RedHat Linux

Root Passwd

a 1

space 1

setenforce 0

passwd

#init 5        or try  #exit

 other root----->passwd

Application-->system tool-->terminal

2) Enforcing mode

vi /etc/sysconfig/selinux

#touch /.autorelabel

#reboot

#getenforce

3) Setting IP Address

# cd /etc/sysconfig/network-scripts

#vi ifcfg-eth0

BROTOPROTP=static

DNS1=172.24.254.254

GATEWAY=172.24.254.254

IPADDR=172.24.254.6

NETMASK=255.255.0.0

NM_CONTROLLED=yes

ONBOOT=yes

:wq

#service network rstart

#ifconfig         for checking IP Address

#route-n        for checking gateway

cat /etc/resolve.conf

nameserver 172.24.254.254

ping 172.24.254.254                               server

#nslookup instructor.example.com

NAME:instr.example

Address:172.24.254.254

4) #dig instructor.example.com

ANSWRER SECTION

instr.example.com                       172.24.254.254

#host instructor.example.com

instructor.example..com                        172.24.254.254

 Grub problem:

Minimal Bash like editing is supported.For the first word, TAB list possible command completions. Anywhere else TAB lists possible device or file completion

grub>

solution: 

grub> ls

1) Partition

100MB    /mnt/new

#fdsik-l

#fdisk /dev/vd0

:p ----------> print

:n------------>new

p------------->primary

3------------->how many number

first cyclinder:9837

last cylinder +100M

:p---------->print                         /dev/vda3

:w

:reboot

#fdisk -l---------------------->To cross verify

mkfs -t ext4  /dev/vda3--------------------->format @ext4

note: man mkfs if block size asked

/block

n-->next

or 

mkfs --help ---> if block size asked 

#mkfs -t ext4 -b 4096  /dev/vda3                 where, 4096 byte

mkdir -p /mnt/new ------------->Dir

#mount /dev/vda3  /mnt/new ----------->Temp

mount -a

#df-h----------> to verify

#vi /etc/fstab

/dev/vda3  /mnt/new  ext4   defaults  02

:wq

#df -h

2) VG named examvg0 80MB extend size VG 16 MB

*) create a VG

1) partition

#fdisk -l

#fdisk /dev/vda

:p

:n

:e-------------->extended

first:10041

last <--- enter

:p

/dev/vda4                          extended

:n

first: 10041

last:+80M 

:p

:t

(1-5):5               /dev/vda5

:8e

:p

/dev/vda5                            Linux LVM

 :w

reboot

#fdisk -l --------------->to verity

#pvcreate /dev/vda5-------> To pvcreate

#vgcreate examvg0  /dev/vda5 [standard]

vgcreate   --help

-s [physical extend size]

#vgcreate examvg0 -s 16 M /dev/vda5

#vgdisplay /examvgo------------->to confirm 

note look at

PE size  16.00MiB 

VG size  64.00MiB      PV size multiple

Extend VG size

VG examvg0.............new size 100MB

#vgdisplay examvg0

create 36 partation

#pvcreate /dev/vda6

#vgextend examvg0   /dev/vda6      where, examvgo is vgname and /dev/vda6 is partition

#vgdisplay examvg0

4) logical volume ---------------->tetv0    vg --->testvg0

/data

Initial size lv ---------100MB

extend lv adding --->25 MB    extend lv by 5 extend

*) Extend the logical volume

#df-h

#lvdisplay /dev/testvg0/textv0--> To See actual size

#vgdisplay testvg0--> To confirm sufficient space  free PE/Size 24/96 (vaccum)

#lvextend -L +25M  /dev/testvg0/testv0

#lvdisplay /dev/testvg0/testlv0----->To verify

#resize2fs    /dev/testvg0/testvg0--------------> To resize

#df-h-----> To verify

extending lv by certain LV

#lvdisplay /dev/testvg0/testlv0--> To verify

#vgdisplay testvg0...................>To see Space

#lvextend -l +5 /dev/testvg0/testlv0-----------> extending by next 5 extend

#lvdisplay   /dev/testvg0/testlv0

#df-h

mkdir/data

mount /dev/testvg0/textlv0   /data

#vi /etc/fstab

/dev/testvg0/testlv0  /data ext4 defaults 0 0

:x

df-h

 Configuring caching-only DNS Server 

only the hosts of local network 192.168.0.0/24 can access the DNS server

#rpm -q bind

#yum install bind

#vi /etc/named.conf

option {

listen-on port 53 { deny };

on -v6 port 53 { any };

allow-query { 192.168.0.0/24; };

#service names restart

#chkconfig named on

Deny FTP to selected login users

#useradd harry

#useradd andrew

#vi /etc/vsftpd/ftpusers

andrew

harry

:x

#service vsftpd start

#service chkconfig on

To test

ftp 192.168.0.104

root:andrew

login failed

setsebool -a \ grep ftp

ftp_home_dir=1

serverx to mount instruction.example.cpom:/var/ftp/pub as /local/package

Reboot:

Accessing nfs shared folders

#showmount -e instruction.example.com

#mkdir -p /local/package

#mount

#vi /etc/ffstab

at the bottom

instruction.example.cpm:/var/ftp/pub/local package nfs defaults 0 0

:x

#mount -a ----------> To active the fstab

#df-h 

Allowing SSH access from specified host only 

susan has remote SSH access to your machine from within example.com

clients within .remote.text should hot have 

#rpm -q openssh-server

service sshd restart

chkconfig sshd on

#user add susan

vi /etc/hosts.deny

sshd : .remote.test

Allow only the users root and john through ssh

#useradd john

#vi /etc/ssh/sshd.config

write

AllowUser=root john

:x

service sshd restart

chkconfig ssh restart

To test

ssh root@ 192.168.0.250

ssh john@182.168.0.250

passwd:

exit

ssh student@ 192.168.0.250

permission denied.

Deny only the selected users using SSh 

#vi /etc/ssh/sshd-config

DenyUser=john student

#service sshd restart

#chkconfig sshd restart

To test ssh student@192.168.0.250

passwd

permission denied

Configure your system such that all the logs generated in the local system is forwarded to the log server.

Configure rsyslog on your system to send all *.info log message to instruction.example.com

#rpm -q rsyslog

#vi /etc/rsyslog.conf

Go to the bottom

*.*                        @instructor.example.com

*.info                    @instruction.example.com

 :x

service rsyslog restated

chkconfig rsyslog on

 Configure on system as the central log server to accept logs forwarded by Remote Hosts.

#rpm -q rsyslog

#vi /etc/rsyslog.conf

 /udp

#Mod Load imupd.so

#UDP ServerRun 514

Remove comment from  (#Remove)

#service rsyslog restart

chkconfig rsyslog on

To test

tail /var/log/authentication