I.K.

GUJRAL PUNJAB TECHNICAL UNIVERSITY, JALANDHAR

(A State University Established by Govt. of Punjab vide Punjab Act No. 1 of 1997)

SESSION:- 2021 – 2023

COURSE:- Master of computer application
SEMESTER: - 2nd Year:- 1st
SUBJECT:- : Linux System Administration Laboratory
SUBJECT CODE:- PGCA 1957
A
Laboratory File
On
Linux System Administration
Submitted
For
Master of Computer Application
At
Gian Jyoti Institute of Management and Technology.

PRACTICAL FILE
SUBMITTED TO:- SUBMITTED BY:-
Dr. Tarandeep Singh Ajit Kumar
SUBMISSION DATE:- 15/06/2022 ROLL NO.:- 2111914

Page 1 of 77
 -: INDEX :-
S. No. Practical Assignments (Java) Page No. Remarks
1. Installation of Linux operating system.
a. Partitioning drives
b. Configuring boot loader (GRUB/LILO)
c. Network configuration
d. Setting time zones
e. Creating password and user accounts
f. Installing and removing packages
g. Shutting down
2. Working with basic commands
3. Linux system administration
a. Becoming super user
b. Temporarily changing user identity with su
command
c. Using graphical administrative tools
d. Administrative commands
e. Administrative configuration files
4. Configuring NICs with Network Device
Configuration Utilities (ip and ifconfig)
5. Install and configuring a DNS Server with a domain
name of your choice.
6. Install and configuring DHCP server and client
7. Install and configuring Mail Server
8. Install and configuring Apache Web Server for
hosting websites
9. Securing a simple network with Linux firewall
(Netfilter/iptables)
10. Setting up Samba Server to share files and printers
with Windows-based and other operating systems

1. Installation of Linux operating system.

Page 2 of 77
 a. Partitioning drives.
b. Configuring boot loader (GRUB/LILO).
c. Network configuration.
d. Setting time zones.
e. Creating password and user accounts.
f. Installing and removing packages.
g. Shutting down.
Ans. Dual boot Linux on windows 10

 Partition a Hard Drive in Windows 10

1. Open the Windows Search Bar. This is the magnifying glass-shaped icon in the
bottom-left corner of your screen.
2. Then type “DISKMGMT.MSC” in the search bar and hit enter.

Page 3 of 77
3. Right-click on your main hard drive and select Shrink Volume. If you have more
than one drive, make sure to choose the one that says Primary Partition. This will
usually be labeled as the C: drive. 

4. Then choose how much you want to shrink your drive. It is recommended that
you set aside at least 20GB (20,000MB) for Linux.

5. Finally, click Shrink.

Once you have a designated space to install Linux, you’ll need to write a Linux Distro
onto a USB thumb drive or external drive 4GB or larger. 
Page 4 of 77
Make a Linux Bootable USB
1,Download a Linux distro in ISO format. An ISO file is a disk image. Some of
the top options are Ubuntu, Mint, or Fedora. They are free to download from each
distribution’s main website. For this article, we are using Ubuntu.

2.Insert the USB drive into your computer. You might be asked to format your
drive. This will erase all the data stored on your drive, so make sure to back up
your files before you begin.

3.Download Rufus. You can find the latest version of the application here.

4.Open Rufus and select your USB drive from the Device list. If you don’t
know which drive to use, eject all other drives until you only have one to choose
from.

5.Under Boot Selection, click the Select button and choose the ISO file you
downloaded earlier. Don’t change the other default settings.

Page 5 of 77
 6.Finally, click Start. If you get a pop-up message asking you to select a mode that you
want to use to write the image, choose ISO.

Then wait for Rufus to mount your ISO file onto your drive. This might take some time,
so be patient if the progress bar gets stuck.

Install Linux from USB

Now that you have your Linux distro on a USB, here’s how to

1.Insert a bootable Linux USB drive.

2.Click the start menu. This is the button in the lower-left corner of your screen that
looks like the Windows logo.

3.Then hold down the SHIFT key while clicking Restart. This will take you into the
Windows Recovery Environment.

Page 6 of 77
4.Then select Use a Device.

5.Find your device in the list. If you don’t see your drive, choose EFI USB Device,
then pick your drive from the next screen.

Page 7 of 77
6.Your computer will now boot Linux. If your computer reboots Windows, there was
either an issue with your drive, or you might have to change settings in your BIOS

7.Select Install Linux. Some distros also let you try out the OS before installing it here

8.Go through the installation process. This will differ depending on which distro you
are trying to install. These details might include your WiFi network, language, time
zone, keyboard layout, etc. You might also be required to create an account with a
username and password. Make sure to write down any details, as you will likely need
them in the future.

9. Choose the language you want to use for the installation process, then click Continue.

Page 8 of 77
10. You have a few options on the next screen. You can choose a Normal or a Minimal
installation. For most people, Normal installation is ideal. Advanced users may want to
do a Minimal install instead, which has fewer software applications installed by default.
In addition, you can choose to download updates and whether or not to include third-
party software and drivers. I recommend checking both of those boxes. When done,
click Continue.

11. The next screen asks whether you want to erase the disk or set up a dual-boot. Since
you're dual-booting, choose Install Ubuntu alongside Windows 10. Click Install Now.

Page 9 of 77
12. create the partition from Windows instead of leaving the space unallocated.

1. Create one root(/) drive

Page 10 of 77
 2.Create Swap space

Choose "swap area" from the "Use as" dropdown menu and hit the "OK" button. There
is one more partition to configure. That is the EFI partition. Scroll through the list and
find the FAT32 partition.

Page 11 of 77
On my machine, the "nvme0n1p1" is the EFI partition. Double click on it:

Make sure "EFI System Partition" is selected from the "Use as" dropdown menu. This is
the partition that'll contain your bootloader. Make sure you're not formatting this
partition. Hit the "OK" button.

Recheck the partition configuration once again and if everything looks fine, hit the
"Install Now" button.

Select your Time zone

After this you simply need to continue and give your login credentials (Username, Password)
and then the installation begins. After the installation completes you can shut down your
computer, remove the bootable USB drive and the next time turn on your machine you should
be presented by a grub window as shown below, letting you choose between Linux (Ubuntu,
1st Option) and Windows (Windows Boot Manager). And there you have your own dual
booted system.

Page 12 of 77
Fill out all the information as you see fit and hit the "Continue" button.

The installation process shouldn't take long. Back when I was a kid, I loved looking at
this slideshow.

