LINUX

52.247.217.
87
testuser
testuser@123
Overview of course
Linux Administration + Azure (Cloud) + Shell scripting + Ansible

Linux is an OS. We are going to lead OS administration.
1. Linux administration = 3 Months (Red hat 7 and 8)

2. ITIL = organization process = 3 to 4 Days (ticketing tool and inventory
management tool)
3. Shell script = 4 to 5 Days = we will learn very basic programing skill which
will help to automate OS administrator tasks.
4. Microsoft Azure (Cloud) = 2 weeks
5. Ansible = 2 Days
Mock test
Resume preparation
Uploading resume in naukri
How to handle the recruiter (HR)
How to face interview
Questions and answers
Eg: highest qualification is B tech and passed out in 2018
From 2018 till now working in one of the company in finance domain
Pre-requisites
1. Laptop/Desktop
Min 4 GB RAM
OS windows 7/10
Do's and don't

Do's:
Attend class only from Laptop
3 to 4 hours practice is mandatory
No screen recording
3 years 6 lakhs
4 years 8 to 9 lakshs
6 Years 13 to 14 lpa
Universal license keys
Topics
1. what is OS(Operating system)
2. History of Unix and Linux
What is os?
Collection of programs which are written in different language.Which are

going act as mediator between end user and Hardware?
UNIX operating is developed in C language.
Windows operating system developed in dotnet language (c sharp)
Eg: OS is a mediator?
End User (prasad) playing one audio, with help of os programs(double click on audio
file).
OS will understand double click on audio file means i have Execute nothing playing
the song.
OS programs will understand program and send output to Hardware (speakers).we will
get sound from speakers
OS is a mediator worked between prasad and speakers.
What is UNIX?
UNIX is aoperating system which is developed by ken Thomson, dennies and dugluss.
It has been released in 1969 Dec 31.
Feature of UNIX: multi user and multi tasking
It is an open source operating system
Multiple users logged in system that is nothing multi user and all the users will
start executing some programs that is nothing multi tasking.
UNIX is accepting multiple connections from multiple users and same time all the
users can execute their own programs invidually.
UNIX is an open source operating system?

Os is nothing collection of programs.code is open to modify or customize based on
your requirement.
UNIX and Linux are these same? No
UNIX is parent for Linux operating system.
UNIX = Released 1969

Linux = Release 1991
UNIX flavaours
1. Linux (Linus torvalds) 1991 - USA - he customized UNIX operating system

and developed new kernel and named it as Linux operating system.
2. AIX (IBM)
3. Solaris (Oracle)
4. HP UX (HP)
5. SuSE (Novel or SuSE)
Linux Flavours:
1. Redhat linux (marc Ewing) 1994

2. Centos
3. Fedora
4. Linux mint
5. Ubuntu
6. Kali linux
7. Debian
8. Puppy Linux
9. Open SuSE
10. Arch linux
RHEL 6 redhat enterprise linux 6.0, 6.1, 6.2, 6.3......6.10

RHEL 7 7.0, 7.1, 7.10
RHEL 8 8.0, 8.1, 8.2,
Os = collection of programs
Kernel is a one of the program from collection OS programs.
Kernel is a heart of the operating system and it's a core program of OS.
Hard disk, Monitor, mouse, keyboard
==================> Roles of Linux

administrator<====================================
Build the servers

Disk management (creating partitions and all)
Software managment (installing packages & un-installation)
User administration (creating users for other team members in server)
Performance: Applications able install and run without any issues
Support: Redhat Company will support or help us in case any os related problems.
Cost effective:
AIX = 100000 profit 1 CR

Redhat =10000
UNIX Architecture
==========================================
Design of the UNIX operating system.same architecture continued by all other

unixflavarous (Linux, AIX, Solaris, HP -UX, SuSE)
1. Application Layer
2. Shell
3. Kernel
4. Hardware
Os is nothing collection of programs which will interact with enduser and Hardware.
There are 2 components are involved.

1. OS (Application layer, shell, kernel)
2. Hardware (hardware)
1. Application layer:
Which is the layer interact with enduser that layer called as application layer.
Here only we will give input/task/process will be triggered.
2. Shell;
Shell will be there between application layer and Kernel layer. It is going verify
each and every task (program)
which is given by end user and send it to the kernel. Shell will pass task to
kernel layer if task valid one.
Shell will have pre-defined programs, if application layer give task and task is
matching with existing program then only shell will pass it to kernel.
Virus is new program or pre-defined program in OS?

New
Os shell will not accept or shell will not allow him to reach kerne.
3. Kernel;
Kernels are a heart of operating system or kernel is a core program of OS.
Shell is protecting kernel. Shell is not allowing unknown programs.
Default shells in Linux
1. Sh
2. Bash
3. Dash
4. Csh
5. Tcsh
6. Nologin
Extra shells
Ksh (korn shell)
Overall programs are 1000 means P will be devided between shells

Sh 999
Bash 1000 ls
Csh 890
Tcsh 920 ls is no there in tcsh, then tcsh will through error like ls command
not found
Nologin 100
3. Kernel
Kernel is a heart of the operating system and it's a core program of Operating
system programs.
What is the role of kernel?
Task management
Memory management
Resource management
FIFO= first in first out will be take care by kernel

RAM (memory) allocation will be done by by kernel
Where this task should go that will be take care by kernel
4. HARDWARE
Kernel will pass task /program to processor (HW) and processor will execute task
and take data from Hardisk (HW)
and send the output to monitory (HW).
1. What is server?
2. What is DC (Data Center?)
3. Difference between Desktop and Server
1. What is server? Desktop (Laptop)

High end configuration machine
Processor = Min 2
1 processor
RAM = Min 16 Slots.In each slot we can connect 8 GB RAM
2 Slots 2*4 GB = 8GB
HDD = we can connect to SAN (storage area network)
1 HDD
Network = Min 2
1
===================================================================================
====
Laptop also machine but low configured machine.Which can't run more that 2
days continuesly.
But server can run for 1 Year also without reboot.
Main components of PC:

1. Processor
Intel (Core, Core2, Core2dual, I3, I5...)
AMD
2. RAM (Random access Memory) or memory
3. HDD (hard disk)
4. Network (NIC)
Extra features in Server:

1. Console Board: we can access server through network. We can poweron,
poweroff, check Health status, and Os installation through network.
Eg: server is in US and can possible to poweron or poweroff from India.
That is the spacality of console board.
2. HBA (Host Bust adapter) Card
Fiber cable from server to SAN
With help of HBA port and fiber cable we can access the HDD. Hard
disks will be there in SAN BOX.
2 .DC= Data center
Where we will maintain Infra components with very security

Infra components are:
1. Servers
2. Netwrok components (switches, routers, patchpannel, firewall, Load
Balancer)
3. Storage area network (SAN Box)
4. Backup components
Standalone server
Enclosure: collection of blade servers (16 Blade servers with common SMPS (5)).
SAN = storage area network

Collection of hard disks
100 disks with 1 TB = 100 TB
100 TB is the capacity of SAN Box
Platforms
1. Physical
2. Virtual
3. Cloud VM
1. Physical:
We will install OS in invidual physcical box (server).
16 servers for 2 applications
2 applications are nothing but (3 web app servers, 6 app severs and 4
DB servers)
Company owner initiated for new application development.

Company owner will discuss this requirment with development team.
Development team or architect will understand requirement and request
for servers and other pre-requisites.
Need 30 Physical servers. This is the requirment to develop and test
the application.
We will involve procurement team to procure servers.
Suppose servers have to deliver in US data center then procurement team
will request vendor deliver server in US DC.
Vendor delivered servers to DATA CENTER.
Now Data center engineer will take server to inside data center
and mount server in RACK.
Data center engineer is nothing but our representative to take
care hardware related things (tasks)
Data center engineer will connect the cables and power on the
server.
Data center engineer will assign IP address for console and also
create admin user for console access.
DC engineer will share console IP and credentials to OS administrator

(Linux).
Here done with his responsibilities.
DC engineer responsibilities: mounting server in rack ==> connects the

cables ==> power on ==> assign ip for console==> create user for console
====>sharecredentials to OS administrator
Server is in US and linux administrators are sitting in India.

Is it possible physical server or not? Yes can possible. We can access server
through console.
Linux administrator can access server through console which are shared
by DC engineer.
What are the further tasks on newly arraived servers?

Install OS
Create partitions or Disk drives
Creating users for application or DB team
install pre-requisite packages or softwares
support server owners for any other requirments.
HP Servers DELL
servers
Console ILO3, ILO4 IDRAC
ILO = Integrated lights out

ID RAC = Integrated Dell remote access console
HBA card: using HBA card we can access storage (HDD) from server. -- host bus
adapter
Just assume, san box capacity is 1000 Hard disks.

Is it possible to connect all 1000 san box hard disks to one physical server?
Yes
Using HBA port we can make connectivity between server and storage.
That means we are able to access all 1000 san box hard disks from server.
Server (HBA card) ==========>fiber cable =========> SAN BOX

DIFFERNCE BETWWEEN HBA NAD NIC (network ineterface adapter)
->HBA use to connect to block level storage such as fiber chanel sata sscsi
->NIC used to connect ether net storage to a switch or server
ethernet with rj45 connection
=======================Virtual platform========================
Esxi is a baremetal operating system. Which can adjust with metal (physical)? Esxi
contains virtualization programs which can adjust with physcial component.
So we are injecting virtualization programs inside physical server.
256 GB RAM 4 processors
With virtualization technology i may be able to create n number virtual

machines
Vm 1 = windows os = 4 GB RAM
Vm 2 = Linux os = 4 GB RAM
Vm 3 = redhat = 2 GB RAM
Vm 4 = SuSE = 2 GB RAM
Who developed esxi? Vmware Company

Vmware product is esxi
Micro soft product is hyper-v
Citrixhyper-v
Esxi: is an OS which is developed by VMWARE Company.

The main feature of esxi is hyper visor (virtualization).
We will install esxi on physical machine. During installation we will assign
IP and credentials (username & password).
Vcenter: is a tool which we will install in any of the operating system.
the main purpose of vcenter is , we can administrate or orchastrate the
virtualization.
that is vm creation
decommisioingvm
increase cpu,memory and disk capacity.
backing up virtual machine.
vmware workstation = home users not for organization

orcle virtual box = home users 1 or 2 machine you can run
so much difference between vcenter and vmware workstation.
vcenter is a enterprize tool.

esxi is a enterprize tool.
2 cores are there then one cost from vmware

4 cores then different cost from vmware
physical platform:
physical server 1 ==>redhatos installation ==> application

physical server 2 ==>suse operating system ==> application
virtual platform
physical server 3 ==>esxios (hypervizor)==> access through vcenter==> create
virtual machine(vm1) ==>redhatos installation ==> application
virtual machine(vm2) ==>SuSE OS installation ==> application
virtual machine(vm3) ==> Solaris OS installation ==> application
virtual machine(vm4) ==> Windows OS installation ==> application
virtual machine(vm5) ==> Windows OS installation ==>applciation
Cloud platform
the cloud platform almost equal to virtual platform.
vmware = vcenter to administrate the virtualization
cloud = web page to administrate the virtualization
How to enable virtual technology (VT) at bios level in laptop
Task 1 : enable VT at bios level

Task 2 : Install vmware workstation. I have shared vmware workstation
version 16.
Task 3 : Create Virtual machine in vmware workstation.
Task 4 : download RHEL 7.6 ISO image. I have shared Link for download
Task 5 : Map iso image in dvd then start os installation.
===========================Default
Directories===========================================
/ is a main directory in unix servers
/boot is one of subdirectory in /

/root is a sub directory in /
13 important subdirectories inside /
Pwd = it prints the current working directory>> print working directory

Cd = change diectory
Use cd to swithch from one place to another place
Su: swith user
Ls: listout the current folder files and directories
Whoami: it prints the currently loggedin user name
Pwd, cd, ls, clear, whoami, su - prasad
Folders = Blue
Files = black
Who is the admin user in UNIX servers? Root
1. /boot: it contains operating system bootable files. Machines will not bootup
incase any file deleted from /boot, so /boot is a critical directory.
2. /root: it is a root user home directory or admin user home directory.
There are two types of users. Normal user can not enter into root user home
directory, but root can enter into any of normal user’s home directory.
Root: /root
Norma users: /home/prasad
/home/Siva
3. /home: It contains normal user’s home directories.
4. /etc: it contains system configuration (settings) files.
Eg: i want to change hostname. I can go to /etc/ and find out right file and
modify the hostname
5. /usr : /usr contains system user binary programs like commands
/usr/bin : common commands. These commands needed for all the users.
/usr/sbin: it contains only administrator commands or super user commands.
normal user can't use /usr/sbin commands.
Command is nothing but program.
6. /bin: normal user commands

7. /sbin: administrator commands
8. /var: variable files: It contains system logs. What is meaning of system logs.In
and out activities of system.
Eg: root user created user. That log also update in /var/log/secure file.
Root user delete user. Even that log will update in /var/log/secure.
One user logged in that logs also capture in /var/log/secure file
One hardware is failed that log(information) will be in /var/log/dmesg
9. /lib: libraries. Operating system related programs. is os will run without lib?
no
Ls /usr/bin
Ls command use the one of library from /lib.
10. /dev: it contains device names (cd, DVD, hard disks)

/dev/sda first hardisk
/dev/sdb second hardisk
/dev/sr0 DVD
11. /proc: this belongs to processor. Processor is going to store executable things
inside /proc.
Eg: processor is going to create one file for each task.
Currently runnings tasks (jobs) information will be there inside /proc
It will become empty once we poweroff system.
12. /mnt: guest directory. Empty directory can be used for any of the purpose.
13. /tmp: temp directory: any of the user or program can use this directory to
store thair data.
Every user will have rights to use /tmp directory.

Even all the users processes can use /tmp to store data tempararly.
===================================================================================
====
/
/root
Pwd, cd, ls, clear, ueraddprasanth, whoami, su - prasanth, exit
File management
1. Cat
2. VI
3. Touch
1. Cat
Create file:
Cat ><filename>
Cat > file2
content1
content2
..................
Hold the ctrl key and press d to save and come out.
View the file content:
Cat <filename>
Cat file2
Print file content with line numbers
Cat -n <filename>
Cat -n file2
Append or overwrite content to existing file
Cat >><filename>
Cat >>file2
New content
Hold the ctrl key and press d to save and come out.
Drawback: we can not modify existing file content.
2. VI------virtual interface*********
Using VI we can creeate file, modify file content and many other features are
included.
Create file
VI <filename>
3 modes inside VI
1. Command mode (delete content, replace content, search content. eg:
dd is for delete 1 line, yy is for copy 1 line)
2. Insert mode (we can add content inside file)
3. Replacement mode (replace the file content)
I: is for swithfrom command mode to insert mode
Esc: is for swith from insert mode to command mode
: Senu is for print file content with line numbers
: Se nonu: is for invisible line numbers
Dd: is for delete cursor standing line
U: undo the latest changes
10dd: is for delete 10 lines from cursor standing line
yy: is for copy the line where cursor is standing
p : is for past the copied line below of cursor position
10yy : is for copy 10 lines from cursor standing position
capital P is for past the copied line above of cursor position
:w : save changes so far whaterver we made
:wq : is for save and comeout from file
:q: is for quit from the file without save the changes
cc : cut : is for cut the cursor standing line
10cc: is for cut 10 lines from cursor standing position
i want to past the cut line
press esc and press p past
dw : is for delete cursor standing word

10dw: is for delete 10 words from cursor position
x: is for delete single char
10x : delete 10 char from cursor position
How to search the string inside file

/venu
N: next string place
N: is for previos string place
/string searching string from top to bottom
?venu
?string is for search string or word from bottom to top
Gg: take cursor to first line of the file

Capital G is for take cursor to last line of file
Shift G
0: number zero is for take cursor to first position of line

$: take cursor to end of the line
Replace string or word
: %s/venu/ram/g
S substitute
Old/new/g
g global
I: insert mode in the cursor postion

A: is for swith from command mode to insert mode but next to cursor position
O: swithc from command mode to insert mode but next line of cursor position
O: is for create newline of below cursor positon and swith to insert mode
: Wq-------saves and quit
Capital R is for switch from command mode to Replacement mode

Continues replace until press esc
r = single char replacement
3. Touch
Touch: using touch can possible to create empty file or files
Touch tfile1
Touch tfile2 tfile3 tfile4 tfile5
touch file{1..100}
disk usage
******** Du -sh file1
Du = disk usage
h= human readable format
s= size
Size will be in human readable format

Redirectional symbol >, >>
Directory or Folder
============================================
Make directory
Mkdir /test1
Mkdir /app1 /app2 /db1 /db2
Touch file5 file6 file7
Hidden file or directory

==================
If we add.As prefix that will become hidden
Touch .file1 .file2 .file3
Mkdir /.tdir2 /.tdir3 /var/.prasad /mnt/prasad

Hidden directories are: /.tdir2 /.tdir3 /var/.prasad
Normal directories are: /mnt/prasad
******How to list out normal and hidden data?

Ls -a
create parent directory with child directories

mkdir -p /p/r/a/s/a/d
REMOVE
rm
================
file : rm <filename>
rm -f <filename>
directory: rm -r <directory>
rm -rf <directory>
-r recorsively
folder with content should delete
-f forcefully . remove file or directory without my confirmation
Cp
======================
File: cp <filename><destination path>
Directories: cp -r <folder><destination path>
Cp -r /root/Downloads /var
Cd /var
Ls
MOVE
mv
============================
1. purpose: move file or directories from one place to another place
2. Rename
different path then move

same path then rename
mkdir /db1
cd /
mv db1 db5
rename because same path
mv db5 /mnt
we moved db5 directory to /mnt
===========================09-Sep-2021==================
How to get server configuration data
RAM (memory)
******Free -m or free -g or free -k
k = kilo bytes. We will get memory informaiton in kilo bytes
m = mega bytes.
g= gbs
******Cat /proc/meminfo
CPU
Lscpu
******Cat /proc/cpuinfo
Disk
******Fdisk -l
******Lsblk
******Lsscsi
/dev/sda disk1
/dev/sdb disk2
/dev/sdc disk3
/dev/sdc1 partition number 1 in sdc disk
/dev/sdc2 2nd partition in sdc disk
Type = disk
sr0 = ROM nothing DVD
Part = partition
******DF -h and lsblk

******Lsblk = is for print disks information
******DF -h = is for print mounted partitions
OS information
******Hostnamectl status
******Cat /etc/os-release
Host name or computer name
******Hostname
Uname -n
Change Hostname
Hostnamectl set-hostname batch25m5
Kernel version
What is kernel? Kernel is a one of the program in collection of
os programs.
Kernel is a core program of os
Kernel is a heart of os
*******Uname -r
RHEL 5 kernel version = 2.6.28. ***

Date and time

Date
Change date and time
Date -s "09 sep 2021 08:05:00"
Date --date "yesterday"
Date --date "tomorrow"
Date --date “10 days ago"
Date --date "10 days"
Cal
Cal 2022
Architecture of OS
Arch
How to know which user currently logged in?
Whoami
How to shutdown the linux server
Poweroffimediatly = shutdown -h now

Poweroffafter 5 min = shutdown -h 5
Poweroff after 5 min with message = shutdown -h 5 "powering off
server as per schedule"
-h halt
Poweroff
Init 0
Shutdown -h now
Poweroff
Init 0
How to reboot the server
shutdown -r now
shutdown -r 5
shutdown -r 5 " rebooting server as per schedule"
reboot
init 6
How to get default shell

Sh, bash, dash, csh, tcsh, nologin, ksh
******Current shell: echo $0

******Default shell: echo $SHELL
How to list out all installed shells?

******Cat /etc/shells
============================================================
IMPORTEBT COMMANDS
less,more,head,tail,wc,grep,sed
head: we can print first 10 lines in file

tail: we can print last 10 lines in file
sync:
head <filename>
tail <filename>
how to print particular lines
head -5 <filename>
pirnt only 5 lines from top
tail -3 <filename>
print only last 3 lines from bottom.
print between lines.
eg : line number4 to 8th line
head -8 filename | tail -4
head -8 f10 | tail -4
|
|| = cmd1 || cmd2 : cmd 2 should execute incase cmd1 fails
eg: install software incase not installed
&& = cmd1 && cmd2 && cmd3 && cmd4: cmd2 will exuecte if cmd1 success. Cmd3 executes
if cmd2 success.
; = cmd1; cmd2;cmd3;comd4
executing commands parlel
hostname;date;arch
| pipe = cmd1 | cmd2 |cmd3|cmd4
cmd1 output pass to pipe symbol and cmd 2 will execute based pipe symbal data
cmd2 is depending on cmd1 output

cmd 3 is depending on cmd2 output
cmd4 is depending on cmd3 output
which one is able to store previous command outpu? |
Pipe symbol can store the previous command output and pass that output to
next command as an input.
First command output will become input for second command.
less more
more and less commands are for view file content page by page.
eg: there is lenghthy file want to read file page by page then we can less or
more commands to read
synx:
more <filename>
less <filename>
more = bit old command

less = is latest command
which has extra features? Less
More filename
- space bar is for go to next page
enter key is for next line
b is for go to previous page
esc to comeout from the file or output
/word to search the word(string) in output
WC = word count
******WC -l filename
-l line numbers
WC -w filename
Words
WC -c filename
Chars
=======================================Grep=============================
Grep is for search string (word) from file or files in one depth of
directory.
Grep -w <word> filename

Grep -w <word> *
-w word search
-i ignore case sensitive
grep -wi world filename
grep -wic world filename
-c count the pattern in file
-n print the line number of string
grep -win word filename
-v = exclude
grep -w <word> filename | grep -v <world>

grep -win prasad f10 | grep -v Test
-wicnv
-B = print 5 lines before of string

-A = print 5 lines after string
string found in line 2 then print line3,line4,line5,line6,line7
grep -w -A 5 string f10
grep -w -A 3 test f10
****** How to search multiple strings in file or files?

grep -w "word1\|word2\|word3\|word4" filename
grep -w "prasad\|test" f10
grep -w "error\|warning" filename
Inode number:
****** What is inode number? Each and every file and directory will have one unique
number that unique number is nothing but inode number.
Kernel will assign one unique number for each and every file/directory.
***** How to identify inode number file or directory
Ls -i filename
Ls -i directory
Stat filename
Below information linked with inode number
Filename, size of the file, file creation date and time, owner of the file,
group of the file, permissions and links
Creating n number of files

Touch file {1...100}
ls
Creating n number of directories
Mkdir dir {1...50}
find . -name *.txt|wc -l
Rm -RF file {1...100}
Rm -RF dir*
=========================================ls -l====================================
ls -l
- l long list
-----------------------------------------------------------------------------
drwxr-xr-x. 2 root root 6 Sep 8 07:45 app1
lrwxrwxrwx. 1 root root 7 Sep 3 13:15 bin ->usr/bin
dr-xr-xr-x. 4 root root 4096 Sep 6 12:49 boot
drwxr-xr-x. 2 root root 6 Sep 8 07:46 db5
drwxr-xr-x. 20 root root 3300 Sep 15 13:29 dev
drwxr-xr-x. 140 root root 8192 Sep 14 13:38 etc
-rw-r--r--. 1 root root 495 Sep 15 13:18 f10
-rw-r--r--. 1 root root 18 Sep 8 07:32 f4
----------------------------------------------------------------------------
total 7 fields
<Permissions><link count><ownerofthefile><group of the file><size in

blocks><file/directory created/modified date and time><name of file/directory>
1 2 3 4 5 6
7
Drwxr-xr-x
d= directory
l = linked file/directory
- = file
b = block file or raw device
Brw-rw----. 1 root disk 8, 0 Sep 15 13:29 sda
Sda is hard disk nothing block device
c= charecter files or device: these files are used by OS programs.
p= pipe file. System program file program1========program2
s = socket
***** What is l starting of file? Options like is long file, lenghty file linked
file
Which one is right? Linked
Starting s for file? Socket

Starting b for file? Block device
Starting p for file? Pipe
-rw-r--r--. 1 prasad prasad 2264 Sep 8 07:34 file1
owner of the file1 is ? prasad

which group is assigned to file1? prasad
owner groupmembers others
rw- r-- r--
1 2 3
r=read
w=write
x=execution
prasad is the group members are = babu,raja,ramu
-rw-r--r--. 1 prasad prasad 2264 Sep 8 07:34 file1
-rwxrwx---. 1 prasad prasad 2264 Sep 8 07:34 file1

who is the owner of file1? prasad what permissions he has? read/write/execution
which is the group assigned for file1? prasad who are the members of prasad group?
babu and ramu
what are the group members permissions on file1? read write execution
there is one user name is raja now he comes under which catogory on file1? others
catogory because he is not the owner or group member
ls -l or ll
ls -lt
t= sort with latest time stamp
r= reverse the output
Ls -ltr
Disk Management
=============
Disk is a storage component.
The disk capacity is 1 TB

One of the uesr requested partition with 100 GB
2nd user requested 50 GB
3rd user requested 100 GB
Disk management
Creating partitions based on request
delete partition based on request
extend partition space. the current size is 100 GB , extend it to 200
GB
reduce space from existing partition. the current size is 200 GB ,
reduce it to 150 GB.
Disk managment methods

1. Normal mothod
2. LVM (logical volume manager)
3. RAID
1. Normal method:
Scenario 1: creating partition
Scenario 2: deleting partition
******How to know connected disks for linux machine?

