Basic Commands

Usermod c Shrutiwadhwa shruti

How to lock specific account user
Passwd l shrutiw
For Unlock
Passwd u shrutiw
We want to expire userafter some
Chage M 90 shrutiw
 If we want to give warning then
Chage W 3shrutiw
(user get the warning 3 days before)
Some imp commands
Less /etc/passwd
Less /etc/shadow (! Means password is not set)
Less /etc/group
For help--- man ls
reboot
 Ls
Ls lh
Ls a (hidden file)
Ls l
Copy cp
Move mv
Rename- mv oldname newname
Linux Directory Structure
1. / Root
Every single file and directory starts from the root
directory.
Only root user has write privilege under this directory.
Please note that /root is root users home directory,
which is not same as /.
2. /bin User Binaries
Contains binary executables.
Commands used by all the users of the system are
located here.
For example: ps, ls, ping, cp.
3 /sbin System Binaries
Just like /bin, /sbin also contains binary executables.
But, the linux commands located under this directory are used
typically by system aministrator, for system maintenance purpose.
For example: iptables, reboot, fdisk, ifconfig,

4. /etc Configuration Files

Contains configuration files required by all programs.
This also contains startup and shutdown shell scripts used to
start/stop individual programs.
For example: /etc/resolv.conf, /etc/logrotate.conf
5 /dev Device Files
Contains device files.
These include terminal devices, usb, or any device attached to the
system.
For example: /dev/tty1, /dev/usbmon0