Once the installation is done you can either continue testing or restart. If you choose to
restart, Ubuntu will instruct you to disconnect the USB drive and hit Enter.

Page 13 of 77
 2. Working with basic commands.
Ans. Basic Linux Commands:-

1. mkdir
The name says it all. The mkdir command in Linux is used to create a new directory or,
if you’re coming from Windows, a Folder.
Syntax:- mkdir folder name

Where “folder name” is the name of the folder you want to create.

2. echo
Echo is the simplest command in Linux. It is used to display text that is passed after the
space in the command.

Page 14 of 77
The echo command might seem useless, but it is used in debugging code and
determining the program’s state. If you know a little bit of programming, think of it as a
print statement that only outputs a string.

3. pwd
PWD stands for Print Working Directory. This gives us a quick way of finding out the
working directory path.

4. cd
Cd is an acronym for the change directory. As the name suggests, it is used to
temporarily change the directory you’re working in.

5. cp
The command cp is used to copy and paste a file to a directory specified as the second
argument.

Page 15 of 77
In the above command, “mca.txt” is the file that we copy to the directory
“/home/suraj/Downloads.”

6. mv
The mv command in Linux stands for “Move.” It is used to move files or directories
from one place to another. Consider a file “move.” To move it to the Downloads folder,
all we need to do is:

7. man
The manual page (man) command is like software documentation using which you can
know what a particular command does and how it works:

Page 16 of 77
8. ls
The ls command is used for listing the contents of a directory.

9. cat
The cat command is used to print or merge the content from the line where the first file
ends.

Page 17 of 77
10. rm
The rm command is used to remove files and directories. You’ll need both rm and -r
(recursive) to remove a directory.

Page 18 of 77
11. zip/unzip
Zip is used to create a new zip file, whereas Unzip is used to unzip zipped files. Here’s
how you you Zip and Unzip commands.

In the above command, newzipfile.zip is the name of the zipped file in which we’re
going to put the two text files file1.txt and file2.txt.

To extract all the files from a zipped file using the command

Replace “newzipfile” with the name of the zipped file you want to extract.

12. top
Similar to Windows Task Manager, top command shows you the list of running
processes and how much CPU is being used.

Page 19 of 77
13. history
The history command is used to display the commands that you’ve typed before.

Page 20 of 77
14. wc
The wc command is used to count the number of lines (-l), words (-w), bytes (-c), and
characters (m).

15. clear
As the name suggests, clear is used to clear the terminal screen.

Page 21 of 77
16. passwd
You guessed it right! The passwd command is used to change the password of the user
account. To use it, type passwd followed by the username.

17. chown
The chown command is used to transfer the ownership of files. Let’s assume there’s a
file named file1 and you’re user0. You want to transfer the ownership to user1.

18. apt
Apt stands for Advanced Packaging Tool. It is one of the most popular and powerful
package managers for Ubuntu/Debian. For starters, a package manager essentially
automates the process of installing and removing applications.

Page 22 of 77
19. reboot
The name says it all. Reboot command is used to reboot, shut down, or halt the system.

Page 23 of 77
20. chmod
The chmod command is used to change the read (-r), write (-w), and execute (-x)
instructions of a file. An example of chmod command would be:

The first number (7) in the above command represents the permissions that you’re
giving to the user i.e. Read, Write, and Execute.
The second digit (4) is the permissions given to the file itself, which, in this case, is
“Read Permissions only.”
The third and final digit (2) represents the permissions given to everyone who’s not a
part of the group.

3. Linux system administration.

a. Becoming super user.
b. Temporarily changing user identity with su command.
c. Using graphical administrative tools.
d. Administrative commands.
e. Administrative configuration files.

Ans. a. Becoming super user

Page 24 of 77
 Linux provides root account as superuser or Administrator. As root account has all
privileges to manage a system this may be a threat for misuse or error of administrators.
We generally use normal user accounts in daily operation and change to the superuser
with su  command

Root
Root exist all Linux systems and can not be deleted because of Linux privileges
administration logic. root user has special home directory located /root and other users
can not read write or execute in normal situation.

sudo su
This command asks for the current user’s password as opposed to root.

It’s essentially the same as just running su in the shell, save for one crucial difference.
Instead of telling the system to “switch users” directly, you’re telling it to run the “su”
command as root. When sudo su is run, “.profile,” “.bashrc” and “/etc/profile” will be
started, much like running su (or su root). If any command is run with sudo in front of it,
it is given root privileges.

Though there isn’t a large divergence between “sudo su” and “su,” sudo su is still a very
useful command for one important reason: When a user is running “su” to gain root access
on a system, they must know the root password. Root is given with sudo su by requesting
the current user’s password. This makes it possible to gain root without the root password
which increases security.

b. Temporarily changing user identity with su command

he su (short for substitute or switch user) utility allows you to run commands with
another user’s privileges, by default the root user.

Using su is the simplest way to switch to the administrative account in the current login
session. This is especially handy when the root user is not allowed to log in to the
system through ssh or using the GUI display manager.

How to Use the su Command

The general syntax for the su command is as follows:-

su [OPTIONS] [USER [ARGUMENT...]]

Page 25 of 77
Copy

When invoked without any option, the default behavior of su is to run an interactive
shell as root:
$su

You will be prompted to enter the root password, and if authenticated, the user running the
command temporarily becomes root.

To confirm that the user is changed, use the whoami command:-

c. Using graphical administrative tools

d. Administrative commands

1. Uptime Command

In Linux uptime command shows how long your system is running and the number of
users who are currently logged in and also displays the load average of a system for 1, 5,
and 15 minutes intervals.

Check Uptime Version

Uptime command don’t have other options other than uptime and version. It gives

information only in hours:mins:sec if it is less than 1 day.

2. W Command
The w command will display users currently logged in and their process along with
showing load averages, login name, tty name, remote host, login time, idle
time, JCPU, PCPU, command, and processes.
Page 26 of 77
Available Options
 -h : displays no header entries.
 -s : without JCPU and PCPU.
 -f : Removes from the field.
 -V : (upper letter) – Shows versions.
3. Users Command
Users command displays currently logged-in users. This command doesn’t have other
parameters other than help and version.

4. Who Command
who command simply returns the user name, date, time, and host information. who
command is similar to w command. Unlike the w command who doesn’t print what users are
doing. Let’s illustrate and see the difference between who and w commands

Page 27 of 77
Who command Options
 -b: Displays last system reboot date and time.
 -r: Shows current runlet.
 -a, –all: Displays all information cumulatively.
5. Whoami Command
In Linux, a whoami command is used to print the currently logged-in username into your
Linux system. If you are logged in as a root using sudo command “whoami” command
return root as the current user.

