
--primaary dns: 192.168.10.100

# vi /etc/hosts
192.168.10.100 server1.example.com

# vi /etc/resolve.conf

search example.com
nameserver 192.168.10.100

# vi /etc/sysconfig/network

networking=yes
hostname=server1.example.com

1- # vi /etc/named.rfc1912.zones --open this file and copy 'given part'

from here.......

zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

now edit the 'copied block' as below......

zone "example.com" IN {
type master; --------------------- 'master' this indicates that this is a
primary zone.
 file "example.com";
allow-update { none; };
};

2- # vi /etc/named.conf -- open this file

-------
-------
-------

include "/etc/named.rfc1912.zones"; ---just paste the 'obove created' zone

below to this line....

zone "example.com" IN {
type master;
file "example.com";
allow-update { none; };
};

3- # cd /var/named/

4- # cp -v named.localhost example.com -- copy the contents of

'named.localhost' to 'example.com'

5- # vi expample.com

$TTL 1D

@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1

--now modify this file as your requirements....

$TTL 1D

@ IN SOA example.com. dns-admin.example.com. (

25042020; serial (optional, here I have given
today date with year(25-04-2020))
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum

@ IN NS server1.example.com.

server1 IN A 192.168.10.100
 --- save the file

' service named /reload/restart' --- restart/reload the named service

' ps -ef | grep -i named -- chk the 'named' process is running or not

6- # cd /var/named/ && ll

--here is a ur file 'example.com', its owner is 'root', u need to

change its ownership from 'root' to 'named'

-rw-r-----. 1 root root 1892 Feb 18 2008 example.com

7- # chown root.named example.com && ll

-rw-r-----. 1 root named 1892 Feb 18 2008 example.com --changed (now

'named' has also 'read' permission )

' service named /reload/restart' --- restart/reload the named service

(this output should receive after restarting the service)

# ps -ef | grep -i named

named 3629 1 0 00:05 ? 00:00:00 /usr/sbin/named -u named
root 3643 3589 0 00:08 pts/1 00:00:00 grep -i named

8- # cd /var/named/

' tail data/named.run' -- run this command here, it will show that
zones creation is sucessfully done or failed.

(this output should get after running above command..)

# tail data/named.run
exiting
zone 0.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded
serial 0
zone example.com/IN: loaded serial 25042020
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
managed-keys-zone ./IN: loaded serial 13
running
zone example.com/IN: sending notifies (serial 25042020) -- here 'example.com'
sending notifications.
 ' dig @localhost server1.example.com' -- to trace the dns
configurations.

(this below output should receive when running above command.. )

# dig @localhost server1.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @localhost

server1.example.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45581
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;server1.example.com. IN A

ANSWER SECTION:
server1.example.com. 86400 IN A 192.168.10.100

;; AUTHORITY SECTION:
example.com. 86400 IN NS server1.example.com.

;; Query time: 1 msec

;; SERVER: ::1#53(::1)
;; WHEN: Sun Apr 26 00:20:17 2020
;; MSG SIZE rcvd: 67

' dig @192.168.10.100 server1.example.com' (change in below file,

before running this comman..)

-- # vi /etc/named.conf

options {
listen-on port 53 { 127.0.0.1; }; ----- here add ip
'192.168.10.100'
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; }; --------------------------------
here set 'localhost' to 'any'
recursion yes;

TASKS:

Adding 'CNAME' canonical name and 'MX' records to the file.....

(output before entering 'CNAME' canonical name)

# nslookup www.example.com
Server: ::1
 Address: ::1#53

** server can't find www.example.com: NXDOMAIN

9- # vi /var/named/example.com

$TTL 1D

@ IN SOA example.com. dns-admin.example.com. (

26042020; serial (optional,change the serial no.
to trace the changes (26-04-2020))
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum

@ IN NS server1.example.com.

IN MX 1 server1.example.com. -- adding 'MX' mail record.

server1 IN A 192.168.10.100 --- adding 'A' as

authrotative record

www IN CNAME server1.example.com. -- adding 'CNAME' (www) record.