6. /proc Process Information

Contains information about system process.
This is a pseudo filesystem contains information about running
process. For example: /proc/{pid} directory contains information
about the process with that particular pid.
This is a virtual filesystem with text information about system
resources. For example: /proc/uptime
7 /var Variable Files
var stands for variable files.
Content of the files that are expected to grow can be found
under this directory.
This includes system log files (/var/log); packages and
database files (/var/lib); emails (/var/mail); print queues
(/var/spool); lock files (/var/lock); temp files needed across
reboots (/var/tmp);
8. /tmp Temporary Files
Directory that contains temporary files created by system
and users.
Files under this directory are deleted when system is
rebooted.
9. /usr User Programs
Contains binaries, libraries, documentation, and source-code for second
level programs.
/usr/bin contains binary files for user programs. If you cant find a user
binary under /bin, look under /usr/bin. For example: at, awk, cc, less, scp
/usr/sbin contains binary files for system administrators. If you cant find a
system binary under /sbin, look under /usr/sbin. For example: atd, cron,
sshd, useradd, userdel
/usr/lib contains libraries for /usr/bin and /usr/sbin
/usr/local contains users programs that you install from source. For
example, when you install apache from source, it goes under
/usr/local/apache2
10. /home Home Directories
Home directories for all users to store their personal files.
For example: /home/john, /home/nikita
11. /boot Boot Loader Files
Contains boot loader related files.
Kernel initrd, vmlinux, grub files are located under /boot
For example: initrd.img-2.6.32-24-generic, vmlinuz-2.6.32-24-generic
12. /lib System Libraries
Contains library files that supports the binaries located under /bin and
/sbin
Library filenames are either ld* or lib*.so.*
For example: ld-2.11.1.so, libncurses.so.5.7
13. /opt Optional add-on Applications
opt stands for optional.
Contains add-on applications from individual vendors.
add-on applications should be installed under either /opt/ or /opt/ sub-
directory.
14. /mnt Mount Directory
Temporary mount directory where sysadmins can mount
filesystems.
15. /media Removable Media Devices
Temporary mount directory for removable devices.
For examples, /media/cdrom for CD-ROM; /media/floppy
for floppy drives; /media/cdrecorder for CD writer
16. /srv Service Data
srv stands for service.
Contains server specific services related data.
For example, /srv/cvs contains CVS related data.
 Setup Basic Permission
Ownership & Attribute
Manage Services
 Two methods for Permission
1. Symbolic Method
Read=r, Write=w, Execute=x
2. Numerical Method
Read= 4, Write= 2, Execute =1
ls l
Cp priya /home/daviet
Su daviet
ls
ls l
Vi priya (it is read only file) so we want to add write permissions in it
Chmod o(other user)+w priya
 Su
Cd /home/daviet/
Ls l
Chmod o+w priya
Ls l
Now check from Daviet user whether file can be updated or not
Vi priya
Now we want only root can edit file no other user
Chmod 600 priya
Ls l
Try logging from daviet
Vi priya
 A new file permission may be restricted in a specific way by applying a
permissions mask called the umask.
Touch newfilename
Ls dl newfilename
Umask
Umask 077
Touch newfilename
Ls dl newfilename
Default permission file 666- umask
Default permission folder 777-umask
 Ownership
We want to give permissions of root to user daviet
Ls l
Chown daviet:daviet priya
Ls l
Vi priya
Now file will be open as we changed owner
For checking ownership on foldername
Chown R daviet:daviet foldername
We want to change group ownership
Chgrp shruti priya
Ls l
Chgrp daviet priya
 Files not to be deleted even by root
Chattr change attribute
Chattr +i priya
Lsattr
Rm priya
Chattr i priya
Lsattr
Rm priya
 Linux Networking
Ipconfig
Ipconfig eth0
Assigning an IP Address and Gateway to interface on the fly. The setting
will be removed in case of system reboot.
ifconfig eth0 192.168.50.5 netmask 255.255.255.0
To enable or disable specific Interface, we use example command as
follows.
Enable eth0
# ifup eth0
Disable eth0
# ifdown eth0
 Services
Cd /etc/init.d/
Ls
Ls sshd
Ls
Service cups status
Service cups stop
Service cups start
Chkconfig list
Chkconfig level 35 cups on
Chkconfig cups on
 Run level
A runlevel is one of the modes that a Unix -
based operating system will run in. Each
runlevel has a certain number of services
stopped or started
Standard run levels for Red Hat based distributions
Run Level Mode Action
0 Halt Shuts down system
1 Single-User Mode Does not configure network
interfaces, allow non-root logins
2 Multi-User Mode Does not configure network
interfaces or start daemons.
3 Multi-User Mode with
Networking Starts the system normally.
4 Undefined Not used/User-definable
5 X11 As runlevel 3 + display manager(X)
6 Reboot Reboots the system
 Allocate Additional Permission
User- cat /etc/shadow
Permission denied
Root vi /etc/sudoers (permissions file)
For making changes
Visudo
Find root and at end
Daviet ALL=(ALL) ALL
Now we assigned priveleges to daviet as root
User sudo cat /etc/shadow
 File System Management
Create Partitions
First we check existing partition
Root - mount
Fdisk l
Now create a partition
Cd /dev
Ls l
Ls (find words with sda)
Now we will do the partition
Fdisk /dev/sdb
P ( for printing all information)
N (for new partition)
 P (primary partition)
1
Last cylinder +100M
P
W (for saving partition)
Machine reboot or partprobe
Fdisk -l
Now create filesystem on Partition
Mkfs(makefilesystem) t(type of file system) ext4(latest file system of
linux) /dev/sdb1
Or mkfs.ext4 /dev/sdb1
Tune2fs -l /dev/sdb1 |more
Fsck /dev/sdb1
 Without mount user cannot read and write data on partition
Mkdir /test1
Mount -t ext4 /dev/sdb1/test1
Cd /test1/
Ls
Mkdir test2
Ls
Mount
Df -ah
Vi /etc/fstab(for making permanent changes)
/dev/sdb1 /test1/ ext4 defaults 0 0
Reboot or init 6
Su
Mount
Df -ah
 RPM
RPM (Red Hat Package Manager)
It is an default open source and most popular package
management utility for Red Hat based systems like
(RHEL, CentOS and Fedora).
The tool allows system administrators and users
to install, update, uninstall, query, verify and manage system
software packages in Unix/Linux operating systems.
The RPM formerly known as .rpm file, that includes compiled
software programs and libraries needed by the packages. This
utility only works with packages that built on .rpm format.
RPM keeps the information of all the installed packages
under /var/lib/rpm database.
 RPM deals with .rpm files, which contains the
actual information about the packages such
as: what it is, from where it
comes, dependencies info, version info etc.
 YUM SERVER
YUM is a tool for automating package maintenance for a network of
workstations running any operating system that use the Red Hat Package
Management (RPM) system for distributing packaged tools and
applications.
hence its name: yum is Yellowdog Updater, Modified. because it is
based on YUP, the Yellow dog Updater.Yellow Dog is a version of Linux for
the Power Architecture hardware.
 YUM Server Configuration Steps