Lsblk
/dev/sda disk 1 (OS will be there)

/dev/sdb disk 2
/dev/sdc disk 3
/dev/sdd disk 4
/dev/sde disk 5
Scenario 1: Creating partition

Step 1: attach new disk
Step 2: login to linux server and refresh the channels to get new disk
at os level
******echo " - - - " >> /sys/class/scsi_host/host0/scan
echo " - - - " >> /sys/class/scsi_host/host1/scan
Echo “space - space - space - space" >> here we given space

before and after -
step 3 : create partition inside disk
enter inside disk using fdisk command
******fdisk /dev/sdb
:n
partition type:p
partition number: 1
starting sectory : just enter
ending sectory or size : +2G
p is for print partition table
n is for create new partition
D is for delete existing partition
W saves changes and comeout
q Comeout from the disk without saves changes
Step 4: update disk partitions information to kernel using below
command
Partprobe /dev/sdb
We are updating to kernel about
sdb partitions
Step 5: format partition using any of the file system

type
Ext2, ext3, ext4, xfs
mkfs.xfs /dev/sdb1
mkfs.ext4 /dev/sdb2
Step 6: create one directory and mount /dev/sdb1 to that directory
Mkdir /db1
Mount /dev/sdb1 /db1
/dev/sdb1 is mounted to /db1 directory
Step 7: add partition details in /etc/fstab to make permanent

VI /etc/fstab
Go to last line and add below content
/dev/sdb1 /db1 xfs defaults 1 2
Save and come out
How to see mounted partitions?

******df -h
How to see the disks and partitions
******lsblk
What is file system type?

Program which will give disk features.
Ext2 is an old program
Ext3 is a later version of ext2
In step 5 we assigned feature to partition. What is the feature we assigned
xfs
Individual partition size over all partitions size
journaling
Ext2(rhel4) 2 TB 32 TB NO
Ext3(rhel 5) 2 TB 32 TB YES
Ext4(rhel 6) 16 TB 1 EB YES
Xfs (rhel 7, 8) 500 TB 8 EB YES
8 bits = 1 byte
1024 bytes = 1 KB kilo bytes
1024 KB = 1 MB mega bytes
1024 MB = 1 GB Giga bytes
1024 GB = 1 TB Tera bytes
1024 TB = 1 PB peta bytes
1024 PB = 1 EB exa bytes
What’s a software or hardware? Software or application. Software is nothing but

code (program)
Notebook 1: ***** interview questions

Notebook 2: running notes
Notebook 3: topic wize one more note book. After class or during your practice you
will start preparing your own note.
/dev/sdc1 /a1 xfs defaults 1 2

/dev/sdc2 /a2 ext3 defaults 1 1
field 1 field 2 field 3
field 4 field 5
field 6
<device name> <mount point name> <FileSystemType> <default Permissions>
<File system backup> < File system checkup>
/dev/sdc1 /a1 xfs defaults
1 2
1 2
1 1
1 1
defaults= defaults,ro
partition should mount in read only mode along with default permissions
field 5: file system meta data backup

0 = no file system Meta data backup
1 = backup the Meta data of partition
field 6: file system checkup
0 = no file system checkup during server boot up
Don’t repair the file system while server coming up
1 = do the file system checkup during server boot up with first
priority
2 = do the file system checkup during server boot up with second
priority
Meta data= data about data inside disk or partition.

What file is stored in which sectors and which place.
Maintaining data about data is nothing but meta data or journaling.
Journaling is nothing but data about data nothing but meta data.
How to identify what file system type is assigned to partition?
******blkid
Or
******blkid -o list
sectors
bits
bytes
kb,mb,gb,pb,eb
What is sector= sector is nothing but disk space or peace.

Disk space is devided into sectors
What is sector size = 512 Bytes
1024 bytes are = 1 KB
2 sectors = 1 KB
Default size of file is 4MB that mean kernel allocated 8 sectors to 1 file.
15 GB disk means converted as sectors.

N number sectors are equal to 15 GB or disk.
Journaling = data about data nothing meta data.

which is meta data ? one file created and allocated so and so sectors =
sec20,sec21,sector22,sector23,sector24,sector25,sector26,sector27
meta data maintaince data about data or so and so file occupied which are the
sectors.
incase any one sector is wrongly tagged to any other file xfs_repair will
arrange back to orginal file
we will repair the sectors using xfs_repair
during boot up if you want to repair file system 1 or 2

if we specify 0 that means don't repair file system during bootup.
Advantages of journaling:
Fast repair or fast recovery because there is meta data nothing but data
about data.
Like page numbers for book
Repair or recovery will be very fast if there is journaling.
***** explain about journaling

Jouranling is nothing but metata data.meta data is nothing but data about
data.
Eg: which file stored in which are the sectors
*** What are the fstab fields?
6 fields are there
1. device name, 2. mount point name, 3. file system type, 4. default
permissions, 5. meta data backup 6. file system checkup
*** explain last 2 fields in /etc/fstab
5th filed is meta dta backup
0 means no meta backup 1 means backup the meta data
6th field is file system checkup
0 no file system checkup
1 file system checkup with first priority
2 file system check up with second priority
---------------------------------------------------------how to delete
partition------------------
step 1 : unmount the mounted partition
umount /a1
umount /a2
step 2: remove entry in /etc/fstab
step 3 : enter in to disk and delete the partition
fdisk /dev/sdc
d
partition 2
w = save and come out
===========================User administration======================
Creating user
modifying user
deleting user
group
creating group
adding/removing users from group
modifying group
deleting group
what is the server?

where we will run the application.
what is the application?
application is nothing but code which will take input from end user and
serve the request.
amazon.com,whats up
web applications : whatever applications we open in browser.
mobile apps : what's up
Who is going to develop the application?

Developers
Where they will maintain the code?
Server
Who is server administrator?
Depends on os
Windows = windows administrator
Linux = Linux administrator
Which are the teams required server access?

Linux team : OS support
Application team : develop
Db team : db support
Useradd tuser
Useradd appuser
Useradd dbuser
Passwd tuser
passwd appuser
passwd dbuser
authentication methods
1. Local user management
2. Centralized user management
how to create user in server?

how to set the password for user?
only root user can create users.
Only root user will have access to perform following tasks disk management,
user management and software management
whoami
the above command is for identify which user is logged in
root = #
normal users = $
Create user = useradd appuser1

how to know is the user exist in system? id username id appuser1
how to set the password = passwd username passwd appuser1
backend kernel is going to allocate one uid, group for the user, home directory for
the user, shell for the user.
how to know home directory of user?

how to know uid of user?
cat /etc/passwd
following file contains the user information /etc/passwd
==================================
prasad:x:1000:1000:prasad:/home/prasad:/bin/bash
siva:x:1001:1001::/home/siva:/bin/bash
prasanth:x:1002:1002::/home/prasanth:/bin/bash
testuser1:x:1003:1003::/home/testuser1:/bin/bash
tuser:x:1004:1004::/home/tuser:/bin/bash
tuser1:x:1005:1005::/home/tuser1:/bin/bash
ramu:x:1006:1006::/home/ramu:/bin/bash
babu:x:1007:1007::/home/babu:/bin/bash
raja:x:1008:1008::/home/raja:/bin/bash
appuser1:x:1009:1009::/home/appuser1:/bin/bash
=========================================
username: X: uid:gid:comment:homedirectory:shell
1 2 3 4 5 6
7
b25user1:x:1010:1010::/home/b25user1:/bin/bash
1 2 3 4 5 6 7
the fields are seperated with : we can find user information in /etc/passwd
here 7 fields will be
field 1 : username
field 2: mask password(redirect to /etc/shadow file for password)
field 3: user uid (unique id)
field 4 : user primary group id
field 5 : comment of user
field 6 : home directory of user
field 7 : shell of the user
/etc/passwd ==========> users information

/etc/shadow ==========> password information
UID's = 0 - 65000
0 = root
1 - 99 = OS user or system users
100 - 999 = thrird party and application users
1000 - 65000 = for normal users
inode number = for file/directories

uid = users
b25user1:x:1010:0::/home/b25user1:/bin/bash
b25user1 primary group is root(0).

0 uid is for root
0 gid is for root
with specifications
useradd -u 2000 -g 0 -G prasad -d /opt/babu1 -m -c babu1 -s /bin/bash babu1
useradd -u 2001 -g 0 -G prasad -d /opt/babu2 -m -c babu2 -s /bin/bash babu2
without specifications
useradd babu1
u = uid
g = primary group id
G = secondary group id
d = home directory path
m = make home directory
c = comment
s = shell
Primary group: each and every user will have one primary group
Secondary group: user can be member into n number secondary groups
eg: babu user can be member into n number of groups(secondary group)
group information will be in /etc/group
useradd
passwd
pending
usermod
userdel
groupadd
groupmod
groupdel
add users into group
delete users from group
useradd rajesh
useradd command will take inputs from /etc/default/useradd file.
whatever is missing in useradd command that data supplied by
/etc/default/useradd.
eg : HOME and shell are decided by /etc/default/useraddincase we didn't

mention in useradd command.
eg : useraddrajesh
The above command will take /etc/default/useradd help to specify home and
shells
eg : useradd -d /opt/rajesh1 -m -s /bin/sh rajesh1

The above command will not take shell and home directory from
/etc/default/useradd
/etc/default/useraddparameteres not applicable for specification users.
going forward for up coming users home directory should be /opt? who we can do this
vi /etc/default/useradd
HOME=/opt
after this modification users home directory creates under /opt
Usermod
-u uid
-g pgid
-G sgid
-c comment
-d home directory
-m make
-s shell
usermod -u 4000 babu2
modifying uid to babu2
usermod -c newcomment babu2
how to change the home directory
usermod -d /opt/r1home -m r1
for r1 user new home directory is /opt/r1home
how to change login name?

usermod -l ram1 r1
how to delete the user?

userdel username
userdel -r username
-r means delete user with home directory
how to create user

how to modify user fields like uid changing, modifying the home directory,
modifying the shell
/etc/passwd fields
7 fields
how to create user?
useraddramu
useradd -u 3000 -G root -d /usr/ramu -m -c ramlinuxadmin -s /bin/shramu
how to set password for the user?
passwd ramu
How to modify the user fields?

Usermod -u 3001 ramu
Usermod -c ramudbadminramu
Cat /etc/passwd
Username: X: uid: gid: comment: homedirectory: shell
1 2 3 4 5 6
7
b25user1: x: 1010:1010: /home/b25user1:/bin/bash
1 2 3 4 5 6 7
*** ***which are the files will get updated once we create user?
1. /etc/passwd ===> user information
2. /etc/shadow ===> password information
3. /etc/group ===> group information
useradd raj
username is raj same time kernel will create group with same username
user is raj his own group is raj
================================shadow
fields==========================================
raj:!!:18893:0:99999:7:::
username:encryptedpassword:passwordlastchange from jan 1970:min ageofpassowrd:Max

age of password:Warning days of password:userinactive:account exp
1 2 3 4 5 6
7 8
18893 jan 1 1970

18893 are the days count from jan 1 1970.
18893 + 30
max password age is 30 days
18893 +30 = 18923
0:99999:7
0 = min age of password
99999 = are the max password age
2:30:7
n x w
min = 23rd sep 2021 set password for raj and the min age for password is 2 so that
means next 2 days we can't change password.
min 2 raj user can 't change password
max = password will not work after max max age . passoword is going to expair after
30 days from 23 sep 2021.
war = warning notification will start on 23rd days onwards because warning days we
set 7.
30 - 7 = 23 notification like passowrd is going to expair on 23 oct
2021 in 7 days password is going to expair
24 passowrd is going to expair in 6 days
25th day also password is going to expair in 5 days
26th day also password is going to expair in 4 days
how to get password status?

passwd -S username
passwd -S raj
how to change password fields?
passwd -n 1 -x 90 -w 7 raj
n = min age
x= max age
w = warning
PS = password set
LK = password is locked
LK will apear when there is no password.
/etc/login.defs ===============> this file is going to feed to password data to new

user
/etc/default/useradd ================> this file is going to feed user information
to useradd command
raj1:!!:18893:3:90:4:::
second field : encrypted password

!! = not set the password or no password
junk chars = password is there
!!junk chars = password is there but password locked
!junk chars = password is there but accout is locked
how to lock the password ? passwd -l raj1

how to unlock the password ? passwd -u raj1
how to lock the user? usermod -L raj1
how to unlock the user? usermod -U raj1
how to expair the account? usermod -e 01/01/2022 raj1
dd/mm/yyyy
chage -l raj1
even this command is for get user and password information
passwd -n 3 -x 100 -w 7 raj1

chage -m 3 -M 100 -W 7 raj1
======================================Backup class============================
administrator in linux box = root
parent directory is /
/
/boot
/root
/etc
/var
/usr/bin
/lib
pwd : print working directory . it's helps to know the path

right now where we are
cd = change directory switch from one directory to other directory

cd /
cd /etc
pwd
ls = list out current folder files and folders.
clear = clear the screen
creating file using cat
cat > newfile1
ctrl d
save come out
how to create file? cat > newfile1 ctrl d is
for save and comeout
how to view the file content using cat? cat newfile1
how to append data to existing file? cat >> newfile1
ctrl d is for save and comeout
drawback in cat is : not possible to modify existing content so vi command

introuduced to modify file content
how to open file using vi? vi newfile1

vi modes
1. command mode (dd for delete line, yy is for copy line, cc for cut
the line)
2. Insert mode
3. Replacement mode
i : swithc from command mode to insert mode

esc: switch from insert mode to command mode
dd : is for delete cursor standing line

10dd: delete 10 lines from cursor position
yy: is for copy cursor position line
10yy: is for copy 10 lines from cursor position line
p : is for fast copied lines
:wq is for save and comeout from the file
=================25-Sep-2021======================================
Task 1 : Install vmware work station which i sent over the mail. License key is
available in what's up group
Task 2: open vmware work station and create virtaul machine
Task 3 : Install the operating system
file managment:
cat
vi
touch
using above 3 commands we are going to create file
cat > filename
pwd: is for present working directory. it tell where we are

cd : is for change directory. switch directory from one place to other place
ls : list out current path or folder files and directory.
BLUE= directories
BLACK = files
/ is a main directory or parent directory
/root
/boot
/etc
/lib
/var
who is the administrator in linux servers? root
create file using cat:

cat >file10
adding content
ctrl d to save and comeout
how to view the file content =================> cat file10
how to append data to existing file ============> cat >> file10
the drawback in cat command is we can't modify file content
vi using vi we can create file, modify file content
vi file10
3 modes in vi
1. command mode
2. insert mode
3. Replacement mode
esc = swith to command mode from insert mode

i = switch to insert mode from command mode
dd = is for delete cursor position line

10dd = is for delete 10 lines from cursor position
u = undo the changes
yy = is for copy cursor position line
10yy = is for copy 10 lines from cursor position
p = is for past copied lines using yy
cc = cut the full lin
10 cc = cut the 10 lines from cursor position
p = past
:se nu to set line numbers

:se nonu to unset the line numbers
G = shift g : is for take cursor to last line of the file

gg = is for take cursor to first line of the file
:10 = is for take cursor to particular line
x= is for delete single char from cursor position
dw = is for delete single word from cursor position
how to search the string(word)
/word
/prasad
press n to goto next string place
how to replace string inside vi
:%s/prasad/sanepalli babu/g
s substite
g globla
:wq is for save and comeout
:w is for save
:q comeout without save changes
:wq! save and comeout forcefully
touch
touch is for create empty file or files
touch file1 file2 file3 file4 file5 file6

touch b25file{1..20}
directory or folder
mkdir testdir1
mkdir tdir1 tdir2 tdir3
mkdir td{1..30}
remove
rm filename
rm -f filename
rm -r directory
rm -rf directory
f = force
r = recursively
copy
files : cp /file1 /opt
dir : cp -r /testdir /opt
cp <source><destination>
move
mv filename /opt
mv dir /opt
How to get RAM size?

free -m
free -g
free -k
or
cat /proc/meminfo
how to get the CPU information

lscpu
or
cat /proc/cpuinfo
disks information
==============
lsblk
fdisk -l
lsscsi
/dev/sda first disk

/dev/sdb second disk
/dev/sdc 3rd disk
/dev/sda disk
/dev/sda1 partition
2
3
.................. 64 partitions in single disk
how to get os version

===============
cat /etc/os-release
or
hostnamectl status
wc : word count
wc -l filename print the line numbers of file
wc -w filename to count the words in file
wc -c filename char
how to get system date and time

date
=============================
date +"%d-%m-%Y"
how to print only date
date +"%F"
how to print only time
date +"%T"
how to set the date and time
date -s "27 Sep 2021 19:00:00"
head and tail commands:

====================
head : is for print first 10 lines from file

tail : is for print last 10 lines from file
head filename
by default head prints 10 lines.
head file1 |wc -l
| symbol
cmd1 | cmd2
head file1 | wc -l
| symbol can store first command output and pass the same output to next command as
a input
the below command is for print 5 lines from top of file

head -5 file1
how to prin last 3 lines of file
tail -3 file1
more and less

===========================
more and less commands are for print page content page by page
syn: more file1

less file1
space = next page

enter = next line
b = previous page
h = help
which is advanced command? less
less has more features compare to more command.
===================================================
how to create user
creating user without specifications?

useradd username
useraddlinga
how to verify is the user exist?
id linga
how to set the password for linga user?
passwd linga
how to check the password status for one user?
passwd -S linga
how to lock the password for one user?
passwd -l linga
how to unlock the password for one user?
passwd -u linga
which file contains the user information?

cat /etc/passwd
user information : /etc/passwd
password information : /etc/shadow
/etc/passwd fields
7
linga:x:3004:3005::/home/linga:/bin/bash
username:maskpassword: uid : GID :comment: home directory of user: shell of the

user
1 2 3 4 5
6 7
by default home directories are allocated in /home directory.

creating user with specifications
useradd -u 4000 -d /home/rakesh -m -c "linux admin raki " -s /bin/sh raki
how to delete user? userdel -r username
===================================27-Sep-
2021======================================
group administration
how to create group?

groupadd<groupname>
how to create user?
useradd<username>
user information = /etc/passwd

group information = /etc/group
groupaddunix
how to modify groupname?
groupmod -n unixgrpunix
how to modify group id?
groupmod -g 1011 unixgrp
how to add single user into group
gpasswd -a raj1 unixgrp
how to add multiple users into group?
gpasswd -M raj1,prasadbabu,user1,user2 unixgrp
how to delete user from group?
gpasswd -d raj1 unixgrp
how to delete the group?
groupdelunixgrp
USER SKELITON
3 files will be copied to user home directory once after create new user.
.bash_logout
.bash_profile
.bashrc
.bash_history
how to swith to one user to another user?

su - username
how to know which user is logged in?
whoami
.bash_history = It captures the commands executed by that particular user

.bash_logout = we can set the program which can execute while user is logout.
something has to execute before user logout . that kind of program we
can define in .bash_logout
.bash_profile = we can set the program which can execute while user is login.
.bashrc = we can set the program which can execute while user is login.
we can define/set user environment in .bash_profile and .bashrc
user1 = for him 4 skeliton files will be there or not? yes

user2 = for him also 4 skeliton files will be there
user1 can design his profile

user2 also can design his profile
setting alias for invidual users

su - prasad
vi .bash_profil
alias p="ls -altr"
exit
su - prasadbabu
vi .bash_profile
alias b="ls -altr"
exit
by default history will remember only1000 commands

echo $HISTSIZE
1000
su - prasad
vi .bash_profile
HISTSIZE=2000
save and comeout from .bash_profile
compile the file
source .bash_profile
echo $HISTSIZE
going forward prasad profile can remember latest 2000 commands
su - babu
echo $HISTSIZE
1000
vi .bash_profile
HISTSIZE=2000
save and comeout from .bash_profile
compile the file
source .bash_profile
echo $HISTSIZE
going forward babu profile can remember latest 500 commands
Variables
=====================
variable is nothing but array which can store program or value.
1. System variables
2. user defined variables
1. system variables : these variables are defined by os developers.

system variables has pre-defined program.
what is the functionality of HISTSIZE?

HISTSIZE is a system vairable it able to rember/maintain latest 1000
commands.
current vaulue is 1000 that means it can maintain 1000 commands
after changing to 2000 it can rember 2000 commands . here we are able to
difine the vaule for variable not changing functionality of variable.
***** how to list out system variables or variables?

env
always system variables will be in uppercase (capital letters).
2. User defined variables

defining value or program by end user.
a=10
b=20
how to call the variable? echo $a

echo $HISTSIZE
temp:
export HISTSIZE=3000
un-exporting
unset HISTSIZE
perm:
global environment variable file = /etc/profile
individual users environment variable file = /home/user/.bash_profile
individual user home directory: /home/prasad/

individual user environment variable file = /home/prasad/.bash_profile or
/home/prasad/.bashrc
global environmnt variable file = /etc/profile
===============================Permissions=========================================
===
root
-rw-r--r--. 1 root root 2410 Sep 8 07:37 file3
drwxr-xr-x. 2 root root 6 Sep 8 07:45 tdir1
normal user
drwxrwxr-x. 2 ram1 ram1 6 Sep 29 12:52 ramdir1
-rw-rw-r--. 1 ram1 ram1 0 Sep 29 12:52 ramfile1
421421421
rwxrwxrwx
7 7 7
r=read=4
w=write=2
x=execution=1
7
rw- r-- r--
6 4 4
u g o
u= user(owner)
g=group
o=others
useradd -G linuxteam l1
creating l1 user and adding l1 into linuxteam group as secondary group
what is the primary group for l1?
l1
-rw-rw-r--. 1 l2 linuxteam 0 Sep 29 13:04 /tmp/l2file
whois the owner? l2 what permissions ower has?

read/write
what is the group assigned? linuxteam what
permissions has to group members ? read/write
what about others permissions ? only read
who are the linux team members? lid -g linuxteam or grep linuxteam
/etc/group
grep linuxteam /etc/group
linuxteam:x:3010:l1,l2,l3
is l3 user can modify /tmp/l2file? yes
new permissions
-rw-------. 1 l2 linuxteam 0 Sep 29 13:04 /tmp/l2file
is l3 user can modify /tmp/l2file? no
other than l2 none of the user has permissions
rw-------
6 0 0
7 5 5
every one can execute that program
7 5 0
only owner and group member has execution permissions
***** root default permissions

files = 644
directories = 755
***** others default permissions
files = 664
directories = 775
root
-rw-r--r--. 1 root root 2410 Sep 8 07:37 file3
drwxr-xr-x. 2 root root 6 Sep 8 07:45 tdir1
normal user
drwxrwxr-x. 2 ram1 ram1 6 Sep 29 12:52 ramdir1
-rw-rw-r--. 1 ram1 ram1 0 Sep 29 12:52 ramfile1
how to change the permissions?

note: only owner and root can change the permissions
chmod 770 /tmp/l2file.sh
owner= full permission (rwx) 421
group member = full permissions(rwx)421
others = null 0
the above command is for changing permissions with number based
chmodo+rwx /tmp/l2file.sh
granting rwx(7) full permissions to other users
chmod o-rwx /tmp/l2file.sh
removing permissions to others
chmod g-rwx /tmp/l2file.sh
removing permissions to group members
chmodg+rx /tmp/l2file.sh
granting read and execution permissions to group members
on directory
if you want to apply permissions on parent directory and sub folders or files
then we have to use R (upper case R)
/tmp/test
chmod -R 770 /tmp/test
OWNER
only root is permited to change ownership on file or directory.
chown l1:linuxteam /tmp/l2file.sh
here root chaning ownership to l1 and also changing group to linuxteam.
how to change only group on file or directory?

chgrp prasad /tmp/l2file.sh
umask
===== dir files
root 777 666
022 022
=== ===
755 644
normal user:
777 666
002 002
==== ====
775 664
***** what is umask? explain about umask?

umask is nothing but controller in default permissions.
using umask we can control the default permissions on files and
directories.
root user umask is ? 022

normal users umask is ? 002
===================== /etc/profile
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
umask 002
else
umask 022
fi
===========================================================
what is the root user uid? 0
normal users uid start from ? 1000
[ $UID -gt 199 ] as per this logic norma users comes under true condition
so 002 umask apply.
because normal users uid start from 1000 [$1000 -gt 199];
for root
[0 -gt 199];
0 is not greater than 199 so false . apply the else condition umask 022
0777
0 = no special permissions
1 = sticky bit
2 = set gid
4 = set uid
chmod 666 file

chmod -R 777 directory
chownprasad:group file
chown -R prasad:group directory
chgrp group file
chgrp -R group directory
rwxrwxrwx
u g o
user group others
7 7 7
r=4
w=2
x=1
*** difference between chmod and chown?
chmod is for change permissions on file or directory but chown is for chage
ownership from one user to other user.
umask 0000
666
umask 0077
600
later one of user asking need permision on your file
or every asking grant read permissions only on one particular file
chmodo+r file1
umask is for normal users is 000

777-000= 777
666-000=666
============================================Sticky bit======================
Special permissions
1. Sticky bit
2. Set uid
3. Set gid
4. ACL
Requirement: everyone should able to use one of directory like

creating/modifying/deleting only his data not others data.
***** What is sticky bit? Sticky bit: everyone can use the directory but each other
can not modify or delete others files/directory.
how to apply sticky bit on directory?

chmod +t /common
how to remove sticky bit on directory?
chmod -t /common
sticky bit apply = chmod 1777 /common

sticky bit remove = chmod 0770 /common
1 = sticky bit
drwxrwxrwt. 2 root root 44 Sep 30 13:45 /common

we can see t in others permissions
==================================================================================
how to get the ip and connect through putty?
step 1: get the ethernet card name
ip a
eg: ens33
eno33445
step 2 : open below file using vi
vi /etc/sysconfig/network-scripts/ifcfg-ens33
ONBOOT=yes
make sure ONBOOT=yes is yes in ifcfg-ens33
step 3 : restart the network service
systemctl restart network
ip a
reffer 2: here we can see inet: 192.168.***.*** this is your ip address
open putty and put ip address and enter
ACL,setuid&setgid
==============
ACL: Access control list
owner groupmem others

rwx r-x r-x
access will be in control.

permissions will be in control.
***** what is ACL? explain about acl?
using ACL we can grant and restrict permissions for invidual users on
particular file or directory.
eg: there is a file, none of the user has any of the permissions.
only one person asking read only permissions.
using normal method we can not apply permissions to single user.
owner groupmem others

rwx --- ---
rwx --- r--
how to grant read/write/execution permissions to one particular user?

setfacl -R -m u:prasad:rwx /HRDATA
how to list out acl permissions on /HRDATA
getfacl /HRDATA
***** +symbol after others permissions. what is that meaning?