6. ls Command
ls command displays a list of files in a human-readable format.

Page 28 of 77
7. Crontab Command
List schedule jobs for current user with crontab command and -l option.

8. Less Command
less command allows quickly viewing the file. You can page up and down. Press ‘q‘ to
quit from less window.

Page 29 of 77
9. More Command
more command allows quickly view file and shows details in percentage. You can page
up and down. Press ‘q‘ to quit out from more window.

e. Administrative configuration files

Configuration files are another mainstay of Linux administration. Almost everything
you set up for your particular computer — user accounts, network addresses, or GUI
preferences — is stored in plain-text files. This has some advantages and some
disadvantages.

 HOME — All users store information in their home directories that directs how
their login accounts behave. Most configuration files in $HOME begin with a dot
(.), so they don't appear as a user's directory when you use a standard ls command
(you need to type ls -a to see them). There are dot files that define how each user's
shell behaves, the desktop look and feel , and options used with your text editor.
There are even files (such as .ssh/* and .rhosts) that configure network
permissions for each user.
 /etc — This directory contains most of the basic Linux system-configuration files.
The following /etc configuration files are of interest:
o adjtime — Holds to data to adjust the hardware clock (see
the hwclock man page).
o aliases — Can contain distribution lists used by the Linux mail service.
o bashrc — Sets system-wide defaults for bash shell users. (By default, it
sets the shell prompt to include current user name, host name, current
directory, and other values.)
Page 30 of 77
o cdrecord.conf — Contains defaults used for recording CDs.
o crontab — Sets cron environment and times for running automated tasks.
o csh.cshrc (or cshrc) — Sets system-wide defaults for csh (C shell) users.
o exports — Contains a list of local directories that are available to be shared
by remote computers using the Network File System (NFS).
o fdprm — Sets parameters for common floppy disk formats.
o fstab — Identifies the devices for common storage media (hard disk,
floppy, CD-ROM, etc.) and locations where they are mounted in the Linux
system. This is used by the mount command to choose which file systems
to mount.
o group — Identifies group names and group IDs (GIDs) that are defined on
the systems. Group permissions in Red Hat Linux are defined by the second
of three sets of rwx (read, write, execute) bits associated with each file and
directory.
o gshadow — Contains shadow passwords for groups.
o host.conf — Sets the locations in which domain names (e.g., redhat.com)
are searched for on TCP/IP networks (such as the Internet). By default, the
local hosts file is searched, then any nameserver entries in resolv.conf.
o hosts — Contains IP addresses and host names that you can reach from
your computer. (Usually this file is used just to store names of computers
on your LAN or small private network.)
o hosts.allow — Lists host computers that are allowed to use certain TCP/IP
services from the local computer.
o hosts.deny — Lists host computers that are not allowed to use certain
TCP/IP services from the local computer (doesn't exist by default).
o inittab — Contains information that defines which programs start and stop
when Red Hat Linux boots, shuts down, or goes into different states in
between. This is the most basic configuration file for starting Linux.
o issue — Contains the lines that are displayed when a terminal is ready to let
you log in to Red Hat Linux from a local terminal, or the console in text
mode.
o issue.net — Contains login lines that are displayed to users that try to log
in to the Linux system from a computer on the network using the telnet
service.
o lilo.conf — Sets Linux boot loader (lilo) parameters to boot the computer.
In particular, it lists information about bootable partitions on your
computer. (If you are using grub, which replaced lilo as the default boot
manager, the lilo.conf.anaconda file is available. You can copy that file
to lilo.conf to switch to LILO.)
o mail.rc — Sets system-wide parameters associated with using mail.

Page 31 of 77
o man.config — Used by the man command to determine the default path to
the location of man pages.
o modules.conf — Contains aliases and options related to loadable kernel
modules used by your computer.
o mtab — Contains a list of file systems that are currently mounted.
o mtools.conf — Contains settings used by DOS tools in Linux.
o named.conf — Contains DNS settings if you are running your own DNS
server.
o ntp.conf — Includes information needed to run the Network Time Protocol
(NTP).
o passwd — Stores account information for all valid users for the system.
Also includes other information, such as the home directory and default
shell.
o printcap — Contains definitions for the printers configured for your
computer.
o profile — Sets system-wide environment and start-up programs for all
users. This file is read when the user logs in.
o protocols — Sets protocol numbers and names for a variety of Internet
services.
o redhat-release — Contains a string identifying the current Red Hat release.
o resolv.conf — Identifies the locations of DNS name server computers that
are used by TCP/IP to translate Internet host.domain names into IP
addresses.
o rpc — Defines remote procedure call names and numbers.
o services — Defines TCP/IP services and their port assignments.
o shadow — Contains encrypted passwords for users that are defined in
the passwd file. (This is viewed as a more secure way to store passwords
than the original encrypted password in the passwd file. The passwd file
needs to be publicly readable, whereas the shadow file can be unreadable
by all but the root user.)
o shells — Lists the shell command-line interpreters (bash, sh, csh, etc.) that
are available on the system, as well as their locations.
o sudoers — Sets commands that can be run by users, who may not
otherwise have permission to run the command, using the sudo command.
In particular, this file is used to provide selected users with root permission.
o syslog.conf — Defines what logging messages are gathered by the syslogd
daemon and what files they are stored in. (Typically, log messages are
stored in files contained in the /var/log directory.)
o termcap — Lists definitions for character terminals, so that character-
based applications know what features are supported by a given terminal.
Graphical terminals and applications have made this file obsolete to most
Page 32 of 77
 people. (Termcap was the BSD UNIX way of storing terminal information;
UNIX System V used definitions in /usr/share/terminfo files.)
o xinetd.conf — Contains simple configuration information used by
the xinetd daemon process. This file mostly points to
the /etc/xinetd.d directory for information about individual services
(described later).

4. Configuring NICs with Network Device Configuration Utilities (ip

and ifconfig).
Ans. 1. View All Network Interface Settings

The “ifconfig” command with no arguments will display all the active interfaces details.
The ifconfig command is also used to check the assigned IP address of a server.