Then check your NIC Configuration with the help of following

command.
# ifconfig
In the next step insert the RHEL 6 DVD into your PC and mount it.
To mount it, use the following command:
# mount /dev/cdrom /mnt
In this step go to /mnt/Server/Packages/ directory and
install the vsftpd package.
vsftpd-2.2.2-6.el6.x86_64.rpm
to change directory, execute the following command:-
#cd /mnt/Server/Packages
To install the vsftpd package, execute the
following command:-
#rpm ivh vsftpd-2.2.2-6.el6.x86_64.rpm
To check that the vsftpd packages install or not
properly, use the following command:-
#rpm qa vsftpd*
 Now create a new directory in /var/ftp/pub/ and named it
whatever you want.
To create a new directory, use the following command:-
#cd /var/ftp/pub
#mkdir mysolutions
Then copy the entire RHEL DVD into new created directory
/var/ftp/pub/mysolutions/.
To copy entire DVD, use the following command.
#cp rf /mnt/* /var/ftp/pub/mysolutions/
In the next step go
to /var/ftp/pub/mysolutions/Server /Packages/ and then
install the following packages.
deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
createrepo-0.9.8-4.el6.noarch.rpm
 To change the directory
to /var/ftp/pub/mysolutions /Server/Packages/, execute the
following command:-
#cd /var/ftp/pub/mysolutions/Server/Packages/
To install the above package, execute the
following command one by one :-
#rpm ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
#rpm ivh python-deltarpm-3.5-
0.5.20090913git.el6.x86_ 64.rpm
#rpm ivh createrepo-0.9.8-4.el6.noarch.rpm
 FTP Server
FTP Server: whenever we are downloading something, most of time you
are using ftp server. in linux the name of ftp server is vsftpd (very secure
file transfer protocol daemon.
the ftp server is of 2 types: anonymous: on installing ftp server, it creates 2
users ftp (password ftp) & anonymous (password nil ie just press
<enter> when prompted for password). we have to put the contents into
/var/ftp/pub dir to make them available to the clients. clients have to use
these 2 users to download the contents from ftp server. in default
implementation of ftp server, we can only download (ie no uploading)
local: to understand this we have created 2 users nanu & kanu with
both having password 1. clients have to use these local users to download
the contents from ftp server. we have to put the contents into /home/nanu
& /home/kanu dirs. we can download as well as upload the contents.
Anonymous FTP
 Apache Web Server
when ever you are viewing any web site, you are using web server. in linux the
name of web server is httpd (hyper text transfer protocol daemon). httpd
server is also called apache web server
task 2: implement virtual hosting ie launching multiple sites using one web
server. the virtual hosting is of two types - ip based virtual hosting - named
based virtual hosting ip based virtual hosting: in this we need separate ip
addresses for each site. in our case, we want to launch 3 sites, so we will need
3 ip addresses
by using ifconfig command, create 2 additional ip addresses 172.24.0.2 &
172.24.0.3 as shown & verify. to make these ip addresses permanent, put
the 2 ifconfig commands into /etc/rc.local file
now goto /var/www/html & remove i.html created earlier. make 3 dirs
site1, site2 , site3 & put some material into these dirs by creating simple
index.html files in these dir. with tree command, you can confirm the dir
structure.
 edit /etc/httpd/conf/httpd.conf & add the lines as shown. we want to
launch site1 on 172.24.0.1 & web server will send the contents from
/var/www/html/site1 dir, we want to launch site2 on 172.24.0.2 &
web server will send the contents from /var/www/html/site2 dir & so
on.
<VirtualHost 172.24.0.1> -------------- start of virtual host section for
172.24.0.1 ServerName 172.24.0.1 -------------- sever name
DocumentRoot /var/www/html/site1 -------------- where the content will
be placed </VirtualHost> -------------- end of virtual host section for
172.24.0.1
we will create 3 virtual host sections for 3 sites. after making changes, do
not forget to reload or restart the httpd service
 named based virtual hosting: in this we need only one ip address for any
no. of sites. in our case, we want to launch 3 sites, on one ip address. we
want to launch 3 sites www.site1.com, www.site2.com &
www.site3.com on single ip 172.24.0.1
check the ip addresses. now we have got one ip address. just disable the 2
ip addresses created by us earlier.
for implementing named based virtual hosting, we need properly
configured dns server which will resolve www.site1.com,
www.site2.com & www.site3.com to ip address 172.24.0.1. since we
did not have the knowledge about dns server at this point of time, we
will implement the same logic by editing /etc/hosts file as shown on
both server1 & client11
Ipaddress www.site1.com www
 we have to add NameVirtualHost 172.24.0.1 directive to specify on
which ip address we want to implement named based virtual hosting. edit
the /etc/httpd/conf/httpd.conf as shown
NameVirtualHost ipadress
try to access all 3 sites by using elinks, we are able to access all the web
sites
 DHCP Server
there are 2 ways to assign ip addresses to systems. static & dynamic. in
static, we assign ip addresses ourself but in the case of dynamic, one
system is given the responsibility of allocating ip addresses to other
systems. for this purpose, we have to implement DHCP (dynamic host
configuration protocol) server
 DHCP Server Configurations
Setup
#service NetworkManager start
# service network restart
In the next step install the "DHCP" packages.
There are two ways to install packages.
1.RPM(Redhat Package Manager).
2.YUM Server.
following package you have to install to configure DHCP Server in RHEL 6 :-
dhcp-4.1.1-12.P1.el6.x86_64
If you haven't configured YUM Server in your network, then you have to install DHCP packages
manually with the help of rpm command.
I have configured YUM-Server in lab, so i install DHCP package using it.
before installing DHCP packages, check that packages are installed or not, to check that use the following
command :-
#rpm -qa dhcp*
 #yum install dhcp*
Step 3 :- Now copy the main configuration file of DHCP Server
from /usr/share/doc/dhcp-4.1.1/ to
/etc/dhcp/