ACL permssions are applied
[root@batch25m5 ~]# ls -ld /HRDATA
drwxrwx---+ 2 root root 30 Oct 1 12:57 /HRDATA
how to grant permissions to n number users?

setfacl -R -m u:l1:rwx,u:l2:r-x,g:linuxteam:rwx /HRDATA
granted rwx to l1 and r-x to l2 and finally granted rwx to linuxteam
group.
u= user
g= group
how to remove one user from acl list?

setfacl -R -x u:l1 /HRDATA
-m = multiple
-x = excluding user from acl list
how to remove all the users from acl list?
setfacl -R -b /HRDATA
mount /dev/sdc1 /HRDATA

mount -o acl /dev/sdc1 /HRDATA
mount partition with ACL
in /etc/fstab
/dev/sdc1 /HRDATA xfs defaults,acl 1 2
=============== Links (shortcut )==============================================
1. Soft link
2. Hard link
***** difference between soft link and hard link?
soft Link Hard Link

===================================================================================
=====
1. Inode number will be different for source and destination file 1. Inode
number will be same for source and destination file
2. soft links supports files and directories for link creation 2. Hard link
supports only for files link creation
3. soft links supports link creation across the partitions 3. hard link
supports link creation with in partition
/boot partition /boot
/ is a partition / partition
we can create link from /boot to / partition using hard link we
can not create link between /boot to / partition.
soft link can support across the partitions hard link can not
support across the partitions
4. soft link file will not be accessible incase orginal file is removed 4.
still links will work incase orginal
file deleted
soft: ln -s <original path><destination path>

hard : ln <original path><destination path>
ln -s /etc/sysconfig/network-scripts/ /
how to unlink the link

unlink <destination path>
unlink /network-scripts
==========================================Find==============================
grep : we can search string(word) in file or files.
find : is for search file or directory with multiple clues or options.
eg : we can search the file or directory if we aware name of the file or

directory
we can search the file or dir if we know the owner of the file or
directory.
we can search the file or directory if we know the file or directory
creation date and time.
we can search the file or directory if we aware file/dir permissions.
we can search the file/dir if we aware size of file/directory.
-name ===> name based searching

-size ===> searching with size
-perm ===> searching with permissions
-mtime ==> searching with modification date and time
-user ===> searching with owner
-group ===> Searching with group
find <path><option><full fill the option>

find / -name fstab
find / -name messages
searching file in / directory that machine full machine.
find /var -name messages

here searching messages file only inside /var directory. not in full
machine.
how to search only files with option.

only files which are matching with any of the name
find / -type f -name prasad
only directories which are matching with any of the name
find / -type d -name prasad
owner: -user
find / -type d -user prasad
searching directories which owned with prasad user
seaching only files which are owned by prasad

find / -type f -user prasad
group
====
find / -group linuxteam
searching files/directories with linuxteam group.
*** how to search the empty files?

find /bkp -empty -type f
or
find / -type f -size 0
***** how to delete empty files once it find.

find /bkp -empty -exec rm -rf {} \;
the above command deletes both file/directories which are empty.
-exec execute based on first command

execute rm command with {} first command results.
{} ==> first command results will be in {}.
how to create file with size?

dd if=/dev/zero of=/tmp/50mbfile1 bs=1M count=50
250 mb file
dd if=/dev/zero of=/tmp/250mbfile3 bs=1M count=250
dd = disk to disk
if= input path
of= output path
bs = bytes per sec
count = how much
bs * count = size
dd if=/dev/zero of=/tmp/1gbfile bs=1G count=1
searching files with size

here searching files size between 49 MB to 1025 MB.
+ greater than - less than
find /tmp -size +49M -size -1025M
i want to remove resulted files

find /tmp -size +49M -size -1025M -exec rm -rf {} \;
how to create file with old time stamp?

touch -a -m -t 201901200730.00 /bkp/oldfile2019
yyyymmddhhmin:sec filename
-a access time -m modify time -t time stamp
-mtime - Days
file or directory modification date and time
find /bkp -mtime +365 -mtime -1200
greater than +365 days modified files/directories and less than 1200
days
find and delete older than 90 days files

find /var -type f -mtime +90 -exec rm -rf {} \;
i don't want delete and just move to different location
find /var -type f -mtime +90 -exec mv {} /bkp/ \;
-mmin - min
find files which created or modified with 30 min
find /var -type f -mmin -30
find files which are created with in 1 hour
find /var -type f -mmin -60
2 hours
-mmin -120
====================================LVM============================
Logical volume manager
Volume = disk
Disk management:
1. Normal method (fdisk)
2. LVM (Logical volume manager)
3. RAID
Normal Method LVM

Max we can create 64 partitions in single disk 29932
partitions
Resize of the partition is not possible resize of
the partition
Partition snapshot (instance backup) not possible
partition snapshot can possible
It won’t support clustering partitions it can
support clustering partitions
Disk 512 GB
Partition 1 = 100 GB
Partition 2 = 50 GB
/dev/sdb 512 GB
/dev/sdb1 100 GB
/dev/sdb2 50 GB
High level plan

======================
Task 1 : new disk
Task 2 : convert disk as pv
Task 3 : create vg
Task 4 : create lv
Task 5 : format the lv with xfs file system type
Task 6 : create directory and mount the lv
pvs = is for list out physical volumes

pvcreate /dev/sdd
vgs = is for list out volume groups
vgcreatedbvg /dev/sdd
lvs = is for list out logical volumes
lvcreate -L 5G -n dblv01 dbvg
Format lv
mkfs.xfs /dev/dbvg/dblv01
Mkdir /db01
Mount /dev/dbvg/dblv01
df -h
ext2,ext3, ext4 and xfs
extending partition space

lvextend -L +10G /dev/dbvg/dblv01 -r
/dev/sdf1 /db01
mount /dev/sdf1 /db01
Physical platform
virtual platform (vmware)
cloud platform(aws,azure,gcp)
Scenario 1: How to get disk for physical machine

Storage team responsibilties:
==> SAN box and SAN switches will be under storage team control.
Storage team creates one group with disks. 10 disks as a group 20 TB
Storage team create small disk (lun) from group = in that group they will
create 1 lun (Logical unit number) with 50 GB
Storage teams format that small disk (lun) = format the lun, after format lun
will have one logical number
Storage teams map that small disk (lun) to wwn number. = map that logical
(lun number) to wwn (hba) card.
LUN = Logical unit number nothing but virtual disk in storage box.
OS team responsibilities:
task 1 : Login to server and refresh the channels(2 channels) 2 hba cards 2
channels
/sys/class/scsi_host/host0 is nothing but hba card 1
/sys/class/scsi_host/host1 is nothing but hba card 2
echo " - - - " >> /sys/class/scsi_host/host0/scan ======>

refreshing channel,target,lun for hba card 1
echo " - - - " >> /sys/class/scsi_host/host1/scan ======>
refreshing channel,target,lun for hba card 2
- - -
C t l
c = channel
t = target
l = lun
Suppose there are 4 hba cards then how many hosts we have to refresh
/sys/class/scsi_host/host0
After refresh you can see 4 disks at os level.

/dev/sdb route 1 to lun1
/dev/sdc route 2 to lun 1
/dev/sdd route 3 to lun 1
/dev/sde route 4 to lun 1
nothing single lun or nothing sing disk
hba card 1 = 1 route to storage box
hba card 2 = 2nd route to storage box
hba card 3 = 3rd route to storage box
hba card 4 = 4th route to storage box
***** how to list out hba cards?
systool -c fc_host -v
here you can check hba card status,speed and wwn
how to request for new lun?
os is going to request for lun with storage team.
step 1 : we will fill the storage request form with wwn and required
size
we will open ticket with storage team with storage request form.
step 2 : storage team will acknowledge ticket and create lun& map to
server
step 3 : once they attach or map lun to server we will refresh the hba
card channels using echo command.
now we can see disks at os level
echo " - - -" >> /sys/class/scsi_host/host1/scan
step 4 : create common name for disks
eg : /dev/sdb ==/dev/mpath1
/dev/sdc=== /dev/mpath1
/dev/sdd ===> /dev/prasad

/dev/sde ====> /dev/prasad
pvcreate /dev/mpath1
pvcreate /dev/prasad
steps to create common name for Lun or disks.

eg: there are 2 hba cards then we can see 2 disks
there are 4 hba cards then we can see 4 disks for one lun
step 1: execute multipath -ll command and note down the lun logical
number
step 2 : update logical number with common name in /etc/multipath.conf
file
vi /etc/multipath.conf
multipaths {
multipath {
wwid360060e801532bc00000132bc00009080 -- new lun id
alias altboot0
}
}
altboot0 is my alias for 2 disks.

pvcreate /dev/altboot0
fdisk /dev/altboot0
step 3: restart the multipath service
service multipath restart ===>rhel 6
systemctl restart multipath ===>rhel 6 & 7
now we can convert disk as pv

pvcreate /dev/altboot0
==================== completed steps to get disk for physical

machine====================
multipath: using multipath we will create common name for disks.
mutipath -ll ====> to list out connected disks

here we can see disk name, connectivity status to lun
online = proper connection between server to lun
offline = no connection between server to lun
multipath -r
to reload multipath configuration
multipath -F
to flush unused luns
***** do you know multipath concept?
we were having physical machines there i used to work with multipath command.
once after lun map to server then we used refresh the hba card channels and
create common name for lun(disks).
Scenario 2: How to get disk for virtual machine
Step 1: Open case with vmware team to create new disk. While creating ticket
we have to mention only sever name and size of the disk.
Step 2: Vmware team creates new disk and confirm us
Step 3: We will find out new disk using lsblk or lsscsi command
Then convert that disk as a PV and use for lv
Scenario 3: How to get disk for cloud (micro soft azure) machine
step 1 : we will login to azure portal and search for that particular
server
step 2 : we will click on disks tab and attach new disk
step 3 : we will find out new disk using lsblk or lsscsi command
then convert that disk as a pv and use for lv
***** Scenario 1 : Creating partition from scratch using LVM

High level plan
1. getting disk
2. creating lv
step 1 : we will open request with vmware team to attach disk with required
size. (VMWARE platform)
we will open request with storage team along with storage request
form in ticket (Physical platform)
we will login to azure portal and attach new disk to server.(Cloud
platform)
step 2 : we will refresh the channels once we get confirmation from vmware
or storage team.
step 3 : we will convert disk as pv using pvcreate command
pvcreate with disk path
pvcreate /dev/sdf
step 4 : create new vg with new pv using vgcreate command
eg: vgcreatevgnamepvname
vgcreateappvg /dev/sdf
step 5 : create lv with required size in vg. using lvcreate command
lvcreate -L means labelling size and required size 10G then -n name
for lv and vgname
lvcreate -L 10G -n applv01 appvg
step 6 : format lv with any of the file system type using mkfs.xfs and
absoulute path of lv
mkfs.xfs /dev/appvg/applv01
step 7 : Create directory or mount point and mount the lv to particular mount
point. using mount command we can mount lv
mkdir /application1
mount /dev/appvg/applv01 /application1
step 8 : add mount point details in /etc/fstab for permanent mount . entries
like
<devicename> <mountpath> <file sytem type><default
permissions><metadata backup>< file system checkup>
/dev/appvg/applv01 /application1 xfs defaults 1 2
done
***** Extending partition space which is created in lvm method

step 1 : we will verify enough space is available or not in vg?
using vgs we can verify vfree space
if there is enough space in vg then stright away we will extend
lv space using lvextend command
lvextend -L +10G and absolute path of lv space -r
lvextend -L +10G /dev/tvg/tlv01 -r
if there is no enough space in vg then we will co-ordinate with
storage team to get disk if server is physical
here we will open ticket with storage team along with
storage request form
if server is virtual then we will open case with vmware team to
get new disk
here we will open ticket with vmware team along with
servername and required size.
once we get cofirmation from respective team that disk is attached then we
will refresh the channels to reflect disk at os level
step 2 : once disk is avaialble at os level then we will convert that disk
as pv and add pv into existing vg
eg : disk is sdh then
Pvcreate /dev/sdh
Add new pv into existing vg using vgextend command
Vgextendtvg /dev/sdh
step 3 : we have enough space in vg after adding new pv into vg so we can
extend lv space using lvextend command
Lvextend -L +10 G absolute paths of lv and -r
Lvextend -L +10G /dev/tvg/tlv01 -r
What is -r resize2fs
Earliear we used to execute 2 commands to extend lv space
Lvextend -L +10G /dev/tvg/tlv01
Ext3, 4 resize2fs /dev/tvg/tlv01 to reflect space to the
partition
xfs_growfs /dev/tvg/tlv01
*** What is the command to get partition uuid?

blkid
1. Architecture of LVM
2. How to get disk for Physical machine, virtual machine and cloud virtual
machine
3. Create partition from scratch
4. Extend partition space in online
*****Scenario 1 : Creating partition from scratch

*****Scenario 2 : extending partition space using LVM method
***** Scenario 3 : How to reduece partition space which is created in LVM method
ext2
ext3
ext4 lv reduce can possible
xfs lv reduce can not possible
creating partition using normal method

enter into disk using
fdisk /dev/sde
create partition
update to kernel about disk changes
partprobe /dev/sde
keep partition with any of the file system type
mkfs.xfs /dev/sde1
create directory and mount partition to directory
mkdir /t1
mount /dev/sde1 /t1
lvm
create lv
lvcreate -L 50G -n tlv001 appvg
format lv
mkfs.xfs /dev/appvg/tlv001
mkfs.ext4 /dev/appvg/tlv001
create directory and mount partition to directory
mkdir /appdir
mount /dev/appvg/tlv001 /appdir
***** Scenario 3 : How to reduece partition space which is created in LVM method
==============lvreduce can possible in ext3,ext4. Not possible with xfs partition
step 1 : we will unmount the partition once we recieve approval for unmount
note : we will verify any body using partition, if no one is using then we will
unmount.
***** how to find out any body using partition or not?
fuser -v /app3
or
Lsof +D /app3
how to kill those running processes inside partition?

fuser -vik /app3
or
kill -9 processid
what is the use of fuser?

file system usage users
we can find out which are the users using partition using fuser command
what is lsof? list out opened files
which are the files opened or using by any of process
lsof +D /app3
lsof command will list out which are the processes are running in
/app3 directory.
Step 2: repair or adjust the file system sectors using e2fsck command
e2fsck -f /dev/appvg/applv03 -y
-f forcefully
-y= yes go ahead and repair incase there are bad or corrupted sectors.
Step 3: adjust the size using resize2fs command. Here we will define size how much
we want to keep for the partition.
eg : the current size of partition is 10 GB in that i want to take out 6 size
or keep size to 4 GB only then resize2fs /dev/appvg/applv03 4G
The current size is 10 GB that we want to reduce to 4 GB
resize2fs /dev/appvg/applv03 4G
resize2fs is nothing but upto size
Step 4 : reduce partition space using lvreduce command

lvreduce -L -5.9G /dev/appvg/applv03
Step 5 : mount the partition
mount /dev/appvg/applv03 /app3
verify file system size
df -h /app3
***** Scenario 4 : How to move lvs from one pv to another pv?

move partitions(lvs) from one disk to another disk
/dev/sde is faulty or not performing well so decided to move whaterverlvs are

exist in /dev/sde to new disk(/dev/sdi)
step 1 : we will identify which are the lvs part of faulty disk using pvdisplay
command.
pvdisplay -m /dev/sde
step 2 : get new disk with equal size of faulty disk
step 3 : convert new disk as pv and add new pv to existing vg

vg name = appvg
new disk = /dev/sdi
faulty = /dev/sde
pvcreate /dev/sdi
add new pv into existing vg
vgextend appvg /dev/sdi
step 4 : move lvs from faulty disk to new disk
pvmove /dev/sde /dev/sdi
we can verify are the lvs are moved from /dev/sde to /dev/sdi
pvdisplay -m /dev/sdi
here we can find the lvs
now /dev/sde is free none of the lvs are running so we can remove it from vg
and remove it from pv list
Step 5: remove faulty pv from vg and pv list
vgreduceappvg /dev/sde
pvremove /dev/sde
now disk is free to remove. it's not part of lvm.
How to know is the disk is faulty or performance degraded?

warning messages in /var/log/dmesg about that disk like read and write count
is less
critical messages in /var/log/dmesg
/var/log/dmesg it captures hardware related logs.

failure,critical,warning and info
VG backup and Restore

============================
vg level backup and restoration.
by mistake we deleted lv or we made some changes at vg leven then relaized we did
mistake, in that situations how to roll back or restore changes using vgcfgrestore.
By default lvm service will maintaince/backedup latest 10 activities at vg
level.
how to list out recent activities at particular vg?
vgcfgrestore -l vgname
***** is there any possibilities to increase recent activities at vg level?
we can adjust the value in /etc/lvm/lvm.conf
retain_min = 10
to
retain_min = 100
1. /etc/lvm/lvm.conf ===> main configuration file of lvm

2. /etc/lvm/backup/ ===>backup files of vgs
3. /etc/lvm/archive/ ===> backup configuration data of vgs backup
backup and archive directories are important to backup and restore the
vg level changes.
backup = backedup vg before one of the activity(lvremove,lvreduce,lvextend)
vgcfgbackup -f /tmp/appvg-bkp-19-10-2021.vg appvg
restore = restore the changes using latest backup vgcfgrestore -f /tmp/appvg-
bkp-19-10-2021.vg appvg
how to backup vg?
vgcfgbackup -f /tmp/appvg-bkp-19-10-2021.vg appvg
restoring
vgcfgrestore -f /tmp/appvg-bkp-19-10-2021.vg appvg
LV Snapshot
========================
lv snapshot will occupy only 6 % of actual lv. because snapshot will backup only
meta data of lv, so 6 % of lv size is enough to backup lv.
snaphot will keep grow based on changes in original lv.
how to backup particual lv ?

lvcreate -L 500M -s -n snapofapplv02 /dev/appvg/applv02
how to revert or merge snapshot?
step 1 : unmount lv
umount /application2
step 2 : merge the snapshot
lvcovert--merge /dev/appvg/snapofapplv02
step 3 : mount it back
disable/enable lv
lvchange -an /dev/vg/lvname
-an activate no = disable
lvchange -ay /dev/vg/lvname
-ay activate yes = enable
disable/enable vg
vgchange -an vgname
vgchange -ay vgname
disable/enable pv
pvchange -xn /dev/sde
pvchange -xy /dev/sde
refresh commands
pvscan
vgscan
lvscan
group 1 : linuxteam
user = prasad by default each and every user will have group
useradd -g linuxteam -G prasad babu
creating babu user and making primary group is linuxteam for babu and also he is
member into prasad group.
what is the primary group of babu? linuxteam
if babu creates file or directory ownership will be like
babu linuxteam filename
there is prasad file with rwxrwx---

7 7 0
RAID
====================================================
disk management methods:

1. Normal method
2. LVM
3. RAID
Redundant Array of inexpensive disks
Redundant = backup
redundant = High availability(HA)
using RAID we are going to create HA between disks.

or
with help of RAID concept we can achieve redundancy between disks.
eg: using raid we can create multiple disks as a array and in that any one of
disk fails also there will not be any impact.
***** explain about raid levels
RAID Levels
============
RAID 0
RAID 1
RAID 2
RAID 3
RAID 4
RAID 5
RAID 6
RAID 0 +1
RAID 1 + 0
RAID 0 = Stripping
the data will be devided and written in all the array disks.
the blocks(data) will be devided between array disks.

suppose 1 GB data will be devided between 2 array disks
disk 1 = will have 512 MB
disk 2 = will have remaining 512 MB
adv: read and write speed will be too good.

dis : we will loose full data incase any one of the disk fail
requirements : min 2 disks
data transffer happen in : blocks(512 bytes)
note: there is no redundency in RAID 0(stripping).
there is no fault tolorance in RAID 0
RAID 1 : Mirroring
the data will be written in array disks.

eg : we have 2 disks in array and writting 1 GB data . in RAID 1 concept the 1 GB
data written in both the disks.
disk 1 = will have 1 GB

disk 2 = will have 1 GB
adv : full redundency. incase any one of the disk fails also no impact to
data or transactions , because same data written in other disk.
dis : slow performance because same data has to write in both the disks.
requirements : min 2 disks
data transffer happen in : blocks(512 bytes)
RAID 2 : Stripe with parity ( data transfer happens in Bits instead of blocks)
the dta will be devided and written in all the array disks and
parity(metadata) will store in dedicated disk.
dis : data transfer happen in bits so performance will be too slow
requirement = 3 min disks
RAID 3 : Stripe with parity ( data transfer happens in Bytes instead of blocks)
the data will be devided and written in all the array disks and
dis : data transfer happen in bytes so performance will be too slow
RAID 4 : Stripe with parity ( data transfer happens in blocks)
suppose 1 GB data will be devided between 2 array disks so performance will
be too good.
adv : full redundency and good performance.
RAID 5 : Stripe with parity ( data transfer happens in blocks)
parity(metadata) will store across all the disks.
parity will store arcoss all the array disks.
be too good.
***** in raid 4 we were dedicating 1 disk for parity so we were not able to use
last disk for data store purpose that is fine how about in RAID 5?
in raid 5 we were able to store data across all the disk so can use full
capacity?
ans : no we can not use full capacity for data store purpose because algorithem
designed like 1 disk capacity should go for parity.
eg : 3 disks with 100 GB what is the data store capacity? 200 GB
3 *100 =300 but as per design or algorithem we can store only 200 GB
RAID 6 : Stripe with double parity ( data transfer happens in blocks)

parity(metadata) will store in 2 dedicated disks.
parity will store in 2 dedicated disks.
be too good.
disk 3= parity1
disk 4 = parity2
dis : bit expensive
client : asking performance should be too past backup is not important

RAID 0
client 2 : we want to maintain customers bank and transactional data?
RAID 6
How to delete disk from server gracefully?
make disk status offline
echo offline >> /sys/block/sdf/device/state
delete disk from os side
echo 1 >> /sys/block/sdf/device/delete
we can implement RAID configuration using below 2 methods

====================================================
1. LVM
2. mdadm( multiple disks administration)
***** LVM with RAID Levels:

stripped lv
we have 3 disks and client mentioned performance should too good.

or
partition size is 300 GB and performance should too good
we will get better performance only in stripped RAID method.
pre-requisites:
3 disks and converted as pv's
note: make sure 3 disks are with equal size(100 GB)
create single vg with 3 pv's
now what is the vg capacity? 300 GB
create lv with stripped raid level.
create pv
pvcreate /dev/sd{e,f,g}
create vg
vgcreateappvg /dev/sd{e,f,g}
create lv
lvcreate -L 14.9G -i 3 -I 128K -n tapp1 appvg
verify lvs with type
lvs --segment
types
linear = normal lv
stripped = raid 0
how to create file with specific size?

dd if=/dev/zero of=/testfile1gb bs=1024 count=1M
if= input file
of=output file
bs = bytes per sec
count= what size
1024 * 1 M= 1GB
1024 * 1G = 1 TB
du -hs/testfile1gb
date && cp /testfile1gb /app1 && date
Thu Oct 21 13:21:44 IST 2021
Thu Oct 21 13:21:55 IST 2021
took 11 sec to copy 1 GB data inside stripped lv

took 35 sec to copy 1 GB data inside normal lv
[root@batch25m5 ~]# date &&cp /testfile1gb /db02 && date
Thu Oct 21 13:25:39 IST 2021
Thu Oct 21 13:26:04 IST 2021
***** How to extend stripped lv size?

no space left in vg in this case we will get 3 new disks with equal
size and add 3 disks into same vg where existing stripped lv is there and extend lv
size
convert 3 more new disks as pv

pvcreate /dev/sd{h,i,j}
add 3 new pvs into vg
vgextendappvg /dev/sd{h,i,j}
extend the stripped lv size
lvextend -i 3 -I 128K -l +100%FREE /dev/mapper/appvg-tapp1 /dev/sdh
/dev/sdi /dev/sdj
-L = label the size or -L|--size Size[m|UNIT]

-l = based on LE s percentage -l|--extents Number[PERCENT]
resize2fs command to reflect space
ext4 : resize2fs abosolutepathoflv
xfs: xfs_growfsabsolutepathoflv
xfs_growfs /dev/mapper/appvg-tapp1
***** what is the difference between -L and -l in lvcreate or lvextend

-L is nothing fixing the size for lv
-l is specifying size with %(percentage) based on space available in vg
eg : 100 GB is available in vg in that i want to take 50 GB
lvcreate -l 50%FREE -n lvnamevgname
=======================creating RAID 5 lv=====================

lvcreate -L 10G --type raid5 -n r5lv appvg
[root@batch25m5 ~]# lvs --segment
LV VG Attr #Str Type SSize
r5lv appvgrwi-a-r--- 3 raid5 10.00g
dblv00 dbvg -wi-a----- 1 linear 2.00g
mkfs.xfs /dev/appvg/r5lv
mkdir /r5
mount /dev/appvg/r5lv /r5
lvs -o+devices
===========================Creating partition with RAID 5 using

MDADM===================
creating Raid 5 with 3 disks

mdadm --create /dev/md5 --level 5 --raid-devices=3 /dev/sde /dev/sdf
/dev/sdg
mdadm --detail /dev/md5
format
mkfs.xfs /dev/md5 -f
mount
mkdir /app2
mount /dev/md5 /app2
=========================================================================
mdadm with lvm
mdadm --create /dev/md5 --level 5 --raid-devices=3 /dev/sde /dev/sdf
/dev/sdg
use mdadm partition to lvm architecture

pvcreate /dev/md5
vgcreateappvg/dev/md5
lvcreate -l 100%FREE -n applv001 appvg
=============================================================================
how to get the details of md partition?
mdadm --detail /dev/md5
mdadm /dev/md5 -f /dev/sdg

-f make disk as a faulty
how to remove faulty disk from array?
mdadm /dev/md5 -r /dev/sdg
how to add new disk into array ?
mdad /dev/md5 -a /dev/sdi
how to format disk using mdadm
mdadm --zero-superblock /dev/sdi
how to remove md partition
mdadm --stop /dev/md5
now we can format all disks which were part of md5
mdadm --zero-superblock /dev/sde
mdadm --zero-superblock /dev/sdi
mdadm --zero-superblock /dev/sdf
vgmerge: how to merge two vgs?