[root@tecmint ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:0B:CD:1C:18:5A

inet addr:172.16.25.126 Bcast:172.16.25.63 Mask:255.255.255.224

Page 33 of 77
 inet6 addr: fe80::20b:cdff:fe1c:185a/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:2341604 errors:0 dropped:0 overruns:0 frame:0

TX packets:2217673 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:293460932 (279.8 MiB) TX bytes:1042006549 (993.7 MiB)

Interrupt:185 Memory:f7fe0000-f7ff0000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:5019066 errors:0 dropped:0 overruns:0 frame:0

TX packets:5019066 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:2174522634 (2.0 GiB) TX bytes:2174522634 (2.0 GiB)

Page 34 of 77
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-
00-00

inet addr:10.1.1.1 P-t-P:10.1.1.2 Mask:255.255.255.255

UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

2. Display Information of All Network Interfaces

The following ifconfig command with the -a argument will display information of all

active or inactive network interfaces on the server. It displays the results
for eth0, lo, sit0 and tun0.

[root@tecmint ~]# ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:0B:CD:1C:18:5A

inet addr:172.16.25.126 Bcast:172.16.25.63 Mask:255.255.255.224

inet6 addr: fe80::20b:cdff:fe1c:185a/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

Page 35 of 77
 RX packets:2344927 errors:0 dropped:0 overruns:0 frame:0

TX packets:2220777 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:293839516 (280.2 MiB) TX bytes:1043722206 (995.3 MiB)

Interrupt:185 Memory:f7fe0000-f7ff0000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:5022927 errors:0 dropped:0 overruns:0 frame:0

TX packets:5022927 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:2175739488 (2.0 GiB) TX bytes:2175739488 (2.0 GiB)

sit0 Link encap:IPv6-in-IPv4

NOARP MTU:1480 Metric:1

Page 36 of 77
 RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-

00-00

inet addr:10.1.1.1 P-t-P:10.1.1.2 Mask:255.255.255.255

UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

3. View Network Settings of Specific Interface

Using interface name (eth0) as an argument with the “ifconfig” command will display
details of the specific network interface.

[root@tecmint ~]# ifconfig eth0

Page 37 of 77
eth0 Link encap:Ethernet HWaddr 00:0B:CD:1C:18:5A

inet addr:172.16.25.126 Bcast:172.16.25.63 Mask:255.255.255.224

inet6 addr: fe80::20b:cdff:fe1c:185a/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:2345583 errors:0 dropped:0 overruns:0 frame:0

TX packets:2221421 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:293912265 (280.2 MiB) TX bytes:1044100408 (995.7 MiB)

Interrupt:185 Memory:f7fe0000-f7ff0000

4. How to Enable a Network Interface

The “up” or “ifup” flag with interface name (eth0) activates a network interface if it is
not inactive state and allowing to send and receive information. For example, “ifconfig
eth0 up” or “ifup eth0” will activate the eth0 interface.

[root@tecmint ~]# ifconfig eth0 up

OR

[root@tecmint ~]# ifup eth0

Page 38 of 77
5. How to Disable a Network Interface

The “down” or “ifdown” flag with interface name (eth0) deactivates the specified
network interface. For example, the “ifconfig eth0 down” or “ifdown eth0” command
deactivates the eth0 interface if it is in an inactive state.

[root@tecmint ~]# ifconfig eth0 down

OR

[root@tecmint ~]# ifdown eth0

6. How to Assign an IP Address to Network Interface

To assign an IP address to a specific interface, use the following command with an

interface name (eth0) and ip address that you want to set. For example, “ifconfig eth0
172.16.25.125” will set the IP address to interface eth0.

[root@tecmint ~]# ifconfig eth0 172.16.25.125

[ You might also like: How to Configure IP Network with ‘nmtui’ Tool ]

7. How to Assign a Netmask to Network Interface

Using the “ifconfig” command with the “netmask” argument and interface name as
(eth0) allows you to define a netmask to a given interface. For example, “ifconfig eth0
netmask 255.255.255.224” will set the network mask to a given interface eth0.

[root@tecmint ~]# ifconfig eth0 netmask 255.255.255.224

Page 39 of 77
8. How to Assign a Broadcast to Network Interface

Using the “broadcast” argument with an interface name will set the broadcast address
for the given interface. For example, the “ifconfig eth0 broadcast 172.16.25.63”
command sets the broadcast address to an interface eth0.

[root@tecmint ~]# ifconfig eth0 broadcast 172.16.25.63

9. How to Assign an IP, Netmask, and Broadcast to Network Interface

To assign an IP address, Netmask address, and Broadcast address all at once using the
“ifconfig” command with all arguments as given below.

[root@tecmint ~]# ifconfig eth0 172.16.25.125 netmask 255.255.255.224 broadcast

172.16.25.63

10. How to Change MTU for a Network Interface

The “mtu” argument sets the maximum transmission unit to an interface.

The MTU allows you to set the limit size of packets that are transmitted on an interface.
The MTU is able to handle a maximum number of octets to an interface in one single
transaction.
For example, “ifconfig eth0 mtu 1000” will set the maximum transmission unit to a
given set (i.e. 1000). Not all network interfaces support MTU settings.

[root@tecmint ~]# ifconfig eth0 mtu 1000

11. How to Enable Promiscuous Mode

What happens in normal mode, when a packet is received by a network card, it verifies
that it belongs to itself. If not, it drops the packet normally, but in the promiscuous mode
is used to accept all the packets that flow through the network card.

Page 40 of 77
Today’s network tools use the promiscuous mode to capture and analyze the packets that
flow through the network interface. To set the promiscuous mode, use the following
command.

[root@tecmint ~]# ifconfig eth0 promisc

12. How to Disable Promiscuous Mode

To disable promiscuous mode, use the “-promisc” switch that drops back the network
interface in normal mode.

[root@tecmint ~]# ifconfig eth0 -promisc

13. How to Add New Alias to Network Interface

The ifconfig utility allows you to configure additional network interfaces using

the alias feature. To add the alias network interface of eth0, use the following
command. Please note that the alias network address is in the same subnet mask. For
example, if your eth0 network ip address is 172.16.25.125, then the alias ip address
must be 172.16.25.127.

[root@tecmint ~]# ifconfig eth0:0 172.16.25.127

Next, verify the newly created alias network interface address, by using the “ifconfig
eth0:0” command.

[root@tecmint ~]# ifconfig eth0:0

eth0:0 Link encap:Ethernet HWaddr 00:01:6C:99:14:68

Page 41 of 77
 inet addr:172.16.25.123 Bcast:172.16.25.63 Mask:255.255.255.240

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

Interrupt:17

14. How to Remove Alias to Network Interface

If you no longer required an alias network interface or you incorrectly configured it, you
can remove it by using the following command.

[root@tecmint ~]# ifconfig eth0:0 down

15. How to Change the MAC address of Network Interface

To change the MAC (Media Access Control) address of an eth0 network interface, use

the following command with the argument “hw ether“. For example, see below.