--save the file and restart/reload the 'named' service

' service named restart/reload'

# cd /var/named/

' tail data/named.run' -- run this command here, it will show that
applied changes are sucessfully done or failed.

' dig @localhost server1.example.com MX' -- to trace the 'MX'

informations.

' dig @192.168.10.100 www.example.com' -- to trace the 'CNAME' info.

(output after entering 'CNAME' canpnical name)

# nslookup www.example.com
Server: ::1
Address: ::1#53

www.example.com canonical name = server1.example.com.

Name: server1.example.com
Address: 192.168.10.100
 TASK:

-- To make 'DNS' server 'server1.example.com' global/remotely access,

not limited to local only.

-- # vi /etc/named.conf

options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;

-- apply following modifications here.....

options {
listen-on port 53 { 192.168.10.100; }; -- eneter server ip add here.
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; ------------------------------ allow
query for any one.
recursion yes;

-- save the changes.

-- restart the named service.

CREATING DNS/BIND REVERSE ZONE:

______________________________

- reverse zone resolves IP-to-Name.

TASK:
-- creating a reverse zone for server 192.168.10.100.

1- # vi /etc/named.rfc1912.zones

---copy this (below) portion from here and paste in

'/etc/named.conf' file just below to ur primary/forward zone

zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
 2- # vi /etc/named.conf

include "/etc/named.rfc1912.zones";

---ur primary/forward zone....

zone "example.com" IN {
type master;
file "example.com";
allow-update { none; };
};

---paste here... just below to ur primary zone...

zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

---after pasting, modify this file as per ur requirements.....

zone "10.168.192.in-addr.arpa" IN {
type master;
file "192.168.10.zone";
allow-update { none; };
};

--after modifying save the file ,and 'restart/reload the named

service'.

3- # cd /var/named && ll

4- # cp -v named.localhost 192.168.10.zone -- copy the contents of

this file into '192.168.10.zone' file contains 'reverse zone'

5- # vi 192.168.10.zone

--modify the file as per ur requirements..

$TTL 1D
@ IN SOA server1.example.com. dns-admin.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum

10.168.192.in-addr-arpa. IN NS server1.example.com
 20 IN PTR server1.example.com.

6- # chown root.named 192.168.10.zone --changing ownership 'root' to

'named' for this file.

now reload/restart the 'named' service

' tail data/named.run' -- run this command here, it will show that
zones creation is sucessfully done or failed.

' dig @localhost 192.168.10.100' --to trace the dns server.

CONFIGURING DHCP SERVER:

_______________________

-- package 'dhcp' need to install

# yum -y install dhcp

# rpm -ql dhcp

TASK:

- copy '/usr/share/doc/dhcp*/dhcpd.conf.sample' file into

'/etc/dhcp/dhcpd.conf'

1- # cp -v /usr/share/doc/dhcp*/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

-- no edit the '/etc/dhcp/dhcpd.conf' file as per ur requirements....

# option definitions common to all supported networks...

#option domain-name "example.org";

option domain-name "example.com"; ---- eneter ur domain here

#option domain-name-servers ns1.example.org, ns2.example.org;

option domain-name-servers server1.example.com; --eneter ur dns

server (fqdn) or ip add of the server.

DHCP server to understand the network topology.

#subnet 10.152.187.0 netmask 255.255.255.0 { --comment these two

lines
#}
 # This is a very basic subnet declaration.

# Change the subnet for 'example.com' domain

subnet 192.168.10.0 netmask 255.255.255.0 { ---enter ur subnet

range here.
range 192.168.10.100 192.168.10.105; ---eneter ur excluded
ip addresses here.
option broadcast-address 192.168.10.255;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
---comment this line.
}

# This declaration allows BOOTP clients to get dynamic addresses,

---comment all lines here.
# which we don't really recommend.

#subnet 10.254.239.32 netmask 255.255.255.224 {

# range dynamic-bootp 10.254.239.40 10.254.239.60;
# option broadcast-address 10.254.239.31;
# option routers rtr-239-32-1.example.org;
#}

3- # service dhcpd start

4- # chkconfig dhcpd on

5- # chkconfig --list dhcpd

--configuring reservation (fixed ip add) for host 'client1'

(u nedd to edit this portion in '/etc/dhcpd/dhcp.conf' file)

host fantasia { --------------------- eneter here hostname eg.