========================
using vgmerge we can merge the two vgs.
***** how to create lv in particular pv or particular disk

lvcreate -L 1G -n applv02 appvg /dev/sdf
Logical volume "applv02" created.
how to check how many lvs part of particular pv
pvdisplay -m /dev/sdf
merging dbvg with appvg
step 1 : make sure none of the lv is mounted and make sure vg is in
disabled state
vgchange -an dbvg
step 2 : merge
vgmergeappvgdbvg
Volume group "dbvg" successfully merged into "appvg"
step 3 : activite back appvg
vgchage -ay appvg
vgsplit: how to split vgs?

==================
step 1 : make sure no lvs are mounted and disable vg
vgchange -an appvg
step 2 : split the vg
vgsplit -n /dev/appvg/dblv00 /dev/appvg /dev/dbvgnewappvg
[root@batch25m5 ~]# vgchange -an appvg

0 logical volume(s) in volume group "appvg" now active
[root@batch25m5 ~]# vgsplit -n /dev/appvg/dblv00 /dev/appvg /dev/dbvgnew
New volume group "dbvgnew" successfully split from "appvg"
***** explain about vgmerge and vgsplit
PE's & LE's

=======================
PE = physical extend
LE = Logical extend
disk is nothing collection of sectors

we will convert disk as pv using pvcreate command. that means we are pulling
normal disk under lvm architecture.
as soon as we convert normal disk as pv sectors calculated and created as

PE's.
sectors = PE
***** what is the default size of PE or LE?
4 MB
2 sectors are equal to 1 KB = 1024 KB = 1 MB
=====================================> 4096 Sectors equal to 1 PE or 1 LE
****** how to create vg with 8MB LE size or PE size

==============================================
create new vg with new PE size
vgcreate -s 8M newvg /dev/sdg /dev/sdh
***** How to create partition with specified block size

mkfs.xfs -b size=8192 /dev/newvg1/newlv
xfs_info /dev/newvg1/newlv
architech ==> SME ==> L3 ==> L2 ==> L1

sme = subject mater expert
l3 = Level 3
client will share requirement with architech
===============Software Management/Package Management==========26-Oct-
2021===========
install new program/un-install existing program and upgrading installed
program this is nothing software management.
vlc player ( software) is nothing program

whatsup application (software)
pdf reader
zip
chrom
internet explorer
install
un-install
upgrade
update
query(information)
to do above tasks there are 2 default methods
1. RPM (redhat)
2. YUM (redhat)
1.RPM(suse)
2.zypper(suse)
rpm = red hat package manager

yum = yellow dog update and modifier
Sorce for softwares or software repository

1. DVD
2. ISO image
3. from internet (https://pkgs.org/)
Vsftpd-3.0.2-28.el7.x86_64.rpm
name version release arch .rpm

vsftpd 3.0 2-28 el7.x86_64 .rpm
el8.x86_64
enterprise linux7
enterprise linux8
x86_64
x means cross platform desktop or server it can support
both.
64 bit os
32 bit os
Aarch64.rpm AMD processor arch 64 bit
keep in mind below information before start downloading or installing
software.
os version is package is developed for right os version.
os architecture is package is devloped for right arch
query (rpm -qa)

install (rpm -i)
un-install (rpm -e)
upgrade (rpm -U)
with help of dvd/iso image we are going to do software management

tasks.
1. connect dvd/iso image to machine
2. mount iso image in machine
3. install software
1. connect dvd/iso image to machine ==> right click on vm ==> settings ==>dvd==>
Use iso image file ==> browse for iso image file ==> ok ==> ok
2. mount iso image in machine ==> login to machine and mount dvd to local directory
mount /dev/sr0 /media
rpm -ivh vsftpd-3.0.2-22.el7.x86_64.rpm

[root@localhost Packages]# rpm -ivh vsftpd-3.0.2-22.el7.x86_64.rpm
warning: vsftpd-3.0.2-22.el7.x86_64.rpm: Header V3 RSA/SHA256
Signature, key ID fd431d51: NOKEY
Preparing...
################################# [100%]
Updating / installing...
1:vsftpd-3.0.2-22.el7
################################# [100%]
i = install
v = verbose (100%)
h = print hash(#) symbols based on how much % installed
v & h are mandatory for install package? no v & h doen't required to install
which is mandatory option ? -i
QUERY options
============
rpm -qa
-q = query
a = all installed softwares/packages
how many packages are installed ? rpm -qa | wc -l

is vsftpd package is installed ? rpm –qa vsftpd or rpm -qa | grep
vsftpd
how to get full information about package ? rpm -qi vsftpd
how to get documents of package? rpm –qd vsftpd
how to get files inside package? rpm –ql vsftpd
i = info
d = documents of pkg
l = list of files inside pkg
c = configuration files
inside pkg
***** how to test the package before we install? rpm -ivh --test
packgename
/etc contains configuration files of software

configuration files are nothing but setting of software
ftp = vsftpd software

ssh =openssh software
nfs = nfs software
samba = samba software
dns = named software
ntp = ntpd software
http
mariadb-server
dependencies are
1. mariadb
2. perl-DBD-MySQL
install : rpm –ivh pkgname.rpm

remove : rpm –ev pkgname
query : rpm –qa pkgname
***** how to install package without dependencies? we can include --nodeps in rpm -
ivh command
rpm -ivh mariadb-server-5.5.56-2.el7.x86_64.rpm --nodeps

is it fine to installing pkg without dependencies? No . the software
functionality will not be as expected.
main pkg
dependencies
pkg1
pkg10
pkg11
pkg12
pkg2
pkg13
pkg14
dependencies for pkg14
pkg15
pkg16
pkg3
dependecies for pkg3
pkg17
sequence order
pkg17,pkg3,pkg16,pkg15,pkg14,pkg13,pkg2,pkg12,pkg11,pkg10,pkg1,main pkg
High level plan for deleting disk from linux server

unmount lvs
remove lv
remove vg
remove pv
offline the disk
delete disk
vm settings and delete disk
query:
rpm -qa
rpm -qdpkgname = documents of pkg
rpm -qi pkgname = information about pkg
rpm –ql pkgname = List out files inside pkg
rpm -qc pkgname = list out the configuration files
rpm –qf filepath
eg: rpm -qf /etc/fstab
qf will tell you so and so file created by which pkg
how to re-install the pkg?

rpm –ivh pkgname.rpm --force
***** unfortunatly /usr/bin/chmod command has been deleted? how you can recover
that?
step1 : login to other machine and find out chmod command is generated by
which rpm
using rpm -qf /usr/bin/chmod
here i will come to know which rpm is generated chmod command so then i can come to
problematic machine and try to install the pkg which is generates chmod command.
with help of rpm -qf /usr/bin/chmod
identified pkg is coreutils is the pkg which generated chmod command
step 2 : login to machine where we have deleted chmod command and re-
install the coreutils pkg
rpm -ivh coreutils-8.22-21.el7.x86_64.rpm --force
***** how to know recently installed pkgs?
rpm -qa --last
rpm –Uvh pkgname.rpm

-U is for upgrade
rpm –ivh pkgname --force
is for re-install and update
1.1 version is there. we want install 1.2 along with 1.1
rpm -ivh pkgname1.2.rpm --force
upgrade is nothing overwritting the old pkg. after upgrade we can find only
latest.
upgrade : rpm -Uvh vsftpd-3.0.2-28.el7.x86_64.rpm

downgrade : rpm -Uvh --oldpackage/run/media/root/RHEL-7.5\
Server.x86_64/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm
rpm yum zypper

installed pk rpm -ivhpkgname.rpm yum install
pkgname.rpmzypper install pkgname
rpm -qa yum list installed zypper
ls
search particular pkg rpm –qa vsftpd yum list installed vsftpd
rpm -qi yum info pkgname

upgrade pkgname rpm -Uvhpkgname.rpm yum upgrade pkgname.rpm zypper
re-install rpm -ivhpkgname.rpm ?force yum reinstall pkgname.rpm
remove pkgname rpm -evpkgname yum remove pkgname
zypper
***** Mandatory partitions during OS installation?

/boot = 512 MB
/ = 5 GB
recommended partitions?
/boot = 512 MB
/var = 3 GB
/tmp = depends on
swap = equal or double or thrise of RAM
/home = depends on
/ = Min 5 GB
YUM: yellow dog update and modifier

=============================================
rpm & yum both are in house tools to perform package management.
yum has more features compare with RPM
what is the extra feature in YUM?

can posible to create softwares repository
===================================================================================
===== SERVER SIDE:
steps to configure YUM repository server?
step 1 : connect the DVD/ISO image to the server
Step 2 : mount the RHEL 7.5 iso image in server
mount /dev/sr0 /media
step 3 : install pre-requisite packages
1. createrepo
2. vsftpd
step 4 : create directory inside /var/ftp/pub
mkdir -p /var/ftp/pub/rhel7.5
step 5: copy all packages from dvd to rhel7.5 directory which we created in
step 4.
cp -r /media/Packages/* /var/ftp/pub/rhel7.5/
step 6: Create repository
createrepo -v /var/ftp/pub/rhel7.5/
step 7 : configure repository
note : file extention should be .repo only.
vi /etc/yum.repos.d/local.repo
[rhel75]
name=rhel75
baseurl=file:///var/ftp/pub/rhel7.5
gpgcheck=0
enabled=1
explanation:
[rhel75] and name these 2 lines specifies name of the repository.
baseurl= packages path
gpgcheck= authentication 0 no authentication for clients freely they can
access repository
gpgcheck=1
gpgkey=/etc/keys/kkk same key should be in client machine
enabled=0 is nothing disabling repository
enabled=1 is nothing enable repository
step 8: execute below commands

yum clean all =========> to refresh the repositories
yum repolist =========> to list out configured repositories
systemctl restart vsftpd

systemctl enable vsftpd
systemctl disable firewalld
systemctl stop firewalld
setenforce 0
vi /etc/selinux/config
here replace
SELINUX=enforcing
to
SELINUX=permissive
note : make sure ip is available
=======================completed steps in yum server==========
INTEGRATE CLIENT MACHINE WITH YUM SERVER FOR PACKAGES
step 1 : make sure there is ip in client machine

my client is running with RHEL 7.0 OS in server side confiugred 7.5
repository
yum server ip is = 192.168;.145.172

yum client ip is = 192.168.145.173
Step 2 : test the network connectivity from client machine to yum repo
system
ping <yumserverip>
ping 192.168.145.172
telnet 192.168.145.172 21
result should be connected
sometimes telnet command not found in that case
please install telnet package
telnet 192.168.145.172 21
Trying 192.168.145.172...
Connected to 192.168.145.172.
Escape character is '^]'.
220 (vsFTPd 3.0.2)
to comeout
ctrl key ]
quit
21 port is assigned for which service ? ftp
step 3 : configure yum client

[rhel75]
name=rhel75
baseurl=ftp://192.168.145.172/pub/rhel7.5
gpgcheck=0
enabled=1
step 4 : refresh the repos and list out repositories

yum clean all
yum repolist
baseurl=file:///var/ftp/pub/rhel7.5
client baserul=ftp://192.168.145.172/pub/rhel7.5
RHEL 7.0 yum update
RHEL 7.1
RHEL 7.2
RHEL 7.3
RHEL 7.4
RHEL 7.5
RHEL 7.9
RHEL 7.10
RHEL 8.0
RHEL 8.1
yum update :full packages upgrade

yum update pkgname : upgrading particular package
eg: yum upgrade vsftpd : upgrading only vsftpd package
yum upgrade vsftpdnfs-utils : upgrading 2 packages
yum upgrade kernel : upgrading only os kernel
yum upgrade --security : install only security patches

yum upgrade
yum update
client point out to repos

client has 7.0 in repository at server end 7.9
yum update in client machine it will go to 7.9
***** How to upgrade only kernel?

yum update kernel
***** which is recommended yum update kernel or yum upgrade kernel?
yum update kernel
if we use update then easy to go back to previous kernel incase something

goes wrong
when we do yum update kernel

old kernel and new kernel will be in system
when we do yum upgrade kernel
only new kernel will be in system so not possible to switch to old or
previous.
***** how to perform full patch?
yum update
***** how to perform only security packages upgrade or update?
yum update --security
***** difference between yum update and yum upgrade?

update = it preserves the previous critical packages information.
upgrade = it overwrites the previouse packages
which is recommeneded? yum update or yum upgrade?

yum update
***** how to check are the updates?

yum check-update
==============================ROLL BACK THE PATCH==============

solution 1 : merge the sanpshot if we took snapshot before patching
login to vcenter===> search for server ===> right click on server ===>
snapshot ==> revert snapshot
solution 2 : boot with previous kernel
old kernel is =kernel-3.10.0-123.el7.x86_64
new kernel is = kernel-3.10.0-862.el7.x86_64
now server is running with kernel-3.10.0-862.el7.x86_64. application or db
team requested we don't want new kernel our application is not compatable or not
working please boot with previous or old kernel.
temp: reboot the server and select previous kernel in grub screen
perm: login to server and set previous kernel as next boot kernel
grub2-set-default 2
grub2-mkconfig -o /boot/grub2/grub.cfg
shutdown -r now
before patching
0 7.0
after patching
0 7.5
1. 7.0
grub2-set-default 1
again we performed patching with 7.9
0 7.9
1 7.5
2 7.0
if i want to boot with 7.0 then set as 2
***** difference between YUM an RPM?

both are package management tools which are used to install,un-
install,upgrade and query about packages.
only difference between YUM and RPM is repository.
using yum we can configure repository.
advantages of repository is?
1. dependencies resolution.
dependencies will resolve and install automatically.
2. easy to upgrade between versions
eg : easy to upgrade or patch the system from 7.2 to 7.5
3. Easy to downgrade between versions
easy to downgrade from 7.5 to 7.2
yum server (192.168.145.175) client (192.168.145.174)

7.0 running os is 7.5 decidede to roll back to 7.0
7.5 right now client is pointing to which
repository? 7.5
what we decided ? downgrade to 7.0 so client
has to point out to which repository ? 7.0
solution 3: roll back the full patch from 7.5 to 7.0
pre-requisite: make sure 7.0 repository is available or configured at yum

server side.
step 1 : boot with 7.0 kernel

grub2-set-default 1
shutdown -r now
step 2 : make sure server is referring 7.0 repository
[rhelrepo70]
name=rhelrepo70]
baseurl=ftp://192.168.145.175/pub/rhel7.0
gpgcheck=0
enabled=1
step 3 : remove kernel protection file
rm -rf /etc/yum/protected.d/systemd.conf
step 4: roll back the packages which are upgraded as part of patching
yum history
here we will come to know id of activity
yum history info 3
yum history undo 2
activity 2 was patching, so we are doing undo with activity id 2
step 5 : reboot the server
Satellite server
difference between Yum local server &satelite.
Satellite:
it's a service which is providing by Redhat. using satellite easy perform
packagemanagement.
it's a centralized repository. all the clients can use satellite for packages.
satellite tool developed by redhat company.
redhat = satellite
suse = suma
*****1. How to register server with satellite server?

subscription-manager register
or
subscription-manager register --org="xyz.com" --
activationkey="anbndlslkldkjferew12kljsaf76@!87"
how you got activation key?

my SME or from my L3 person
2. How to check the integration status with satellite server?

subscription-manager status
or
subscription-manager list
even we can check server in satellite web portal
login to satellite web portal

http://192.168.145.100
username:
password:
in the dash borad we can see hosts. in hosts we can find our server which we
registered recently.
repositories will update in client machine automatically once after register
server with satellite.
yum clean all
yum repolist
no need to update any parameters in /etc/yum.repos.d/local.repo
L1 = <3
L2 = >3 <6
L3 = >6<9
SME(subject mater expert) = > 9 and < 15
Architect = > 15 Yeas of experience
3. How to unregister server with satellite server
subscription-manager unregister
or
login to satelite web portal
in browserver type
http://satelliteserverip
username:
password :
in dash borad we can see systems tab there we can select respective
server and remove
DASHBOARD ==> Hosts ==>servername==> unregister
Redhat:
in client machine patching procedure
make sure server is registered with satellite
yum update
yum install mariadb-server
suse:
in client machine patching procedure
make sure server is registered with suma manager
zypper update
zypper install mariadb-server
yum update kernel

zypper update kernel
***** Integrating SuSE server with SUMA?

step 1 : Login to SuSE machine and download boot strap script
cd /tmp
curl -Sks -O https://${SUMA}/pub/bootstrap/${BOOTSTRAP}
curl -Sks -O https://sumaserverip/pub/bootstrap/sap-12-5-lifecycle-
production-SLE12-SP5-SAP-Pool.for.x86_64.sh
chmod -R 755 /tmp/sap-12-5-lifecycle-production-SLE12-SP5-SAP-
Pool.for.x86_64.sh
Step 2 : execute boot strap script to integrate client machine with Suma server
./sap-12-5-lifecycle-production-SLE12-SP5-SAP-Pool.for.x86_64.sh
Step 3 : now login to suma portal and activate it

https://sumaserverip
username:
password:
click on salt ====>servername ==> activate(click on tick mark)
now we can star patching in sumamanager

zypper update
***** How to check is the server is registered with suma server or not
Login to suma server and search for server in systems list
or
SUSEConnect --status-text
How to disable particular repository at server or client end?

in .repo file disable repository
enabled=0
and then yum clean all
***** how to install package from one particular repository?

yum --disablerepo="*" --enablerepo="reponame" install mariadb-server
every 6 months once we will perform patching for all servers.

min 2 months to complete patching for all servers.
environments:
1. production
2. DR
3. pre-prod
4. QA
5. Dev
accenture ( service provider)

ADM ( client or customer to accenture)
ADM is the company who is giving work to accenture.
what kind of work assigned to Accenture?

Infra support( maintaining servers, network
components,storage,backup....)
ADM is the client for accenture.
accenture is the vendor for ADM.
for Accenture ADM is a one of project. for this may 15 members are supporting
with 24/7 support.
A Shift ( 6 to 3 PM)
B Shift (2 to 11 PM)
C shift (10 to 6 AM)
customers can order cheese in ADM application.

can be shop or direct customer can buy cheese from ADM portal.
ADM decided we have to develop this feature.
ADM CEO ==> has to approve this praposal

development team ==> to develop the web and application
OS or infra ===> to setup the infra structure
environments: for one application we deployed 120 servers.

1. production = 40 servers. 20 app servers 12 DB servers 8 web servers. from
which environment we will get revenue? production
2. DR = 20 servers
3. pre-prod = 20 servers
4. QA = 10 app servers 6 DB servers 4 Web servers =20
5. Dev = 10 app servers 6 DB servers 4 web servers = 20 servers in dev . who
will build the servers? infra team that is you. who will perform os patching every
6 months for these servers? infra team that is you. who will create
users/groups for developers? infra team that is you
we will deploy servers and hand over to application or development team

to develop the application.
only 20 servers in dev environment
to the customers which environment will be accessible? production
first code testing will start from ====> dev ====> QA ====> pre-prod ==> prod ===>
DR
os patching ====> dev ====> QA ====> pre-prod ==> prod ===> DR
developement will start in dev . it is play ground for developers.

same code deploy in QA and give live demo to customer or CEO.
pre-prod is almost replica of prod
we deployed code in pre-prod no issues this is the garaunty that we can
deploy code in prod.
suppose we are facing problem after deploy new code in pre-prod environment?
next action we have to identify and fix the problem then only we can
procede in prod
dev = performed patching on dev servers on Nov 14th 2021 (20

servers)
QA = 21st Nov 2021 in QA servers (20 servers)
pre-prod = 28 Nov 2021 in pre-prod (20 Servers)
prod= Dec 12 2021 in prod (40 Servers)
DR =26 Dec 2021 in DR (20 Servers)
only for 100 servers we took 1 month

what rest of the servers? min 2 to 3 months for patch the all servers
satellite == create 100 servers as a group

perform patch for all servers in one shot
manual patch = login to individual server and perform yum update
patching tool: Bigfix(IBM)
TEAM
Unix team we come under unix team (redhat,suse,solaris,hpux,
aix)
Windows team
VMWARE team or Cloud team
application team
DB team
Backup team
network team
PM team (project management team)
what is the use of PM team? they are the co-ordinators for change implementation
patching is one change

lv extend is one change
PM role is
below teams has to involve to perform patching
1. Unix team
2. App team
3. DB team
4. backup team
co-ordination done by PM team person(change manager).
backup team confirms that machine backed up

next db team will stop the db
next app team stop application
next Unix team perform the patching
while starting
db team start the db
app team start the app
app team validate the application functionality
change manager will ask unixtteam,app,db,backup teams to join in meeting to

perform patching
change manager will schedule meeting
make sure neccessary engineers joined in meeting
make sure tasks are executing by engineer as per schedule time.
CR= change request

implementation plan= step by step of activity
schedule time = 12 AM to 6 AM
window hours = 6 hours
=============== Patching procedure===== Manual procedure========

step 1 : we will join in the schedule meeting and collect prechecks and
also create snapshot for scheduled servers.
uname -r;df -h;cat /etc/os-release;pvs;vgs;lvs;uptime;date;cat
/etc/fstab commands output
we will create snapshot for scheduled servers.
step 2 : we will ask monitoring team to disable the alerts for scheduled
servers.
step 3 : we will request db and app team to stop the application and db.
step 4 : we will do sanitory reboot of server once after db/app teams
confirm application and db is down.
rebooting the server before patching.
server is up = server is in good condition before patching
server is not coming up = some issue in server before patching it
self.
Step 5 : will make sure server is registered with satellite if it's redhat
system or suma manager if server is suse.
if server is registered then we will proced and perform patching
step 6 : using yum update command for redhat machines
zypper update for suse machines.
it's takes min 15 to 30 min to complete the patching.
step 7 : we will reboot the server once after patching
step 8 : we will do post validation like verifying kernel version, file
systems and all then hand over server to app/db teams to start application.
step 9 : application and db team start the application and confirm us the
status
if application is working as expected then we will logoff from meeting and

close CR.
roll back incase app/db team saying something is not working as expected
1. merge the snapshot which we created before patching

2. boot with old kernel
3. roll back the full patch using yum history undo
===================================================================================
====
Interview questions in package management
1. what is the difference between rpm and yum?