[root@tecmint ~]# ifconfig eth0 hw ether AA:BB:CC:DD:EE:FF

These are the most useful commands for configuring network interfaces in Linux, for
more information and usage of the ifconfig command use the manpages like “man
ifconfig” at the terminal. Check out some other networking utilities below.
5. Install and configuring a DNS Server with a domain name of your
choice.

Ans. 1. Network Information

We’ll use “thegeekstuff.net” domain as an example for this DNS installation. “mail”, “web”, “ns” are
the hosts that resides within this domain.

It is possible to configure a single system to act as a caching name server, primary/master and
secondary/slave. We will configure this DNS as a Primay/Master as well as Caching DNS server.

Page 42 of 77
We’ll be installing DNS server on “10.42.0.83”.

2. Install Bind
Install the bind9 package using the appropriate package management utilities for your Linux
distributions.

On Debian/Ubuntu flavors, do the following:

$ sudo apt-get install bind9

All the DNS configurations are stored under /etc/bind directory. The primary configuration is
/etc/bind/named.conf which will include other needed files. The file named /etc/bind/db.root describes the root
nameservers in the world.

3. Configure Cache NameServer

The job of a DNS caching server is to query other DNS servers and cache the response. Next time
when the same query is given, it will provide the response from the cache. The cache will be updated
periodically.

Please note that even though you can configure bind to work as a Primary and as a Caching server, it is
not advised to do so for security reasons. Having a separate caching server is advisable.

All we have to do to configure a Cache NameServer is to add your ISP (Internet Service Provider)’s
DNS server or any OpenDNS server to the file /etc/bind/named.conf.options. For Example, we will use
google’s public DNS servers, 8.8.8.8 and 8.8.4.4.
Page 43 of 77
Uncomment and edit the following line as shown below in /etc/bind/named.conf.options file.

forwarders {

8.8.8.8;

8.8.4.4;

};

After the above change, restart the DNS server.

$ sudo service bind9 restart

4. Test the Cache NameServer

You can use the dig command to test DNS services. DIG command examples explains more about how
to perform DNS lookups.

$ dig ubuntu.com

;; Query time: 1323 msec

Now when the second time you execute the dig, there should be an improvement in the Query time. As you see
below, it took only 3 msec the second time, as it is getting the info from our caching DNS server.

$ dig ubuntu.com

;; Query time: 3 msec

5. Configure Primary/Master Nameserver

Next, we will configure bind9 to be the Primary/Master for the domain/zone “thegeekstuff.net”.

Page 44 of 77
As a first step in configuring our Primary/Master Nameserver, we should add Forward and Reverse
resolution to bind9.

To add a DNS Forward and Reverse resolution to bind9, edit /etc/bind9/named.conf.local.

zone "thegeekstuff.net" {

type master;

file "/etc/bind/db.thegeekstuff.net";

};

zone "0.42.10.in-addr.arpa" {

type master;

notify no;

file "/etc/bind/db.10";

};

Now the file /etc/bind/db.thegeekstuff.net will have the details for resolving hostname to IP address for this
domain/zone, and the file /etc/bind/db.10 will have the details for resolving IP address to hostname.

6. Build the Forward Resolution for Primary/Master NameServer

Now we will add the details which is necessary for forward resolution into
/etc/bind/db.thegeekstuff.net.

First, copy /etc/bind/db.local to /etc/bind/db.thegeekstuff.net

$ sudo cp /etc/bind/db.local /etc/bind/db.thegeekstuff.net

Next, edit the /etc/bind/db.thegeekstuff.net and replace the following.

1. In the line which has SOA: localhost. – This is the FQDN of the server in charge for this domain.
I’ve installed bind9 in 10.42.0.83, whose hostname is “ns”. So replace the “localhost.” with
“ns.thegeekstuff.net.”. Make sure it end’s with a dot(.).
Page 45 of 77
2. In the line which has SOA: root.localhost. – This is the E-Mail address of the person who is
responsible for this server. Use dot(.) instead of @. I’ve replaced with lak.localhost.
3. In the line which has NS: localhost. – This is defining the Name server for the domain (NS). We
have to change this to the fully qualified domain name of the name server. Change it to
“ns.thegeekstuff.net.”. Make sure you have a “.” at the end.
Next, define the A record and MX record for the domain. A record is the one which maps hostname to
IP address, and MX record will tell the mailserver to use for this domain.

Once the changes are done, the /etc/bind/db.thegeekstuff.net file will look like the following:

$TTL 604800

@ IN SOA ns.thegeekstuff.net. lak.localhost. (

1024 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800 ) ; Negative Cache TTL

@ IN NS ns.thegeekstuff.net.

thegeekstuff.net. IN MX 10 mail.thegeekstuff.net.

ns IN A 10.42.0.83

web IN A 10.42.0.80

mail IN A 10.42.0.70

6. Build the Reverse Resolution for Primary/Master NameServer

We will add the details which are necessary for reverse resolution to the file /etc/bind/db.10. Copy the
file /etc/bind/db.127 to /etc/bind/db.10

Page 46 of 77
$ sudo cp /etc/bind/db.127 /etc/bind/db.10

Next, edit the /etc/bind/db.10 file, and basically changing the same options as /etc/bind/db.thegeekstuff.net

$TTL 604800

@ IN SOA ns.thegeekstuff.net. root.localhost. (

20 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800 ) ; Negative Cache TTL

@ IN NS ns.

Next, for each A record in /etc/bind/db.thegeekstuff.net, add a PTR record.

$TTL 604800

@ IN SOA ns.thegeekstuff.net. root.thegeekstuff.net. (

20 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800 ) ; Negative Cache TTL

Page 47 of 77
@ IN NS ns.

83 IN PTR ns.thegeekstuff.net.

70 IN PTR mail.thegeekstuff.net.

80 IN PTR web.thegeekstuff.net.

Whenever you are modifying the file db.thegeekstuff.net and db.10, you need to increment the “Serial”
number as well. Typically admin uses DDMMYYSS for serial numbers and when they modify, the
change the serial number appropriately.

Finally, restart the bind9 service:

$ sudo service bind9 restart

7. Test the DNS server

Now we have configured the DNS server for our domain. We will test our DNS server by pinging
mail.thegeekstuff.net from web.thegeekstuff.net.

If the ping is success, then we have configured the DNS successfully.

You can also use nslookup and dig to test DNS servers.

