Rhce 134 Lab Manual - Adil-Sir
Rhce 134 Lab Manual - Adil-Sir
# vim /etc/vsftpd/vsftpd.conf
Search for [listen ipv6]
Listen=yes
#listen ipv6=NO
6. Now, copy this kickstart file to public directory of ftp and change
the permissions.
# cp -r anaconda-ks.cfg /var/ftp/pub/
# chmod 777 anaconda-ks.cfg
#grep -v linux hat (v=invert/show all line do not have word linux)
#grep -C 3 the hat (display 2 line below and above "Linux" word)
#grep -iwr linux* (to search word 'linux' in all the file or directory)
# vim file1
dw (delete a word)
u (Undo)
At Schedule Task.
The at command is a Linux command-line utility used to schedule a job for
later execution. The utility reads commands from standard input and groups
them into an at job, which executes only once
1). To schedule a task to run in Linux two minutes from now, you can use the
"at" command.
#at now +2min
2. In Linux, "atq" and "at -l" are commands used to display the pending "at"
jobs in the system queue.
The "atq" command displays a list of all the pending "at" jobs for the current
user, along with their job ID numbers and scheduled execution times. For
example, if you run the "atq" command in the terminal, you might see output
like this:
3. If you want to schedule a task to run at 1:23 PM, you can use the "at"
command in Linux. Here's an example command you can use in the terminal:
#at 1:23pm
4. If you want to schedule a task to run at 1:28 PM on January 17, 2023, you
can use the "at" command in Linux. Here's an example command you can use
in the terminal:
# at 1:28pm 17 jan 2023
# atrm 6
1. The "crontab -l" command is used to list the cron jobs for the current user.
When you run this command in the terminal, it will display a list of all the
scheduled jobs that have been set up for that user. The output will include the
timing information for each job, as well as the command or script that will be
executed.
2. The "crontab -e" command is used to edit the cron configuration file for the
current user. When you run this command in the terminal, it will open the
cron configuration file in the default text editor, which is usually Vi or Vim.
#crontab -e
#crontab -l
We can Create a script for make directory and file then Set crontab schedule
Script is ready.
3. "crontab -r" is used to remove or delete the user's crontab (i.e. the
scheduled tasks or commands that are set up to run automatically at specified
times).
When this command is executed, it will remove all the crontab entries for the
current user and it cannot be undone. Therefore, it is important to be cautious
when using this command as it will delete all the scheduled tasks set up for the
current user.
#crontab –r
#top
Press R -------to renice
NI -20------0-------+19
High pr Low pr
pr 0-------20---------+39
#vim file21 & (run command in background and to get pid of vim
command)
In Linux, Access Control Lists (ACLs) are used to provide more fine-grained
control over file and directory permissions. Traditionally, Linux file
permissions are controlled through a combination of three permission bits for
the file owner, group, and others. However, ACLs allow you to define
additional permissions for specific users or groups, which can be useful in
situations where the traditional permission model is not sufficient.
ACLs are stored as extended attributes for files and directories, and can
be viewed and modified using the getfacl and setfacl commands,
respectively.
The getfacl command displays the current ACL for a file or directory.
While the setfacl command can be used to modify or set a new ACL.
extra “+” sign after the permissions like -rw-rwx--+, this indicates there
are extra ACL permissions set which you can check by getfacl
command.
In Linux, there are two types of access control lists (ACLs) that can be set on
files and directories:
1. Access ACL
2. Default ACL
The "-R" option in "setfacl" stands for recursive. When used with
"setfacl", it applies the ACLs to all files and directories recursively in a
given directory.
This means that the command will not only apply the ACL to the
specified directory, but also to all files and directories within that
directory.
On the other hand, the "-d" option in "setfacl" stands for default.
When used with "setfacl", it sets a default ACL for a directory. This
means that any new files or directories created within that directory will
inherit the same ACL.
The NSA has had some involvement in the development of Linux, particularly
in the area of security. For example, the NSA developed a security-enhanced
version of Linux called SELinux (Security-Enhanced Linux), which adds
mandatory access controls to the standard Linux security model.
The semanage port -l command is used to display the list of network port
definitions that are currently managed by SELinux in a Linux system. The
output of this command shows a list of port definitions with the following
information for each port:
selinux_context: the SELinux security context associated with the port
proto: the protocol (TCP or UDP) used by the port
port: the port number or port range
When you run the getenforce command, it will return one of three possible
modes:
Enforcing: SELinux is enabled and actively enforcing security policies.