2. difference between yum update and upgrade?
update : will preserve critical packages information
upgrade: will overwrite the packages
3. How to test the package before install?
rpm -ivhpkgname.rpm --test
4. unfortunatlychmod mode command has been deleted. how to recover it?
5. patching procedure
6. How to integrate server with redhat satellite sever?
7. How to integrate server with SUMA manager?
8. how to install package from one particular repository?
9. how to perform only security packages upgrade or update?
yum update --security
10. how to upgrade only kernel?
yum update kernel
11. how to perform full patch?
redhat : yum update
suse : zypper update
12. how to roll back the patch?
13. how to update new packages in existing repository.
step 1 : copy new rpm into repo path
cp -r /root/vsftpd-3.0.2-29.el7_9.x86_64.rpm /var/ftp/pub/rhel7.5/
step 2 : update the repository
createrepo --update /var/ftp/pub/rhel7.5
yum clean all
yum repolist
14. How to list out recently installed packages?
rpm -qa --last
15. How to roll back the latest patch with satellite server concept?
step 1 : enable the old repository
subscription-manager --enable= old repository id
step 2 : set the previous kernel as first boot priority
grub2-set-default 1
reboot the server shutdown -r now
step 3 : remove the kernel protection file
rm -rf /etc/yum/protected.d/systemd.conf
step 4 : undo the patch using yum history
yum history undo 2
reboot
step 5 : incase os version still not showing old version then downgrade the
redhat-release package
yum downgrade redhat-release pkg
how to identify what is the boot order configured in grub

grep -i "menuentry" /boot/grub2/grub.cfg
16. yum local repository configururation steps

17. in which location patches will download temporarily?
/var/cache/yum
18. unfortunatly patching has been inturpted in between. is patch will continue
from where it stopped or it will start from starting?
we have to execute yum update then it continue from where it stopped. there
will not be any problem for patching.
19. how to check what happened in last patch or what is the reason patch has been
inturpted?
we can analyse yum logs /var/log/yum.log
tail -100 /var/log/yum.log
=======================BOOTING
PROCEDURE=============================================
OS booting procedure
if server is booting up and giving login prompt then fine every one can acess
the server
incase server is not booting up. it's struckup in between? then who has to
troubleshoot ? OS administrator
understanding booting procedure will help lot to identify root cause of

struckup. if you get root cause or reason for struckup then we can fix it.
from power on button to until login prompt 5 stages are involved

RHEL 7 & 8 RHEL 4,5,6
1. BIOS (Basic input output system) 1. BIOS
2. MBR (Master boot recorder) 2. MBR
3. GRUB (Grand unified boot Loader) 3. GRUB
4. Kernel 4. Kernel
5. Systemd 5. Init
6. runlevel
booting procedure covers Hardware and OS process during bootup.

laptop/desktop/server = hardware components
OS = program
stage 1 : BIOS(Basic input output system).
as soon as we power on the machine post program takes control.

post = power on self test
post is a pogram which will be inside chip. post will execute as soon
as we power on the machine, it does the health checkup of all other components
which are connected to mother board, like hard disk, ram, processor,cd
rom.......
post identified RAM issue then imediatly post program will give
continues beep sound.
post identified HARD disk issue then imediatly post program will give
error message on screen like disk not found.
booting will stop here itself incase post identified any critical
components faild.
mother board = designed and developed by hardware vendor

dell = who is hardware vendor for your laptop? DELL
who is the owner of DELL laptop mother board? DELL
who will invok programs in mother board chips? DELL
BIOS program strored by DELL
post pogram is stored by ? DELL
BIOS
=====
1. POST
2. CMOS (complementary metal-oxide semiconductor)
3. BIOS
cmos will start as soon as post completes execution.
CMOS chip which will collect critical information before server goes down.
like date and time, RAM processes, processes whatever were running
before server goes down.
eg : date & time
cmos will return the critical information back to RAM(main memory) whaterver
is collected before server goes down.
cmos will return the updated date and time, critical processes whatever
were running these kind of information will give it back to RAM.
BIOS:oncecmos pass critical information to RAM then BIOS will identify bootable
disks(hard disk, usb, CD ROM).
and look for MBR.
CD
USB
HDD
network
in bios if the first priority of boot device is CD then BIOS will try to find
out MBR inside that CD if OS not found then
first it goes to CD and try to findoutos in first sector(512 bytes) if not

found MBR information in first sector then go to next seq order device
USB here also bios will try to find out os in first sector(512) if not found
MBR information in first sector then it goes to next seq order device
HDD here also same bios will try to find out os in first sector(512). if OS
found here in first sector then pass control to MBR.
link : once BIOS found the MBR data in first sector then pass control to MBR
incase os not found in cd,usb,hdd,network then finally BIOS will print error
message like os not found.
Stage 2 : MBR (Master boot recorder)
MBR stores in first sector of the bootable device like hard disk or CD.
MBR maintains the next stage information that is grub information.
mbr capacity is what ? 512 bytes or 1/2 kb
total 512 bytes

446 bytes contains primary boot loader information ( next stage
information or grub information)
64 bytes contains partition table information
2 bytes validator program.
====
512
if grub is in good condition then pass control to grub.
incase grub is not in good condition then mbr gives grub error on screen.
there is a 2 bytes program that validator that will validate grub if grub is in
good condition then pass control to next stage that is grub else give grub error.
now we got grub error what to do now? how to rectify it?

take machine into rescue mode and repair the grub
or
grub2-install /dev/sda
Stage 3 : GRUB (grand unified boot loader)

grub is in good condition so mbr passed control to grub stage.
grub is one of the program in OS.

this program will install at the time of os installation.
it can maintain the installed kernels and Operating systems.
grub can fecilitate to choose which kernel or which os has to load during os
boot up.
end user or administrator can choose which want to bootup.
eg : 7.0
7.2
7.5
7.9
in grub screen we can see all 4 kernel information , here end user can select
which one want to boot up.
not only that in single machine we installed

RHEL os
windows OS
solaris OS
even here grub can maintain multiple Operating systems information.
here end user can choose which OS needs to load.
0 RHEL OS
1 windows OS
2 Solaris
grub2-set-default 1
then Windows OS is going boot in next boot up.
***** boot loaders?

LILO= Linux loader (rhel 4)
grub = grand unified boot loader (rhel 5,6) (grub-install /dev/sda)
grub2 = grand unified boot loader version 2(RHEL 7,8) ( grub2-install
/dev/sda)
how to reinstall mbr in hard disk?
grub2-install /dev/sda
grub will verify default kernel set in /boot/grub2/grub.cfg and pass control to
particular kernel.
Stage 4: Kernel
in the kernel stage 3 tasks will execute

1. Loading drivers and modules
2. Mounting / file system in read only mode
3. execute systemd program (first process is systemd)
1. Loading drivers and modules(libraries)

initramfs-3.10.0-123.el7.x86_64.img
initramfs-3.10.0-123.el7.x86_64kdump.img
initrd-plymouth.img
/boot/ initramfs and initrd programs will co-ordinate and load the drivers and
modules
initramfs is a temporary / file system. it contains whaterver programs exist

in /.
initramfs is equal to /
initrd has program to load drivers and modules.

initrd program will execute once after initramfs mounts.
initrd is the program which will loads the drivers and modules with help of
initramfs.
once / file system is mounted in read only then automatically initramfs will
unmount.
eg : drivers and modules

lvm is one of the module
nic bonding is one of the module
usb detection is one of the module
audio driver is one the module
ethernet card driver will load in kernel stage
2. Mounting / file system in read only mode

actual / file system will mount once after loading drivers and modules
now / is mounted in read only mode
***** in which stage / will mount? in kernel stage
3. executing systemd program
this is the first process or program which is going to start
systemd ==> RHEL7 & RHEL 8 /usr/lib/systemd/systemd
initd ===> RHEL 4,5,6 /sbin/init
***** what is the first process in RHEL 7?

systemd
***** what is the process id of systemd?
1
RHEL 7 & 8, now kernel will pass control to next stage that targets or systemd
RHEL 5,6 , now kernel will pass control to runlevels
Runlevel 0 (shutdown)
Runlevel 1 (single user mode)
Runlevel 2 (command mode without nfs)
Runlevel 3 (command mode with nfs)
Runlevel 4 ( Research and development mode)
Runlevel 5 ( gui) graphical user interface
Runlevel 6 (reboot)
init 3
it go to runlevel 3
init 1
it go to runlevel 1(single user mode)
init 5
it go to gui mode
now runlevels are replaced with targets

runlevel0.target poweroff.target
runlevel1.target rescue.target
runlevel2.target multip-user.target
runlevel5.target graphical.target
runlevel6.target reboot.target
in systemd stage systemd program is going to look for default target and pass
control to default runlevel or target.
Stage 5 : systemd or targets

now control at targets. the target(multi-user.target or graphical.target)
will start loading programs which are associated with respective target
eg : graphical.target
will have 520 programs . all these programs will start during boot up
multi-user.target
will have 300 programs. all these 300 programs will start during boot
up.
finally it gives the login prompt
how to list out all installed services

systemctl list-units --type service
how to disable particular service which should not start during boot up.
systemctl disable vsftpd
how to enable particular service which should start during boot up?
systemctl enable vsftpd
how to know is the service is enabled state or disabled state?

systemctl is-enabled vsftpd
by mistake we set default target is reboot.target then what will happen?

countinuesly system will reboot
login prompt and reboot
fix:
take system into rescue mode and change the default target as multi-
user.target
===================================================================================
====
Question1:Booting procedure
we can analyze bootup issues if we have good knowledge on booting procedure.
there are 5 stages are involved during server bootup.
stage 1 : BIOS
stage 2 is MBR
stage 3 is GRUB
stage 4 is Kernel and
stage 5 is runlevel or targets
let me explain about stage 1 BIOS full form of BIOS is Basic input output system.
this stage purly belongs to Hardware.
==> post(power on self test) it is a first pogram which we trigger as soon as

power on the server.
==> post does the helthcheck up of all the hardware components which are
connected to server. it pop up or give error messages incase any hardware
component is not functioning or not working properly.
==> once after post program CMOS pogram will execute and it load critical
information back to main memory like date and time, ram information and all.
==> then BIOS program will identify the first priority boot device and pass
control to MBR once it find OS.
now control at MBR it is stage 2. MBR full form is Master boot recorder.
==> MBR stores in first sector of boot device.
==> the sector capacity is 512 bytes.
==> MBR maintaince the next stage information that is GRUB informaiton.
==> MBR pass control to next stage once it finds the valid GRUB.
Now control at GRUB it is stage 3. GRUB full form is Grand unified boot loader
==> GRUB maintaince the installed kernels information.
==> GRUB pass control to kernel which is mentioned as default in
/boot/grub2/grub.cfg
Now control at Kernel stage that is stage 4.
==> Kernel Loads the modules and drivers with help of initramfs and initrd
programs.
these initrd and initramfs files will be in /boot directory.
==>Initramfs is temporary / file system which contains library and
configuration files which will help to load drivers and modules.
==> then / file system will mount in read only mode once after load driver
and modules.
==> then executes the systemd program once after mount / file system in read
only mode.
now control at target stage. this is last stage here all the start up programs will
start parlelly and gives login pages.
===================================================================================
====
interview questions in booting procedure:
1. what is the first process of Linux machine
systemd in rhel 7 & 8
initd in rhel 5 & 6
2. what is the process id of systemd or initd
1
3. what is initramfs?
initramfs is a temparary / file system.which contains libraries and
configuration files.
===================================================================================
====
yum install graphical*
yum install x11*
systemctl set-default graphical.target
graphical with server 1200 pkgs

minimal = 600 pkgs
minimal in organazation servers.
======================Network======================================================
===
what is network?
creating connectivity between 2 components for data or voice transfer.
connectivity between 2 components = mobile to mobile

computer to computer
how to create connectivity or network between min 2 components?
capble or wifi(router)
wifi = singnals from the tower
Data = message, file, textmessage, image, video

Voice = Live audio
Understand what is network
Types of network
IP Addresses
Class of IP
How to assign ip address to system
3 types of networks
=================
1. Intranet (LAN) creating network within building
2. Extranet (MAN) creating network with in CITY (branches)
3. Internet (WAN) public. Can connect to any other public network
1. Intranet(LAN) = Local Area network

create network with in building system. we can achieve this setup using patch
panel.
accessing facebook = public websites to access this site we need public

network(WAN)
accesing what's up = public website to access this site we need public
network(WAN)
2. Extranet(MAN) metropolitan area network
creating network between multiple branches with in same city.
we can achive this using routers or cables.
cable from one area to another area

Electronic city to whitefield
Electronic city ==>silkboard ==>Agara ==>marathahalli ==>whitefield

building 1 Building 2
Relieance
airtel
ISP(internet service provider) they will drag cable from one area to
another area
wifi or towers
router1 (EC) ==> router2 (silkboard) ==> router 3 ( agara) ==> router 4
(marathahalli) ==> router 5 (whitefield)
3. Internet
with help of ISP (internet service provider ) we can reach out to public
networks.
accessing what's up, accessing icici net banking, accessing facebook,
accessing youtube these websites are in public network.
if we buy public network then we can access public web site.
who will sale the public network? airtel,vodaphone,jio,idea
Airtel is an ISP? Yes
Network components
===============================
1. Swtich
2. Router
3. Firewall
4. Load balancer
Switch: is equal to patch pannel

Using switch we can create netwrok between multiple systems or servers.
Traffic == only forward

Server 1 to server 2 data will be forwarded
Router = can transfer data between networks

Using router we can transfer data from one network (airtel) to other network
(idea).
Forward and backword traffic can possible in router

Send and recieve both can possible in router
Firewall: security guy or security component

Which system is connecting from outsite to inside that access and restriction
will be taken care by firewall
Firewall = watch man for your network
Load balalancer = balance the load between set of group systems.
System we have to assign one address then only pacel can

reach to correct address.
If there is no address is it possible to deliver parcel.
Home = address
System = IP address
Laptop = IP address
Server = ip address
System 1 =============> system 2
Ip ip
Then only system1 can connect to system2 through unique ip address
IP (internet protocol)
================
IPV4 (32 bit) 192.168.145.20
IPV6 (128 bits) 4010:DDA7:1000:1111:2A3B:5BBA:CDA4:1001
IANA (Internet assigned number authority) it's network community. Who is take
decissions of network?
IPV4
=======
IPClasses 1-255 private
pub
A Class 1 -126 = network 10
B Class 128 - 191 = network
C Class 192 - 223 = network
D Class 224 - 239 = Multicasting (live channels, like TV channels
or live streaming)
E Class 240 -255 = R & D (research and developement)
127 is reserved for loop back
127 are the common ip in each and every system or server or
mobile device.
Using loop back only services will communicate with in system.
Loop back = with in system

Ehternet = system to system
We will assign ip address to ethernet card.
Ssh is one of the services

Ftp is one of the services
Nfs is one of the services
In case requirment is Ssh want to connect with ftp with in system then Ssh will go
through by loop back ip.
Requirement: server 1 want to connect with server 2 through Ssh service then which
network component is going to involve?
Ethernet card at both systems
Server 1 ethernet card will send request to server 2 ehernet card.
***** What is use of loop back ip?
Services will communicate each other through loop back component within
system.
IPV4
=======
IPClasses 1-255 private public
A Class 1 -126 = network 10
1,2,3,4....9, 11, and 12......126
B Class 128 - 191 = network 172.16.0.0 to 172.31.0.0
128,129,130...171,173,174
C Class 192 - 223 = network
D Class 224 - 239 = Multicasting (live channels, like TV channels
or live streaming)
1-126 numbers are there in A Class in this starting 10 number is reserved for
private ip.
How 1 number can enough for big companies or big networks.
Eg: IBM employee’s strenth is 5 lakhs

IPV4 = 32 bits
10. 1.1.1
00001010 00000001 00000001 00000001
10 . 1 . 1 . 1
8bits 8 bits 8 bits 8 bits
= 32 bits
Computer and network language is? Binary

Binary is nothing but 101010
10.1.1.1
Number is going to convert as binary.
10.1.1.1
10.1.1.2
10.1.1.3
10.1.1.4
10.1.1.5
10.1.1.255
10.1.2.1
10.1.2.2
10.1.2.3
10.1.2.4
10.1.2.255
10.1.3.1
10.1.3.2
1 *255*255*255 =
15 * 255*255 =
1*255*255 =
B class private ip
172.16.0.0 to 172.31.0.0
172.16.255*255
15 * 255*255 =
C Class private IP
192.168.*.*
1*255*255 =
172.16.1.1
172.16.1.2
170.1.2.3 is private or public? Public

192.167.1.1 is private or public? Public
192.168.1.2 is private or public? Private
10.1.1.5 is private or public? Private
Convert number into binaries

======================
10. 1.1.1
00001010 00000001 00000001 00000001
10 . 1 . 1 . 1
00000001
1 =2*0= 1
0 = 2*1 = 0
0 = 2*2= 0
0 =2*2*2 = 0
0 =2*2*2*2 =0
0 =2*2*2*2*2 = 0
0 =2*2*2*2*2*2 =0
0 =2*2*2*2*2*2*2=0
00001010
0=2*0= 0
1=2*1= 2 <=====
0=2*2=0
1=2*2*2 = 8 <=====
0=2*2*2*2 =0
0=2*2*2*2*2 = 0
0=2*2*2*2*2*2 =0
0=2*2*2*2*2*2*2=0
2+8=10
1=2*0=1
1=2*1= 2
1=2*2=4
1=2*2*2=8
1=2*2*2*2=16
1=2*2*2*2*2=32
1=2*2*2*2*2*2=64
1=2*2*2*2*2*2*2=128 128+64+32+16+8+4+2+1= 255
255
umask 077 = permissions 700
A class = 255.0.0.0
B class = 255.255.0.0
C Class = 255.255.255.0
IP Netmask
192.168.1.2 255.255.255.0
10.1.2.4 255.0.0.0
lan and vlan

----------------
how to get ethernet cards information?

ip a
ip r
how to get ethernet card devices status?

nmcli -p dev
MAC = media access controller

unique number of ethernet card.
IP Assign
=======
We can assign ip in 2 methods
1. Static (assigning ip address manual)
2. DHCP (dynamic host configuration protocol) there will be a one
server who will assign the ip address to other systems which are coming.
Assigning one static ip address to machine

VI /etc/sysconfig/network-scripts/ifcfg-ens33
Step 1: open the ehernet card file and do the below changes
Change 1 = bootproto=dhcp to bootproto=static

Change 2 = onboot=no to onboot=yes
Add below content
IPADDR=192.168.43.10
NETMASK=255.255.255.0
GATEWAY=192.168.43.1
Step 2: Service network restart
Systemctl restart network
ip a
There should be ip
***** how to get ethernet card devices status?

Nmcli -p dev
LAN = Loacalaread network

VLAN = Virtual Local area network
Switch 1 200 ports

in switch we can create 2 or more networks
1-50 network 1(VLAN1)
51-100 network 2(VLAN2)
101 - 200 network 3(VLAN3)
Tell me in single switch how many networks are created? 3

1-50 GATEWAYS is 1
51-100 GATEWAYS is 51
101 - 200 GATEWAY is 110
***** what is GATEWAY or explain about gateway?

route for one network.
network administrator will decide one route for netowork. via that
gateway(route) only traffic will come inside and go outside.
===================================================================================
===
IP ADDRESS = is nothing but address for machine

IP ADDRESS will be assigned to MAC number . what is the mac number? ehternet
card unique number
HBA card also will have unique number that is ? wwn
***** how to identify conflict IP's

arp-scan -I eth0 -l
here we can identify same ip is assigned with 2 MAC addresses.
network commands
1. ping
2. Telnet
3. NC(netcat)
4. NMAP(network map)
5. traceroute
6. netstat or ss
going to understand about above commands
1.Ping:
sync: ping <remote machine IP>
using ping we can test the network connectivity between one machine to
another machine.
using ping we can test the route between one machine to another
machine.
***** what protocol used by ping?
ICMP(internet control message protocol)
***** what is the port number of ICMP?7
2. Telnet
=======
sync: telnet <remote machine IP ><portnumber of service>
bus = ftp
train = ssh
ftp is the service . for each and every service has one reserved port number also
ftp = 20/21
telnet = 23
ssh = 22
nfs =2049
samba = 137,138,139
ntp = 123
http = 80
machine 1 = 192.168.43.10 we are in machine from here we want to test service
status in machine 2 (192.168.43.133) on ssh service(22)
telnet 192.168.43.133 22
connected means remote machine(192.168.43.133) is allowing connections

through 22 port outside
no route = remote machine is not allowing any other machines through
22(ssh)
using telnet we can test the service status in remote machine.
systemctl status httpd
***** how to identify which port is revered for which service?

cat /etc/services
in this file we reserved port number for service
also in individual service configuration file
3. Nmap
========
n map also is used for test service status in remote machine
sync: nmap<remote machine ip>
***** How to know which the ports are opened in remote machine or how to scan what
are the ports are allowed in remote machine
nmap 192.168.43.133
or
nmap 192.168.43.133 -p 22
4.NC(Net cat)
=================
nc is alternate command for telnet
we can prefer to use nc instead of telnet. many of the organizations will not
allow to use telnet but nc is allowed.
because network hackers can easyly reach remote machine via telnet not via nc so
which is recommended? nc
nc -uvz 192.168.43.133 22
nc is used to test service status in remote machine.

tcp
udp
telnet will work only for tcp but nc will work for tcp and udp
nc -uvz 192.168.43.133 123 udp

nc -vz 192.168.43.113 80 tcp
5.TRACEROTE
==============
is used for test the route between one machine to another machine
sync : traceroute 192.168.43.133
adv traceroute is it can tell in which place packet or network is dropping.

exactly in which hub packets are dropping
server 1 ===> switch 1 ==> router1 ==> firewall ==> router2 ===> switch 2
===> server2
hub1 hub 2 hub 3 hub 4
hub 5 hub 6 hub 7
started here
traceroute can tell which component is not allowing packetet.
errors:
no route : might be firewall is blocking in the remote machine.
login to remote machine and stop the firewalld service
connection refused: might be service is not running in remote machine.
login to remote machine and start the service.
***** How many additional ip's can possible to assign sing ethernet card?
256
***** How to assign additional IP addresses to ethernet card?
step 1 : add the additional ip's in ethernet card configuration file

eth0
ens33
eno00005
vi /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO=static
IPADDR0=192.168.43.10
IPADDR1=192.168.43.11
IPADDR2=192.168.43.12
PREFIX0=24
NETMASK=255.255.255.0
GATEWAY=192.168.43.1
step 2 : restart the network

ens33 vlan1 primary ip 192.168.43.10 sec1 = 192.168.43.11

eng35 vlan2 primary ip 10.1.3.4 sec1 = 10.1.3.5
192.168.43.0/24
IPV4 bits = 32-24=8 only 8 bits are for hosts or ip

addresses
32 - 16 = 16 bits are there for IP address
===========================NIC Bonding=========================================
configuring HA(High availability) between ethernet cards that is nothing but NIC
bonding.
disk = RAID using raid we were able to configure HA between disks

ethernet card = using NIC bonding we are going to configure HA between
ethernet cards
Raid levels = RAID0,RAID1,RAID2,RADID3,RAID4,RAID5,RAID6,RAID01,RAID10

BONDING mode = mode0,mode1,mode2,mode3,mode4,mode5,mode6
Mode0 and mode1
mode0 = RR (round robin)

mode1 = AB( Activie backup)
MODE0=RR(round robin)
both the ethernet cards will be in active
traffic will be passed to both the ethernet cards
Load will be devided between ehternet cards because both are active and ready
accept load(traffic)
MODE1= AB(Active & Backup)
at a time one ethernet card will be active and other card will be in
backup mode.
only one ethernet card will accept the load
bit slow performance compare to RR.
requirement : min 2 ethernet cards
step 1 : Make sure 2 ethernet cards are connected to VM

step 2 : configure the ehternet card 1 & 2 with below parameters
vi /etc/sysconfig/network-scripts/ifcfg-ens33 and ifcfg-ens38
change 1 : BOOTPROTO=static/dhcp
to
BOOTPROT=none
change 2 : add below extra parameters
MASTER=bond0
SLAVE=yes
change 3 : remove IPADDR,NETMASK,GATEWAY incase there are
if second ethernet card file is not exist then copy data from first ethernet
card and do the changes like device name and ethernet card name and all.
step 3 : create new virtual ethernet card and configure the bonding
vi /etc/sysconfig/network-scripts/ifcfg-bond0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=bond0
DEVICE=bond0
ONBOOT=yes
IPADDR=192.168.43.100
NETMASK=255.255.255.0
GATEWAY=192.168.43.1
PREFIX=24
BONDING_OPTS="mode=1 miimon=100"
step 4 : stop the NetworkManager service

systemctl stop NetworkManager
systemctl disable NetworkManager
restart the network

how to check bonding status

cat /proc/net/bonding/bond0
managers= NM and bonding

1 ethernet card can not work under 2 managers
NM_CONTROLED=no
NIC= network interface cards
NAT = network address translate pub to private or private to pub
Bridge = network can create network between network 1 to network 2
in organization = swithches
SERVISES
=============================FTP====================================
FTP (File transfer protocol)

data=files,directires,audio,media
pkg = VSFTPD
portnumber = 20/21
configuration = /etc/vsftpd/vsftpd.conf
Service = vsftpd.service
Daemon = vsftpd
configuration file: it's a controller for your service. here we can define which
users are allowed through ftp and which are the users need to deny.
we can define service functionality inside configuration file.
Service = service(vsftpd) should allow clients or not. service is running client
can connect. if service not running then clients(remote machines) can not connect.
Daemon = he is a background worker for service.
daemon is a background process for service. he is actual worker.
About FTP:
1. FTP is a very fast,stable and efficient service to transfer files over the
intranet and internet
2. FTP can support both that is LAN(intranet) and WAN(Internet).
3. FTP service can support only file transfer not directories.
4.FTP service transfer data in binary format(010101) .
very easy to covert binary format to text. easily we can see what data is
traveling.
even root and root user password can be extracted.
Adv: very fast,stable& efficient

dis: insecure(data transfer happen in binary format)
FTP serverside:
1. install vsftpd
2. start the vsftpd service (systemctl start vsftpd&&systemctl enable vsftpd)
3. disable firewall service(systemctl stop firewalld&&systemctl disable
firewalld)
4. disable selinux
vi /etc/selinux/config
SELINUX=enforece
to
SELINUX=permissive
setenforce 0
5. create user in server .these credentials are using by clients
useradd b25user
passwd b25user
FTP client side:

ping 192.168.43.100
telnet 192.168.43.100 21
install ftp package
ftp 192.16843.100
username: which is there in 100 machine
ls = remote command
!ls = local command
pwd = remote command
!pwd = local
cd =remote
lcd = local
get = download file from remote to local
put = upload file from local to remote
mget = download multiple files from remote to local
mput = upload files from local to remote
bye = to come out
***** which is the default ftp user?

ftp
what is the ftp user home directory path?
/var/ftp
***** how to configure authorized users list for ftp service?
only allowed users should able to connect to ftp.
step 1 : create file with uesrs list

vi /etc/vsftpd/allowedusers
babu
prasad
rajesh
step 2 : adjust the below parameters
userlist_enable=YES
userlist_file=/etc/vsftpd/allowedusers
userslist_deny=NO
step 3 : restart vsftpd service

how to change default directory of annonymos users?