On web.thegeekstuff.net server, add the following to /etc/resolv.conf

nameserver 10.42.0.83

Now ping, mail.thegeekstuff.net, which should resolve the address appropriately from the DNS server that we
just configured.

$ ping mail.thegeekstuff.net

PING mail.thegeekstuff.net (10.42.0.70) 56(84) bytes of data.

64 bytes from mail.thegeekstuff.net (10.42.0.70): icmp_req=1 ttl=64 time=0.482 ms

Page 48 of 77
64 bytes from mail.thegeekstuff.net (10.42.0.70): icmp_req=2 ttl=64 time=0.532 ms

6. Install and configuring DHCP server and client.

Ans. DHCP (short for Dynamic Host Configuration Protocol) is a client/server protocol
that enables a server to automatically assign an IP address and other related configuration
parameters (such as the subnet mask and default gateway) to a client on a network.

Installing DHCP Server in CentOS and Ubuntu

The DCHP server package is available in the official repositories of mainstream Linux
distributions, installing is quite easy, simply run the following command.

Page 49 of 77
Once the installation is complete, configure the interface on which you want
the DHCP daemon to serve requests in the configuration file /etc/default/isc-dhcp-
server or /etc/sysconfig/dhcpd.

For example, if you want the DHCPD daemon to listen on eth0, set it using the following
directive.

Save the file and exit.

Configuring DHCP Server in CentOS and Ubuntu

The main DHCP configuration file is located at /etc/dhcp/dhcpd.conf, which should contain settings
of what to do, where to do something and all network parameters to provide to the clients.
This file basically consists of a list of statements grouped into two broad categories:

 Global parameters: specify how to carry out a task, whether to carry out a task, or what
network configuration parameters to provide to the DHCP client.
 Declarations: define the network topology, state a clients is in, offer addresses for the
clients, or apply a group of parameters to a group of declarations.
Now, open and edit the configuration file to configure your DHCP server.

Start by defining the global parameters which are common to all supported networks, at the
top of the file. They will apply to all the declarations:
Page 50 of 77
Next, you need to define a sub-network for an internal subnet i.e 192.168.1.0/24 as shown

Note that hosts which require special configuration options can be listed in host
statements (see the dhcpd.conf man page).
Now that you have configured your DHCP server daemon, you need to start the service for the
mean time and enable it to start automatically from the next system boot, and check if its up
and running using following commands.

Page 51 of 77
Next, permit requests to the DHCP daemon on Firewall, which listens on port 67/UDP, by
running.

Configuring DHCP Clients

Finally, you need to test if the DHCP server is working fine. Logon to a few client machines
on the network and configure them to automatically receive IP addresses from the server.
Modify the appropriate configuration file for the interface on which the clients will auto-
receive IP addresses.

DHCP Client Setup on Ubuntu

On Ubuntu 16.04, you can configure all interface in the config file /etc/network/interfaces.

Add these lines in it:

Save the file and restart network services (or reboot the system).

On Ubuntu 18.04, networking is controlled by the Netplan program. You need to edit the
appropriate file under the directory /etc/netplan/, for example.

Page 52 of 77
Then enable dhcp4 under a specific interface for example under ethernets, ens0, and comment
out static IP related configs:

Save the changes and run the following command to effect the changes.

For more information, see the dhcpd and dhcpd.conf man pages.

7. Install and configuring Mail Server.

Ans. Configuring the DNS Server for An Ubuntu Mail Server:

1. Log In and Update Your Server

Log into your server using SSH. If you’re having trouble, check out our  PuTTY
tutorial! After logging in, you should update your machine using the following
command:-

->apt-get update

Page 53 of 77
2. Install Bind
To configure a DNS server that will use Postfix we’ll need an additional tool – Bind.
Let’s install it first:

->sudo apt install bind9

3. Configure /var/cache/db.test
At this point, we must take into account that the IP address of our Ubuntu 18.04
machine is 192.168.250.7, it is necessary to replace it with the IP address where we
will perform the installation. For this example we’ll use mail.test.com as a FQDNS.
So, now it is necessary to create a new zone for our example. To do this, create a
new file with the zone information.

->sudo nano /var/cache/bind/db.test

Then, add the following:-

$ORIGIN test.com.
$TTL 1D
@ IN SOA ns1 root
(
1 ;serial
1D ;refresh
2H ;retry
2W ;expire
5H ;minimum
);

@ IN NS ns1
ns1 IN A 192.168.250.7
mail IN A 192.168.250.7
@ IN MX 5 mail

Remember, we must replace the IP address with that of your server, and change the
domain to the one you wish to use. Press CTRL+O to save the changes
and CTRL+X to close the nano editor.

Page 54 of 77
4. Add New Zone to Bind Configuration
Before enabling the newly created zone it is necessary to check the configuration of
the file.

->sudo named-checkzone test.com. /var/cache/bind/db.test

Now we can add our new zone to the Bind zone configuration file. To do this, run
the following command:

-> sudo nano /etc/bind/named.conf.default-zones

And add the new zone:-

zone "test.com."
{
type master;
file "db.test";
};

Again, CTRL+O to save the changes and CTRL+X to close it.

5. Configure /etc/bind/named.conf.options
Now, in the file /etc/bind/named.conf.options it is necessary to uncomment the
forwarders line and include the Google DNS – 8.8.8.8. For that simply remove
the // symbols as shown in the screenshot below.

-> sudo nano /etc/bind/named.conf.options

Page 55 of 77
6. Restart Bind
Now, we have to restart the bind9 service. You can do it with one of two commands:

-> sudo systemctl reload bind9

or

-> sudo systemctl restart bind9

Now,Setup Mail Server on Ubuntu 18.04

We’re almost there, your Ubuntu email server is ready to come online. Here’s

what you should do:

1.Install Postfix Email Server

Page 56 of 77
Now it is time to install Postfix. Postfix is an email server written in C. Its main feature

is the speed of execution and open source nature. Install it with the following command:

-> sudo apt install postfix

During installation, we will be asked to configure the package. On the first screen,

choose the option Internet Site.

Then, we have to enter the name of the server. In this case test.com.

Postfix is very flexible and allows extensive configuration, but for this tutorial we’ll fix

with the default configuration.

2. Add User

Then, we have to add our user to the group mail:

-> sudo usermod -aG mail $(whoami)

This must be done because in Ubuntu 18.04 only users who are in the mail group can

make use of this utility.