By default the main configuration file (dhcpd.conf) is located

in /usr/share/doc/dhcp-4.1.1/ directory.

to copy the sample file from /usr/share/doc/dhcp-4.1.1/ to /etc/dhcp/:-

#cp -rf /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

Step 4 :- Now edit the /etc/dhcp/dhcpd.conf file.

to edit the /etc/dhcp/dhcpd.conf file, use the following command,

#vim /etc/dhcp/dhcpd.conf
 Add the following lines to the main configuration file or edit the default scope :-
subnet 172.18.9.0 netmask 255.255.255.0 {
range 172.18.9.20 172.18.9.50;
option domain-name-servers ns1.internal.example.org;
option domain-name "mysolutions.com";
option routers 172.18.9.9;
option broadcast-address 172.18.9.255;
option domain-name-servers 172.18.9.1;
default-lease-time 21600;
max-lease-time 43200;
}
In the next step, start the "dhcpd" daemon.
to start the "dhcpd" daemon, execute the following command.
#service dhcpd start
to restart "dhcpd" daemon, execute the following command.
#service dhcpd restart
to start "dhcpd" daemon on boot time, execute the following command.
#chkconfig dhcpd on
to check the "dhcpd" daemon status, execute the following command.
#service dhcpd status
 Note :- If DHCP daemon did not start then check the syntax error.
To check DHCP syntax error in RHEL 6, execute the following command :-
#dhcpd -t
this will show you that where did you make mystake in main configuration file of DHCP Server.

Client Side configuration :-

to obtain ip from DHCP Server, edit the particular NIC configuration file likewise on client PC.The
NIC Configuration file is located in the "/etc/sysconfig/network-scripts/" directory.
edit the file with vim editor and set BOOTPROTO type DHCP:-
#vim /etc/sysconfig/network-scripts/ifcfg-eth0
Note:- In the above command "eth0" is your NIC number, which you wanna configure,it may be
different in your PC.
file configuration is :-
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=dhcp
HWADDR=08:00:27:c0:4f:bf
then save the file and exit from it.
 #service network restart

and then check NIC configuration by executing the following command.

#ifconfig eth0
Now generate the lease database in the DHCP Server :-

execute the following command :-

#touch /var/lib/dhcpd/dhcpd.leases

to check the lease database,execute the following command.

#cat /var/lib/dhcpd/dhcpd.leases
 NFS Server
A Network File System (NFS) allows remote hosts to mount file systems over a network
and interact with those file systems as though they are mounted locally. This enables
system administrators to consolidate resources onto centralized servers on the
network.
By default RHEL6 use NFSv4 if the server supports it.
TCP 2049 is the default port number for NFS.
Benefits of NFS Server
NFS allows local access to remote files.
It uses standard client/server architecture for file sharing between all *nix based
machines.
With NFS it is not necessary that both machines run on the same OS.
With the help of NFS we can configure centralized storage solutions.
Users get their data irrespective of physical location.
No manual refresh needed for new files.
Newer version of NFS also supports acl, pseudo root mounts.
Can be secured with Firewalls and Kerberos.

 NFS Services
The NFS Server package includes three facilities, included in the
portmap/rpcbind and nfs-utils packages.
portmap/rpcbind: It maps calls made from other machines to the correct RPC
service(not required with NFSv4).
nfs: It translates remote file sharing requests into requests on the local file
system.
rpc.mountd: This service is responsible for mounting and unmounting of file
systems.