/var/ftp
step 1: create directory

mkdir -p /opt/ftp
step 2 : add the parameter in configuration file
anon_root=/opt/ftp
step 3: restart the vsftpd service
***** difference between active and passive mode in ftp

which is the default mode for linux servers ? passive mode
which is the default mode for windows servers? active mode
20 = Data port(to transfer data to client machine)

21 = connection port (between client to server)
active : client will decide the the data port at server end
20 is fixed port number for transfer data.
client sends data port to server what port he already opened for data.
who decided data port ? client now server will connect 20 ===> 55000
which is decided by client. 55000 port is decided by whom?
client
passive: server will decide the data port for client.
now client has to accept data port which is opened by ftp server
a= data port decided by client

p= data port decided by the ftp server
===============SSH======================================
ssh=secure shell
ssh is used for transfer data in secure manner.
pkg name : openssh-server

port : 22
service : sshd
daemon : sshd
config file : /etc/ssh/sshd_config
high level architecute

1. client sends hello message with random code which is generated by private
key
2. server will recieve and save that random key and again generate random key
at server side and send hello message to client
3. client keep that random key(number) then creates new key with help of
server random number and private key of client and share to server.
4. server will recieve that key and try to open if key is opening with help
of sever private key that means right client only. because he given random key.
now
tunnel will open between server to client

inside tunnel data will start travelling in encryption format.
=======================================================
1. hand shake between client to server

2. opens tunnel between server to client
3. data transfer in encryption format
advantages:
1. security: data will travel in very secure manner. becuaseseperate tunnel
is creating and transfer data inside tunnel that to in encryption format.
in ftp: data travel in binary format . it's very easy to hack and
extract
2. we can transfer files and directories
in ftp: using ftp we can transfer only files
3. even administration can possible through ssh service.
all commands will work through ssh
how to connect from one machine to another linux machine using ssh?
sshusername@ipaddressofothermachine
or
ssh -l username ipaddressofothermachine
ssh [email protected]
ssh -l babu 192.168.43.100
how to copy file or directory from one machine to another machine.

scp -r /directory [email protected]:/tmp/
files
scp /file1 [email protected]:/tmp/
copy file1 to 192.168.43.100 machine as a babu user into /tmp path
scenario 1: Disable direct root login through ssh service.

step 1: change the PermitRootLogin parameter in ssh configuration file
vi /etc/ssh/sshd_config
PermitRootLogin yes
to
PermitRootLogin no
step 2: restart the ssh service to reflect changes
systemctl restart sshd
Scenario 2 : Disable direct login of normal users through ssh service.

step 1 : Add users list in DenyUsers parameter in configuration file
vi /etc/ssh/sshd_config
DenyUsers oracle prasad babu
step 2: Restart the ssh service to reflect changes
usually we will disable application and database users through ssh service.
eg: oracle is the common user which will be used by full database team.
suppose 10 members are in db team then 10 members required oracle
user password so here oracle is common user like root.
we have to disable common users through ssh service.
Scenario 3: configuring password less authentication between one machine user to

another machine user.
configuring trust relation between one machine user to another machine
user.
server 1 : 192.168.43.133(babu)
server 2 : 192.168.43.100(babu)
requirment: 133 machne babu user want to connect with 100(babu) user without asking
password each and every time.
133 machine want to connect to 100
133 has to trust 100 and 133 has to share his public key with with 100.
133(babu) ===========================> 100(babu)

133(babu) ===========================> 100(prasad)
133(babu) ===========================> 120(prasad)
one public key can shared for n number machines
Step 1 : generate keys for babu in 133.

make sure you logged in as babu and generate the keys
ssh-keygen
step 2 : copy public key and put it in remote machine
ssh 192.168.43.100
su - babu
mkdir .ssh
chmod 700 .ssh
cd .ssh
vi authorized_keys
past copied public key here
chmod 600 authorized_keys
done
now we can try to connect from 133 machine to 100 machine as a babu user
ssh [email protected]
or
alternative method to configure password less between 2 machine
Step 1 : generate keys for babu in 133.

make sure you logged in as babu and generate the keys
ssh-keygen
step 2 : push the public key to remote machine
ssh-copy-id -i /home/babu/.ssh/id_rsa.pub [email protected]
Scenario 4: how to change the ssh service port number

default port =22
want to change = 2222
step 1 : change the port number in /etc/ssh/sshd_config

#Port 22
to
Port 2222
step 2 : allow 2222 in SE manage
semanage port -a -t ssh_port_t -p tcp 2222
step 3: restart sshd service to reflect changes
how to connect to remote machine using port number in ssh command

ssh -p2222 192.168.43.100
how to know is the port or service is in listen state

netstat -nap | grep :21
HWADDR=00:0C:29:E2:BC:B2
TYPE=Ethernet
BOOTPROTO=dhcp
NAME=ens33
DEVICE=ens33
ONBOOT=yes
===================NFS===========================================================
Network file system
using NFS we can put(export) file system(disk) in network and client can
access the nfs file system based on requirment.
can possible to apply ACL(access control list) on NFS file system.
NFS is nothing but centralized network file system.(same reflection to all
the clients)
FTP = transfer files(connect and get or put files)
ssh = transfer files/directories(connect and transfer files/directories)
NFS = we can mount network file system in client machines. they can feel as it is a
local file system.
client machine
/data = xfs file system
/ndata = nfs file system
cp /data/file1 /ndata
copying file from local to nfs file system.
5 things about NFS service

1. pkg : NFS-utils
2. service : nfs-server
3. daemons = nfsd,mountd,nfslogd,statd,lockd
4. port = 2049
5. config file = /etc/nfsexport.conf
server side:
step 1 : make sure nfs-utils pkg is installed
step 2 : export the directory which we decided
mkdir /ndata vi /etc/exports
/ndata *(rw,sync)
or
granting access to particular server
/ndata 192.168.43.11(rw,sync)
step 3 : start the nfs service

systemctl start nfs-server
systemctl enable nfs-server
step 4 : make sure firewall is stopped
systemctl stop firewalld
systemctl disable firewalld
verify is the file system is export or not

exportfs
client side:
========
step 1: make sure nfs-utils pkg is installed
step 2 : test the connectivity between client to nfs server on 2049 port
number
ping 192.168.43.100
telnet 192.168.43.100 2049 or nc -vz 192.168.43.100 2049
result is like connected that means there is connectivity between client to

nfs server
step 3 : create local directory and mount nfs file system

mkdir /ndata
mount 192.168.43.100:/ndata /ndata
step 4 : make entries in fstab for permanent mount

devicename mountpoint file systemtype permissions
bkp checkup
192.168.43.100:/ndata /ndatanfs defaults 0 0
================================================================
vi /etc/exports
<file system> <systemlevelaccess>(permissions,syncorasync)
/ndata *(rw,sync)
/mdata 192.168.43.10(ro,sync)
/mdata 192.168.43.11(rw,async)
/tdata *(rw,sync,no_root_squash)
sync,async,root_squash,no_root_squash
question1 : difference between sync and async?

question2: difference between root_squash and no_root_squash
server : 192.168.43.100 /ndata

client : 192.168.43.133 mount 192.168.43.100:/ndata /ndata
in the client machine
cp /var/log/message /ndata
sync & async:

***** difference between sync and async?
sync: nfs server will give aknowledgement to client machine once after
recieve files to server. now client machine will make so and so file successfully
copied
server will give confirmation once after successfull file transfer
async: nfs server will give aknowledgement as soon as client start
transferring file to nfs server. nfs server will not wait until file transfer
sucessfully. starting
it self nfs server will give confimation to client. there is chance
connection will inturpt before file reach completely.
***** which option will improve the nfs server performance?
async
root_squash&no_root_squash
=====================================
nothing is mentioned either root_squash or no_root_squash then default is
root_squash.
***** difference between root_squash and no_root_squash options in nfs export?

root_squash: remote root users will not have full permissions on nfs file system
only local or nfs server root will have full permissions on exported file system.
if remote root users create file or directory then owner and group written as
nfsnobody.
single owner will be for nfs file system that nfs server root.
no_root_squash: all remote root users will have full permissions on nfs file system
equal to nfs server root user.
if remote root users creates file or directory then owner and group written
as root only.
many owners on nfs file system.
/ndata *(rw,sync,no_root_squash)
/ndata *(rw,sync,root_squash)
***** how to get nfs server version?
nfsstat -s | grep -i "server nfs"
from rhel 7 onswardnfsversion 4 is introduced
NFS V3
NFS V4 (rhel 7 & RHEL 8 ) default version is nfs V4
***** how to get nfs client side version?

nfsstat -c | grep -i "client nfs"
***** difference between soft mount and hard mount in nfs file system at client
side.
soft mount: in case nfs server is down or not reachable to client machine then
client will try to reach server machine 2 times with 10 min interval, after 2*10=20
after 20 min client will not at all try to reach nfs server for nfs
file system.again manually linux administrator has to mount.
hard mount : in case nfs server is down or not reachable to client machine then
client will keep try to reach until nfs server respond back to client.
no expairy, client continuesly try to check nfs server for nfs file
system.
***** which is the default option? hard or soft mount?

hard mount
mount -t nfs 192.168.43.100:/ndata /ndata -o soft,rsize=4096,wsize=4096

vi /etc/fstab
192.168.43.100:/ndata /ndatanfs defaults,soft 0 0
where to change intervals of soft mount?

/etc/nfsmount.conf
retrans=2
retry=2
AUTOFS
mount the nfs file system in client machine as soon as client start using it.
mount = when client start using file system

unmount = incase client not using for some time.
Benif of autofs: we can reduce burden to nfs server. nfs server performance will
improve.
we can save the network bandwidth between nfs client to nfs server machine.
nfs server : no change we will export file system.

client side : we can go either with persistant or autofs
persistant = adding entry in /etc/fstab
192.168.43.100:/ndata /ndata nfs defaults 0 0
pkg : autofs
service : autofs
daemon : autofsd
config file : /etc/sysconfig/autofs or /etc/autofs.conf
step 1 : install autofs pkg if not installed already

yum install autofs
step 2 : create directory to mount nfs
mkdir /mdata
step 3 : configure the autofs
vi /etc/auto.master
/- auto.misc
step 4 : specify the nfs mount details in auto.misc file

vi /etc/auto.misc
/mdata -fstype=nfs 192.168.43.100:/ndata
step 5: restart the autofs service

systemctl restart autofs
systemctl enable autofs
cd /mdata
now nfs file system should mount
by default timeout or unmount time is 5 min.
***** df -h command output is getting struck. what is the problem and how you can
rectify it.
1.problem may with nfs file systems which are mounted in client machine.
2. client could not able to access nfs file system so df -h will get hange.
first find out nfs file systems configured in client machine.

cat /etc/fstab
here we will have nfs entries
problem 1 : may nfs server is down. we can check server status in vcenter if server
is down then we can poweron
problem 2 : may nfs-server serivce down. we can login to nfs server and start nfs-
server service manually. systemctl start nfs-server &&systemctl enable nfs-server
problem 3 : there is not connectivity on 2049 between client machine to nfs server.
from client machine do telnet 192.168.43.100 2049 if not able to
connect then firewall is blocking.
we can ask network team to allow 2049 port between nfs client machine to nfs
server.
even at os lever we have to disable firewalld service
systemctl stop firewalld&&systemctl disable firewalld
problem 4 : may wrong entries in /etc/exports file
even in this situatuionnfs-server service will not start or 2049 port will
not come in listen status
correct
vi /etc/exports
/ndata *(rw,sync)
wrong
/mdata * (rw,sync)
no space required between * and (
wrong
/mdatafoler itself not created in machine. then how nfs server can export.
***** nfs stale error

we can see nfs stale error in client machines.
nfs server is restarted but couln't able to allow one of the client machine
to access the nfs file system. then file system will convert into stale.
at a time 10 client machines are requesting mount point but nfs server
responded only for 8 systems then remaining 2 systems will be in stale.
solution: unmount the nfs file system in client machine & remount it.
====================SAMBA=============================
nfs service if for only unix servers

we can mount nfs export file system from one unix server to other unix servers.
samba will support cross platforms.like windows to linux as well linux to windows.
we can export file system in linux and mount in windows

we can export file system in windows and mount in linux .
ftp : binary format . upload and download only files

ssh : secure: administration,files and directories copy
nfs : put file system in network. clients can access
samba : cross platforms ( windows to linux and linux to windows)
5 things about samba

pkg : samba, samba-client, cifs-utils,key-utils
port = 136,137,138 in linuxservers 445 in windows
service = smb
daemon = smbd
config file : /etc/samba/smb.conf
scenario 1. exporting file system in windows and mounting it in Linux Server.

Task 1 : exporting file system in windows
Step 1 : create directory

step 2 : right click on directory and click on "share with" then click on
"specific people" here we will get seperate permissions box here add user with
permissions
directory ==> share with ==> specific people ==> Add ==> username ==>
read/write permissions ==> share button
step 3 : verify is the directory has been expoerted successfully or not
windows key + r to get run prompt
\\localhost
Task 2 : Mount windows share in Linux server

step 1 : create one local directory
mkdir /pshare
step 2 : make sure samba-common,keyutils and cifs-utils pkgs are
installed
step 3 : mount the windows share in linux
mount -t cifs //windowsip/pshare /pshare -o
username=b25user,password=test123
mounting windows share in linux with hidden credentials
cd /root
vi .c
username=b25user
password=test123
chmod 600 .c
now credentials are hidden and only root has access on .c file
mount -t cifs //192.168.43.87/pshare /pshare -o credentials=/root/.c
finally add entries in /etc/fstab

vi /etc/fstab
//192.168.43.87/pshare /psharecifs defaults,credentials=/root/.c 0 0
===================================================================================
=====
Scenario 2 : exporting file system in linx and mount it in windows
step 1 : make sure samba,cifs-utils,keyutils these pkgs are installed

step 2 : create one user for samba
useraddpuer
password puser
step 3 : export the file system in linux through samba service
vi /etc/samba/smb.conf
[sharewindows]
path = /sharewindows
read only = No
valid users = puser babu
these two users(puser and babu) are from linux
using these credentials only we can access linux share in windows.
step 4 : set the samba credentials

smbpasswd -a puser
list out samba users
pdbedit -L
step 5: restart samba service

systemctl restart smb
smbpasswd -d puser
disable the puser from samba list
how to enable user? smbpasswd -e puser
how to delete user from samba list? smbpasswd -x puser
using samba password only we can access linux share from windows
from windows access the linux share
my computer ==> right click ==> add a network location ==> \\192.168.43.100\
sharewindows
***** what is the port number samba? 136,137,138 and 445 at windows side
==============SELINUX,FIREWALLD &TCP/UDP======================================
FIREWALL:
firewall is a security component at network level.
packet: is nothing but data which is sending by source machine to destination.

here network will covert data as a packets and send it to destination.
item(data) ==> put in box with proper parcel

data ==> create as a packet on top of packet (destination details, like
ip,port number,...)
source ======================================> firewall ==============>

destination
physical firewall : It protects the full network . our server will be under
network. so our server is protected under firewall.
OS level firewall:
redhat = firewalld
window = firewall
using firewall we can write our own rules like which are the source
server are allowed as well we can deny some servers.
physical firewall = will be under network team control. network team will write
rules to allow or deny traffic
OS firewall = OS administrator will write rules to allow or deny traffic.
pkg name = firewalld

service = firewalld
daemon =firewalld
config file = /etc/firewalld/firewalld.conf
how to list out currently allowed services in firewall

firewall-cmd --list-services
how to list out currently allowed ports in firewall
firewall-cmd --list-ports
how to allow nfs service in firewall

firewall-cmd --zone=public --add-service=nfs --permanent
firewall-cmd --reload
how to allow port in firewall

firewall-cmd --zone=public --add-port=2049/tcp --permanent
firewall-cmd --zone=public --add-port=2049/udp --permanent
firewall-cmd --reload
how to get default zone

firewall-cmd --get-default-zone
public
hwo to change default zone
firewall-cmd --set-default-zone=work
======================SELINUX==============================================
secured enhanded Linux
se policies
firewall is there to filter packet before we enter system. then what is the
use selinux? se linux will protect inside data.
firewall is outside watch man for system or network
selinux is inside watch man for your critical data.
firewall = secure your network
selinux = protect your data inside server
selinux will be in enforcing mode or enabled

SELinux Modes
1. enforcing
2. permissive
3. disabled
enforcing: strictly follow the rules

permissive : almost equal to disable only but just it give the warning
message but not block or stop the destination service.
disabled : no rules at for accessing data.
which is recommended? enforcing
how to check current selinux status?

sestatus
what is the configuration file of selinux?
/etc/selinux/config
how to get the selinux policies?

getsebool -a
switching on particular se policy

setsebool -P samba_enable_home_dirs on
setsebool -P use_samba_home_dirs on
setsebool -P samba_export_all_rw on
setenforce 0
0 =permissive
setenforce 1
1= enforcing
sestatus
==============DNS==================================================================
===
DNS=Domain Name system
FTP = transfer data (get and put)

ssh = transfer data in secure manner (files/directories/administration)
NFS = transfer data (file system will be in network) clients will access the file
system based access
samba = transfer data( file transfer between cross platforms)
DNS = resolve name to ip and ip to name
public DNS ( Internet)

facebook.com,google.com,gmail.com,yahoo.com
private DNS
(hr.accenture.com,payrole.accenture.com,mytrainings.accenture.com)
how many root DNS servers are there?
13
which root dns server is in india?
K root DNS server
child root dns servers are hosted in
Mumbai,chennai,Bangalore,Noida
CCTLD(contry code top level domain) names

in : india amazon.in amazon.us
kw: kuwait
.np : nepal
.pk : pakistan
.us
.uk
GTLD( General top level domains)
21 GTLD
.com
.edu
.army
.info
.corp
.gov
.coop
prasad.edu
prasad.gov not allowed
Scenario 1 : configure the private DNS server

5 things of dns service
1. pkg = bind and bind-utils
2. service = named
3. daemon = named
4. port = 53/udp
5.config file = /etc/named.conf
zone files
forward lookup zone file = /var/named/fwd.b25.com
resolving name to IP ==>www.mysite.b25.com IN A 192.168.43.11
reverse lookup zone file = /var/named/rev.b25.com
resolving ip to name ==> 192.168.43.12 in PTR www.mysite1.b25.com
pre-requisites:
1. assign the static IP to DNS server where we are configuring DNS.
step 1 : Install bind and bind-utils pkgs in dns server

yum install bind bind-utils -y
step 2 : Create forward lookup zone file and configure it

vi /var/named/fwdb25.com
$TTL 86400
@ IN SOA masterserver.b25.xyz. root.b25.xyz. (
2021120701 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
@ IN NS masterserver.b25.xyz.
@ IN A 192.168.43.100
master IN A 192.168.43.100
=============================================
step 3 : configure the main configuration file
/etc/named.conf
options
{
directory "/var/named"; // "Working" directory
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
listen-on port 53 { 127.0.0.1; 192.168.43.100; };

allow-query { localhost; 192.168.43.0/24; };
};
zone "b25.xyz" IN {
type master;
allow-query {any; };
file "fwdb25.xyz";
};
===============================================
Step 4 : verify syntax errors in config file and forward lookupzone file
named-checkconf /etc/named.conf
named-checkzone b25.xyz /var/named/fwdb25.xyz
step 5 : start the named service

systemctl start named
systemctl enable named
integrate client machine with DNS server:

vi /etc/resolv.conf
search b25.xyz
nameserver 192.168.43.100
DNS records:
1. SOA (start of authority) f & r
2. NS (name server) dns server entry f & r
3. MX ( mail xchange server entries) f & r
4. A ( address record for IPV4) name to IP F
5. AAAA ( address record for IPV6) name to IP F
6.PTR ( pointer) ip to name R
7.CNAME = cononical name or alias name F
facebook.b25.xyz IN A 192.168.43.120
fb.b25.xyz IN CNAME facebook.b25.xyz
f.b25.xyz IN CNAME facebook.b25.xyz
***** TTL?
time to live
the newly updated records will publish after ttl timeout.
ttl time is 1 hour

TTL 600
now time is 8:04
and just now added below entry in /var/named/fwdb25.xyz
facebook.b25.xyz IN A 192.168.43.20
the above entry will pubish to all after 1 hour ( 9:05) because what TTL? 1
hour
My TTL is 1 d
TTL 1 d
if i add entry now when it will reflect to public or publish
tomorrow same time it will reflect
is there any aleternative to push changes imediatly?

systemctl restart named
2021120801 ; serial
1 h ; refresh
30 m ; retry
2 d ; expire
86400 ; minimum
master DNS(primary) and Slave dns server(secondary)
Master DNS <====================> Slave DNS

refresh time is 1 h then master dns server entries will push to slave
dns every 1 hour.
retry: refresh is failed then once again retry to push changes to slave dns
every 30 min
still Slave DNS is not taking updates or there is no connect between master
DNS to slave DNS for 2 days then
expire = master DNS will decided slave dns doesn't have latest updates so he
should not become master dns incase i fail also.
master DNS server = fails or shutdown then slave dns will serve the requests
Slave dns server
vi /etc/resolv.conf
search b25.xyz
nameserver masterdnsserver
nameserver slavednsserver
FQDN = fully qualified domain name
c shortname
c.b25.xyz. is fully qualified domain name
masterserver is short name
masterserver.b25.xyz. is fully qualified domain name
nslookupclientmachine
in browser we are going to type following ==========>

www.site1.b25.xyz
================NTP ========================================
NTP = Network time protocol
what is the unique future of NTP service is supplying date and time to remaining
servers.
adv: same date and time across all servers.
DNS = resolving name to IP and ip to name

NTP = supplying date and time
5 things about service

1. Pkg : ntp , chrony
2. service = ntpd or chronyd
3. daemon = ntpd or chronyd
4. port = 123/udp
5. config file = /etc/ntp.conf
/etc/chronyd.conf
NTP server side:

step 1 : uninstall chrony and install ntp package
step 2 : configure the ntp
change 1 : # Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodifynotrap
to
# Hosts on local network are less restricted.
restrict 192.168.43.0 mask 255.255.255.0 nomodifynotrap
====================================================================
less restricted nothing allowing 192.168.43.* network for time sync
change 2 : add below 2 lines below of sever
server 127.127.1.0
fudge 127.127.1.0 stratum 10
step 3 : restartntpd service

systemctl restart ntpd
systemctl enable ntpd
check the time status
ntpq -np
================================================
ntp client integration
step 1 : install chrony and uninstall ntp.

step 2 : integrate client machine with ntp server
vi /etc/chrony.conf
change 1 : add server details

disable existing server and add new server details
# Please consider joining the pool (http://www.pool.ntp.org/join.html).

# server 0.rhel.pool.ntp.org iburst
server 192.168.43.100 prefer
step 3 : fecth the date and time from ntp server

chronyd -q " server 192.168.43.100 iburst"
systemctl restart chronyd

systemctl enable chronyd
chronyc tracking
***** recieved alert for ntp there is more offset value. how you handle this
inciden
offset more is nothing but delay between ntp client machine to ntp server.
solution : sync
systemctl stop chronyd

chronyd -q " server 192.168.43.100 iburst"
systemctl restart chronyd
***** how to integrate client machine with ntp server

step1 : make sure 123 port is allowed in firewall between ntp client machine
to ntp server
step 2 : add the ntp server details in /etc/chrony.conf
server ntpserverip prefer
==============================HTTP=============================================
ftp = data transfer (tcp) 20/21 performance will be too good

ssh = data transfer (tcp) 22 security
nfs = data transfer (tcp) 2049 file system will be in network
samba = data transfer (tcp) 137,138,139 -445 file system will be in network can
possible to access across platforms(windows to linux and linux to windows)
DNS = ip and hostname will travel in network (UDP) 53 - to resolve name to ip and
ip to name
NTP = date and time will travel over the network (UDP) 123 - to push date and time
to client machines.
http = to transfer hyper text data over the internet and intranet. 80 (TCP)
Hyper text transfer protocol(http)
using http we can publish the hyper text.

5 things about http
1. pkg = httpd
2. service = httpd
3. daemon = httpd
4. port = 80
5. /etc/httpd/conf.d/httpd.conf
default document root path is ? /var/www/html
3 types are there for configure httpd

1. IP Based ( configuring web site 1 ip one 1 web site)
2. name based ( multiple web sites with single ip)
3. port based ( configuring multiple web sites using
different different port numbers)
step 1 : install httpd

yum install httpd
step 2 : keep code in /var/www/html location
mkdir -p /var/www/html/site1
copy the web content to /var/www/html/site1
step 3: configure the web page
cd /etc/httpd/conf.d
vi mysites.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.site1.b25.xyz
DocumentRoot /var/www/html/site1
</VirtualHost>
step 4 : restart httpd
step 5 : add entry in dns server
vi /var/named/fwdb25.xyz
www.site1 IN A 192.168.43.133
systemctl restart named

===============================================
vi mysites.conf
<VirtualHost *:80>
</VirtualHost>
www.site2 IN A 192.168.43.133
=============================================
vi mysites.conf
<VirtualHost *:80>
</VirtualHost>
www.site3 IN A 192.168.43.133
======================================configuring site with different port number

=========
step 2 : make http list on multiple ports
vi /etc/httpd/conf/httpd.conf
Listen 80
Listen 8080
vi mysites.conf
<VirtualHost *:8080>
</VirtualHost>
step 4 : add entry in dnsserver
www.site4 IN A 192.168.43.133
httpd logs:
cd /var/log/httpd
1. access_log ===> it contains which user accessed website what time
that details
2. error_log ===> error logs about web page
===================================================================================
====
SUDO
su = switch user and do
We can grant super user commands access to normal user.
/sbin or /usr/sbin
On these commands normal user will not have permissions. Using sudo we can grant
permissions on super user commands.
Granting 3 commands access to prasad (normal user)

Visudo
In last line add below line
Prasad ALL= (ALL) /usr/sbin/lvs, /usr/sbin/pvs, /usr/sbin/vgs
Sync:
Username hostname= (ALL COMMANDS) in that few commands

1 2 3 4
Prasad masterserver= (ALL commands) particular commands
Prasad masterserver= (ALL) /usr/sbin/useradd
Useradd command will work for prasad if hostname is match to masterserver
Suppose i changed hostname like master then useradd command will not work because
the conditition is
For prasad user useradd command should work in masterserver in sudoers

file.
But later we changed hostname to master so sudo command will not work.
how to provide full access to ramu,babu users?
babu,ramu ALL=(ALL) ALL
password should ask while executing sudo commands
prasad ALL=(ALL) NOPASSWD: /usr/sbin/lvs,/usr/sbin/pvs,/usr/sbin/vgs
how to grant commands access to group?