-> sudo useradd -m -G mail -s /bin/bash/ gabriel

Page 57 of 77
After that, we have to create the users and add them to the mail group so they can send

and receive mail. I’ll add Gabriel:

Then, we need to set a password to the newly created user:

-> sudo passwd gabriel

Test the Ubuntu Mail Server

Now to prove what we just did. We will send and receive an email from the terminal. To

do this, we will install the mailutils package:

-> sudo apt install mailutils

Next, we send an email to the other email account user named gabriel. Type in the

subject and the message. After that, press CTRL+D to finish. To start writing an email

enter the following command:

-> mail [email protected]

Now we can log into another user and check the mail utility.

There, after running the mail command, we will see the email we just sent to the other

test user. To access the email just write the number of the mail, in this case, 1.
Page 58 of 77
To test outbound emails from this user, just try another email address:

-> mail [email protected]

8. Install and configuring Apache Web Server for hosting websites.

Ans. Apache is the most powerful, flexible, and widely-used open-source software that
serves web content over the internet. The server works as a delivery man by serving
content available as HTML files when the client makes any request with the website
domain.

Most importantly, web servers, including Apache, support multiple operating systems
like Linux, Windows, Solaris, macOS, etc. Hence, you can easily turn a computer into a
server hosting multiple websites.

The Apache HTTP server allows loading modules with extensive support for software
and application integration. This article details the installation and configuration of an
Apache HTTP server in Linux.

Step 1: Install Apache Server on Linux

Before beginning with the Apache installation, you must update the Linux package
database from the official repositories. It is a necessary step that helps avoid any security
loopholes and includes the latest features to the packages.

Update the system repository list and install Apache using the following commands:

To install Apache on Arch Linux, run:

Page 59 of 77
Step 2: Verify Apache Service Status

On Debian-based distributions, the Apache service starts automatically. You can go to the browser and
enter your local IP address to access the server's landing page. If you are unsure about your server's
address, run the hostname -i command to print the details.

Output:

The page confirms successful installation.

Page 60 of 77
Alternatively, run the following command to verify the installation:

Step 3: Configure Firewall to Allow Apache Server Access

Another mandatory step in Apache configuration is enabling the UFW firewall in Linux
to accept or allow traffic to access the server via default port 80. During installation, the
service registers with the firewall with some application profiles. The list of application
profiles helps you to enable/disable Apache access.

Use the following command to list all Apache application profiles:

Page 61 of 77
Output:

The available profiles represent:

Apache: Only opens port 80 to enable unencrypted communication over the internet

Apache Full: Opens both ports 80 and 443 for unencrypted and secure communication

Apache Secure: Enables secure server access via HTTPS by allowing traffic on port 443

Since we don't have SSL/TLS enabled for the server, we will allow UFW access on only
port 80 as follows:

Now check the firewall status by running

Page 62 of 77
 9. Securing a simple network with Linux firewall (Netfilter/iptables).
Ans. The firewall is going to be configured using a [bash] shell script. The first thing I
want to do is define some of the things I will use repeatedly:

This will let me use names for the various network elements and be able to change things
easily in the future.

Page 63 of 77
Each chain is used waterfall style. A packet is tested against each rule in turn and processed
according to any matching rule. Each chain has a rule of last resort called the “policy”. We
start then with fairly restrictive policies:

This sets the policy for the three chains in the filter table to drop all packets. Note that the
table isn’t specified. iptables defaults to the filter table when none is specified.
Next we want to remove any existing rules from the tables:

The first three statements flush all the rules from the nat, mangle and filter tables
respectively. The last statement removes all user-defined chains.

Routing
The firewall I’m building here is also going to be a translating router. The IP stack on Linux
can act as a router and it can be enabled quite simply:

Forwarding Rules
Since we are going to use the host as a router we’ll start with the forwarding rules. We trust
the private network so we want to allow all routed traffic from it:

This accepts for forwarding, traffic inbound on the private interface and outbound on the
public interface. This isn’t enough though. The filtering is performed on a per-packet basis.
We need to allow the traffic back from the public interface to the private. We can’t allow
everything though. NetFilter is aware of sessions so we can specify that traffic for pre-
existing sessions is permitted:

Page 64 of 77
This adds a rule to the filter table’s forwarding chain. The rule applies to traffic inbound on
the public interface and outbound on the private interface. The rule loads the NetFilter
“state” module and restricts the rule to operating on packets in the established session state
and in the related session state. Matching packets are accepted for routing. The “related”
session state is for cases where there is a secondary channel that is associated with the
permitted outbound session, e.g. the data connection on a ftp session.

The Firewall Can Be Trusted

Well, if we didn’t trust the firewall we shouldn’t be using it as a firewall. The firewall needs
to be able to access other networks.
First we’ll deal with the the loopback (lo) interface. We can just allow everything to and
from it:

The rules should explain themselves but we can see that the first accepts traffic in the input
chain of the filter table where the traffic is arriving at the lo interface. The second accepts
traffic in the output chain of the filter table where the traffic is being output on the lo
interface.
Equally, we want to allow the firewall to communicate with hosts on the private network:

The first causes the firewall to accept incoming traffic on the private interface that has a
source on the private network. The second causes the firewall to permit outgoing traffic on
the private interface that has a destination on the private network.
We can’t use the same rules on the public interface because they would allow any traffic to
connect to the firewall. On the other hand, we want the firewall to have unrestricted access
to public networks:

Page 65 of 77
 10. Setting up Samba Server to share files and printers with
Windows-based and other operating systems

Ans. Step 1:- Installing Samba

 To install Samba, we run:

sudo apt update

sudo apt install samba

Page 66 of 77
 We can check if the installation was successful by running:

whereis samba

The following should be its output:-

samba: /usr/sbin/samba /usr/lib/samba /etc/samba /usr/share/samba

/usr/share/man/man7/samba.7.gz /usr/share/man/man8/samba.8.gz

Step 2:- Setting up Samba

 Now that Samba is installed, we need to create a directory for it to share:

mkdir /home/<username>/sambashare/
Page 67 of 77
  sudo systemctl start smbd nmbd
Once started smbd will be listening on TCP port 139 and 445.nmbd will be
listening on UPD port 137 an 138.
 TCp 139: used for file and printer sharing and other operations.
 TCP 445 : the NetBIOS-less CIFS port.
 UDP 137 : used for NetBIOS network brosing.
 UDP 138 : used for NetBIOS name service.

If you have enabled the UFW firewall on Ubuntu,then you need to open the above
ports in the firewall with the command.
 sudo ufw allow samba

Step3 :- Create a private samba share

Create a private samba share that requires the client to enter username and password
in order to gain access. The main samba configuration file is located at:
/etc/samba/smb.conf.You can edit it in terminal with a command line text editor like
nano.