Important Files for NFS Configurations :-

/etc/exports Its a main configuration file of NFS, all exported files and
directories are defined in this file at the NFS Server end.
/etc/fstab: To mount a NFS directory on your system across the reboots, we
need to make an entry in/etc/fstab.
/etc/sysconfig/nfs:Configuration file of NFS to control on which port rpc and
other services are listening.
 NFS Server Configuration
# Ifconfig

Step 4:- In the next step we need to install NFS packages on our NFS Server as well as
on NFS Client
machine. We can install it via yum (Red Hat Linux) and apt-get (Debian and
Ubuntu) package
installers.
To install NFS packages using yum in RHEL 6 execute following command it: -
# yum install nfs-utils nfs-utils-lib
#yum install rpcbind (not required with NFSv4)
To install NFS packages using apt-get in Debian or Ubuntu execute following
command it: -
#apt-get install nfs-utils nfs-utils-lib

 In this step you have to verify that NFS Server packages are installed.

To verify the nfs-utils package execute the following command:-

#rpm qa nfs-utils*

To verify the rpc-bind package execute the following command:-

#rpm qa rpcbind*

Step 6:- In the next step, create a new directory to share with client and
named it whatever you want,
you can also share an already existing directory with NFS.

To create a new directory executes the following command:-

#mkdir /nfsshare
 Now we need to make an entry in /etc/exports and restart the services to
make our directory
shareable in the network.

/nfsshare 172.18.209.10(rw, sync)

In the above example, there is a directory in / partition named nfsshare is

being shared with client IP
172.18.209.10 with read and write (rw) privilege, you can also
use hostname of the client in the place
of IP in above example.
NFS Options
Some other options we can use in /etc/exports file for file sharing is as
follows.
ro: With the help of this option we can provide read only access to the shared
files i.e client will only be able to read.
rw: This option allows the client server to both read and write access within
the shared directory.
sync: Sync confirms requests to the shared directory only once the changes
have been committed.
 Now start the rpcbind and nfs service by using the following command.
#service rpcbind start (not required with NFSv4)
#service nfs start
Note: - The portmap service was used to map RPC program numbers to IP
address port number
combinations in earlier versions of Red Hat Enterprise Linux. This service is
now replaced by rpcbindin Red Hat Enterprise Linux 6 to enable IPv6 support.

Step 9:- To turn on the above services at boot time, execute the following
command.
#chkconfig rpcbind on (not required with NFSv4)
#chkconfig nfs on

Step 10:- Now execute the following command to show the available shares
your NFS server.
#showmount -e
 NFS Client Configuration
check the connectivity with NFS Server:-

#ping 172.18.209.9

Step 3:- In the next step we need to install NFS packages on our NFS Server as well as on NFS Client
machine. We can install it via yum (Red Hat Linux) and apt-get (Debian and Ubuntu)
package
installers.

To install NFS packages using yum in RHEL 6 execute following command it: -

# yum install nfs-utils nfs-utils-lib

#yum install rpcbind (not required with NFSv4)

To install NFS packages using apt-get in Debian or Ubuntu execute following command it:
-

#apt-get install nfs-utils nfs-utils-lib

 In this step you have to verify that NFS Server packages are installed.

To verify the nfs-utils package execute the following command:-

#rpm qa nfs-utils*

To verify the rpc-bind package execute the following command:-

#rpm qa rpcbind*

Step 5:- at the NFS client end, we need to mount that directory in our server to
access it locally. To
do so, first we need to find out that share available on the remote server
or NFS Server.

Execute the following command to find out the available share on the NFS
Server.

#showmount e 172.18.209.9
 Use the following command to mount that NFS share on our client machine.
#mount t nfs 172.18.209:/nfsshare /mnt
The above command will mount that shared directory in /mnt/ on the client
server. You can verify it
following command.
#mount | grep nfs

Step 7:- In the previous step we mounted the nfs shared directory on to nfs
client temporarily, to
mount an NFS directory permanently on your system across the
reboots, we need to make an
entry in /etc/fstab.
Now edit the /etc/fstab file and add the following line to this file.
#vim /etc/fstab
172.18.209.9:/nfsshare /mnt nfs defaults 0 0

 To remove the NFS mount:-

If you want to unmount that shared directory from your server after you are done with
the file sharing,
you can simply unmount that particular directory with umount command. See this
example below.

#umount /mnt

You can see that the mounts were removed by then looking at the file system again.

#df h F nfs

Some more important commands for NFS.

showmount -e : Shows the available shares on your local machine.
showmount -e &ltserver-ip or hostname&gt: Lists the available shares at the remote
server.
showmount -d : Lists all the sub directories.
exportfs -v : Displays a list of shares files and options on a server.
exportfs -a : Exports all shares listed in /etc/exports, or given name.
exportfs -u : Unexports all shares listed in /etc/exports, or given name.
exportfs -r : Refresh the servers list after modifying /etc/exports.