%groupname ALL=(ALL) NOPASSWD: /usr/sbin/lvs,/usr/sbin/pvs,/usr/sbin/vgs
%linux ALL=(ALL) NOPASSWD: /usr/sbin/lvs,/usr/sbin/pvs,/usr/sbin/vgs
in this there are 10 users. as per above line granting 3 commands access to
10 users.
visudo
or
vi /etc/sudoers
***** which command is recommended to do the changes in sudoers file?

visudo
because visudo can do syntax verfication and it will not allow you to come
out until you correct the syntax
***** How to restrict particular command out of all

!command
Prasad ALL=NOPASSWD: ALL,!/usr/sbin/shutdown
Restricting shutdown command to prasad

***** How to check what the sudoprivilages are granted to normal users
Login as normal user and execute sudo -l
Sudo -l
Sudo logs will store in /var/log/secure file
Whatever commands are execute with sudo those commands are captured in
/var/log/secure file.
let normal user switch to root or granting user to switch to root user
prasad ALL=NOPASSWD: /bin/su - root

babu ALL=NOPASSWD: /bin/su - prasad
tell me is babu has indirectly full access? yes

babu can switch to prasad and prasad can switch to root.
========================RSYNC==============================
Using rsync we can copy data from local to remote machine like SCP as we well we
can copy data within machine.
Local to remote
Local to local
ssh:
scp -r /test [email protected]:/tmp/
rsync
rsync -arvz /test [email protected]:/tmp
rsync is the sub component in ssh.

rsync port number is 22
sshport number is 22
Advantages:
1. sync only incremental data can possible in rsync
in destination already 1 GB DATA is there
now again we are pushing 1.5 GB same data then only 0.5 data will push
because already 1 GB same.
before copy data to destination rsync does the comparision and copy
only differencial data.
adv : save time, save network bandwidth, improves the server

performance
2. rsync compress the data in source and send it to destination
rsync -az
z means compress and send data to destination
to 1 GB it may take 15 min

after compress 1 GB it be came 200 MB then which one will be faster?
200 MB
rsync -arvz source destination
-a preserve all permission like source

r recursively
v verbose
z compress
=========zip, tar, gzip=======================
Zip and gzip are compression commands

Tar is archive commands
Archive in the sense collect multiple files and keep in one tar file
Zip -r destination source

Zip /bkp/bkpof-var.zip /var/log
Zip -r /bkp/varlogbkp-10-dec-2021.zip /var/log
Unzip varlogbkp-10-dec-2021.zip
Tar: tape archive

- c create -v verbose -f force
Tar -cvf /bkp/varlogbkp-10-dec-2021.tar /var/log
Extract tar file
Tar -xvf varlogbkp-10-dec-2021.tar
-x extract
Gzip : gunzip
compress using gzip file

gzip filename
extract gzip file
gunzip filename.gz
gzip supports only for files not for directories
zip : source and destination both will exist = zip is backup keeping one
more copy in different location
gzip : only destination will exist after compress
/var is full we don't space to keep any new file

in this situation which command is recommended? zip or gzip
gzip
we can compress using gzip because it does the compression and
keep in same location.
if zip means it required additional space to keep sorce and destination
===================JOB Schedulers=============================================
1. AT
2. CRON
using at or cron we can schedule task/job(script)/command inside server.
as per schedule command/task/job(script) will execute.
AT & Cron
1. AT: job will expair once after execution.

not possible to schedule recuring jobs. we can not schedule job for every day
or every hour or every min.
2. CRON: we can schedule reucrring jobs. we can schedule repeated tasks.
services:
At : atd (systemctl status atd)
cron : crond(systemctl status crond)
at 9 AM 25 dec 2021
> shutdown -r now
ctrl + d
for save job and come out
server should reboot at 9 AM on 25th dec 2021
at now + 1 hour
> touch /atfile
>ctrl + d to save and come out
how to list out scheduled jobs
at -l
atrm<jobid>
=============================================
cron : using cron we can schedule repeated/recurring jobs.
6 Fields are there in cron
* * * * * TASK
1 2 3 4 5 6
Min Hours daysinmonth monthsinyear days inweek
00-59 0-23 1-31
1-12 0-6
5th field: 0 sun,1 mon,2 tue , 3 wen,4 thu,5 fri ,6 sat
requirement1 : task1 shold run every day at 6 AM first min
crontab -e
01 06 * * * task1
requirement2 : task2 should run only on sunday and monday at 7:30

crontab -e
30 07 * * 0,1 task2
how to list out scheduled jobs in cron?

crontab -l
listout the scheduled jobs
***** explain about cron fields

there are 6 fields
1 field is : mins in hour
2 field is : hours in day
3 field is : days in month
4 field is : months in year
5 field is : days in week
6th field is : task/job/script/command
***** how to check is the job executed or not?

verify cron logs
tail /var/log/cron
***** how to grant crontab access to normal users?

by default normal users will not have permissions to schedule jobs in cron.
by default root will create cron.allow file in /etc/

only users allowed who are there in /etc/cron.allow file
***** you will recieve ticket for granting crontab access to normal user.
login to respective server and add user name inside /etc/cron.allow
root can delete any body jobs and list out also.
crontab -u prasad -l
crontab -u prasad -e
***** crontab -e is not working then how you can modify the cron jobs
cd /var/spool/cron
individual files for individual users
from we can open file using vi and modify
vi prasad
how to remove prasad user jobs
cd /var/spool/cron
rm -rf prasad
===========Housekeeping alerts==================================================
/var partition is full

/ partition is full
/home partition is full
/boot partition is full
/tmp partition is full
Server ====> MONITORING TOOL =====> Ticketing tool ======> we will

acknowledge and work on ticket
/ partition usage is > 90 % then monitoring tool creates ticket in ticketing

tool and assign to linux administrator incase server is linux
c drive usage is > 90 % then monitoring tool creates ticket in ticketing tool
and assign to windows administrator incase server is window
ticket 1 is /var partition usage is > 90 %

==============================
in ticket you can find server name and partition details
in /var what kind of data will be there? logs or history about tasks.
logs will be in /var/log
how to check file usage? du -hs filename

du = disk usage
-s size
-h human readable
size will display in humman readable format
du -ks filename
size display in killo bytes
Action 1 : delete older than 3 months logs from /var/log directory

find /var/log -mtime +90 -exec rm -rf {} \;
deleted older than 3 months logs but still /var partition usage is
greater than 90 %. then compress the logs
Action 2 : compress the unwanted data from /var/log
du -hs *
we can see which file is consuming more space then we can take call and
compress the file uzinggzip command
there is unwanted file , the file name is message.20210301
gzip message.20210301
or
find /var/log -mtime +2 -exec gzip {} \;
compress all files which are greater than 2 days

deleted compressed older than 2 days logs but still /var partition
usage is greater than 90 %. then extend partition space
Action 3: extend the partition space if the partition is created with lvm
check available space in vg then extend the space for lv
lvextend -L +3G /dev/rootvg/varlv -r
>=80 % partiton Warning alert

>= 90% partition Critical alert
<80 % partition no alert
du = disk usage - we will use it for check current size of file or directory
( du -hs *, du -hs filename)
gzip = gunzip - we will use it for compress the bigger file
rm = remove - to remove any unwanted file/directory
find = find is used for find out older than 3 months log/data and delete or
move from one place to another place
find /var/log -mtime +90 -exec rm -rf {} \;
find /var/log -type f -mtime +90 -exec gzip {} \;
Alert 2 : / partition is full.
we will get ticket in our linux queue. we will acknowledge the ticket and
work on ticket.
/
/var ===>seperate partition
/tmp ===>seperate partition
/app1 ===> application partition
/db ===>dbpartition
/lib part of /
/usr is part of /
/root is part of /
/etc is part of /
/usr/share occupies 3 GB
how to identify which file or directory consuming more size?

cd /
du -hs *
the above command will show which file or directory consuming what size
*****(100 %) how to identify high usage file or directory
du -ks * | sort -rn | head -1
du -ks * = * all files/directories display size in killo bytes . |

redirected the first command output to pipe symbol
sort -rn = (n)print number lowest to highest (r) reverse that output when we
reverse highest will come to top | redirected output to the pipe symbol
head -1 = print first line
got highest usage file or directory
how to find out top 5 highest usage files/directories?

du -ks * | sort -rn | head -5
action 1 : we will remove in case any unwated data kept by any normal user.
action 2 : compress the importent data
action 3: extend the / partition space
***** how to know when this file is copied or created? who is the owner? what is
the size of that file ?
when this file is copied or created?
ls -ld /tfilebyprasad
or
stat /tfilebyprasad
who is the owner? ls -ld/tfilebyprasad or stat /tfilebyprasad
what is the size of that file?
du -hs /tfilebyprasad
/tfilebyprasad prasad prasad 1 GB
send mail to prasad

to : prasad
cc : prasad manager
Hi Prasad,
we identified following fine in / . the file name is /tfilebyprasad. the size is 1

GB.
why you kept this file in / partition?
if not important then please delete it or keep it in you application partition.
thanks & regards,

Raja
=========================
/applications
/db
OS
==============
/
/boot
/var
/tmp
alert 3 : /boot partition is full : cleanup the old kernel data from /boot
partition. not possible to extend the /boot partition becuase created as standar
partition.
/boot wont support LVM.
what is the size we will allocate for /boot partition ? 512 MB

what kind of data will be in /boot? OS bootable files
eg : kernel 1 : 3.10.0.256
kernel 2 : 3:10.0.520
initramfs-3.10.0.256.x86.img
initramfs-3.10.0.520.x86.img
initrd-3.10.0.256.x86.img
initrd-3.10.0.520.x86.img
110
123
862
which is latest kernel? 862 something goes wrong with 862 then we can revert with
123 so 110 is unimportant.
which kernel data we can cleanup from /boot? 110
is possible to extend /boot partition?

no. because /boot is created with stadard normal partiton.
/ lvm
/boot standard
/var lvm
/tmplvm
/tmp: here only temporary data will be there.
=====================SWAP============================
swap is a virtual RAM(memory). the processes or tasks will be redirected to swap

when RAM is full.
SWAP doen't have capacity to processes task to processor. task has to go via RAM
only.
RAM is a mediator between end user and processor.
RAM 2 GB then swap equal,double or 3times of ram
2 GB 2 times the amount of RAM 3 times the amount of RAM

2 GB – 8 GB Equal to the amount of RAM 2 times the amount of
RAM
8 GB – 64 GB At least 4 GB 1.5 times the amount of RAM
64 GB At least 4 GB Hibernation not recommended
creating swap:
step 1 :lvcreate -L 2G -n swap1 rootvg

step 2 :mkswap /dev/rootvg/swap1
step 3: add entry in /etc/fstab
/dev/rootvg/swap1 swap swap defaults 0 0
step 4:mount -a
swapon -a
free -m
swapon -a
-a = all swaps
to get status of swap.

swapon -s
removing swap:
step 1 :swithch off the swap
swapoff /dev/rhel/swap1
step 2 : remove swap1 entries from /etc/fstab
step 3 : delete the lv
lvremove /dev/rhel/swap1
1.partition based swap: creating lv or partition using normal method and

format with mkswap.
we don't have free space in vg or we don't have free disks in
system. but imedietly we have to extend swap. in that case go with file based
2.file based swap
step 1 : create file with 3 GB in any of the mount point.
dd if=/dev/zero of=/swap3 bs=1G count=3
step 2 : format file as swap
mkswap /swap3
step 3: appropriate permisions on swap file

chmod 600 /swap3
step 4 : switch on the swap
swapon /swap3
step 5 : add entries in /etc/fstab
/swap3 swap swap defaults 0 0
***** some tasks/processes are struck in swap. how we can move from swap to RAM
forcefully.
switch the swap then automatically all the processes are there in swap will
move to RAM
swapoff /swap3
or
swapoff /dev/rhel/swap2
swap usage is 2 GB and free RAM is 1 GB then we can not move 2 GB processes
from swap to RAM because there is no enough space in RAM.
so first we have to verify available space in RAM then only we can switch off the
swap.
CACHE = cache memory(RAM). cache will store the recently executed

jobs/tasks/processes information in cache memory .
in case same job came again then execution of job will be very
fast.
because last time execution information is there no need to
search for information.
cache always improves the server performance. with help of cache jobs will
execute very quickly.
***** how to clear the cache memory.

there is no space in main memory to allow new processes/tasks. in that
we will clear the cache
echo 3 >> /proc/sys/vm/drop_caches
BUFFER = running process information

SHARED = memory is shared between multiple processes/tasks.
====================Server Build================================
platforms
1. Physical platform ( console)
2. Virtual platform ( vcenter/vsphear)
3. Cloud platform
Physical machine related questions:

1. It is a physical server, server is not responding to commands or not
able to login through putty to server.
how we can reboot physical server in this case.
ANS: login to console then reboot
if it is HP server server we have ILO console to access server

in browser we type ip of Machine ilo
http://ipaddressofilo
username:
password:
console(ILO V4) ==> remote console ==>power switch ==> reset

button
HP : ILO
DELL = IDRAC
Virtual machine related questions:

1. It is a virtual server, server is not responding to commands or not
able to login through putty to server.
how we can reboot virtual server(vm) in this case.
ANS: login to vcenter then search for server and reboot
Cloud Virtual machine related questions:

1. It is a cloud virtual server, server is not responding to commands
or not able to login through putty to server.
how we can reboot virtual server(vm) in this case.
ANS: login to portal and click on virtual machines and restart the
virtual machine
VMWARE:
how to deploy servers in vmware environment
requestor will open change with our team, in change there will build sheet.
we will login to the ticketing tool and acknowledge the change. also download
the build sheet.
based build sheet instructions only we will build the server.
using templates we are deploying servers.
login to vcenter and click on templates there templates will be there we will right
click on right template and deploy
RHEL7.2_App_Ready_Template
RHEL7.2_db_Ready_Template
template is nothing but redimate virtual machine.
how template will ready?
create vm ==> Install redhatos ==> login to machine ==> install db related
packages and create db users ===> verify is db is working ==> request for
approval to convert as template ==> approval team will verify ==>
approve ==> right click on machine and create template
Task 1 : deploy server in vcenter ( download the build sheet and login to
vcenter and deploy the server as per build sheet)
Task 2 : completing the post build activities
once after server deploy then we can access server through putty and
complete the post build activites
1. Verified OS and confirmed its SLES 15.sp2

2. Creating file systems as per build sheet.
3. Setting up swap as per build sheet.
4. Create application group and users as per SAP basis team
request.
5. Grant full sudo permission to sapbasis user which is local
user.
6. Hardening Machine along with patching and Sap package
installation . (yum update /zypper update)
7. Hand over server to SAP/respective team.
========CMDB/inventory management
tool===================================================
cmdb
manageengine
hpsl(hp servers list)
cmdb(configuration management database) it's tool to maintain our

organization inventory
inventory:
server name
sever ip
ram size
cpu's
deployed date
downtime contact email id
OS
hard disks
Downtime Contact Email Address [email protected]
one of important data for future that is downtime contact email id.
total we have 5000 servers.

one of the server is not responding to commands/putty. next option is reboot. then
to whom we can contact for reboot approval?
to : [email protected]
cc : your team DL email address
Hi team,
we noticed following server " server1.xk." is not responding to commands.
need reboot approval.
Thanks & Regards,

S.Prasad babu.
===================================================================================
=====
Server decommision
we have to acknowledge server decommision change in ticketing tool.

step 1 : backup the full machine
linux admin will request vmware team to backup the full machine.
in ticketing tool we will open task for vmware team for backup.
step 2 : power off the server for 7 Days
shutdown -h now
step 3 : power on the server after 7 days and delete the machine in vcenter
vmware administrator will delete the vm
even we can delete the machine incase we have access.
prod = production(revenue generate environment) india

pre-prod = similar to production environment (test)
DR = replica of production US
QA = Quality analyze srvers(test)
DEV = development (test)
UAT/LAP/sandbox = (test)
==========Server hardening Tasks===============================================
BIOS
MBR
GRUB ===> kernel1 ===>rescue.target(repair mode)
kernel 2 ===>rescue.target(repair mode)
ctrl + alt + del = reboot the server
disable ctrl + alt + del key combination functionality.
1. Disabling direct root login through ssh service : PermitRootLogin no

in /etc/ssh/sshd_config
2. disabling common users login through ssh service : DenyUsersoracle,tomcat
/etc/ssh/sshd_config
3. disabling ctrl + alt + del key combinatin functionality(reboot)
4. setting up grub password
5. deleting unwanted softwares from servers(telnet,vsftpd,samba, depends on server
role) rpm -evvsftpd telnet
6. disabling USB for server
7. applying password policies
1. Min length of password
2. Min upper cases in password
3. min lower cases in password
4. special char in password
5. password should lock out incase user try with wrong password multiple
times
6. remembering recent password. it should not allow to set same password
multiple times
3. disabling ctrl + alt + del key combinatin functionality(reboot)
systemct mask ctrl-alt-del.target
4. setting up grub password

grub2-setpassword
the grub password will generate and update in /boot/grub2/user.cfg
6. disabling USB for server
step 1:block the usb driver/module

cd /etc/modprobe.d
vi blacklist.conf
append below line for disable usb
blacklist usb-storage
step 2 : enable the block list
modprobeusb-storage
reboot the server
7. applying password policies
in /etc/security/pwquality.conf
minlen = 9
dcredit = 1
ucredit = -2
lcredit = -1
u = upercase ( min 2 upper cases in password)

l=lower case -1 (min 1 lower case char in password)
d= decimal
minlen= password length
1. Min length of password (/etc/security/pwquality.conf)
2. Min upper cases in password (/etc/security/pwquality.conf)
3. min lower cases in password (/etc/security/pwquality.conf)
4. special char in password (/etc/security/pwquality.conf)
5. password should lock out incase user try with wrong password multiple
times
6. remembering recent password. it should not allow to set same password
multiple times
*****difference between find and locate.

find : there are multiple options to search the data( name based, size
based,permissions based, modify date and time based)
find will go to each and every directory and look for data
locate : using locate we can search file/directory with name based only.
if we know the name of file or directory then we can prefer locate
which is the faster search engine

locate
because it search file or directory name in system database.
syn: locate <filename>
PAM:
(pluggable authentication module)
it is a extra module to apply any user,account,password related
policies.
cd /etc/pam.d
password-auth
system-auth
5. password should lock out incase user try with wrong password multiple times
vi /etc/pam.d/system-auth and /etc/pam.d/password-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth required pam_tally2.so deny=3 unlock_time=1800
# auth sufficient pam_fprintd.so
auth sufficient pam_unix.so nulloktry_first_pass
auth requisite pam_succeed_if.so uid>= 1000 quiet_success
auth required pam_deny.so
=================================================================
***** how to identify wrong password attempts?
pam_tally2 -u username
***** how to clear wrong password attempts?
pam_tally2 -u username -r
pam_tally2 is a module using pam_tally2 we are applying account or authentication

policies
=============should remember old passwords while setting password

=====================
vi /etc/pam.d/system-auth and /etc/pam.d/password-auth
password requisite pam_pwquality.so try_first_passlocal_users_only retry=3

lcredit=0 ucredit=2 dcredit=1 ocredit=2 maxrepeat=3
password required pam_pwhistory.so remember=3 use_authtok
password sufficient pam_unix.so sha512 shadow nulloktry_first_passuse_authtok
password required pam_deny.so
=== ====================/etc/pam.d/system-auth and password-auth content
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth required pam_tally2.so deny=3 unlock_time=1800
# auth sufficient pam_fprintd.so
auth sufficient pam_unix.so nulloktry_first_pass
auth requisite pam_succeed_if.so uid>= 1000 quiet_success
auth required pam_deny.so
account required pam_unix.so

account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid< 1000 quiet
account required pam_permit.so
password requisite pam_pwquality.so try_first_passlocal_users_only retry=3
lcredit=0 ucredit=2 dcredit=1 ocredit=2 maxrepeat=3
password required pam_pwhistory.so remember=3 use_authtok
password sufficient pam_unix.so sha512 shadow nulloktry_first_passuse_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke

session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet
use_uid
session required pam_unix.so
===========================================================================
Perfomance Fine-tunning
===================
1. processor : Real worker

2. RAM(Memory) : Meditor between end user to processor
3.Hard disk : storage area
4. swap = supporter for RAM
5. Network(ethernet card) : network
TOP
SAR
IOSTAT
using above tools we can analyze the server performance.

TOP : using top command we can analyze CPU,memory,Swap,current running
processe with utilization.
SAR : High level CPU,memory,SWAP,Disk performance data we can get for present
and past also.
processor maintaince the Table.

individual process/task will store in one cell
LOAD AVERAGE:
Average load on CPU or CPU's
1 = CPU
2 = CPU's
3 = CPU's
load average: 4.11, 1.39, 0.66
Load average present min-LA last 5 min-LA Last 15 min - LA

1 CPU 1 1 1
100 % cpu is utilized for last 15 min onwards
1 CPU 0.50 0.50 0.50 50 % CPU is utilized
for last 15 min onwards
1 CPU 2 2 2 200 % double load is on CPU. 100 %
is executing and remaining 100 % is in queue
1 CPU 4 0 0 many tasks or big task is trigger
in current min or just now. last 5 and 15 min no work at to CPU
2 CPUS 1 1 1 50 % CPU is utilized for last
15 min onwards
2 CPUS 2 2 2 100 % cpu is utilized for
last 15 min onwards
4 CPUS 2 2 2 50 % CPU is utilized for last
15 min onwards
4 CPUS 8 8 8 200 % double load is on CPU.
100 % is executing and remaining 100 % is in queue
10 ls commands are triggered in 1 min are these light jobs or heavy

jobs? light, cpu utilization is 20 % 0.2 number in LA
2 dd commands are triggered in 1 min are these light jobs or heavy
jobs? heavy, cpu utilization is 200 % 2 number in LA
Load average calculation: No of tasks triggerred + CPU Capacity(n cpus) + job

weight = Load average
10 + 10 CPUS + light(ls) = 0.02
10 + 1 CPU + ligh(ls) = 0.20 ( 20 %)
Load average present min-LA last 5 min-LA Last 15 min - LA

1 CPU 1 1 1
100 % cpu is utilized for last 15 min onwards ====> Warning
1 CPU 2 2 2 200 % CPU is utilized
for last 15 min onwards ====> Critical
***** How to identify top 5 High cpu utilization processes?

top + n +5 ======> to define number processes display on screen
P option is for print high cpu utilization processes
cpu %
2835 test 20 0 1156580 1.0g 0 D 84.0 56.2
0:38.39 dd if=/dev/zer+ ===> Test uesr dd process is executing that is the reason
we can see 85 cpu % is occupied
2834 prasad 20 0 1156580 446824 28 D 1.5 24.0 0:08.83 dd
if=/dev/zer+
to create 200 GB null file

dd if=/dev/zero of=/dev/null bs=1G count=200
***** How to identify top 5 memory utilization processes
top + n + 5
M
M option is for print high memory utilization processes.
Tasks: 244 total, 1 running, 243 sleeping, 0 stopped, 0 zombie
total processes are 244

only 1 running process (1 top)
243 are sleeping
Stopped = paused jobs (ctrl +z) is for stop the running process
how to list out stopped jobs
jobs
***** how to send job to background run? command &
dd if=/dev/zero of=/dev/null bs=1G count=200 &
[test@masterserver ~]$ jobs

[1]+ Stopped dd if=/dev/zero of=/dev/null bs=1G count=200
[2]- Running dd if=/dev/zero of=/dev/null bs=1G count=200 &
how to stop the job which is running state? kill -SIGSTOP JOBID kill
-SIGSTOP %2
=====================================================================
[2]- Running dd if=/dev/zero of=/dev/null bs=1G count=200 &
[test@masterserver ~]$ kill -SIGSTOP %2

[1]- Stopped dd if=/dev/zero of=/dev/null bs=1G count=200
[test@masterserver ~]$
how to start or resume the job which is in stopped state? kill -SIGCONT JOBID
====================================================================
ZOMBIE:
========
process is dead but they are in process table
zombie is a dead process.

it wont occupy any memory(RAM) but it occupies process table space.
how zombies are created?
end user starts the process (NFSD) and end user kills the process.
systemctl start nfsd
starting nfsd process along with some child nfsprocesses.
40223 ppid (parent process id)
40224 (pid) child process id for 40223
when end user triggers stop the nfs service(40223) parent will give signal to
childs. like end user is asking to kill(stop) your self.
child processes has to kill them self and confirm back to parent. incase any
child killing is taking time by that time parent left from process table without
taking his dead child process that child dead process is nothing but
zombie.
40223 parent(ppid)
40224 he killed him self and responded back to 40223 within time like i
killed myself
40225 he killed him self and responded back to 40223 within time like i
killed myself
40226 he killed him self and responded back to 40223 with little bit late
by that time parent left the process table . now 40226 is zombie.
40226 is dead and doen't have parent to take him(clean up the process table).
40226 process will not consume memory(RAM) but it exist in the process
table.
how it can impact server performance?

server performance will degrade with zombie processes. becuase process table
space they occupy.
eg: process table capacity is 2000 process in that 10 zombie processes are there in
this case 10 new process space not using processor.
2000 -10 = 1990 it allow the processes

10 zombie process table space is getting wast.
***** what is zombie?

zombie is a dead child process. it creates when child not responded back to
parent process with in time of kill signal.
it wont occupies RAM but it occupies process table space.
is zombie is live or dead? dead

is zombie will impact server performace ? yes becuase it exist in the process
table
***** how to kill the zombie process?
we can't kill zombie because it's already dead
***** how to cleanup zombie process from process table?
solution 1 : reboot the server
solution 2 : start & stop the parent process and verify is zombie is cleaned
up else restart the server.
parent(nfsd)
***** how to identify zombie processes?
ps -aux | grep -idefuc
or
zombie process state will be Z
ps -aux | grep Z
ps = process table
a=all
u = all users processes
x= execution
***** what the process states?