Permissive: SELinux is enabled, but it is not enforcing policies. Instead,
it will log policy violations for analysis.
Disabled: SELinux is not enabled on the system.
#getenforce
# cd /var/www/html
# ls
# vi index.html
# firefox&
Search 127.0.0.1
SELinux security context labels are composed of three parts: user, role, and
type. The type field is the most commonly used in chcon command to change
the SELinux context of a file or directory.
In this case, the default_t type is a commonly used SELinux context type that
provides default security restrictions for most files on the system. By running
this command, you are changing the security context of the index.html file to
the default security context type.
# chcon -t default_t index.html
#ls -Z
Refresh the page, page will be not working because selinux is implement with
enforcing mode
Refresh the page, page will be working because selinux is implement with
permissive mode
#restorecon index.html
STEP : 2
STEP : 4
STEP : 6
AFTER REBOOT YOU SYSTEM YOU WILL GET ONE DISK (sda)
fdisk /dev/sda: Start the fdisk utility and specify the target disk /dev/sda
for partition management.
o p: Print the current partition table for the selected disk.
o n: Create a new partition on the selected disk.
o d: Delete a partition from the selected disk.
o t: Change the partition type of an existing partition.
o w: Write the current partition table to disk and exit fdisk.
o q: Quit fdisk without saving any changes.
It's important to be cautious when using fdisk, as modifying the partition
table can potentially result in data loss or corruption. Before making any
changes to the partition.
#partprobe
Partprobe is a command in Linux used to inform the kernel of partition table
changes on a hard disk. When new partitions are created or existing partitions
are resized, the partition table on the disk is updated, but the kernel may not
be aware of these changes until the system is rebooted or the disk is re-
scanned.
resize2fs is a command used to resize the ext2, ext3, or ext4 file system on a
disk partition. It is used to expand or shrink the file system on a partition
when the underlying partition has been resized
#resize2fs /dev/sda1
# partx /dev/sda
# pvs
# pvcreate /dev/sda1
# pvs
# vgs
# vgcreate new_vg1 /dev/sda1
# vgs
# mkfs.ext4 /dev/new_vg1/new_lv1
# resize2fs /dev/new_vg1/new_lv1
# mkdir /lvmpartitions
# mount /dev/new_vg1/new_lv1 /lvmpartitions/
# df -h
# df -Th
# lsblk
# fdisk /dev/sda
n: for new partition
t:for change partition type
8e is type of lvm
w:for save the changes
# lvs
# lvextend -L +9.995G /dev/new_vg1/new_lv1
# lvs
# df -h
# lvs
# df –h
# mkfs.ext4 /dev/new_vg1/new_lv1
# resize2fs /dev/new_vg1/new_lv1
# df -h
# mount /dev/new_vg1/new_lv1 /lvmpartitions/
# df -h
# df -h
# umount /lvmpartitions/
# df -h
# vgs
# vgremove new_vg1
# vgs
# lsblk
CLIENT SIDE:
# yum repolist all
# vi /etc/exports
# cat /etc/exports
# exportfs -rv
# firewall-cmd --reload
# firewall-cmd --list-all
# showmount -e 192.168.199.142
# df -h
#cd /nfs_accept/
# ls
# mkdir success
# ll
File and printer sharing: Samba allows users to share files and printers
with other computers on the network.
Domain controller: Samba can act as a domain controller and provide
authentication and authorization services to clients.
Active Directory integration: Samba can integrate with Microsoft's
Active Directory and provide a variety of services, including domain
authentication, group policy, and directory services.
Security: Samba provides various security features, such as user-level
and share-level access controls, encryption, and auditing
# ping 192.168.0.179
# ls -Z /
# useradd prajwal
# passwd prajwal
# smbpasswd -a prajwal
[samba_share]
path=/samba_share
host allow=192.168.0.179
valid users=prajwal
write list=prajwal
browseable=yes
# firewall-cmd --list-all
# firewall-cmd --list-all-zones
# firewall-cmd --get-active-zone
# firewall-cmd --zone=public --add-interface=ens160
# firewall-cmd --get-active-zone
# firewall-cmd --reload
# firewall-cmd --zone=public --list-all
# firewall-cmd --list-all
# firewall-cmd --permanent --remove-service=cockpit
# firewall-cmd --reload
# firewall-cmd --list-all
# firewall-cmd --list-all
# firewall-cmd --reload
# firewall-cmd --list-all