'client1'
hardware ethernet 08:00:07:26:c0:a5; -------------------host's mac add.
fixed-address fantasia.fugue.com;
----------------------------------enter ip add u want to assign.
}

APACHE (WEB) SERVER CONFIGURATION:

_________________________________

-- httpd package need to install

-- /etc/httpd/conf/httpd.conf ---following editing required in this

file...............

#ServerAdmin root@localhost --unedited

ServerAdmin [email protected] --edited
 #ServerName www.example.com:80 --unedited
ServerName Server1.example.com -----edited

---save the file.

--- restart and reload the httpd service

#service httpd reload

#service httpd restart

--- now open web broser, type url 'http://server1.example.com' or

'www.example.com'

NETWORK FILE SHARING (NFS):

__________________________

--supports transparent remote file access.

--supports both TCP(default) and UDP ports.
--relies upon the RPC portmapper service.

--using NFS, any client can 'export/upload' files in mounted

folder present on server.

--need to install NFS (nfs-utils) package, if not available.

# rpm -qf 'which showmount'

# rpm -qa nfs-utils

# chkconfig --list nfs

# chkconfig --list rpcbind

# chkconfig nfs on

# service rpcbind start

# service nfs start/restart

# netstat -ntlp --to chk rpc port running status.

TASK:

--configuring NFS service.

1- # vi /etc/exports

(write here....)

/projectx *(rw) ---this dir will b available for export, to (*) 'all'
in (rw) 'read/write' mode.

-'save it'

2- # exportfs -v --to dump the currunt exports

3- # cat /etc/exports

/projectx *(rw) --it should be seen here.

4- # showmount --exports server1

Export list for server1: --it should be seen here.

/projectx *

5- # showmount server1

Hosts on server1: --it should be seen here.

# mount

nfsd on /proc/fs/nfsd type nfsd (rw) -- this should seen in '/ets/fstab'

file

# ls -dl /projectx/
drwxr-xr-x. 2 root root 4096 May 2 22:31 /projectx/ --assign full
permission to 'root' as group also,
otherwise clint can't upload data
in '/projectx' directory

# chmod 777 /projectx/

# ls -dl /projectx/
drwxrwxrwx. 2 root root 4096 May 2 22:31 /projectx/

CLIENT END:
--install 'nfs-utils' package if not installed

-- start rpcbind service

-- start nfs service

Mounting '/projectx' directory to remote system....

# mkdir /projectx --create a directory named 'projectx' on '/' on remote

host

# mount -t nfs server1.example.com:/projectx /projectx --it will mount

'projectx' dir. on '/projectx' dir on current remote machine.

# mount --to chk the currint mount position, 'projectx' should be mounted
and seen here.
 # showmount -e <server name or ip>

# showmount -e server1.example.com

Export list for server1.example.com: -- it should be seen here

/projectx *

# mount

nfsd on /proc/fs/nfsd type nfsd (rw) -- these lines should seen in

'/ets/fstab' file

server1.example.com:/projectx on /projectx type nfs

(rw,vers=4,addr=192.168.10.100,clientaddr=192.168.10.110)

# df -h

server1.example.com:/projectx 22G 15G 6.8G 68% /projectx --size of

mounted folder

# seq 1000 > projectx/nfs.txt --it will upload file named 'nfs.txt' in
'/projectx' directory, chk it on server.

SAMBA CLIENT:
_____________
(Used for file sahring with Windows envoirement)

1- Install 'samba-client' package

2- share any drive of windows machine

3- # smbclient -U administrator //192.168.136.129/c$ (windows machine ip

nd shared drive)

4- here enter the admin password of windows

5- it will be connected, use 'help' command to see list the usage commands

6- get <filename> - to get/download any file from windows (also can use
'mget')

7- put <filename> - to put/upload any file from linux to windows (can use
also 'mput')