R = Running
S = Sleeping
Z = Zombie
T = Stopped
D = un-inturuptable processes
ORPHAN
=======
***** what is orphan?

orphan is child process who doen't have parent but it is alive(running) state
so systemd process will adopt the orphan processes.
1 pid is systemd
rhel 7 and 8 systemd (1)
rhel 5 & 6 init(1)
who is the parent for orphan processes? systemd(1)
***** is orphan consumes memory and CPU?
yes becuase is a running processes. systemd process adopted orphan
process
***** how to kill the orphan processes?
reboot the server
zombie orphan
dead Alive
no memory consumtion yes it consume the cpu and memory
we can not kill the zombie we can kill becuase it is running state
because it is alread
dead
===%Cpu(s): 0.3 us, 0.3 sy, 0.0 ni, 99.3 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0
st===================
us =
0.3 % cpu is used by user processes
sy =
0.3 % cpu is used by system processes
ni =
0.0 % cpu is used by ni(nice processes) or priority processes
id =
99.3 % cpu is idle(free)
100 - 99.3 = 0.7 is used . not even 1 % is used
server performance is too good becuasecpu is used only 0.7 %.
wa = 0.0 % cpu is used by waiting processes
us= user processes are consuming 99 % then what you can take further action.
in top we can see which user processes are consuming more cpu then send out
mail to them like
we noticed your processes are consuming more cpu is this expected?
ps -aux | grep prasad
prasad responded back those are expected processes we can't kill those. then
next action from admin is extend the CPU's.
2 CPU's are there we can extend those 2 to 4 CPU's.
***** noticed sy processes are consuming more cpu % like 60 % or greater than 20 %.
how we can mitigate this issue or problem.
solution 1: reboot the server and notice the cpu usage by SY. still same usage then
solution 2 : perform patching. may be bugs are there so perform OS patching ( yum
update) zypper update . still no use still cpu usage is high then?
solution 3 : open case with redhat or suse based on os vendor and explain the
problem.
redhatos = os vendor is redhat
suseos = os vendor novel or suse
HP uxos = os vendor is HP
=================================================================
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+
COMMAND
3116 prasad 20 0 1156580 1.0g 200 R 24.3 56.2 0:00.77 dd
27 root 20 0 0 0 0 S 2.2 0.0 0:00.83
kswapd0
1 root 20 0 128220 1992 336 S 0.3 0.1 0:03.74 systemd
1227 root 20 0 222716 2000 1772 S 0.3 0.1 0:00.51
rsyslogd
2903 prasad 20 0 116756 1816 92 S 0.3 0.1 0:00.08 bash
3115 root 20 0 162076 1828 1040 R 0.3 0.1 0:00.19 top
pid = process id
user = owner of process or process triggered by which user
dd command is triggered by prasad , process id is 3116
systemd is triggered by root, process id is 1
PR = priority processes
NI = nice processes
20 is default priority
-20 high priority
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

3162 prasad 0 -20 1156580 1.0g 540 R 99.9 56.2 0:26.81 dd
for 3162 process we given high priority
top + r + pid(3162) + -20(re-nice value is -20)

-20 is the hight priority
top + r + pid + re-nice value
VIRT RES SHR
virtual memory used by process(cache and buffer)

RES = actual RAM usage by process
SHR = shared memory between multiple processes
***** one of process is consuming 150 % of cpu what action you will take?
1 cpu = 100 %
2 cpus = 200 %
4 cpus = 400 %
8 cpus = 800 %
task 1 : verify how many cpus are configured for virtual machine
top + 1 to know the cpu's list
or
lscpu
task 2 : noticed 2 cpus are there then actually usage of cpu's are 75 % only
becuase my cpus capacity is 200 %. nothing to worry.
4 cpu's and one of the process is consuming 200 % .

not an issue. my cpus capacity is 400 % in that one of the process is
consuming 200 % so nothing to panic.
1 cpu then one of process reached 100% then yes it's critical.
suppose 1 cpu and one of the process is consuming 100 % for last 15 min then what
you will do?
action: identify who is the owner of process
top we can owner of the process at left side
pid username pr nivirt res
send mail to respective team.
Hi Team,
noticed your process is consuming 100 % cpu for last 15 min. please cross
verify and confirm us is this expected usage.
servername : xyzserver
screenshot of that top output
thanks and regards,

S.Prasad babu.
replied back to us
Hi Prasad,
that is expected usage only. please think on aleternative.
thanks & regards,

DB admin
Hi DB Team,
we can increase the cpus. right now 1 cpu is there if you get approval we can
increase that cpu capacity to 2 CPU'S.
Thanks & Regards,

S.Prasad babu.
===================================================================================
===
***** recieved High CPU usage alert from one of the server?
ticketing tool
24/7
24 hours in 7 days some one will available for support
A shift - 6 AM - 3 PM
B shift - 2 PM - 11 PM
C shift - 10 PM- 7 AM
shift engineer will keep monitor the ticketing tool queue.
Linux team will have seperate queue name in ticketing tool.
Action 1 : we have to acknowledge the ticket as soon as ticket araives into

our queue.
open ===> in-progress ==> pending for something ==> resolve ===>
close
ack means changing status from open to in-progress
Action 2 : login to respective server then verify is the alert is geninue or

fake.
top command to verify cpu usage
if the usage is matching as per ticket then alert is geninuene

Action 3 : identify which process is consuming more cpu
top + P
Action 4 : noticed DB / App processes are consuming more cpu % then send mail
and transfer ticket to their queue.
send mail
transfer ticket to respective team queue
Hi Team,
we noticed your process is consuming more cpu % . Kindly take nessary

action.
find beleowscreenshot.also ticket has been transfered to your
queue.
thanks & regards,

S.Prasad babu.
oracle = db
tomcat = app
pd1adm user who requested to create new user is app team.

pd1adm is a app user or not? yes
***** recieved High memory(RAM) usage alert from one of the server?
ticketing tool
Action 1 : we have to acknowledge the ticket as soon as ticket araives into our
queue.
open ===> in-progress ==> pending for something ==> resolve ===>
close
ack means changing status from open to in-progress
Action 2 : login to respective server then verify is the alert is geninue or

fake.
top command to verify memory usage
if the usage is matching as per ticket then alert is geninuene

Action 3 : identify which process is consuming more memory
top + M
Action 4 : noticed DB / App processes are consuming more memory % then send
mail and transfer ticket to their queue.
send mail
transfer ticket to respective team queue
Hi Team,
we noticed your process is consuming more memory % . Kindly take

nessary action.
find beleowscreenshot.also ticket has been transfered to your
queue.
thanks & regards,

S.Prasad babu.
oracle = db
tomcat = app
Operational team = Unix/linux(redhat,suse,solaris,aix,hp-ux)

windows (windows,vmware)
network
db team
application
storage team
backup team
==========================
build team
patching team
how to identify particular user processes in top?

top + u + username
how to kill process using top command?
top + k + pid + killsignal 9
9 = interupt and kill

15 = refresh the process
***** how to kill the process

kill
pkill
kill pid
pkillprocessname
forcefully
kill -9 pid
pkill -9 processname
***** how to identify is the process is running or not?
ps -aux | grep pid or process name

***** what is the actual cpu or memory usage of process?
top
SAR
system activity report
top
SAR
top : we can analyze live sever performance report.

SAR : we can analyze live and past server performace report.
in SAR we can not get invidual process cpu/memory utilization. it gives only
over all cpu/memory usage at present/past.
how to get cpu utilization report?

sar -u 1 5
1 is interver every 1 sec
5 repeate times . 5 times it has print data
Memory: sar -r 1 5
swap : sar -S 1 5
cpu : sar -u 1 5
disk : sar -d -p 1 5
Historical data : /var/log/sa

in this location we can find last 1 month data
how to read yesterday data using sar

Memory : sar -r -f /var/log/sa/sa21
cpu : sar -u -f /var/log/sa/sa21
swap : sar -S -f /var/log/sa/sa21
disk : sar -d -p /var/log/sa/sa21
-f sar file path
someone complained about server performance like yesterday around 7:30 AM

server was not responding. i think cpu/memory was issue.
could you please confirm.
Hi DB person,
server looks good yesterday at 7:30 AM.

we verified cpu and memory and all look good.
cpu usage was 1% assume cpu usage was 99 % at 7:30 AM then we have to
accept complain and work on.
memory usage was 42 %
every 10 min data will be collected and stored in /var/log/sa/sa22( we can find
cpu,memory,disk,swap,.....)
per day data . cumulative data also collected per day and created as day file
/var/log/sa/sa21 inside this file we can find every 10 min data
/var/log/sa/sa20
/var/log/sa/sa19
sarmodule/programs/libraries
sa1 (every 10 min) sa1 will execute every 10 min and collect data with
help of sadc and push data to respective day file(sa21)
sa2 (every day once at 11:53 PM) sa2 will execute at 23:53(11:53 PM) and
collect cumulative data per day and update data in respective day file
sadc ( system activity data collector)
disk performance:
df -h will not give disk performance it gives only disk usage
total size and what is the usage and how much is free
disk performance is nothing but speed of read and write
sar -d -p 1 5
here we have to analyze
AWAIT (average waiting) 100 >> 200 after some sec >> 400 that
means disk is not able handle all tps(transactions per sec)
waiting period is increasing so we can thing about
disk replacement with latest technology
or
2 disk create stripped lv

2 disk nothing 2 workers
now transactions will be devided between 2 disks so disk performance will
increase.
========================= ITIL process======================================
Information technology Infrastructure Library
Hardware
OS(Linux OS,Windows,AIX)
Infra structure team:

===============
OS team
Network team
Database team
Backup team
storage team
for these teams ITIL process has been introduced.
infrastructure as a service
visa company:
visa company will write aggrement with Accenture for infra support.
visa is the client for accenture.
visa will consider accenture is a service vendor

accenture will consider visa is a client.
who is the service provider? Accenture

accenture has to give the quality service to visa then only contract
will continue for some more years.
to provide quality service to visa, service based companies has to follow

ITIL process.
ITIL :
pre-defined procedures are there . we can costomize that procedures
change management
incident management
problem management
record the recently faced issues. analyze the issue, write the root cause for
issue.
US project
A or india shift - 6 AM to 3 PM 1 L1 emp,1 L2 emp , 1 SME(oncall)
B or UK shift - 2 PM to 11 PM 1 L1 emp,1 L2 emp
C or US shift - 10 PM to 7 AM 2 L1 emp,2 L2 emp,1 sme
shift hand over : shift owner has to give shift hand over to next shift team with
in that 1 hour buffer time.
2 methods:
1. meeting with current shift team and next shift team
2. mail
incident management:
catogories: ack resolve
P1 15 m 4 hours ( p1 is nothing but bussiness impact)
P2 15 m 8 hours
P3 30 m 1 day
P4 30 m 1 week
SLA ( service level aggrement)

between visa and service provider(accenture)
incase you could not able to fix p1 issue in 4 hours then penalty is 1
crore per hour.
there are 3 main compoents in ITIL

===========================
1. Change manangement
2. Incident management
3. problem management
1. Change Management:
fellow the process to change any thing in infrastructure.
1. OS patching is a change
2. Increase the CPU's is a change
3. extend/reduce lv space is a change
4. delete one user from server is a change
5. export and mount nfs file system is a change
6. decommission the server is a change
7. Replace any hardware part for server is a change
8. updating kernel parameters is a change
9. power off all server on dec 31 and power on server on 1 Jan
===> RFC ===> prepare CR ===> TAB Meeting ===> CAB meeting ===> go/no go
call ==> change implementation ===> roll back in case change fails
day1 day2 day3 day4 day5 day6
1. Routine change ( OS patching, Replace any hardware part for

server,power off all server on dec 31 and power on server on 1 Jan)
2. Standard change ( increasing cpu,ram,extendingspace,deleting users,
nfs related ,ftp related,kernel parameters)
3. emergency change (above both the changes will become emergency
anytime)
RFC = request for change

linux administrator will open 1 item with PMO
change manager (OS patching is the change, linux administrator has to inform
change manager we are planning patchong on so and server)
incident manager
problem manager
change managers: 3 members

change manager 1 is leading patching
change manager 2 is leading server decommision
change manager is a co-ordinator until change completes.
RFC tracked by change manager

prepare cr(change request) CR prepared by Linux administror but change
manager will co-ordinate with linux admin to prepare cr.
/db partition is full now which team is responsible for /dbpartiton? DB team
dbteam will open ticket with Linux team please increase the /db partition space.
now who is the requestor? DB Team
RFC = DB team
os patching = RFC = Linux team
increase the swap , it is a db server = RFC = dB team
===> RFC ===> prepare CR(join in meeting and prepare cep) ===> TAB Meeting
===> CAB meeting ===> go/no go call ==> change implementation ===> roll back in
case change fails
day1 day2 day3 day4 day5
day6
monday tue wen thu friday
sunday
Day 3 (TAB meeting) ---- Technical advisory board

change co-ordinator will schedule meeting to discuss about CEP
Linux,application,dbteam,vmware team will join in meeting and discuss
about CEP.
Day 4 (CAB meeting) ====> change advisory board
here client and architects will join and approve changes for
implemenation
Linux team : change1 : OS patching
network : change 2 : firewall change
db : change3 : db level changes
Day 5 : ( go or no go approval) final approval for change implement
Day 6 : implement change with change window time

change start at 11 PM and complete by 6 AM is change windows time.
8 AM still we are in change implementation that policy volation
Day 2 : prepare CR and create CR in ticketing tool
change is OS patching:
here Linux team has to create CR in ticketing tool
CR number is : CH125468
CR Tasks : Task1 : CH125468-1 task 1 assigned to
vmare team to create snapshot preor to change implementation
start time : 0:00
end time : 0:30
servers list
CR Task 2 : CH125468-2 : stop and start the DB
stop time : 2:00 - 3:00
start time :5:00 - 5:30
CR Task 3 : CH125468-3 : Stop and start the
application
stop time : 1:00 - 2:00
start time : 5:30 - 6:00
Incident management
================
suddenly something happened in environment(Servers,network,vmware) which is causing

business impact.
1. server is hang
2. High cpu utilization
3. High memory utilization
4. Users not able to access application
5. server is powered off
6. application not running
7. disk full due to this applicaton not running
SLA: Service level aggrement

aggrement between client and service provider
Type response_time resolve_time Restore_time SLA breach

P1 15 M 4 H 1 Day some penalty
P2 15 M 8 H 2 Days
P3 30 M 1 D
P4 30 M 1 Week
P1 = priority 1 issue: which is causing business impact
production =one of server is down , is incident can consider as a P1? Yes if

server down is impacting to business then consider as P1
DR == one of server is down , is incident can consider as a P1? No
pre-prod == one of server is down , is incident can consider as a P1? No
QA == one of server is down , is incident can consider as a P1? No
DEV == one of server is down , is incident can consider as a P1? No
LAB == one of server is down , is incident can consider as a P1? No
===============P1 =================
deleted one of the gcc package from production server. after that application
not running. now end users not able to access application.
It's a P1 or not? P1
Action 1 : application team identified application is not accessible to end

users then imediatly inform incident manager.
Action 2 : Now incident manager is responsible for incident
he will open conference call with respective teams
Linux
vmware
application
db team
Action 3 : Incident manager will open incident in ticketing tool

Action 4 : the ticket is assigned to linux team then imediatly or with
response time (15 Min) we have acknowledge the ticket
acknowledge means what sir:
assigning change with your name and change incident state
to working in progress
Action 5 : start troubleshooting on issue in conference call

you confirmed issue is not at OS end. then transfer incident with
respective team
Action 6 : incident manager will keep take updates from conference call and
send mail to respective client Heads
every 30 min the change manager will give update to respective client
heads about incident.
Action 7 : applicaiton team resolved issue
Action 8 : incident manager will give update to client about incident resolve
status.
P1 RCA is mandatory
RCA = Root cause analysis
root for incidnet is nothing RCA

find out root cause of incident and fix it permanently
===================================P1 close==============================
L1 - 0-3 years
L2 - 3 - 6 Years
L3 - 6 - 9 Years experience
L4 - SME = >9 to 15 Years
Architect = >15
vendor(os vendor)
linux team got P1 issue at 7 am same time linux team opened case with redhat
for same issue.
SLA 4 even redhat SLA 4
Ticket chat daigram:
open ==> acknowledge ===> pending ==> resolve ===> close
acknowledge : change status to in-progress and assign to your self

assignee = your name
pending = requestor not mentioned server name in ticket so pending ticket
requestor not clarified what i asked so pending
opened case with vendor waiting vendor response pending
resolv = resolve ticket
requestor confirmed issue is resolved please close this request
close
Problem management
================
where we don't have permanent fix for the incident that is nothing problem.
when we don't permanent fix for indent the incident will repeat or not.
that is problem.
every monday server is getting hand. but we don't have root cause
every friday at 11 PM server is rebooting, but we don't have root cause
we will take vendor support to fix the problem. we will open case with redhat/suse
and work on the problem.
Ticketing tools:
SNOW ( Service now)
SM( service manager)
remidy
zabix
==============================================================================
Linux Interview Questions

A list of top frequently asked Linux interview questions and answers are given
below.
1) What is Linux?
Linux is a UNIX based operating system. Linus Torvalds first introduced it. It is
an open source operating system that was designed to provide free and a low-cost
operating system for the computer users.
2) What is the difference between UNIX and Linux?

UNIX was originally started as a propriety operating system for Bell Laboratories,
which later release their commercial version while Linux is a free, open source and
a non-propriety operating system for the mass uses.
3) What is Linux Kernel?
Linux Kernel is low-level system software. It is used to manage the hardware

resources for the users. It provides an interface for user-level interaction.
4) Is it legal to edit Linux Kernel?

Yes. You can edit Linux Kernel because it is released under General Public License
(GPL) and anyone can edit it. It comes under the category of free and open source
software.
5) What is LILO?
LILO is a boot loader for Linux. It is used to load the Linux operating system into
the main memory to begin its operations.
6) What is the advantage of open source?

Open source facilitates you to distribute your software, including source codes
freely to anyone who is interested. So, you can add features and even debug and
correct errors of the source code.
7) What are the basic components of Linux?

Just like other operating systems, Linux has all components like kernel, shells,
GUIs, system utilities and application programs.
8) What is the advantage of Linux?
Every aspect comes with additional features, and it provides a free downloading
facility for all codes.
9) Define shell
It is an interpreter in Linux.
10) Name some shells that are commonly used in Linux.

The most commonly used shells in Linux are bash, csh, ksh, bsh.
11) Name the Linux which is specially designed by the Sun Microsystems.
Solaris is the Linux of Sun Microsystems.
12) Name the Linux loader.

LILO is the Linux loader.
13) If you have saved a file in Linux. Later you wish to rename that file, what
command is designed for it?
The 'mv' command is used to rename a file.
14) Write about an internal command.

The commands which are built in the shells are called as the internal commands.
15) Define inode.

Each file is given a unique name by the operating system which is called as the
inode.
16) If the programmer wishes to execute an instruction at the specified time. Which
command is used?
The 'at' command is used for the same.
17) Explain process id.

The operating system uniquely identifies each process by a unique id called as the
process id.
18) Name some Linux variants.

Some of the Linux commands are:
CentOS
Ubuntu
Redhat
Debian
Fedora
19) What is Swap Space?
Swap space is used to specify a space which is used by Linux to hold some
concurrent running program temporarily. It is used when RAM does not have enough
space to hold all programs that are executing.
20) What is BASH?

BASH is a short form of Bourne Again SHell. It was a replacement to the original
Bourne shell, written by Steve Bourne.
21) What is the basic difference between BASH and DOS?

BASH commands are case sensitive while DOS commands are not case sensitive.
DOS follows a convention in naming files. In DOS, 8 character file name is followed
by a dot and 3 characters for the extension. BASH doesn't follow such convention.
22) What is a root account?
The root account is like a system administrator account. It provides you full
control of the system. You can create and maintain user accounts, assign different
permission for each account, etc.
23) What is CLI?

CLI stands for Command Line Interface. It is an interface that allows users to type
declarative commands to instruct the computer to perform operations.
24) What is the GUI?

GUI stands for Graphical User Interface. It uses the images and the icons which are
clicked by the users to communicate with the system. It is more attractive and
user-friendly because of the use of the images and icons.
25) Which popular office suite is available free for both Microsoft and Linux?
Open Office Suite is available free for both Microsoft and Linux. You can install
it on both of them.
26) Suppose your company is recently switched from Microsoft to Linux and you have
some MS Word document to save and work in Linux, what will you do?
Install Open Office Suite on Linux. It facilitates you to work with Microsoft
documents.
27) What is SMTP?

SMTP stands for Simple Mail Transfer Protocol. It is an internet standard for mail
transmission.
28) What is Samba? Why is it used?

Samba service is used to connect Linux machines to Microsoft network resources by
providing Microsoft SMB support.
29) What are the basic commands for user management?

last,
chage,
chsh,
lsof,
chown,
chmod,
useradd,
userdel,
newusers etc.
30) What is the maximum length for a filename in Linux?
255 characters.
31) Is Linux Operating system virus free?

No, There is no operating system till date that is virus free, but Linux is known
to have less number of viruses.
32) Which partition stores the system configuration files in Linux system?
/stc partition.
33) Which command is used to uncompressgzip files?

gunzip command is used to uncompressgzip files.
34) Why do developers use MD5 options on passwords?

MD5 is an encryption method, so it is used to encrypt the passwords before saving.
35) What is a virtual desktop?

The virtual desktop is used as an alternative to minimizing and maximizing
different windows on the current desktop. Virtual desktop facilitates you to open
one or more programs on a clean slate rather than minimizing or restoring all the
needed programs.
36) What is the difference between soft and hard mounting points?
In the soft mount, if the client fails to connect the server, it gives an error
report and closes the connection whereas in the hard mount, if the client fails to
access the server, the connection hangs; and once the system is up, it again
accesses the server.
37) Does the Alt+Ctrl+Del key combination work in Linux?

Yes, it works like windows.
38) What are the file permissions in Linux?

There are 3 types of permissions in Linux OS that are given below:
Read: User can read the file and list the directory.
Write: User can write new files in the directory .
Execute: User can access and run the file in a directory.
39) What are the modes used in VI editor?
There are 3 types of modes in vi Editor:
Regular mode or command mode

Insertion mode or edit mode
Replacement mode or Ex-mode
40) How to exit from vi editors?
The following commands are used to exit from vi editors.
:wq saves the current work and exits the VI.

:q! exits the VI without saving current work.
41) How to delete information from a file in vi?
The following commands are used to delete information from vi editors.
x deletes a current character.

dd deletes the current line.
42) How to create a new file or modify an existing file in vi?
vi filename

LINUX

Uploaded by

Copyright:

Available Formats

LINUX

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LINUX

Uploaded by

Copyright:

Available Formats

52.247.217.

Linux Administration + Azure (Cloud) + Shell scripting + Ansible

1. Linux administration = 3 Months (Red hat 7 and 8)

Eg: highest qualification is B tech and passed out in 2018

Do's and don't

Collection of programs which are written in different language.Which are

OS is a mediator worked between prasad and speakers.

It is an open source operating system

UNIX is an open source operating system?

UNIX and Linux are these same? No

UNIX is parent for Linux operating system.

UNIX = Released 1969

1. Linux (Linus torvalds) 1991 - USA - he customized UNIX operating system

1. Redhat linux (marc Ewing) 1994

RHEL 6 redhat enterprise linux 6.0, 6.1, 6.2, 6.3......6.10

==================> Roles of Linux

Build the servers

AIX = 100000 profit 1 CR

Design of the UNIX operating system.same architecture continued by all other

There are 2 components are involved.

Virus is new program or pre-defined program in OS?

Overall programs are 1000 means P will be devided between shells

FIFO= first in first out will be take care by kernel

1. What is server? Desktop (Laptop)

Main components of PC:

Extra features in Server:

2 .DC= Data center

Where we will maintain Infra components with very security

SAN = storage area network

Company owner initiated for new application development.

DC engineer will share console IP and credentials to OS administrator

DC engineer responsibilities: mounting server in rack ==> connects the

Server is in US and linux administrators are sitting in India.

What are the further tasks on newly arraived servers?

ILO = Integrated lights out

Just assume, san box capacity is 1000 Hard disks.

Server (HBA card) ==========>fiber cable =========> SAN BOX

->NIC used to connect ether net storage to a switch or server

ethernet with rj45 connection

256 GB RAM 4 processors

With virtualization technology i may be able to create n number virtual

Who developed esxi? Vmware Company

Esxi: is an OS which is developed by VMWARE Company.

vmware workstation = home users not for organization

so much difference between vcenter and vmware workstation.

vcenter is a enterprize tool.

2 cores are there then one cost from vmware

physical server 1 ==>redhatos installation ==> application

How to enable virtual technology (VT) at bios level in laptop

Task 1 : enable VT at bios level

/ is a main directory in unix servers

/boot is one of subdirectory in /

13 important subdirectories inside /

Pwd = it prints the current working directory>> print working directory

6. /bin: normal user commands

10. /dev: it contains device names (cd, DVD, hard disks)

Every user will have rights to use /tmp directory.

Pwd, cd, ls, clear, ueraddprasanth, whoami, su - prasanth, exit

Drawback: we can not modify existing file content.

dw : is for delete cursor standing word