 Sudo nano /etc/samba/smb.conf

In the [global] section make sure the value of workgroup is the same with the
workgroup settings of window computers.

Workgroup = WORKGROUP

Page 68 of 77
You can find the settings on your windows computer by going to control panel > system
and security > system

Then scroll down to the bottom of the file.(In nano text editor,you can achieve that by
pressing ctrl+W then ctrl+v.)Add a new section like below.

[Private]

comment = needs username and password to access

path = /srv/samba/private/
browseable = yes
guest ok = no
writable = yes
valid users = @samba

Save and close the file. (To save the file in nano text editor, press Ctrl+O, then press
Enter to confirm the file name to write. To close the file, press Ctrl+X.) Now we need to
create a Samba user. First, we need to create a standard Linux user account with the
following command. Replace username with your desired username.7

 sudo adduser username

You will be prompted to set an Unix password. After that, you also need to set a
separate Samba password for the new user with the following command:

Page 69 of 77
  sudo smbpasswd -a username

Create the samba group.

 sudo groupadd samba

And add this user to the samba group.

 sudo gpasswd -a username samba

Create the private share folder.

 sudo mkdir -p /srv/samba/private/

The samba group needs to have read, write and execute permission on the shared folder.
You can grant these permissions by executing the following command. (If your system
doesn’t have the setfacl command, you need to install the acl package with sudo apt
install acl.)

 sudo setfacl -R -m "g:samba:rwx" /srv/samba/private/

Next, run the following command to check if there’s syntactic errors.

 testparm

Now all left to do is to restart smbd and nmbd daemon.

 sudo systemctl restart smbd nmbd

Step4 :- Accessing samba shared folder from windows

On a Windows computer that is in the same network, open File Explorer and
click Network on the left pane.  If you see the following message, then you need to click
on the message and turn on network discovery and file sharing.

File sharing is turned off. Some network computers and devices might not be visible.

Next, enter \\ followed by the IP address of Samba server in the address bar of File
Explorer, like this: \\192.168.0.102. You will see a list of shared resources on the Samba
server.

Page 70 of 77
Then double-click the shared folder. To access the private share, you need to enter the
samba username and password. You don’t need to do so to access public share.

Page 71 of 77
Step5 :- Connecting Error

If you get the following error:

You do not have permission to access \\hostname\share-name. Contact your network

administrator to request access.

You can try connecting to the Samba share from the command prompt. Open up a
command prompt, then run the following command to close current Samba session.

net use \\samba-server-ip\share-name /delete

Next, connect to the Samba share with the following command:

net use \\samba-server-ip\share-name /user:samba-username password

Once the above command completed successfully, go to the Network tab in File
Explorer and now you should be able to access the Samba share.

Step6 :- Drive mapping on windows

Page 72 of 77
One feature of the Windows operating system is the capability to map a drive letter
(such as S:) to a remote directory. To map the drive letter s: to the Samba share, right-
click the Samba shared folder and select Map network drive. Then choose a drive letter
and click Finish.

Once the drive mapping is established, applications can access the files in the Samba
share through the drive letter s: And this Samba share will be automatically mounted
when you log in to your Windows computer.

Step7 :- Accessing samba share folder in nautilus file manager on linux

If you are using Nautilus file manager, then click other locaions on the left pane. On the
bottom, you will see an option to connect to server. To access your Samba share, type
in smb : // followed by the IP address of the Samba server and press Enter. For example:

 smb://192.168.0.102

Page 73 of 77
You will see a list of shared resources on the Samba server.

If you click the private shared folder, then you will need to enter the Samba username
and password. If you click the public shared folder, then choose to connect as
Anonymous.

Page 74 of 77
If you see the following error message,

failed to retrieve share list from server

You can try fixing this error by mounting the Samba share from the command line,
which is discussed below.

Step8 :- Automatically Mount Samba Share From Command Line on Linux

 sudo dnf install cifs-utils

If you need to automatically mount the Samba share at boot time, you can use the
command line to mount and then add an entry in the /etc/fstab file. In order to do that,
you need to install the cifs-utils package.

CentOS/RHEL

Page 75 of 77
Debian/Ubuntu

 sudo apt install cifs-utils

Then create a mount point for the Samba share.

 sudo mkdir /mnt/samba-private

Now you can use the following command to mount a private shared folder.

 sudo mount -t cifs -o username=your_samba_username

//192.168.0.102/private /mnt/samba-private/

It will ask you to enter the Samba password. After that, it will be mounted
at /mnt/samba-private/ directory.

To automatically mount the Samba share, edit /etc/fstab file.

 sudo nano /etc/fstab

Add the following line in the file.

 //192.168.0.102/private /mnt/samba-private cifs x-

systemd.automount,_netdev,credentials=/etc/samba-
credential.conf,uid=1000,gid=1000,x-gvfs-show 0 0

Save and close the file. Then create the credential file.

 sudo nano /etc/samba-credential.conf

Add the following lines in the file.

 username=your_samba_username
 password=samba_password
 domain=WORKGROUP

Save and close the file. Make sure only the root user can read this file.

 sudo chmod 600 /etc/samba-credential.conf

If you restart your Linux computer now, the Samba share will be automatically
mounted. You can also run the following command to mount the Samba share without
restart.

Page 76 of 77
  sudo mount -a

If you see the permission denied error and you can find the following line by running
the sudo dmesg command,

 VFS: cifs_mount failed w/return code = -13

it’s probably because you have a typo in the /etc/samba-credential file

Step9 :- Can’t Write to the Samba Share

The CIFS mount described above allows you to write to the Samba share. If you see the
following error while creating a file:

 Read-only file system

Check that you set writable = yes in the Samba configuration file. Sometimes, the
Samba shared folder is on an external hard drive, then make sure you mount the external
hard drive in read-write mode on the Samba server. For example, I mounted
my btrfs hard drive with the following line in /etc/fstab.

 LABEL=5TB /mnt/5TB btrfs defaults 0 0

It turns out that the defaults option doesn’t allow write operation. To make it writable,
add rw option.

 LABEL=5TB /mnt/5TB btrfs defaults,rw 0 0

Then unmount the hard drive. You need to use your own mount point.

 sudo umount /mnt/5TB

And mount it again.

 sudo mount -a

Step10 :- Troubleshooting Tip

If your Samba server is not working as expected, you can check the log files
under /var/log/samba/ directory. You can add the following line in the [global] section
of /etc/samba/smb.conf file to increase the log level if you want to log more information.

 log level = 2
Page 77 of 77